Bump the github-actions group with 12 updates

[dependabot]

Bumps the github-actions group with 12 updates:

Package	From	To
actions/checkout	4	6
lukka/get-cmake	4.3.2	4.3.3
softwareforgood/check-artifact-v4-existence	0.4.1	0.4.3
github/codeql-action	4.35.3	4.36.1
codespell-project/actions-codespell	cf810cf4cbd6cdefe6ef86e55b64d524a16654a7	3b7da264292a727fcdc4acdc9eaf9a5abb92ba10
azure/trusted-signing-action	1.2.0	2.0.0
aws-actions/configure-aws-credentials	6.1.0	6.2.0
vmactions/freebsd-vm	1.4.5	1.4.6
julia-actions/setup-julia	3.0.1	3.0.2
vmactions/openbsd-vm	23b3fb94fbb4729a51b1c937f609483e759c8f28	fcf799d7ce9c305ad89eabef1fb2fa5c1c42d0ee
peaceiris/actions-gh-pages	4.0.0	4.1.0
adriangl/check-new-commits-action	1.0.7	2.0.1

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043

... (truncated)

Commits

• df4cb1c Update changelog for v6.0.3 (#2446)
• 1cce339 Fix checkout init for SHA-256 repositories (#2439)
• 900f221 fix: expand merge commit SHA regex and add SHA-256 test cases (#2414)
• 0c366fd Update changelog (#2357)
• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• Additional commits viewable in compare view

Updates lukka/get-cmake from 4.3.2 to 4.3.3

Release notes

Sourced from lukka/get-cmake's releases.

CMake v4.3.3

The get-cmake action downloads and caches CMake and Ninja on your workflows. Versions can be specified using semantic versioning ranges using cmakeVersion and ninjaVersion inputs.

Changes:

• latest is now using CMake version v4.3.3, use this one-liner e.g.: uses: lukka/get-cmake@latest

Enjoy!

Commits

• 591817e New CMake version(s): cmake-v4.3.3
• f7930c8 fix: upgrade @​actions/cache to v5 to remove url.parse() deprecation warning
• See full diff in compare view

Updates softwareforgood/check-artifact-v4-existence from 0.4.1 to 0.4.3

Release notes

Sourced from softwareforgood/check-artifact-v4-existence's releases.

v0.4.3

What's Changed

• Update workflow triggers and runner image by @​wwahammy in softwareforgood/check-artifact-v4-existence#31

Full Changelog: softwareforgood/check-artifact-v4-existence@v0.4.2...v0.4.3

v0.4.2

What's Changed

• Bump actions/upload-artifact from 6 to 7 by @​dependabot[bot] in softwareforgood/check-artifact-v4-existence#30
• Bump actions/download-artifact from 7 to 8 by @​dependabot[bot] in softwareforgood/check-artifact-v4-existence#29

Full Changelog: softwareforgood/check-artifact-v4-existence@v0.4.1...v0.4.2

Commits

• f988c59 Merge pull request #31 from softwareforgood/wwahammy-patch-2
• 6df50ab Update workflow triggers and runner image
• 1bba262 Merge pull request #29 from softwareforgood/dependabot/github_actions/actions...
• ed599ab Bump actions/download-artifact from 7 to 8
• 51acb0f Merge pull request #30 from softwareforgood/dependabot/github_actions/actions...
• e59ae7c Bump actions/upload-artifact from 6 to 7
• See full diff in compare view

Updates github/codeql-action from 4.35.3 to 4.36.1

Release notes

Sourced from github/codeql-action's releases.

v4.36.1

No user facing changes.

v4.36.0

• Breaking change: Bump the minimum required CodeQL bundle version to 2.19.4. #3894
• Add support for SHA-256 Git object IDs. #3893
• Update default CodeQL bundle version to 2.25.5. #3926

v4.35.5

• We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #3899
• For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #3791
• If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #3892
• Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #3880

v4.35.4

• Update default CodeQL bundle version to 2.25.4. #3881

Commits

• 87557b9 Merge pull request #3940 from github/update-v4.36.1-2a1689ed4
• 9431011 Update changelog for v4.36.1
• 2a1689e Merge pull request #3939 from github/henrymercer/skip-overlay-revert-when-exp...
• 5245323 Disable missing diff-ranges fallback when overlay enabled manually
• d1eb120 Merge pull request #3933 from github/update-supported-enterprise-server-versions
• 115001b Merge pull request #3934 from github/dependabot/npm_and_yarn/npm-minor-86fb5c...
• cef2e7a Merge pull request #3925 from github/dependabot/github_actions/dot-github/wor...
• 5e6adf7 Merge pull request #3936 from github/dependabot/npm_and_yarn/tmp-0.2.7
• ad170e6 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actio...
• 6a37b3a Rebuild
• Additional commits viewable in compare view

Updates codespell-project/actions-codespell from cf810cf4cbd6cdefe6ef86e55b64d524a16654a7 to 3b7da264292a727fcdc4acdc9eaf9a5abb92ba10

Commits

• 3b7da26 docs: document the config input parameter (#97)
• 4848b4c Update to node 24 (#95)
• See full diff in compare view

Updates azure/trusted-signing-action from 1.2.0 to 2.0.0

Release notes

Sourced from azure/trusted-signing-action's releases.

v2.0.0

What's Changed

• refactor: migrate to new artifactsigning module by @​Jaxelr in Azure/artifact-signing-action#133
• docs: update README runtime version and action references by @​Jaxelr in Azure/artifact-signing-action#139
• refactor: upgrade packages to the latest versions by @​Jaxelr in Azure/artifact-signing-action#135

Full Changelog: Azure/artifact-signing-action@v1.2.0...v2.0.0

Commits

• c7ab2a8 refactor: upgrade packages to the latest versions (#135)
• 7664cea docs: update README runtime version and action references (#139)
• 64185d8 refactor: migrate to new artifactsigning module (#133)
• See full diff in compare view

Updates aws-actions/configure-aws-credentials from 6.1.0 to 6.2.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.0

6.2.0 (2026-06-01)

Features

• add additional session tags by default (#1775) (e0ba768)
• add more retry logic and better logging (#1764) (540d0c1)
• add regex validation to role-session-name (#1765) (e354499)
• Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)
• expose run id in STS client user-agent (#1774) (29d1be3)
• support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

• skip credential check on output-env-credentials: false (#1778) (58e7c47)
• assumeRole failing from session tag size too large (#1808) (d6f5dc3)

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

• fix: allow kubelet token symlink in aws-actions/configure-aws-credentials#1805

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

• additional filesystem checks (#1799) (c39f282)

v6.1.1

What's Changed

• chore(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1722
• chore(deps-dev): bump @​types/node from 25.5.0 to 25.5.2 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1723
• chore(deps-dev): bump @​smithy/property-provider from 4.2.12 to 4.2.13 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1724
• chore(deps): bump proxy-agent from 8.0.0 to 8.0.1 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1726
• chore(deps): bump @​smithy/node-http-handler from 4.5.1 to 4.5.2 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1725
• chore(deps): bump @​aws-sdk/client-sts from 3.1020.0 to 3.1025.0 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1727
• chore(deps): bump basic-ftp from 5.2.0 to 5.2.1 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1728
• chore(deps): bump basic-ftp from 5.2.1 to 5.2.2 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1729
• chore(deps-dev): bump @​types/node from 25.5.2 to 25.6.0 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1730
• chore(deps-dev): bump @​aws-sdk/credential-provider-env from 3.972.24 to 3.972.25 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1733
• chore(deps): bump @​aws-sdk/client-sts from 3.1025.0 to 3.1030.0 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1732
• chore(deps-dev): bump @​biomejs/biome from 2.4.10 to 2.4.11 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1734
• chore(deps): bump basic-ftp from 5.2.2 to 5.3.0 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1736
• chore(deps-dev): bump memfs from 4.57.1 to 4.57.2 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1737
• chore(deps-dev): bump typescript from 6.0.2 to 6.0.3 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1740
• chore(deps-dev): bump @​smithy/property-provider from 4.2.13 to 4.2.14 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1741
• chore(deps-dev): bump @​aws-sdk/credential-provider-env from 3.972.25 to 3.972.28 by @​dependabot[bot] in aws-actions/configure-aws-credentials#1742

... (truncated)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

6.2.0 (2026-06-01)

Features

• add additional session tags by default (#1775) (e0ba768)
• add more retry logic and better logging (#1764) (540d0c1)
• add regex validation to role-session-name (#1765) (e354499)
• Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)
• expose run id in STS client user-agent (#1774) (29d1be3)
• support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

• skip credential check on output-env-credentials: false (#1778) (58e7c47)
• assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

• fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

• additional filesystem checks (#1799) (c39f282)

6.1.1 (2026-05-05)

Miscellaneous Chores

• various dependency updates

6.1.0 (2026-04-06)

Features

• add skip cleanup option (#1716) (11b1c58), closes #1545
• Support usage of AWS Profiles (#1696) (a7f0c82)

6.0.0 (2026-02-04)

... (truncated)

Commits

• e7f100c chore(main): release 6.2.0 (#1806)
• bbbffea chore: Update dist
• d6f5dc3 fix: assumeRole failing from session tag size too large (#1808)
• 12014c0 docs: fix typo in README.md (#1809)
• 4ab3589 chore: replay 6.2 devel changes onto main (#1807)
• 99214aa chore: Update dist
• 217d179 fix: allow kubelet token symlink (#1805)
• 5548f34 chore: Update dist
• 77cd089 chore: document container credentials provider support (and delete transitive...
• dbacf31 chore: bump release version (#1801)
• Additional commits viewable in compare view

Updates vmactions/freebsd-vm from 1.4.5 to 1.4.6

Release notes

Sourced from vmactions/freebsd-vm's releases.

v1.4.6

update images for stability and reliability

Full Changelog: vmactions/freebsd-vm@v1.4.5...v1.4.6

Commits

• a6de934 Update vmactions/freebsd-vm from base-vm
• 97fccd4 Generated from base-vm
• 31a870e update for reliability
• a05d987 Update vmactions/freebsd-vm from base-vm
• bd15001 Generated from base-vm
• 5bbc26d update
• 67a8329 Update vmactions/freebsd-vm from base-vm
• ae9b07f Generated from base-vm
• e490b38 Update vmactions/freebsd-vm from base-vm
• 9a3cdc6 Generated from base-vm
• Additional commits viewable in compare view

Updates julia-actions/setup-julia from 3.0.1 to 3.0.2

Release notes

Sourced from julia-actions/setup-julia's releases.

v3.0.2

What's Changed

We fixed a bug (#389).

We also updated our documentation, and we updated a CI dependency.

New Contributors

• @​krynju made their first contribution in julia-actions/setup-julia#389

Full Changelog

Full Changelog: julia-actions/setup-julia@v3.0.1...v3.0.2

Commits

• fa02766 Bug fix: Validate cached julia binary exists and check PATH resolution (#389)
• ff78161 Bump julia-actions/setup-julia from 2.7.0 to 3.0.1 in the all-github-actions ...
• fe02cb7 README: Add a link to the v2-to-v3 release notes (#388)
• See full diff in compare view

Updates vmactions/openbsd-vm from 23b3fb94fbb4729a51b1c937f609483e759c8f28 to fcf799d7ce9c305ad89eabef1fb2fa5c1c42d0ee

Commits

• fcf799d Update vmactions/openbsd-vm from base-vm
• 864a16e Generated from base-vm
• a3f6766 update
• 51cbe70 Update vmactions/openbsd-vm from base-vm
• c5b3968 Generated from base-vm
• b0606f7 Update version to v1.4.2
• cb5c1ca Update vmactions/openbsd-vm from base-vm
• 7f0bd4a Generated from base-vm
• 94a288e Update vmactions/openbsd-vm from base-vm
• a704296 Generated from base-vm
• Additional commits viewable in compare view

Updates peaceiris/actions-gh-pages from 4.0.0 to 4.1.0

Release notes

Sourced from peaceiris/actions-gh-pages's releases.

actions-github-pages v4.1.0

See CHANGELOG.md for more details.

What's Changed

• Actions examples: update to modern versions of actions by @​clintonsteiner in peaceiris/actions-gh-pages#1117
• chore: update Node runtime and dependencies by @​peaceiris in peaceiris/actions-gh-pages#1147
• ci: harden GitHub Actions workflows by @​peaceiris in peaceiris/actions-gh-pages#1156

New Contributors

• @​clintonsteiner made their first contribution in peaceiris/actions-gh-pages#1117

Full Changelog: peaceiris/actions-gh-pages@v4.0.0...v4.1.0

Changelog

Sourced from peaceiris/actions-gh-pages's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.1.0 (2026-05-12)

chore

• add .codex/ (94ae2d2)
• add hasInstallScript true (494ec9b)
• update Node runtime and dependencies (#1147) (954f6bf), closes #1147

ci

• change automerge to false (4b09552)
• harden GitHub Actions workflows (#1156) (aa0466c), closes #1156

docs

• add repository guidelines (a1f94b5)
• bump to v4 from v3 (a16b61f)
• fix note style (0b7567f)
• update versions of actions (#1117) (aa83d0c), closes #1117

4.0.0 (2024-04-08)

build

• node 20.11.1 (5049354)

chore

• bump node16 to node20 (#1067) (4eb285e), closes #1067
• downgrade engines.npm to 8.0.0 (87231bc)

ci

• pin node-version to 18 (#981) (65ebf11), closes #981

docs

• add Release Strategy (67f80d9)
• fix link to Nuxt github-pages (#980) (88b4d2a), closes #980
• remove braces in if conditions (#920) (0fbd122), closes #920

... (truncated)

Commits

• 84c30a8 chore(release): 4.1.0
• 6fa0f50 chore(release): Add build assets
• 3b7506a chore(deps): update dependency trim-newlines to v5 (#1158)
• aa0466c ci: harden GitHub Actions workflows (#1156)
• 31835fb chore(deps): update actions/labeler action to v6 (#1153)
• f4f1bc4 chore(deps): update peaceiris/actions-mdbook action to v2 (#1161)
• a5e4979 chore(deps): update dependency ubuntu to v24 (#1159)
• 6cc3bac chore(deps): update github/codeql-action action to v4 (#1160)
• 0d6e9f4 chore(deps): update actions/setup-node action to v6 (#1154)
• d70c101 chore(deps): update actions/upload-artifact action to v7 (#1155)
• Additional commits viewable in compare view

Updates adriangl/check-new-commits-action from 1.0.7 to 2.0.1

Release notes

Sourced from adriangl/check-new-commits-action's releases.

v2.0.1

What's Changed

• chore(deps): bump softprops/action-gh-release from 2 to 3 by @​dependabot[bot] in adriangl/check-new-commits-action#204
• chore(deps-dev): bump @​typescript-eslint/parser from 8.60.0 to 8.60.1 by @​dependabot[bot] in adriangl/check-new-commits-action#209
• chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.60.0 to 8.60.1 by @​dependabot[bot] in adriangl/check-new-commits-action#207
• chore(deps-dev): bump globals from 15.15.0 to 17.6.0 by @​dependabot[bot] in adriangl/check-new-commits-action#206
• chore(deps): bump @​actions/github by @​adriangl in adriangl/check-new-commits-action#210

Full Changelog: hyperdevs-team/check-new-commits-action@v2.0.0...v2.0.1

v2.0.0

What's Changed

• refactor(node24): Bump project to use Node 24 and modern libs by @​adriangl in adriangl/check-new-commits-action#203

Full Changelog: hyperdevs-team/check-new-commits-action@v1.0.7...v2.0.0

Changelog

Sourced from adriangl/check-new-commits-action's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.0.1 (2026-06-01)

2.0.0 (2026-06-01)

1.0.7 (2024-07-09)

1.0.6 (2023-02-12)

1.0.5 (2022-12-27)

1.0.4 (2022-12-27)

1.0.3 (2021-02-15)

1.0.2 (2021-02-01)

1.0.1 (2021-01-06)

1.0.0 (2021-01-06)

Features

• Initial release (1de649e)

Commits

• dedf5c6 chore(release): 2.0.1
• bc824a2 chore(deps): bump @​actions/github (#210)
• e0b2a60 chore(deps-dev): bump globals from 15.15.0 to 17.6.0 (#206)
• d9a2996 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.60.0 to 8.60.1 ...
• 8fc93de chore(deps-dev): bump @​typescript-eslint/parser from 8.60.0 to 8.60.1 (#209)
• c12d744 chore(deps): bump softprops/action-gh-release from 2 to 3 (#204)
• 9c7aa93 chore(release): 2.0.0
• e3d9fb2 refactor(node24): Bump project to use Node 24 and modern libs (#203)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions