chore(deps): bump the actions-deps group across 1 directory with 7 updates by dependabot[bot] · Pull Request #94 · LibraMusic/LibraCore

dependabot · 2026-03-15T08:03:06Z

Bumps the actions-deps group with 7 updates in the / directory:

Package	From	To
actions/create-github-app-token	`2`	`3`
docker/setup-qemu-action	`3`	`4`
docker/setup-buildx-action	`3`	`4`
crazy-max/ghaction-upx	`3`	`4`
docker/login-action	`3`	`4`
goreleaser/goreleaser-action	`6`	`7`
actions/upload-artifact	`6`	`7`

Updates actions/create-github-app-token from 2 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

feat!: node 24 support (#275) (2e564a0)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (4451bcb)

Bug Fixes

remove custom proxy handling (#143) (dce0ab0)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

deps: bump @actions/core from 1.11.1 to 3.0.0 (#337) (b044133)

deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)

deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)

deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

deps: bump @octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)

deps: bump @octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)

deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)

deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits

f8d387b build(release): 3.0.0 [skip ci]
d2129bd style: remove extra blank line in release workflow
77b94ef build: refresh generated artifacts
3ab4c66 chore: move undici to devDependencies
739cf66 docs: update README action versions
db40289 build(deps): bump actions versions in test.yml
496a7ac test: migrate from AVA to Node.js native test runner (#346)
3870dc3 Rename end-to-end proxy job in test workflow
4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
dce0ab0 fix: remove custom proxy handling (#143)
Additional commits viewable in compare view

Updates docker/setup-qemu-action from 3 to 4

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-qemu-action#245

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-qemu-action#241

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-qemu-action#244

Bump @docker/actions-toolkit from 0.67.0 to 0.77.0 in docker/setup-qemu-action#243

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/setup-qemu-action#240

Bump js-yaml from 3.14.1 to 3.14.2 in docker/setup-qemu-action#231

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-qemu-action#238

Full Changelog: docker/setup-qemu-action@v3.7.0...v4.0.0

v3.7.0

Bump @docker/actions-toolkit from 0.56.0 to 0.67.0 in docker/setup-qemu-action#217 docker/setup-qemu-action#230

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/setup-qemu-action#220

Bump form-data from 2.5.1 to 2.5.5 in docker/setup-qemu-action#218

Bump tmp from 0.2.3 to 0.2.4 in docker/setup-qemu-action#221

Bump undici from 5.28.4 to 5.29.0 in docker/setup-qemu-action#219

Full Changelog: docker/setup-qemu-action@v3.6.0...v3.7.0

v3.6.0

Display binfmt version by @crazy-max in docker/setup-qemu-action#202

Full Changelog: docker/setup-qemu-action@v3.5.0...v3.6.0

v3.5.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-qemu-action#205

Full Changelog: docker/setup-qemu-action@v3.4.0...v3.5.0

v3.4.0

Bump @docker/actions-toolkit from 0.49.0 to 0.54.0 in docker/setup-qemu-action#193 docker/setup-qemu-action#197

Full Changelog: docker/setup-qemu-action@v3.3.0...v3.4.0

v3.3.0

Add cache-image input to enable/disable caching of binfmt image by @crazy-max in docker/setup-qemu-action#130

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-qemu-action#172

Bump @docker/actions-toolkit from 0.35.0 to 0.49.0 in docker/setup-qemu-action#187

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-qemu-action#182

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-qemu-action#162

Full Changelog: docker/setup-qemu-action@v3.2.0...v3.3.0

v3.2.0

Bump @docker/actions-toolkit from 0.31.0 to 0.35.0 in docker/setup-qemu-action#154 docker/setup-qemu-action#155

Full Changelog: docker/setup-qemu-action@v3.1.0...v3.2.0

v3.1.0

... (truncated)

Commits

ce36039 Merge pull request #245 from crazy-max/node24
6386344 node 24 as default runtime
1ea3db7 Merge pull request #243 from docker/dependabot/npm_and_yarn/docker/actions-to...
b56a002 chore: update generated content
c43f02d build(deps): bump @docker/actions-toolkit from 0.67.0 to 0.77.0
ce10c58 Merge pull request #244 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
429fc9d chore: update generated content
060e5f8 build(deps): bump @actions/core from 1.11.1 to 3.0.0
44be13e Merge pull request #231 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2
1897438 chore: update generated content
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3 to 4

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-buildx-action#483

Remove deprecated inputs/outputs by @crazy-max in docker/setup-buildx-action#464

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-buildx-action#481

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475

Bump @docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485

Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472

Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

v3.12.0

Deprecate install input by @crazy-max in docker/setup-buildx-action#455

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/setup-buildx-action#434

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/setup-buildx-action#436

Bump form-data from 2.5.1 to 2.5.5 in docker/setup-buildx-action#432

Bump undici from 5.28.4 to 5.29.0 in docker/setup-buildx-action#435

Full Changelog: docker/setup-buildx-action@v3.11.1...v3.12.0

v3.11.1

Fix keep-state not being respected by @crazy-max in docker/setup-buildx-action#429

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

Keep BuildKit state support by @crazy-max in docker/setup-buildx-action#427

Remove aliases created when installing by default by @hashhar in docker/setup-buildx-action#139

Bump @docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/setup-buildx-action#422 docker/setup-buildx-action#425

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

v3.10.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-buildx-action#408

Full Changelog: docker/setup-buildx-action@v3.9.0...v3.10.0

v3.9.0

Bump @docker/actions-toolkit from 0.48.0 to 0.54.0 in docker/setup-buildx-action#402 docker/setup-buildx-action#404

Full Changelog: docker/setup-buildx-action@v3.8.0...v3.9.0

v3.8.0

Make cloud prefix optional to download buildx if driver is cloud by @crazy-max in docker/setup-buildx-action#390

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-buildx-action#370

Bump @docker/actions-toolkit from 0.39.0 to 0.48.0 in docker/setup-buildx-action#389

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-buildx-action#382

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

... (truncated)

Commits

4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
cd74e05 chore: update generated content
eee38ec build(deps): bump @docker/actions-toolkit from 0.77.0 to 0.79.0
7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
28a438e Merge pull request #483 from crazy-max/node24
034e9d3 chore: update generated content
b4664d8 remove deprecated inputs/outputs
a8257de node 24 as default runtime
Additional commits viewable in compare view

Updates crazy-max/ghaction-upx from 3 to 4

Release notes

Sourced from crazy-max/ghaction-upx's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in crazy-max/ghaction-upx#281

Switch to ESM and update config/test wiring by @crazy-max in crazy-max/ghaction-upx#278

Bump @actions/core from 1.11.1 to 3.0.0 in crazy-max/ghaction-upx#273

Bump @actions/exec from 1.1.1 to 3.0.0 in crazy-max/ghaction-upx#280

Bump @actions/http-client from 2.2.3 to 4.0.0 in crazy-max/ghaction-upx#275

Bump @actions/tool-cache from 2.0.2 to 4.0.0 in crazy-max/ghaction-upx#274

Bump brace-expansion from 1.1.11 to 1.1.12 in crazy-max/ghaction-upx#264

Bump js-yaml from 3.14.0 to 3.14.2 in crazy-max/ghaction-upx#268

Bump lodash from 4.17.21 to 4.17.23 in crazy-max/ghaction-upx#270

Bump minimatch from 3.1.2 to 3.1.5 in crazy-max/ghaction-upx#277

Full Changelog: crazy-max/ghaction-upx@v3.2.0...v4.0.0

v3.2.0

Bump @actions/tool-cache from 2.0.1 to 2.0.2 in crazy-max/ghaction-upx#257

Bump cross-spawn from 7.0.3 to 7.0.6 in crazy-max/ghaction-upx#256

Bump undici from 5.28.4 to 5.28.5 in crazy-max/ghaction-upx#258

Full Changelog: crazy-max/ghaction-upx@v3.1.0...v3.2.0

v3.1.0

Add arm platform support by @crazy-max in crazy-max/ghaction-upx#254

Bump @actions/core from 1.10.0 to 1.11.1 in crazy-max/ghaction-upx#253

Bump @actions/http-client from 2.1.1 to 2.2.3 in crazy-max/ghaction-upx#245

Bump @babel/traverse from 7.17.9 to 7.23.2 in crazy-max/ghaction-upx#224

Bump braces from 3.0.2 to 3.0.3 in crazy-max/ghaction-upx#240

Bump debug from 4.1.1 to 4.3.4 in crazy-max/ghaction-upx#222

Bump ip from 2.0.0 to 2.0.1 in crazy-max/ghaction-upx#230

Bump micromatch from 4.0.5 to 4.0.8 in crazy-max/ghaction-upx#246

Bump tar from 6.2.0 to 6.2.1 in crazy-max/ghaction-upx#234

Full Changelog: crazy-max/ghaction-upx@v3.0.0...v3.1.0

Commits

c83f378 Merge pull request #281 from crazy-max/node24
ece6c7a node 24 as default runtime
ba752d7 Merge pull request #279 from crazy-max/dependabot/npm_and_yarn/glob-13.0.6
4c1efe3 chore: update generated content
4691e38 chore(deps): bump glob from 11.1.0 to 13.0.6
d316ed7 Merge pull request #274 from crazy-max/dependabot/npm_and_yarn/actions/tool-c...
c4146ab chore: update generated content
99b8311 chore(deps): bump @actions/tool-cache from 2.0.2 to 4.0.0
05b8d23 Merge pull request #273 from crazy-max/dependabot/npm_and_yarn/actions/core-3...
339ea5e chore: update generated content
Additional commits viewable in compare view

Updates docker/login-action from 3 to 4

Release notes

Sourced from docker/login-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/login-action#929

Switch to ESM and update config/test wiring by @crazy-max in docker/login-action#927

Bump @actions/core from 1.11.1 to 3.0.0 in docker/login-action#919

Bump @aws-sdk/client-ecr from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @aws-sdk/client-ecr-public from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @docker/actions-toolkit from 0.63.0 to 0.77.0 in docker/login-action#910 docker/login-action#928

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/login-action#921

Bump js-yaml from 4.1.0 to 4.1.1 in docker/login-action#901

Full Changelog: docker/login-action@v3.7.0...v4.0.0

v3.7.0

Add scope input to set scopes for the authentication token by @crazy-max in docker/login-action#912

Add support for AWS European Sovereign Cloud ECR by @dphi in docker/login-action#914

Ensure passwords are redacted with registry-auth input by @crazy-max in docker/login-action#911

build(deps): bump lodash from 4.17.21 to 4.17.23 in docker/login-action#915

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

Add registry-auth input for raw authentication to registries by @crazy-max in docker/login-action#887

Bump @aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880

Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879

Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Support dual-stack endpoints for AWS ECR by @Spacefish @crazy-max in docker/login-action#874 docker/login-action#876

Bump @aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870

Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Bump @actions/core from 1.10.1 to 1.11.1 in docker/login-action#791

Bump @aws-sdk/client-ecr to 3.766.0 in docker/login-action#789 docker/login-action#856

Bump @aws-sdk/client-ecr-public to 3.758.0 in docker/login-action#789 docker/login-action#856

Bump @docker/actions-toolkit from 0.35.0 to 0.57.0 in docker/login-action#801 docker/login-action#806 docker/login-action#858

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/login-action#814

Bump https-proxy-agent from 7.0.5 to 7.0.6 in docker/login-action#823

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/login-action#777

Full Changelog: docker/login-action@v3.3.0...v3.4.0

... (truncated)

Commits

b45d80f Merge pull request #929 from crazy-max/node24
176cb9c node 24 as default runtime
cad8984 Merge pull request #920 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
92cbcb2 chore: update generated content
5a2d6a7 build(deps): bump the aws-sdk-dependencies group with 2 updates
44512b6 Merge pull request #928 from docker/dependabot/npm_and_yarn/docker/actions-to...
28737a5 chore: update generated content
dac0793 build(deps): bump @docker/actions-toolkit from 0.76.0 to 0.77.0
62029f3 Merge pull request #919 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
08c8f06 chore: update generated content
Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 6 to 7

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.0.0

What's Changed

feat!: node 24, update deps, rm yarn, ESM by @caarlos0 in goreleaser/goreleaser-action#533

sec: pin github action versions by @caarlos0 in goreleaser/goreleaser-action#514

docs: Upgrade checkout GitHub Action in README.md by @dunglas in goreleaser/goreleaser-action#507

chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in goreleaser/goreleaser-action#504

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#517

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#523

ci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#526

ci(deps): bump the actions group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#532

ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#534

chore(deps): bump the npm group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#536

chore(deps): bump @actions/http-client from 3.0.2 to 4.0.0 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#537

ci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#538

chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#539

Full Changelog: goreleaser/goreleaser-action@v6...v7.0.0

v6.4.0

What's Changed

ci: set contents read as default workflow permissions by @crazy-max in goreleaser/goreleaser-action#494

fix: support .config directory for goreleaser config files by @haya14busa in goreleaser/goreleaser-action#500

chore(deps): bump semver from 7.7.1 to 7.7.2 by @dependabot[bot] in goreleaser/goreleaser-action#495

chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot[bot] in goreleaser/goreleaser-action#498

fix: do not get releases.json if version is specific by @caarlos0 in goreleaser/goreleaser-action#502

chore(deps): bump undici from 5.28.5 to 5.29.0 by @dependabot[bot] in goreleaser/goreleaser-action#496

feat: retry downloading releases json by @caarlos0 in goreleaser/goreleaser-action#503

New Contributors

@haya14busa made their first contribution in goreleaser/goreleaser-action#500

Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0

v6.3.0

Bump undici from 5.28.3 to 5.28.5 in goreleaser/goreleaser-action#488

Full Changelog: goreleaser/goreleaser-action@v6.2.1...v6.3.0

v6.2.1

What's Changed

This version of the actions adds support for GoReleaser Pro v2.7.0 versioning (which dropped the -pro suffix). Older versions should work fine.

[!WARNING] This version is required for GoReleaser Pro v2.7.0+. Read more here.

Full Changelog: goreleaser/goreleaser-action@v6.2.0...v6.2.1

... (truncated)

Commits

ec59f47 fix: yargs usage
752dede fix: gitignore
1881ae0 ci: update dependabot settings
fdc5e66 chore: gitignore provenance.json
51b5b35 chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group (#539)
4247c53 ci(deps): bump docker/setup-buildx-action in the actions group (#538)
c169bfd chore(deps): bump @actions/http-client from 3.0.2 to 4.0.0 in the npm group (...
902ab4a chore(deps): bump the npm group across 1 directory with 4 updates (#536)
c59a691 chore: gitignore
56cc8b2 ci: add job to automate dependabot pre-checkin/vendor
Additional commits viewable in compare view

Updates actions/upload-artifact from 6 to 7

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Add proxy integration test by @Link- in actions/upload-artifact#754

Upgrade the module to ESM and bump dependencies by @danwkennedy in actions/upload-artifact#762

Support direct file uploads by @danwkennedy in actions/upload-artifact#764

New Contributors

@Link- made their first contribution in actions/upload-artifact#754

Full Changelog: actions/upload-artifact@v6...v7.0.0

Commits

bbbca2d Support direct file uploads (#764)
589182c Upgrade the module to ESM and bump dependencies (#762)
47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
02a8460 Add proxy integration test
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…dates Bumps the actions-deps group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2` | `3` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3` | `4` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` | | [crazy-max/ghaction-upx](https://github.com/crazy-max/ghaction-upx) | `3` | `4` | | [docker/login-action](https://github.com/docker/login-action) | `3` | `4` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6` | `7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6` | `7` | Updates `actions/create-github-app-token` from 2 to 3 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@v2...v3) Updates `docker/setup-qemu-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v3...v4) Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) Updates `crazy-max/ghaction-upx` from 3 to 4 - [Release notes](https://github.com/crazy-max/ghaction-upx/releases) - [Commits](crazy-max/ghaction-upx@v3...v4) Updates `docker/login-action` from 3 to 4 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v4) Updates `goreleaser/goreleaser-action` from 6 to 7 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v6...v7) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: docker/setup-qemu-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: crazy-max/ghaction-upx dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: goreleaser/goreleaser-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps ... Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/release.yml


      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v4


.github/workflows/release.yml


      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4


.github/workflows/release.yml

+        uses: docker/setup-buildx-action@v4

-      - uses: crazy-max/ghaction-upx@v3
+      - uses: crazy-max/ghaction-upx@v4


.github/workflows/release.yml


      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4


.github/workflows/release.yml


      - name: Log in to the Container registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4


.github/workflows/release.yml


      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v6
+        uses: goreleaser/goreleaser-action@v7


dependabot bot added the dependencies Dependencies need to be updated label Mar 15, 2026

chore: fix linting issues

5a536b8

github-advanced-security bot found potential problems Mar 15, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the actions-deps group across 1 directory with 7 updates#94

chore(deps): bump the actions-deps group across 1 directory with 7 updates#94
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/github_actions/actions-deps-0edc6a04e1

dependabot bot commented on behalf of github Mar 15, 2026 •

edited

Loading

Uh oh!

Check warning

Check warning

Check warning

Check warning

Check warning

Check warning

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 15, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

BREAKING CHANGES

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

v4.0.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v4.0.0

v3.12.0

v3.11.1

v3.11.0

v3.10.0

v3.9.0

v3.8.0

v4.0.0

v3.2.0

v3.1.0

v4.0.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v7.0.0

What's Changed

v6.4.0

What's Changed

New Contributors

v6.3.0

v6.2.1

What's Changed

v7.0.0

v7 What's new

Direct Uploads

ESM

What's Changed

New Contributors

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Mar 15, 2026 •

edited

Loading