ci: bump the github-actions group across 1 directory with 35 updates

[dependabot]

Bumps the github-actions group with 35 updates in the / directory:

Package	From	To
step-security/harden-runner	2.12.2	2.14.2
actions/checkout	4.2.2	6.0.2
actions/cache	4.2.3	5.0.3
crate-ci/typos	1.34.0	1.43.3
azure/setup-helm	4.3.0	4.3.1
actions/upload-artifact	4.6.2	6.0.0
chromaui/action	13.1.2	15.0.0
docker/login-action	3.4.0	3.7.0
actions/setup-java	4.7.1	5.2.0
google-github-actions/auth	2.1.10	3.0.0
google-github-actions/setup-gcloud	2.1.4	3.0.1
actions/download-artifact	4.3.0	7.0.0
actions/attest	2.4.0	3.2.0
fluxcd/flux2	2.6.3	2.7.5
google-github-actions/get-gke-credentials	2.3.3	3.0.0
actions/github-script	7.0.1	8.0.0
dependabot/fetch-metadata	2.4.0	2.5.0
depot/setup-action	1.6.0	1.7.1
depot/build-push-action	1.15.0	1.17.0
tj-actions/changed-files	cf79a64fed8a943fb1073260883d08fe0dfb4e56	caee9d94cec72c6797349cc07842c787d2cc9f74
nixbuild/nix-quick-install-action	32	34
nix-community/cache-nix-action	6.1.3	7.0.2
tj-actions/branch-names	8.2.1	9.0.2
docker/setup-buildx-action	3.11.1	3.12.0
toshimaru/auto-author-assign	2.1.1	3.0.1
peter-evans/find-comment	3.1.0	4.0.0
peter-evans/create-or-update-comment	4.0.0	5.0.0
peter-evans/repository-dispatch	3.0.0	4.0.1
ossf/scorecard-action	2.4.2	2.4.3
github/codeql-action	3.29.2	4.32.2
aquasecurity/trivy-action	0.32.0	0.33.1
actions/stale	9.1.0	10.1.1
Mattraks/delete-workflow-runs	2.0.6	2.1.0
coder/start-workspace-action	35a4608cefc7e8cc56573cae7c3b85304575cb72	f97a681b4cc7985c9eef9963750c7cc6ebc93a19
umbrelladocs/action-linkspector	1.3.6	1.4.0

Updates step-security/harden-runner from 2.12.2 to 2.14.2

Release notes

Sourced from step-security/harden-runner's releases.

v2.14.2

What's Changed

Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.

Full Changelog: step-security/harden-runner@v2.14.1...v2.14.2

v2.14.1

What's Changed

1. In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.

2. Fixed npm audit vulnerabilities

Full Changelog: step-security/harden-runner@v2.14.0...v2.14.1

v2.14.0

What's Changed

• Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.
• Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.

Full Changelog: step-security/harden-runner@v2.13.3...v2.14.0

v2.13.3

What's Changed

• Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

v2.13.2

What's Changed

• Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
• Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

v2.13.1

What's Changed

• Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.

• Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.

• Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.

Full Changelog: step-security/harden-runner@v2.13.0...v2.13.1

... (truncated)

Commits

• 5ef0c07 Merge pull request #635 from step-security/rc-34
• eb43c7b update agent
• e3f713f Merge pull request #631 from step-security/rc-31
• 423acdd chore: fix npm audit vulnerabilities
• 0ddb86c update agent
• 20cf305 Merge pull request #622 from step-security/feature/custom-property-skip
• c51e8ee feat: skip agent install and post step on subsequent runs for GitHub-hosted r...
• e152b90 feat: skip harden-runner based on repository custom property
• ee1faec feat: replace skip-harden-runner with skip-on-custom-property input
• 1dc7c17 feat: add skip-harden-runner input to conditionally skip execution
• Additional commits viewable in compare view

Updates actions/checkout from 4.2.2 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

• Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @​TingluoHuang in actions/checkout#2355
• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

• Update all references from v5 and v4 to v6 by @​ericsciple in actions/checkout#2314
• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327
• Clarify v6 README by @​ericsciple in actions/checkout#2328

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates actions/cache from 4.2.3 to 5.0.3

Release notes

Sourced from actions/cache's releases.

v5.0.3

What's Changed

• Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)
• Bump @actions/core to v2.0.3

Full Changelog: actions/cache@v5...v5.0.3

v.5.0.2

v5.0.2

What's Changed

When creating cache entries, 429s returned from the cache service will not be retried.

v5.0.1

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

---

v5.0.1

What's Changed

• fix: update @​actions/cache for Node.js 24 punycode deprecation by @​salmanmkc in actions/cache#1685
• prepare release v5.0.1 by @​salmanmkc in actions/cache#1686

v5.0.0

What's Changed

• Upgrade to use node24 by @​salmanmkc in actions/cache#1630
• Prepare v5.0.0 release by @​salmanmkc in actions/cache#1684

Full Changelog: actions/cache@v5...v5.0.1

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

---

What's Changed

• Upgrade to use node24 by @​salmanmkc in actions/cache#1630

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

1. Switch to a new branch from main.
2. Run npm test to ensure all tests are passing.
3. Update the version in https://github.com/actions/cache/blob/main/package.json.
4. Run npm run build to update the compiled files.
5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
6. Run licensed cache to update the license report.
7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
8. Commit your changes and push your branch upstream.
9. Open a pull request against main and get it reviewed and merged.
10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.3

• Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)
• Bump @actions/core to v2.0.3

5.0.2

• Bump @actions/cache to v5.0.3 #1692

5.0.1

• Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

• Bump @actions/cache to v4.1.0

... (truncated)

Commits

• cdf6c1f Merge pull request #1695 from actions/Link-/prepare-5.0.3
• a1bee22 Add review for the @​actions/http-client license
• 4695763 Add licensed output
• dc73bb9 Upgrade dependencies and address security warnings
• 345d5c2 Add 5.0.3 builds
• 8b402f5 Merge pull request #1692 from GhadimiR/main
• 304ab5a license for httpclient
• 609fc19 Update licensed record for cache
• b22231e Build
• 93150cd Add PR link to releases
• Additional commits viewable in compare view

Updates crate-ci/typos from 1.34.0 to 1.43.3

Release notes

Sourced from crate-ci/typos's releases.

v1.43.3

[1.43.3] - 2026-02-06

Fixes

• (action) Adjust how typos are reported to github

v1.43.2

[1.43.2] - 2026-02-05

Fixes

• Don't correct certifi in Python

v1.43.1

[1.43.1] - 2026-02-03

Fixes

• Don't correct consts

v1.43.0

[1.43.0] - 2026-02-02

Features

• Updated the dictionary with the January 2026 changes

v1.42.3

[1.42.3] - 2026-01-27

Fixes

• Don't correct loosing

v1.42.2

[1.42.2] - 2026-01-26

Fixes

• Don't correct substituters

v1.42.1

[1.42.1] - 2026-01-19

Fixes

• Ignore hex literals with suffixes (e.g. 0xffffUL)

v1.42.0

... (truncated)

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.43.3] - 2026-02-06

Fixes

• (action) Adjust how typos are reported to github

[1.43.2] - 2026-02-05

Fixes

• Don't correct certifi in Python

[1.43.1] - 2026-02-03

Fixes

• Don't correct consts

[1.43.0] - 2026-02-02

Compatibility

• Bumped MSRV to 1.91

Features

• Updated the dictionary with the January 2026 changes

[1.42.3] - 2026-01-27

Fixes

• Don't correct loosing

[1.42.2] - 2026-01-26

Fixes

• Don't correct substituters

[1.42.1] - 2026-01-19

... (truncated)

Commits

• 9066e99 chore: Release
• 3bebc2a docs: Update changelog
• adf71f7 Merge pull request #1496 from adangel/fix-action-annotations
• ad3053d chore: Release
• a23d8be docs: Update changelog
• 63b278c Merge pull request #1497 from epage/certifi
• 5775fa1 feat(config): Don't correct certifi in Python
• 67e0ce7 fix(gh): Fix col offset (1-based)
• 7f369e0 fix(gh): Relativize file paths against GITHUB_WORKSPACE
• 3141b83 docs: Add msrv entry
• Additional commits viewable in compare view

Updates azure/setup-helm from 4.3.0 to 4.3.1

Release notes

Sourced from azure/setup-helm's releases.

v4.3.1

Changed

• #167 Pinning Action Dependencies for Security and Reliability
• #181 Fix types, and update node version.
• #191 chore(tests): Mock arch to make tests pass on arm host
• #192 chore: remove unnecessary prebuild script
• #203 Update helm version retrieval to use JSON output for latest version
• #207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

• #197 Add pre-commit hook

Changelog

Sourced from azure/setup-helm's changelog.

Change Log

[4.3.1] - 2025-08-12

Changed

• #167 Pinning Action Dependencies for Security and Reliability
• #181 Fix types, and update node version.
• #191 chore(tests): Mock arch to make tests pass on arm host
• #192 chore: remove unnecessary prebuild script
• #203 Update helm version retrieval to use JSON output for latest version
• #207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

• #197 Add pre-commit hook

[4.3.0] - 2025-02-15

• #152 feat: log when restoring from cache
• #157 Dependencies Update
• #137 Add dependabot

[4.2.0] - 2024-04-15

• #124 Fix OS detection and download OS-native archive extension

[4.1.0] - 2024-03-01

• #130 switches to use Helm published file to read latest version instead of using GitHub releases

[4.0.0] - 2024-02-12

• #121 update to node20 as node16 is deprecated

Commits

• 1a275c3 build
• 9e7f762 chore(release): v4.3.1 (#208)
• c096176 Bump @​types/node from 24.1.0 to 24.2.1 in the actions group (#206)
• 5e72872 ci(workflows): update helm version to v3.18.4 and add matrix for tests (#207)
• fb8fa40 Update default helm version to 3.18.3 (#194)
• 0d09729 chore: remove unnecessary prebuild script (#192)
• 32bc120 chore(tests): Mock arch to make tests pass on arm host (#191)
• 51463d6 Bump the actions group with 2 updates (#205)
• aff1094 Bump the actions group across 1 directory with 2 updates (#204)
• a10a524 Update helm version retrieval to use JSON output for latest version (#203)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.6.2 to 6.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

• Upload Artifact Node 24 support by @​salmanmkc in actions/upload-artifact#719
• fix: update @​actions/artifact for Node.js 24 punycode deprecation by @​salmanmkc in actions/upload-artifact#744
• prepare release v6.0.0 for Node.js 24 support by @​salmanmkc in actions/upload-artifact#745

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README.md by @​GhadimiR in actions/upload-artifact#681
• Update README.md by @​nebuk89 in actions/upload-artifact#712
• Readme: spell out the first use of GHES by @​danwkennedy in actions/upload-artifact#727
• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/upload-artifact#725
• Bump @actions/artifact to v4.0.0
• Prepare v5.0.0 by @​danwkennedy in actions/upload-artifact#734

New Contributors

• @​GhadimiR made their first contribution in actions/upload-artifact#681
• @​nebuk89 made their first contribution in actions/upload-artifact#712
• @​danwkennedy made their first contribution in actions/upload-artifact#727
• @​patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

Commits

• b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
• e516bc8 docs: correct description of Node.js 24 support in README
• ddc45ed docs: update README to correct action name for Node.js 24 support
• 615b319 chore: release v6.0.0 for Node.js 24 support
• 017748b Merge pull request #744 from actions/fix-storage-blob
• 38d4c79 chore: rebuild dist
• 7d27270 chore: add missing license cache files for @​actions/core, @​actions/io, and mi...
• 5f643d3 chore: update license files for @​actions/artifact@​5.0.1 dependencies
• 1df1684 chore: update package-lock.json with @​actions/artifact@​5.0.1
• b5b1a91 fix: update @​actions/artifact to ^5.0.0 for Node.js 24 punycode fix
• Additional commits viewable in compare view

Updates chromaui/action from 13.1.2 to 15.0.0

Changelog

Sourced from chromaui/action's changelog.

v15.0.0 (Mon Feb 02 2026)

💥 Breaking Change

• Update storybook to 10.x & upgrade dependencies #1228 (@​kasperpeulen @​ndelangen @​jwir3)

🐛 Bug Fix

• Revert "Merge pull request #1228 from chromaui/norbert/further-upgrades" #1235 (@​jwir3)

Authors: 3

• Kasper Peulen (@​kasperpeulen)
• Norbert de Langen (@​ndelangen)
• Scott Johnson (@​jwir3)

---

v14.0.0 (Mon Feb 02 2026)

💥 Breaking Change

• Update storybook to 10.x & upgrade dependencies #1228 (@​kasperpeulen @​ndelangen @​jwir3)

🐛 Bug Fix

• Fix dependabot changelog output #1227 (@​codykaup)

Authors: 4

• Cody Kaup (@​codykaup)
• Kasper Peulen (@​kasperpeulen)
• Norbert de Langen (@​ndelangen)
• Scott Johnson (@​jwir3)

---

v13.3.5 (Mon Jan 05 2026)

🐛 Bug Fix

• Adds support for React Native builds #1224 (@​justin-thurman)
• Skip storybook build step for react native #1225 (@​justin-thurman)
• Add React Native asset validation #1223 (@​justin-thurman)
• Add react native app feature flag to CLI context #1222 (@​justin-thurman)

Authors: 1

• Justin Thurman (@​justin-thurman)

... (truncated)

Commits

• f1f9e32 v15.0.0
• 9f1ad41 v14.0.0
• 07791f8 v13.3.5
• 4c20b95 v13.3.4
• ac86f2f v13.3.3
• bc2d84a v13.3.2
• 1c807fb v13.3.1
• 4ffe736 v13.3.0
• 070fa3e v13.2.1
• 20c7e42 v13.2.0
• Additional commits viewable in compare view

Updates docker/login-action from 3.4.0 to 3.7.0

Release notes

Sourced from docker/login-action's releases.

v3.7.0

• Add scope input to set scopes for the authentication token by @​crazy-max in docker/login-action#912
• Add support for AWS European Sovereign Cloud ECR by @​dphi in docker/login-action#914
• Ensure passwords are redacted with registry-auth input by @​crazy-max in docker/login-action#911
• build(deps): bump lodash from 4.17.21 to 4.17.23 in docker/login-action#915

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

• Add registry-auth input for raw authentication to registries by @​crazy-max in docker/login-action#887
• Bump @​aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883
• Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880
• Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879
• Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

• Support dual-stack endpoints for AWS ECR by @​Spacefish @​crazy-max in docker/login-action#874 docker/login-action#876
• Bump @​aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870
• Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

Commits

• c94ce9f Merge pull request #915 from docker/dependabot/npm_and_yarn/lodash-4.17.23
• 8339c95 Merge pull request #912 from docker/scope
• c83e932 build(deps): bump lodash from 4.17.21 to 4.17.23
• b268aa5 chore: update generated content
• a603229 documentation for scope input
• 7567f92 Add scope input to set scopes for the authentication token
• 0567fa5 Merge pull request #914 from dphi/add-support-for-amazonaws.eu
• f6ef577 feat: add support for AWS European Sovereign Cloud ECR registries
• 916386b Merge pull request #911 from crazy-max/ensure-redact
• 5b3f94a chore: update generated content
• Additional commits viewable in compare view

Updates actions/setup-java from 4.7.1 to 5.2.0

Release notes

Sourced from actions/setup-java's releases.

v5.2.0

What's Changed

Enhancement

• Retry on HTTP 522 Connection timed out by @​findepi in actions/setup-java#964

Documentation Changes

• Update gradle caching by @​priya-kinthali in actions/setup-java#972
• Update checkout to v6 by @​mahabaleshwars in actions/setup-java#973

Dependency Updates

• Upgrade @​actions/cache to v5 by @​salmanmkc in actions/setup-java#968
• Upgrade actions/checkout from 5 to 6 by @​dependabot in actions/setup-java#961

New Contributors

• @​findepi made their first contribution in actions/setup-java#964

Full Changelog: actions/setup-java@v5...v5.2.0

v5.1.0

What's Changed

New Features

• Add support for .sdkmanrc file in java-version-file parameter by @​guicamest in actions/setup-java#736
• Add support for Microsoft OpenJDK 25 builds by @​the-mod in actions/setup-java#927

Bug Fixes & Improvements

• Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by @​aparnajyothi-y in actions/setup-java#767
• Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by @​priya-kinthali in actions/setup-java#946
• Update SapMachine URLs by @​RealCLanger in actions/setup-java#955
• Add GitHub Token Support for GraalVM and Refactor Code by @​mahabaleshwars in actions/setup-java#849

Documentation changes

• Update documentation to use checkout and Java v5 by @​lmvysakh in actions/setup-java#903
• Clarify JAVA_HOME and PATH setup in README by ...

  Description has been truncated

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	codeserver	e265ba4	Feb 09 2026, 06:31 AM