chore: bump the all group across 1 directory with 8 updates by dependabot[bot] · Pull Request #10 · epam/ai-dial-deployment-manager-mcp-proxy

dependabot · 2026-04-08T09:22:16Z

Bumps the all group with 8 updates in the / directory:

Package	From	To
actions/checkout	`6.0.1`	`6.0.2`
tj-actions/changed-files	`47.0.1`	`47.0.5`
docker/metadata-action	`5.10.0`	`6.0.0`
docker/setup-buildx-action	`3.12.0`	`4.0.0`
docker/build-push-action	`6.18.0`	`7.0.0`
aquasecurity/trivy-action	`0.33.1`	`0.35.0`
dependabot/fetch-metadata	`2.4.0`	`3.0.0`
epam/ai-dial-ci/.github/workflows/pr-title-check.yml	`3.0.0`	`3.1.3`

Updates actions/checkout from 6.0.1 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @TingluoHuang in actions/checkout#2355

Fix tag handling: preserve annotations and explicit fetch-tags by @ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

Fix tag handling: preserve annotations and explicit fetch-tags by @ericsciple in actions/checkout#2356

v6.0.1

Add worktree support for persist-credentials includeIf by @ericsciple in actions/checkout#2327

v6.0.0

Persist creds to a separate file by @ericsciple in actions/checkout#2286

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

v5.0.1

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

v5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

v4.3.1

Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305

v4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

... (truncated)

Commits

de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
See full diff in compare view

Updates tj-actions/changed-files from 47.0.1 to 47.0.5

Release notes

Sourced from tj-actions/changed-files's releases.

v47.0.5

What's Changed

Upgraded to v47.0.4 by @github-actions[bot] in tj-actions/changed-files#2802

Updated README.md by @github-actions[bot] in tj-actions/changed-files#2803

Updated README.md by @github-actions[bot] in tj-actions/changed-files#2805

chore(deps-dev): bump @types/node from 25.2.2 to 25.3.2 by @dependabot[bot] in tj-actions/changed-files#2811

chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by @dependabot[bot] in tj-actions/changed-files#2810

chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in tj-actions/changed-files#2809

chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by @dependabot[bot] in tj-actions/changed-files#2799

chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by @dependabot[bot] in tj-actions/changed-files#2806

chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by @dependabot[bot] in tj-actions/changed-files#2775

chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 by @dependabot[bot] in tj-actions/changed-files#2774

chore(deps): bump lodash and @types/lodash by @dependabot[bot] in tj-actions/changed-files#2807

chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by @dependabot[bot] in tj-actions/changed-files#2764

chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by @dependabot[bot] in tj-actions/changed-files#2815

chore(deps-dev): bump @types/node from 25.3.2 to 25.3.3 by @dependabot[bot] in tj-actions/changed-files#2814

Full Changelog: tj-actions/changed-files@v47.0.4...v47.0.5

v47.0.4

What's Changed

update: release-tagger action to version 6.0.6 by @jackton1 in tj-actions/changed-files#2801

Full Changelog: tj-actions/changed-files@v47.0.3...v47.0.4

v47.0.3

What's Changed

chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by @dependabot[bot] in tj-actions/changed-files#2790

update: release-tagger action to version 6.0.0 by @jackton1 in tj-actions/changed-files#2800

Full Changelog: tj-actions/changed-files@v47.0.2...v47.0.3

v47.0.2

What's Changed

chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by @dependabot[bot] in tj-actions/changed-files#2751

chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in tj-actions/changed-files#2741

chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in tj-actions/changed-files#2743

chore(deps): bump @actions/core from 2.0.0 to 2.0.2 by @dependabot[bot] in tj-actions/changed-files#2757

Updated README.md by @github-actions[bot] in tj-actions/changed-files#2768

chore: update dist by @jackton1 in tj-actions/changed-files#2769

chore: update matrix-example.yml by @jackton1 in tj-actions/changed-files#2752

feat: add support for excluding symlinks and fix bug with commit not found by @jackton1 in tj-actions/changed-files#2770

chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by @dependabot[bot] in tj-actions/changed-files#2761

Updated README.md by @github-actions[bot] in tj-actions/changed-files#2771

chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by @dependabot[bot] in tj-actions/changed-files#2756

chore(deps-dev): bump @types/lodash from 4.17.21 to 4.17.23 by @dependabot[bot] in tj-actions/changed-files#2759

fix: Update test.yml by @jackton1 in tj-actions/changed-files#2781

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

47.0.5 - (2026-03-03)

🔄 Update

Updated README.md (#2805)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (35dace0) - (github-actions[bot])

Updated README.md (#2803)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (9ee99eb) - (github-actions[bot])

⚙️ Miscellaneous Tasks

deps-dev: Bump @types/node from 25.3.2 to 25.3.3 (#2814) (22103cc) - (dependabot[bot])

deps: Bump github/codeql-action from 4.32.4 to 4.32.5 (#2815) (6c02e90) - (dependabot[bot])

deps-dev: Bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (#2764) (05f9457) - (dependabot[bot])

deps: Bump lodash and @types/lodash (#2807) (52ed872) - (dependabot[bot])

deps: Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#2774) (1cc5746) - (dependabot[bot])

deps-dev: Bump prettier from 3.7.4 to 3.8.1 (#2775) (de2962f) - (dependabot[bot])

deps: Bump github/codeql-action from 4.32.2 to 4.32.4 (#2806) (37e96cc) - (dependabot[bot])

deps-dev: Bump eslint-plugin-jest from 29.12.1 to 29.15.0 (#2799) (2180b0f) - (dependabot[bot])

deps: Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#2809) (cf021c1) - (dependabot[bot])

deps: Bump actions/download-artifact from 7.0.0 to 8.0.0 (#2810) (b54ac6f) - (dependabot[bot])

deps-dev: Bump @types/node from 25.2.2 to 25.3.2 (#2811) (0f2a510) - (dependabot[bot])

⬆️ Upgrades

Upgraded to v47.0.4 (#2802)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (b7ac303) - (github-actions[bot])

47.0.4 - (2026-02-17)

🔄 Update

Release-tagger action to version 6.0.6 (#2801) (7dee1b0) - (Tonye Jack)

47.0.3 - (2026-02-17)

🔄 Update

Release-tagger action to version 6.0.0 (#2800) (28b28f6) - (Tonye Jack)

⚙️ Miscellaneous Tasks

deps: Bump github/codeql-action from 4.31.10 to 4.32.2 (#2790) (875e6e5) - (dependabot[bot])

... (truncated)

Commits

22103cc chore(deps-dev): bump @types/node from 25.3.2 to 25.3.3 (#2814)
6c02e90 chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (#2815)
05f9457 chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (#2764)
52ed872 chore(deps): bump lodash and @types/lodash (#2807)
1cc5746 chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#2774)
de2962f chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (#2775)
37e96cc chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (#2806)
2180b0f chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (#2799)
cf021c1 chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#2809)
b54ac6f chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (#2810)
Additional commits viewable in compare view

Updates docker/metadata-action from 5.10.0 to 6.0.0

Release notes

Sourced from docker/metadata-action's releases.

v6.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/metadata-action#605

List inputs now preserve # inside values while still supporting full-line # comments by @crazy-max in docker/metadata-action#607

Switch to ESM and update config/test wiring by @crazy-max in docker/metadata-action#602

Bump lodash from 4.17.21 to 4.17.23 in docker/metadata-action#588

Bump @actions/core from 1.11.1 to 3.0.0 in docker/metadata-action#599

Bump @actions/github from 6.0.1 to 9.0.0 in docker/metadata-action#597

Bump @docker/actions-toolkit from 0.68.0 to 0.79.0 in docker/metadata-action#604

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/metadata-action#600

Bump semver from 7.7.3 to 7.7.4 in docker/metadata-action#603

Full Changelog: docker/metadata-action@v5.10.0...v6.0.0

Commits

030e881 Merge pull request #607 from crazy-max/allow-comments
4b529ac chore: update generated content
b0082b3 preserve comments in list input values with commentNoInfix
7b19fec Merge pull request #604 from docker/dependabot/npm_and_yarn/docker/actions-to...
281c9b0 chore: update generated content
5f43b3b test: stabilize github mock setup since ESM
9d53276 github class moved since actions-toolkit v0.77.0
eaa3d39 chore(deps): Bump @docker/actions-toolkit from 0.68.0 to 0.77.0
6b695f7 Merge pull request #605 from crazy-max/node24
a1afadc node 24 as default runtime
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3.12.0 to 4.0.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-buildx-action#483

Remove deprecated inputs/outputs by @crazy-max in docker/setup-buildx-action#464

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-buildx-action#481

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475

Bump @docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485

Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472

Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

Commits

4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
cd74e05 chore: update generated content
eee38ec build(deps): bump @docker/actions-toolkit from 0.77.0 to 0.79.0
7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
28a438e Merge pull request #483 from crazy-max/node24
034e9d3 chore: update generated content
b4664d8 remove deprecated inputs/outputs
a8257de node 24 as default runtime
Additional commits viewable in compare view

Updates docker/build-push-action from 6.18.0 to 7.0.0

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/build-push-action#1470

Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @crazy-max in docker/build-push-action#1473

Remove legacy export-build tool support for build summary by @crazy-max in docker/build-push-action#1474

Switch to ESM and update config/test wiring by @crazy-max in docker/build-push-action#1466

Bump @actions/core from 1.11.1 to 3.0.0 in docker/build-push-action#1454

Bump @docker/actions-toolkit from 0.62.1 to 0.79.0 in docker/build-push-action#1453 docker/build-push-action#1472 docker/build-push-action#1479

Bump minimatch from 3.1.2 to 3.1.5 in docker/build-push-action#1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

v6.19.2

Preserve port in GIT_AUTH_TOKEN host by @crazy-max in docker/build-push-action#1458

Full Changelog: docker/build-push-action@v6.19.1...v6.19.2

v6.19.1

Derive GIT_AUTH_TOKEN host from GitHub server URL by @crazy-max in docker/build-push-action#1456

Full Changelog: docker/build-push-action@v6.19.0...v6.19.1

v6.19.0

Scope default git auth token to github.com by @crazy-max in docker/build-push-action#1451

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/build-push-action#1396

Bump form-data from 2.5.1 to 2.5.5 in docker/build-push-action#1391

Bump js-yaml from 3.14.1 to 3.14.2 in docker/build-push-action#1429

Bump lodash from 4.17.21 to 4.17.23 in docker/build-push-action#1446

Bump tmp from 0.2.3 to 0.2.4 in docker/build-push-action#1398

Bump undici from 5.28.4 to 5.29.0 in docker/build-push-action#1397

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

Commits

d08e5c3 Merge pull request #1479 from docker/dependabot/npm_and_yarn/docker/actions-t...
cbd2dff chore: update generated content
f76f51f chore(deps): Bump @docker/actions-toolkit from 0.78.0 to 0.79.0
7d03e66 Merge pull request #1473 from crazy-max/rm-deprecated-envs
98f853d chore: update generated content
cadccf6 remove deprecated envs
03fe877 Merge pull request #1478 from docker/dependabot/github_actions/docker/setup-b...
827e366 chore(deps): Bump docker/setup-buildx-action from 3 to 4
e25db87 Merge pull request #1474 from crazy-max/rm-export-build-tool
1ac2573 Merge pull request #1470 from crazy-max/node24
Additional commits viewable in compare view

Updates aquasecurity/trivy-action from 0.33.1 to 0.35.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

Release: 0.35.0

What's Changed

chore(deps): Update trivy to v0.69.3 by @aqua-bot in aquasecurity/trivy-action#519

Full Changelog: aquasecurity/trivy-action@0.34.2...0.35.0

Release: v0.35.0

This release is a duplicate of 0.35.0 which was not compromised.

As part of our response to the recent supply chain attack, we have migrated all tags to use the v prefix (e.g., v0.35.0 instead of 0.35.0). Going forward, all new releases will use the v prefix convention.

We have intentionally kept the 0.35.0 tag intact to avoid breaking existing workflows that depend on it.

If you are currently using 0.35.0, your workflows are safe — no action is required.

Release: v0.34.0

Full Changelog: aquasecurity/trivy-action@v0.33.1...v0.34.0

Commits

57a97c7 chore(deps): Update trivy to v0.69.3 (#519)
97e0b38 chore: bump Trivy version to v0.69.2 in test workflow and README (#515)
4c61e63 chore: bump default Trivy version to v0.69.2 (#513)
1bd0625 Merge pull request #508 from nikpivkin/feat/pass-yaml-ignore-file
bce3086 remove unused init-cache target
5a9fbb1 supress progress bar when download db
1615450 update trivyignores input description
df85774 add comment about fd3
56c8dae remove unused variable
e368e32 ci(test): add zizmor security linter for GitHub Actions (#502)
Additional commits viewable in compare view

Updates dependabot/fetch-metadata from 2.4.0 to 3.0.0

Release notes

Sourced from dependabot/fetch-metadata's releases.

v3.0.0

The breaking change is requiring Node.js version v24 as the Actions runtime.

What's Changed

feat: Parse versions from metadata links by @ppkarwasz in dependabot/fetch-metadata#632

Upgrade actions core and actions github packages by @truggeri in dependabot/fetch-metadata#649

docs: Add notes for using alert-lookup with App Token by @sue445 in dependabot/fetch-metadata#656

feat!: update Node.js version to v24 by @sturman in dependabot/fetch-metadata#671

Switch build tooling from ncc to esbuild by @truggeri in dependabot/fetch-metadata#676

Add --legal-comments=none to esbuild build commands by @jeffwidman in dependabot/fetch-metadata#679

Bump tsconfig target from es2022 to es2024 by @jeffwidman in dependabot/fetch-metadata#680

Remove vestigial outDir from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#681

Switch tsconfig module resolution to bundler by @jeffwidman in dependabot/fetch-metadata#682

Remove skipLibCheck from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#683

Add typecheck step to CI by @jeffwidman in dependabot/fetch-metadata#685

Enable noImplicitAny in tsconfig.json by @jeffwidman in dependabot/fetch-metadata#684

Upgrade @actions/core to ^3.0.0 by @truggeri in dependabot/fetch-metadata#677

Upgrade @actions/github to ^9.0.0 and @octokit/request-error to ^7.1.0 by @truggeri in dependabot/fetch-metadata#678

Bump qs from 6.14.0 to 6.14.1 by @dependabot[bot] in dependabot/fetch-metadata#651

Bump hono from 4.11.1 to 4.11.4 by @dependabot[bot] in dependabot/fetch-metadata#652

Bump hono from 4.11.4 to 4.11.7 by @dependabot[bot] in dependabot/fetch-metadata#653

Bump hono from 4.11.7 to 4.12.0 by @dependabot[bot] in dependabot/fetch-metadata#657

Bump qs from 6.14.1 to 6.14.2 by @dependabot[bot] in dependabot/fetch-metadata#655

Bump @modelcontextprotocol/sdk from 1.25.1 to 1.26.0 by @dependabot[bot] in dependabot/fetch-metadata#654

Bump @hono/node-server from 1.19.9 to 1.19.10 by @dependabot[bot] in dependabot/fetch-metadata#665

Bump hono from 4.12.2 to 4.12.5 by @dependabot[bot] in dependabot/fetch-metadata#664

Bump minimatch from 3.1.2 to 3.1.5 by @dependabot[bot] in dependabot/fetch-metadata#667

Bump hono from 4.12.5 to 4.12.7 by @dependabot[bot] in dependabot/fetch-metadata#668

Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by @dependabot[bot] in dependabot/fetch-metadata#669

Bump flatted from 3.3.3 to 3.4.2 by @dependabot[bot] in dependabot/fetch-metadata#670

build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @dependabot[bot] in dependabot/fetch-metadata#674

New Contributors

@ppkarwasz made their first contribution in dependabot/fetch-metadata#632

@truggeri made their first contribution in dependabot/fetch-metadata#649

@sue445 made their first contribution in dependabot/fetch-metadata#656

@sturman made their first contribution in dependabot/fetch-metadata#671

Full Changelog: dependabot/fetch-metadata@v2...v3.0.0

v2.5.0

What's Changed

Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot[bot] in dependabot/fetch-metadata#628

Bump the dev-dependencies group with 11 updates by @dependabot[bot] in dependabot/fetch-metadata#629

Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by @dependabot[bot] in dependabot/fetch-metadata#635

Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in dependabot/fetch-metadata#638

Bump actions/checkout from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#636

Bump actions/setup-node from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#637

Bump actions/setup-node from 5 to 6 by @dependabot[bot] in dependabot/fetch-metadata#639

Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @dependabot[bot] in dependabot/fetch-metadata#643

... (truncated)

Commits

ffa630c v3.0.0 (#686)
ec8fff2 Merge pull request #674 from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2
caf48bd build(deps-dev): bump picomatch from 2.3.1 to 2.3.2
13d8274 Upgrade @actions/github to ^9.0.0 and @octokit/request-error to ^7.1.0 (#678)
b603099 Upgrade @actions/core from ^1.11.1 to ^3.0.0 (#677)
c5dc5b1 Enable noImplicitAny in tsconfig.json (#684)
a183f3c Add typecheck step to CI (#685)
5e17564 Remove skipLibCheck from tsconfig.json (#683)
bb56eeb Switch tsconfig module resolution to bundler (#682)
3632e3d Remove vestigial outDir from tsconfig.json (#681)
Additional commits viewable in compare view

Updates epam/ai-dial-ci/.github/workflows/pr-title-check.yml from 3.0.0 to 3.1.3

Release notes

Sourced from epam/ai-dial-ci/.github/workflows/pr-title-check.yml's releases.

3.1.3

What's Changed

fix: fix trivy installation due to missing binaries in the upstream repository by @tataranovich in epam/ai-dial-ci#434

Full Changelog: epam/ai-dial-ci@3.1.2...3.1.3

3.1.2

What's Changed

fix: fix Trivy scans by @tataranovich in epam/ai-dial-ci#424

chore: bump actions/setup-java from 5.1.0 to 5.2.0 by @dependabot[bot] in epam/ai-dial-ci#420

chore: bump docker/login-action from 3.6.0 to 3.7.0 in /actions/build_docker by @dependabot[bot] in epam/ai-dial-ci#421

chore: bump actions/setup-python from 6.1.0 to 6.2.0 in /actions/python_prepare by @dependabot[bot] in epam/ai-dial-ci#423

chore: bump digital-blueprint/gitlab-pipeline-trigger-action from 1.3.0 to 1.4.0 by @dependabot[bot] in epam/ai-dial-ci#425

chore: bump actions/setup-java from 5.1.0 to 5.2.0 in /actions/java_prepare by @dependabot[bot] in epam/ai-dial-ci#422

chore: bump gradle/actions from 5.0.0 to 5.0.1 by @dependabot[bot] in epam/ai-dial-ci#426

chore: bump gradle/actions from 5.0.0 to 5.0.1 in /actions/java_prepare by @dependabot[bot] in epam/ai-dial-ci#427

chore: bump actions/cache from 5.0.2 to 5.0.3 in /actions/python_prepare by @dependabot[bot] in epam/ai-dial-ci#428

chore: bump step-security/harden-runner from 2.14.0 to 2.14.2 by @dependabot[bot] in epam/ai-dial-ci#430

Full Changelog: epam/ai-dial-ci@3.1.1...3.1.2

3.1.1

What's Changed

fix: poetry installation, initialization and caching in python workflows by @nepalevov in epam/ai-dial-ci#414

chore: bump actions/checkout from 6.0.1 to 6.0.2 by @dependabot[bot] in epam/ai-dial-ci#415

chore: bump actions/checkout from 6.0.1 to 6.0.2 in /actions/generate_release_notes by @dependabot[bot] in epam/ai-dial-ci#416

chore: bump actions/checkout from 6.0.1 to 6.0.2 in /actions/semantic_versioning by @dependabot[bot] in epam/ai-dial-ci#417

Full Changelog: epam/ai-dial-ci@3.1.0...3.1.1

3.1.0

What's Changed

feat: Add optional runner cleanup before running python tests in python docker test workflow by @nepalevov in epam/ai-dial-ci#411

chore: bump actions/checkout from 5.0.1 to 6.0.1 by @dependabot[bot] in

Bumps the all group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.1` | `47.0.5` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.0.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.18.0` | `7.0.0` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.33.1` | `0.35.0` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.4.0` | `3.0.0` | | [epam/ai-dial-ci/.github/workflows/pr-title-check.yml](https://github.com/epam/ai-dial-ci) | `3.0.0` | `3.1.3` | Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@8e8c483...de0fac2) Updates `tj-actions/changed-files` from 47.0.1 to 47.0.5 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@e002140...22103cc) Updates `docker/metadata-action` from 5.10.0 to 6.0.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@c299e40...030e881) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `docker/build-push-action` from 6.18.0 to 7.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2634353...d08e5c3) Updates `aquasecurity/trivy-action` from 0.33.1 to 0.35.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@b6643a2...57a97c7) Updates `dependabot/fetch-metadata` from 2.4.0 to 3.0.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@08eff52...ffa630c) Updates `epam/ai-dial-ci/.github/workflows/pr-title-check.yml` from 3.0.0 to 3.1.3 - [Release notes](https://github.com/epam/ai-dial-ci/releases) - [Commits](epam/ai-dial-ci@3.0.0...3.1.3) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: tj-actions/changed-files dependency-version: 47.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: docker/metadata-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: aquasecurity/trivy-action dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: epam/ai-dial-ci/.github/workflows/pr-title-check.yml dependency-version: 3.1.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-04-15T09:28:27Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot added dependencies Dependencies update github_actions Pull requests that update GitHub Actions code labels Apr 8, 2026

dependabot Bot requested review from alexey-ban and nepalevov as code owners April 8, 2026 09:22

dependabot Bot added dependencies Dependencies update github_actions Pull requests that update GitHub Actions code labels Apr 8, 2026

ai-dial-actions approved these changes Apr 8, 2026

View reviewed changes

dependabot Bot closed this Apr 15, 2026

dependabot Bot deleted the dependabot/github_actions/all-909e0ac8b3 branch April 15, 2026 09:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump the all group across 1 directory with 8 updates#10

chore: bump the all group across 1 directory with 8 updates#10
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/all-909e0ac8b3

dependabot Bot commented on behalf of github Apr 8, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Apr 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 8, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.0.2

What's Changed

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v47.0.5

What's Changed

v47.0.4

What's Changed

v47.0.3

What's Changed

v47.0.2

What's Changed

Changelog

47.0.5 - (2026-03-03)

🔄 Update

⚙️ Miscellaneous Tasks

⬆️ Upgrades

47.0.4 - (2026-02-17)

🔄 Update

47.0.3 - (2026-02-17)

🔄 Update

⚙️ Miscellaneous Tasks

v6.0.0

v4.0.0

v7.0.0

v6.19.2

v6.19.1

v6.19.0

Release: 0.35.0

What's Changed

Release: v0.35.0

Release: v0.34.0

v3.0.0

What's Changed

New Contributors

v2.5.0

What's Changed

3.1.3

What's Changed

3.1.2

What's Changed

3.1.1

What's Changed

3.1.0

What's Changed

Uh oh!

dependabot Bot commented on behalf of github Apr 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Apr 8, 2026 •

edited

Loading