GitHub Action: Bump the all-actions-dependencies group with 4 updates by dependabot[bot] · Pull Request #544 · microsoft/mu_devops

dependabot · 2026-03-17T01:37:35Z

Bumps the all-actions-dependencies group with 4 updates: actions/setup-python, actions/create-github-app-token, redhat-plumbers-in-action/advanced-issue-labeler and release-drafter/release-drafter.

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
bfe8cc5 Upgrade @actions dependencies to Node 24 compatible versions (#1259)
4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
83679a8 Bump @types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
cfd55ca graalpy: add graalpy early-access and windows builds (#880)
bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
Additional commits viewable in compare view

Updates actions/create-github-app-token from 2 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

feat!: node 24 support (#275) (2e564a0)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (4451bcb)

Bug Fixes

remove custom proxy handling (#143) (dce0ab0)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

deps: bump @actions/core from 1.11.1 to 3.0.0 (#337) (b044133)

deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)

deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)

deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

deps: bump @octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)

deps: bump @octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)

deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)

deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits

f8d387b build(release): 3.0.0 [skip ci]
d2129bd style: remove extra blank line in release workflow
77b94ef build: refresh generated artifacts
3ab4c66 chore: move undici to devDependencies
739cf66 docs: update README action versions
db40289 build(deps): bump actions versions in test.yml
496a7ac test: migrate from AVA to Node.js native test runner (#346)
3870dc3 Rename end-to-end proxy job in test workflow
4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
dce0ab0 fix: remove custom proxy handling (#143)
Additional commits viewable in compare view

Updates redhat-plumbers-in-action/advanced-issue-labeler from 2 to 3

Release notes

Sourced from redhat-plumbers-in-action/advanced-issue-labeler's releases.

v3.0.0

What's Changed

Breaking

Use zod for input validation 🦹 (#275) @jamacku

Use octokit instead of probot 🗑️ (#274) @jamacku

New

Add support for GitHub Enterprise 🏛️ (#277) @jamacku

Add option to set custom config file path (#278) @jamacku

Bug Fixes

Use node16 for v2; the node20 will be used by v3 (#281) @jamacku

Maintenance

Improve and update tests 🧪 (#279) @jamacku

Dependency Updates

chore(deps): update dependency @vercel/ncc to v0.38.1 (#269) @renovatebot

chore(deps): update dependency eslint-plugin-prettier to v5.0.1 (#270) @renovatebot

chore(deps): update dependency @types/node to v18.18.9 (#268) @renovatebot

Full Changelog: redhat-plumbers-in-action/advanced-issue-labeler@v2.0.7...v3.0.0

v2.1.0

What's Changed

Use octokit instead of probot 🗑️ by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#274

chore(deps): update dependency @types/node to v18.18.9 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#268

chore(deps): update dependency eslint-plugin-prettier to v5.0.1 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#270

Use zod for input validation 🦹 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#275

chore(deps): update dependency @vercel/ncc to v0.38.1 by @renovatebot in redhat-plumbers-in-action/advanced-issue-labeler#269

Add option to set custom config file path by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#278

Improve and update tests 🧪 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#279

Add support for GitHub Enterprise 🏛️ by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#277

Use node16 for v2; the node20 will be used by v3 by @jamacku in redhat-plumbers-in-action/advanced-issue-labeler#281

Full Changelog: redhat-plumbers-in-action/advanced-issue-labeler@v2.0.7...v2.1.0

v2.0.7

What's Changed

Maintenance

Drop support for Node.js 16 and add Node.js 20 🐢 (#260) @jamacku

... (truncated)

Commits

b80ae64 chore(deps): update github/codeql-action action to v4
8a8ebe2 chore(deps): update dependency node to v24
4726055 chore(deps): update actions/upload-artifact action to v5
907e1bf chore(deps): update actions/setup-node action to v6
2706665 chore(deps): update actions/checkout action to v6
fbea672 chore(deps): update yarn to v4.12.0
0dd792b deps: update dependencies
96bf6d8 chore(config): migrate config renovate.json
deb5917 chore(deps): update dependency typescript to v5.9.3
17a8eaf chore(deps): update dependency @types/node to v24.6.1
Additional commits viewable in compare view

Updates release-drafter/release-drafter from 6.2.0 to 7.0.0

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.0.0

What's Changed

Breaking

feat: new major version (#1475) @cchanche

Bug Fixes

fix: JSON schema too strict with required fields (#1535) @jetersen

Maintenance

chore(deps): update vitest to 4.1.0 (#1544) @renovate[bot]

chore(deps): update linters (#1549) @renovate[bot]

chore(deps): update dependency nock to 14.0.11 (#1548) @renovate[bot]

chore(deps): update dependency @graphql-codegen/near-operation-file-preset to 5.0.0 (#1545) @renovate[bot]

chore(deps): update dependency @types/node to 24.12.0 (#1543) @renovate[bot]

chore(deps): update dependency @graphql-codegen/cli to 6.2.1 (#1542) @renovate[bot]

chore(deps): update vite (#1541) @renovate[bot]

chore(deps): update linters (#1540) @renovate[bot]

build(deps): bump actions/stale from 9 to 10 (#1527) @dependabot[bot]

Documentation

docs: fix v7 docs (#1532) @cchanche

Other changes

chore: migrate from ESLint + Prettier to Biome (#1552) @jetersen

ci: fix licensed (#1533) @cchanche

Dependency Updates

fix(deps): update dependency compare-versions to 6.1.1 (#1547) @renovate[bot]

fix(deps): update dependency zod to 4.3.6 (#1551) @renovate[bot]

fix(deps): update dependency semver to 7.7.4 (#1550) @renovate[bot]

Full Changelog: release-drafter/release-drafter@v6.4.0...v7.0.0

v6.4.0

What's Changed

New

feat: Add support to excluded-paths (#1522) @guimorg

feat: add include-pre-releases to action inputs (#1525) @cchanche

Maintenance

... (truncated)

Commits

3a7fb5c chore: release v7.0.0
1bba8e8 docs: broken link in contributing guide
90c8b30 docs(copilot): update instructions for Biome
ea57e4c ci: replace shell scripts with cross-platform TypeScript and simplify workflows
5ed1f8c chore: update editor and devcontainer config for Biome
68e853e chore: reformat codebase with Biome and fix code smells
720e969 chore: migrate from ESLint + Prettier to Biome
ee6226d fix(deps): update dependency compare-versions to 6.1.1 (#1547)
9a48bb9 chore(deps): update vitest to 4.1.0 (#1544)
f62bd72 chore(build): rebuild artifacts
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-actions-dependencies group with 4 updates: [actions/setup-python](https://github.com/actions/setup-python), [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler) and [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter). Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) Updates `actions/create-github-app-token` from 2 to 3 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@v2...v3) Updates `redhat-plumbers-in-action/advanced-issue-labeler` from 2 to 3 - [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases) - [Commits](redhat-plumbers-in-action/advanced-issue-labeler@v2...v3) Updates `release-drafter/release-drafter` from 6.2.0 to 7.0.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](release-drafter/release-drafter@v6.2.0...v7.0.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: redhat-plumbers-in-action/advanced-issue-labeler dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies - dependency-name: release-drafter/release-drafter dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added type:dependabot Created by dependabot type:dependencies Pull requests that update a dependency file labels Mar 17, 2026

dependabot bot mentioned this pull request Mar 17, 2026

GitHub Action: Bump release-drafter/release-drafter from 6.2.0 to 7.0.0 #538

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Action: Bump the all-actions-dependencies group with 4 updates#544

GitHub Action: Bump the all-actions-dependencies group with 4 updates#544
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/all-actions-dependencies-451dc16acf

dependabot bot commented on behalf of github Mar 17, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

BREAKING CHANGES

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

v3.0.0

What's Changed

Breaking

New

Bug Fixes

Maintenance

Dependency Updates

v2.1.0

What's Changed

v2.0.7

What's Changed

Maintenance

v7.0.0

What's Changed

Breaking

Bug Fixes

Maintenance

Documentation

Other changes

Dependency Updates

v6.4.0

What's Changed

New

Maintenance

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Mar 17, 2026 •

edited

Loading