From 5958ea820bd3614e10b74a4f5e08fde1d1130d09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 May 2026 06:37:50 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 3 updates Bumps the github-actions group with 3 updates in the / directory: [actions/dependency-review-action](https://github.com/actions/dependency-review-action), [actions/github-script](https://github.com/actions/github-script) and [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata). Updates `actions/dependency-review-action` from 4 to 5 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/v4...v5) Updates `actions/github-script` from 7 to 9 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7...v9) Updates `dependabot/fetch-metadata` from 2 to 3 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codequality.yml | 2 +- .github/workflows/coding-agent-pr-gate.yml | 2 +- .github/workflows/contract-changed.yml | 2 +- .github/workflows/dependabot-automerge.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codequality.yml b/.github/workflows/codequality.yml index 28865336..5f1920e3 100644 --- a/.github/workflows/codequality.yml +++ b/.github/workflows/codequality.yml @@ -57,7 +57,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v6 - name: Dependency Review - uses: actions/dependency-review-action@v4 + uses: actions/dependency-review-action@v5 with: comment-summary-in-pr: always diff --git a/.github/workflows/coding-agent-pr-gate.yml b/.github/workflows/coding-agent-pr-gate.yml index 4d62a212..50d01787 100644 --- a/.github/workflows/coding-agent-pr-gate.yml +++ b/.github/workflows/coding-agent-pr-gate.yml @@ -19,7 +19,7 @@ jobs: pull-requests: read steps: - name: Verify every checkbox in PR body is ticked - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const body = context.payload.pull_request.body || ''; diff --git a/.github/workflows/contract-changed.yml b/.github/workflows/contract-changed.yml index fb9b419d..e8e2f8e8 100644 --- a/.github/workflows/contract-changed.yml +++ b/.github/workflows/contract-changed.yml @@ -24,7 +24,7 @@ jobs: pull-requests: read steps: - name: Verify PR body contains a populated Consumer impact section - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const body = context.payload.pull_request.body || ''; diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index fabc6b90..93d617c5 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2 + uses: dependabot/fetch-metadata@v3 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Enable auto-merge for Dependabot PRs