Skip to content

chore(deps): bump the github-actions-deps group across 1 directory with 4 updates#3088

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/github_actions/develop/github-actions-deps-e815e9271c
Closed

chore(deps): bump the github-actions-deps group across 1 directory with 4 updates#3088
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/github_actions/develop/github-actions-deps-e815e9271c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions-deps group with 4 updates in the / directory: actions/checkout, aws-actions/configure-aws-credentials, codecov/codecov-action and SonarSource/sonarqube-scan-action.

Updates actions/checkout from 6.0.3 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates aws-actions/configure-aws-credentials from 6.2.0 to 6.2.1

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.1

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)
Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)

6.2.0 (2026-06-01)

Features

Bug Fixes

  • skip credential check on output-env-credentials: false (#1778) (58e7c47)
  • assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

  • fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

6.1.1 (2026-05-05)

Miscellaneous Chores

  • various dependency updates

6.1.0 (2026-04-06)

Features

... (truncated)

Commits
  • 254c19b chore(main): release 6.2.1 (#1849)
  • a20cf82 chore: Update dist
  • 4d281fb fix: enforce allowed-account-ids on all auth paths (#1847)
  • e004cdc chore(deps-dev): bump @​smithy/property-provider from 4.4.0 to 4.4.2 (#1845)
  • 88aa369 chore: Update dist
  • 687331b chore(deps): bump @​aws-sdk/client-sts from 3.1069.0 to 3.1075.0 (#1841)
  • ea607be chore: Update dist
  • 6d13606 chore(deps): bump @​smithy/node-http-handler from 4.8.0 to 4.8.2 (#1842)
  • 71a32ae chore: Update dist
  • b290f2c chore(deps-dev): bump @​aws-sdk/credential-provider-env (#1844)
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 6.0.1 to 7.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v7.0.0

⚠️ Due to migration issues with keybase, we are unable to update our keys under the codecovsecurity account. We have deleted the account and are using codecovsecops with the original gpg key

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v7.0.0

v6.0.2

This is a copy of the v7.0.0 release to make updates easier

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

Updates SonarSource/sonarqube-scan-action from 8.1.0 to 8.2.0

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v8.2.0

What's Changed

Full Changelog: SonarSource/sonarqube-scan-action@v8...v8.2.0

Commits
  • 7138816 SQSCANGHA-127 Rename downloaded file to .zip before extraction on Windows (#251)
  • 3581139 SQSCANGHA-135 Fix scanner binaries always re-downloaded due to incompatible 4...
  • c9d327c SQSCANGHA-84 Remove outdated wget/curl references
  • b243e51 SQSCANGHA-88 Deprecate the SONARCLOUD_URL env variable support
  • 375c3f5 SQSCANGHA-149 Add scannerBinariesAuthHeader input for authenticated binary do...
  • 9c78323 SQSCANGHA-144 Add gate jobs to QA workflows for branch protection
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…th 4 updates

Bumps the github-actions-deps group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action).


Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)

Updates `aws-actions/configure-aws-credentials` from 6.2.0 to 6.2.1
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@e7f100c...254c19b)

Updates `codecov/codecov-action` from 6.0.1 to 7.0.0
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@e79a696...fb8b358)

Updates `SonarSource/sonarqube-scan-action` from 8.1.0 to 8.2.0
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@7006c44...7138816)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-deps
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-deps
- dependency-name: codecov/codecov-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-deps
- dependency-name: SonarSource/sonarqube-scan-action
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github-actions labels Jul 1, 2026
Copilot AI review requested due to automatic review settings July 1, 2026 00:16
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 00:16
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github-actions labels Jul 1, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 8, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/develop/github-actions-deps-e815e9271c branch July 8, 2026 00:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github-actions

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant