Skip to content

build(deps): bump the github-actions-dependencies group across 2 directories with 7 updates#216

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-dependencies-f47a9d2b8e
Closed

build(deps): bump the github-actions-dependencies group across 2 directories with 7 updates#216
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-dependencies-f47a9d2b8e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 15, 2026
edited
Loading

Bumps the github-actions-dependencies group with 6 updates in the / directory:

Package From To
hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml 0.34.2 0.35.0
hoverkraft-tech/ci-github-publish 0.23.0 0.23.2
hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml 0.34.2 0.35.0
hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml 0.23.0 0.23.2
hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml 0.34.2 0.35.0
hoverkraft-tech/ci-github-common/.github/workflows/stale.yml 0.34.2 0.35.0

Bumps the github-actions-dependencies group with 1 update in the /.github/workflows/actions/setup-php directory: shivammathur/setup-php.

Updates hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml from 0.34.2 to 0.35.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml's releases.

0.35.0

Release Summary

Adds support for detecting the source repository of reusable workflows directly from the job context in local-workflow-actions. Documentation for actions and workflows was updated.

Internal changes include dependency updates for fast-xml-parser and GitHub Actions dependencies.

Breaking change(s)

local-workflow-actions no longer requires fetching the source repository using an OIDC token, so the id-token: write permission is no longer needed.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.34.2...0.35.0

Commits
  • 4c9d517 docs: update actions and workflows documentation
  • 2579c60 feat(local-workflow-actions)!: get source repo of reusable workflow from job ...
  • 451f2f5 chore: bump fast-xml-parser
  • b4bf648 chore: bump the github-actions-dependencies group across 11 directories with ...
  • 80a7dfb chore: bump fast-xml-parser in /actions/parse-ci-reports
  • 802a592 chore: bump fast-xml-parser
  • 7018cf3 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-publish from 0.23.0 to 0.23.2

Release notes

Sourced from hoverkraft-tech/ci-github-publish's releases.

0.23.2

Release Summary

Actions and workflows documentation was updated to reflect current usage.

Internal GitHub Actions dependencies were bumped.

Breaking change(s)

There is no breaking change.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.23.1...0.23.2

0.23.1

Release Summary

Documentation for actions and workflows was updated.

Permissions updates, these workflows does not require id-token: write anymore.

  • .github/workflows/release.yml
  • .github/workflows/prepare-release.yml
  • .github/workflows/finish-deploy-argocd-app-of-apps.yml
  • .github/workflows/deploy-start.yml
  • .github/workflows/deploy-finish.yml
  • .github/workflows/deploy-checks.yml
  • .github/workflows/deploy-argocd-app-of-apps.yml
  • .github/workflows/clean-deploy.yml
  • .github/workflows/clean-deploy-argocd-app-of-apps.yml

Internal changes include GitHub Actions dependency updates across multiple directories.

Breaking change(s)

There is no breaking change.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.23.0...0.23.1

Commits
  • 2c8e24b build(deps): Bump the github-actions-dependencies group across 1 directory wi...
  • f84b3c3 docs: update actions and workflows documentation
  • 91a69c7 build(deps): Bump the github-actions-dependencies group across 5 directories ...
  • 7179ef5 docs: update actions and workflows documentation
  • 1dfc72a build(deps): Bump the github-actions-dependencies group across 3 directories ...
  • 54a081d docs: update actions and workflows documentation
  • a662531 docs(deploy/github-pages): improve description for build-path regarding expec...
  • e200699 build(deps): Bump hoverkraft-tech/public-docs/.github/workflows/sync-docs-dis...
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml from 0.34.2 to 0.35.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml's releases.

0.35.0

Release Summary

Adds support for detecting the source repository of reusable workflows directly from the job context in local-workflow-actions. Documentation for actions and workflows was updated.

Internal changes include dependency updates for fast-xml-parser and GitHub Actions dependencies.

Breaking change(s)

local-workflow-actions no longer requires fetching the source repository using an OIDC token, so the id-token: write permission is no longer needed.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.34.2...0.35.0

Commits
  • 4c9d517 docs: update actions and workflows documentation
  • 2579c60 feat(local-workflow-actions)!: get source repo of reusable workflow from job ...
  • 451f2f5 chore: bump fast-xml-parser
  • b4bf648 chore: bump the github-actions-dependencies group across 11 directories with ...
  • 80a7dfb chore: bump fast-xml-parser in /actions/parse-ci-reports
  • 802a592 chore: bump fast-xml-parser
  • 7018cf3 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml from 0.23.0 to 0.23.2

Release notes

Sourced from hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml's releases.

0.23.2

Release Summary

Actions and workflows documentation was updated to reflect current usage.

Internal GitHub Actions dependencies were bumped.

Breaking change(s)

There is no breaking change.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.23.1...0.23.2

0.23.1

Release Summary

Documentation for actions and workflows was updated.

Permissions updates, these workflows does not require id-token: write anymore.

  • .github/workflows/release.yml
  • .github/workflows/prepare-release.yml
  • .github/workflows/finish-deploy-argocd-app-of-apps.yml
  • .github/workflows/deploy-start.yml
  • .github/workflows/deploy-finish.yml
  • .github/workflows/deploy-checks.yml
  • .github/workflows/deploy-argocd-app-of-apps.yml
  • .github/workflows/clean-deploy.yml
  • .github/workflows/clean-deploy-argocd-app-of-apps.yml

Internal changes include GitHub Actions dependency updates across multiple directories.

Breaking change(s)

There is no breaking change.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.23.0...0.23.1

Commits
  • 2c8e24b build(deps): Bump the github-actions-dependencies group across 1 directory wi...
  • f84b3c3 docs: update actions and workflows documentation
  • 91a69c7 build(deps): Bump the github-actions-dependencies group across 5 directories ...
  • 7179ef5 docs: update actions and workflows documentation
  • 1dfc72a build(deps): Bump the github-actions-dependencies group across 3 directories ...
  • 54a081d docs: update actions and workflows documentation
  • a662531 docs(deploy/github-pages): improve description for build-path regarding expec...
  • e200699 build(deps): Bump hoverkraft-tech/public-docs/.github/workflows/sync-docs-dis...
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml from 0.34.2 to 0.35.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml's releases.

0.35.0

Release Summary

Adds support for detecting the source repository of reusable workflows directly from the job context in local-workflow-actions. Documentation for actions and workflows was updated.

Internal changes include dependency updates for fast-xml-parser and GitHub Actions dependencies.

Breaking change(s)

local-workflow-actions no longer requires fetching the source repository using an OIDC token, so the id-token: write permission is no longer needed.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.34.2...0.35.0

Commits
  • 4c9d517 docs: update actions and workflows documentation
  • 2579c60 feat(local-workflow-actions)!: get source repo of reusable workflow from job ...
  • 451f2f5 chore: bump fast-xml-parser
  • b4bf648 chore: bump the github-actions-dependencies group across 11 directories with ...
  • 80a7dfb chore: bump fast-xml-parser in /actions/parse-ci-reports
  • 802a592 chore: bump fast-xml-parser
  • 7018cf3 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/stale.yml from 0.34.2 to 0.35.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/stale.yml's releases.

0.35.0

Release Summary

Adds support for detecting the source repository of reusable workflows directly from the job context in local-workflow-actions. Documentation for actions and workflows was updated.

Internal changes include dependency updates for fast-xml-parser and GitHub Actions dependencies.

Breaking change(s)

local-workflow-actions no longer requires fetching the source repository using an OIDC token, so the id-token: write permission is no longer needed.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.34.2...0.35.0

Commits
  • 4c9d517 docs: update actions and workflows documentation
  • 2579c60 feat(local-workflow-actions)!: get source repo of reusable workflow from job ...
  • 451f2f5 chore: bump fast-xml-parser
  • b4bf648 chore: bump the github-actions-dependencies group across 11 directories with ...
  • 80a7dfb chore: bump fast-xml-parser in /actions/parse-ci-reports
  • 802a592 chore: bump fast-xml-parser
  • 7018cf3 docs: update actions and workflows documentation
  • See full diff in compare view

Updates shivammathur/setup-php from 2.37.0 to 2.37.1

Release notes

Sourced from shivammathur/setup-php's releases.

2.37.1

Changelog

Security Updates

[!NOTE] This can affect workflows that pass values from users or pull requests to setup-php, for example from comments, dispatch inputs, PR titles/branches, generated matrices, or files such as .php-version and composer.json. Be especially careful with pull_request_target workflows that use any value from the pull request. Workflows that only use fixed trusted values are not expected to be affected, but updating to 2.37.1 is recommended.

[!NOTE]
This only affects workflows where the composer version is pinned like composer:2.9.7, workflows that do not pin the version or use composer:v2 are not affected as those get automatic updates. In case you pin the version, it is highly recommended to upgrade and have automation to do such timely upgrades in your workflows.

Fixes and Improvements

  • Fixed support for phalcon on Windows.

  • Fixed restoring tools when using cached using previous runs.

  • Improved enabling gearman extension on Linux.

  • Fixed fallback when installing PhpManager and VcRedist modules on Windows.

  • Fixed parsing extension inputs with backslash line continuation.

  • Improved workflow examples

    • Added workflow examples for Drupal 11 composer-managed projects and WordPress plugins.
    • Added workflow examples for Yii3 web applications and replaced Yii2 Starter Kit examples.
    • Updated workflow examples to use currently supported PHP versions.

  • Updated OS release mappings for newer Ubuntu releases.

  • Updated internal workflows for Codecov v6 and NPM trusted publishing.

  • Updated Node.js dependencies.

  • Fixed composer version in README. (#1081)

Thanks @​Pyker for the contribution

For the complete list of changes, please refer to the Full Changelog

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the github-actions-dependencies group across 2 dire…
802ba8d 
…ctories with 7 updates

Bumps the github-actions-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.34.2` | `0.35.0` |
| [hoverkraft-tech/ci-github-publish](https://github.com/hoverkraft-tech/ci-github-publish) | `0.23.0` | `0.23.2` |
| [hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.34.2` | `0.35.0` |
| [hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml](https://github.com/hoverkraft-tech/ci-github-publish) | `0.23.0` | `0.23.2` |
| [hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.34.2` | `0.35.0` |
| [hoverkraft-tech/ci-github-common/.github/workflows/stale.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.34.2` | `0.35.0` |

Bumps the github-actions-dependencies group with 1 update in the /.github/workflows/actions/setup-php directory: [shivammathur/setup-php](https://github.com/shivammathur/setup-php).


Updates `hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml` from 0.34.2 to 0.35.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@71b8594...4c9d517)

Updates `hoverkraft-tech/ci-github-publish` from 0.23.0 to 0.23.2
- [Release notes](https://github.com/hoverkraft-tech/ci-github-publish/releases)
- [Commits](hoverkraft-tech/ci-github-publish@48e0c54...2c8e24b)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml` from 0.34.2 to 0.35.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.34.2...0.35.0)

Updates `hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml` from 0.23.0 to 0.23.2
- [Release notes](https://github.com/hoverkraft-tech/ci-github-publish/releases)
- [Commits](hoverkraft-tech/ci-github-publish@48e0c54...2c8e24b)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml` from 0.34.2 to 0.35.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@71b8594...4c9d517)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/stale.yml` from 0.34.2 to 0.35.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.34.2...0.35.0)

Updates `shivammathur/setup-php` from 2.37.0 to 2.37.1
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@accd612...7c071df)

---
updated-dependencies:
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-publish
  dependency-version: 0.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml
  dependency-version: 0.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: shivammathur/setup-php
  dependency-version: 2.37.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels May 15, 2026
@dependabot dependabot Bot mentioned this pull request May 15, 2026
Closed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 15, 2026

Hi, thank you for creating your PR, we will check it out very soon

@codecov
Copy link
Copy Markdown

codecov Bot commented May 15, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.30%. Comparing base (114ff1f) to head (802ba8d).

Additional details and impacted files 
@@            Coverage Diff            @@
##               main     #216   +/-   ##
=========================================
  Coverage     96.30%   96.30%           
  Complexity      510      510           
=========================================
  Files            38       38           
  Lines          1514     1514           
=========================================
  Hits           1458     1458           
  Misses           56       56

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 22, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 22, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-dependencies-f47a9d2b8e branch May 22, 2026 04:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants