deps: bump the production-dependencies group across 1 directory with 6 updates

dependabot[bot] · web-flow · commit fedd1daa38c6 · 2025-11-24T13:48:58.000Z
Bumps the production-dependencies group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `5` | `6` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [actions/github-script](https://github.com/actions/github-script) | `7` | `8` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `5` | `6` | | [42ByteLabs/patch-release-me](https://github.com/42bytelabs/patch-release-me) | `0.6.1` | `0.6.3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.8` | `7.0.9` | Updates `actions/checkout` from 5 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `actions/github-script` from 7 to 8 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v7...v8) Updates `actions/download-artifact` from 5 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v5...v6) Updates `42ByteLabs/patch-release-me` from 0.6.1 to 0.6.3 - [Release notes](https://github.com/42bytelabs/patch-release-me/releases) - [Changelog](https://github.com/42ByteLabs/patch-release-me/blob/main/.release.yml) - [Commits](42ByteLabs/patch-release-me@9ff3c04...840ec9c) Updates `peter-evans/create-pull-request` from 7.0.8 to 7.0.9 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@271a8d0...84ae59a) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: 42ByteLabs/patch-release-me dependency-version: 0.6.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: peter-evans/create-pull-request dependency-version: 7.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ jobs:
         language: [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       # Conditionally run actions based on files modified by PR, feature branch or pushed commits
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
@@ -101,7 +101,7 @@ jobs:
 
       - name: Upload test results
         if: steps.changes.outputs.src == 'true'
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: ${{ matrix.language }}-test-results
           path: |
@@ -122,13 +122,13 @@ jobs:
     steps:
       - name: Check if compile-and-test job failed to complete, if so fail
         if: ${{ needs.compile-and-test.result == 'failure' }}
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           script: |
             core.setFailed('Test run job failed')
 
       - name: Collect test results
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v6
 
       - name: Validate test results
         run: |
@@ -157,7 +157,7 @@ jobs:
         language: [ 'csharp', 'java' ]
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           submodules: true
 
@@ -190,7 +190,7 @@ jobs:
         language: [ 'csharp', 'java' ]
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           submodules: true
 
@@ -218,7 +218,7 @@ jobs:
     needs: compile-and-test
     
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
         id: changes
diff --git a/.github/workflows/hotspots.yml b/.github/workflows/hotspots.yml
@@ -15,15 +15,15 @@ jobs:
       packages: write
     steps:
       - name: Checkout github/codeql
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           path: codeql
           repository: github/codeql
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0
 
       - name: Checkout github/codeql-community-packs
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           path: codeql-community-packs
           repository: githubsecuritylab/codeql-community-packs
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -20,7 +20,7 @@ jobs:
         language: ["cpp", "csharp", "go", "java", "javascript", "python", "ruby"] 
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Check codeql-LANG-queries (src) pack
         id: check_version
@@ -63,7 +63,7 @@ jobs:
         language: ["cpp", "csharp", "go", "java", "javascript", "python", "ruby"] 
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Check codeql-LANG-libs (lib) pack
         id: check_version
@@ -106,7 +106,7 @@ jobs:
         language: ["csharp", "java"]
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Check codeql-LANG-extensions (ext) pack
         id: check_version
@@ -149,7 +149,7 @@ jobs:
         language: ["csharp", "java"]
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Check codeql-LANG-library-sources (ext-library-sources) pack
         id: check_version
diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Get Token
         id: get_workflow_token
@@ -29,13 +29,13 @@ jobs:
           private-key: ${{ secrets.SECLABS_APP_KEY }}
 
       - name: "Patch Release Me"
-        uses: 42ByteLabs/patch-release-me@9ff3c04cb0802fd8dcd3100e5c0b4801e88daf3a # 0.6.1
+        uses: 42ByteLabs/patch-release-me@840ec9cfe2170a5704f77ba721bddeb4eb52317a # 0.6.3
         with:
           # Bump (patch)
           mode: ${{ inputs.mode }}
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9
         with:
           token: ${{ steps.get_workflow_token.outputs.token }}
           title: "Chore: Auto Update new Release"
