Bump the github-actions group across 1 directory with 10 updates

[dependabot]

Bumps the github-actions group with 10 updates in the / directory:

Package	From	To
actions/checkout	6.0.2	7.0.0
vmactions/freebsd-vm	1.4.6	1.4.8
vmactions/solaris-vm	1.3.6	1.3.7
awalsh128/cache-apt-pkgs-action	1.6.0	1.6.1
lukka/get-cmake	4.3.3	4.3.4
cygwin/cygwin-install-action	6.0.1	6.0.2
msys2/setup-msys2	2.31.1	2.32.0
release-drafter/release-drafter	7.3.1	7.4.0
rojopolis/spellcheck-github-actions	0.60.0	0.62.0
taiki-e/install-action	2.81.1	2.82.2

Updates actions/checkout from 6.0.2 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

• block checking out fork pr for pull_request_target and workflow_run by @​aiqiaoy in actions/checkout#2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in actions/checkout#2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in actions/checkout#2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in actions/checkout#2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in actions/checkout#2459
• upgrade module to esm and update dependencies by @​aiqiaoy in actions/checkout#2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in actions/checkout#2462
• getting ready for checkout v7 release by @​aiqiaoy in actions/checkout#2464
• update error wording by @​aiqiaoy in actions/checkout#2467

New Contributors

• @​aiqiaoy made their first contribution in actions/checkout#2454

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

• Block checking out fork PR for pull_request_target and workflow_run by @​aiqiaoy in actions/checkout#2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in actions/checkout#2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in actions/checkout#2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in actions/checkout#2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in actions/checkout#2459
• upgrade module to esm and update dependencies by @​aiqiaoy in actions/checkout#2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in actions/checkout#2462

v6.0.3

• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

... (truncated)

Commits

• 9c091bb update error wording (#2467)
• 1044a6d getting ready for checkout v7 release (#2464)
• f028218 Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)
• d914b26 upgrade module to esm and update dependencies (#2463)
• 537c7ef Bump @​actions/core and @​actions/tool-cache and Remove uuid (#2459)
• 130a169 Bump js-yaml from 4.1.0 to 4.2.0 (#2461)
• 7d09575 Bump flatted from 3.3.1 to 3.4.2 (#2460)
• 0f9f3aa Bump actions/publish-immutable-action (#2458)
• f9e715a block checking out fork pr for pull_request_target and workflow_run (#2454)
• df4cb1c Update changelog for v6.0.3 (#2446)
• Additional commits viewable in compare view

Updates vmactions/freebsd-vm from 1.4.6 to 1.4.8

Release notes

Sourced from vmactions/freebsd-vm's releases.

v1.4.8

add powerpc64 arch

Full Changelog: vmactions/freebsd-vm@v1.4.7...v1.4.8

v1.4.7

15.1 release

Full Changelog: vmactions/freebsd-vm@v1.4.6...v1.4.7

Commits

• b84ab55 Update version to v1.4.7
• d20778c Update vmactions/freebsd-vm from base-vm
• c419bc4 Generated from base-vm
• d285182 update
• f3f8074 Update version to v1.4.7
• bac9cda Update vmactions/freebsd-vm from base-vm
• e925316 Generated from base-vm
• c03219b update
• 49af5f3 Update vmactions/freebsd-vm from base-vm
• b4906e0 Generated from base-vm
• Additional commits viewable in compare view

Updates vmactions/solaris-vm from 1.3.6 to 1.3.7

Release notes

Sourced from vmactions/solaris-vm's releases.

v1.3.7

update for stability and reliability

Full Changelog: vmactions/solaris-vm@v1.3.6...v1.3.7

Commits

• d30dd6c Update vmactions/solaris-vm from base-vm
• 617f2c2 Generated from base-vm
• 253f309 update
• 57ec834 Update vmactions/solaris-vm from base-vm
• 7044067 Generated from base-vm
• f1b4674 Update vmactions/solaris-vm from base-vm
• 6d2297c Generated from base-vm
• 02e8430 update
• e78c46e Update vmactions/solaris-vm from base-vm
• 17501f2 Generated from base-vm
• Additional commits viewable in compare view

Updates awalsh128/cache-apt-pkgs-action from 1.6.0 to 1.6.1

Release notes

Sourced from awalsh128/cache-apt-pkgs-action's releases.

v1.6.1

What's Changed

• fix: upgrade actions/cache v4→v5 and upload-artifact v4→v7 (Node 24) by @​pftg in awalsh128/cache-apt-pkgs-action#198

New Contributors

• @​pftg made their first contribution in awalsh128/cache-apt-pkgs-action#198

Full Changelog: awalsh128/cache-apt-pkgs-action@v1.5.4...v1.6.1

Commits

• 681749a fix: upgrade actions/cache v4→v5 and upload-artifact v4→v7 (Node 24) (#198)
• See full diff in compare view

Updates lukka/get-cmake from 4.3.3 to 4.3.4

Commits

• f5b8fbb New CMake version(s): cmake-v4.3.4cmake-rc-v4.4.0-rc2
• 033b1fe New CMake version(s): cmake-rc-v4.4.0-rc1
• 6d69ef5 Bump peter-evans/create-pull-request from 7 to 8
• See full diff in compare view

Updates cygwin/cygwin-install-action from 6.0.1 to 6.0.2

Commits

• 3f0a3f9 Fix tests for change in MSYS2 bash OSTYPE
• 6af2b3d Add new CodeSign certificate fingerprint
• e2cf2bd Revert "Temporarily switch mirror site to mirrorservice.org"
• See full diff in compare view

Updates msys2/setup-msys2 from 2.31.1 to 2.32.0

Release notes

Sourced from msys2/setup-msys2's releases.

v2.32.0

• Update base distribution to 20260611. [#624]
• Port from ncc to rolldown for bundling
• Include an SBOM of the bundle
• Update dependencies

Changelog

Sourced from msys2/setup-msys2's changelog.

Changelog

2.32.0

• Update base distribution to 20260611. [#624]
• Port from ncc to rolldown for bundling
• Include an SBOM of the bundle
• Update dependencies

2.31.1

• input: allow empty input for "install" and "pacboy", meaning not packages will be installed [#589]
• input: deprecate the special "RUNNER_TEMP" value for "location" in favor of an empty string
• Update dependencies

2.31.0

• Update base distribution to 20260322. [#597]
• Update dependencies
• Move to node24 from node20

2.30.0

• Update base distribution to 20251213. [#565]
• Remove folder-hash dependency [#555]
• Update dependencies

2.29.0

• Allow installation to C:\msys64 if it doesn't exist already. Like with the new windows-11-arm image, for example. [#542]
• Update base distribution to 20250830. [#548]
• Update dependencies

2.28.0

• Update base distribution to 20250622. [#518]
• Update dependencies

2.27.0

• Update base distribution to 20250221. [#480]
• Update dependencies
• Drop support for CLANG32

2.26.0

• Update base distribution to 20241208. [#444]
• Update dependencies

... (truncated)

Commits

• 66cd2cc v2.32.0 767c5b499449c4509d404e38812c2b6ce04d6620
• See full diff in compare view

Updates release-drafter/release-drafter from 7.3.1 to 7.4.0

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.4.0

What's Changed

New

• feat: unify category config around change classification (#1558) @​cchanche

Maintenance

• chore: update generated GraphQL types (#1629) @github-actions[bot]

Documentation

• docs: document github enterprise server support (#1627) @​cchanche

Dependency Updates

• build(deps-dev): bump vite from 8.0.13 to 8.0.16 (#1634) @dependabot[bot]
• build(deps-dev): bump js-yaml from 4.1.1 to 4.2.0 (#1633) @dependabot[bot]
• build(deps-dev): bump shell-quote from 1.8.3 to 1.8.4 (#1632) @dependabot[bot]

Full Changelog: release-drafter/release-drafter@v7.3.1...v7.4.0

Commits

• ed4bc48 chore: release v7.4.0
• 0cc23b4 chore: update generated GraphQL types (#1629)
• 091a8c8 build(deps-dev): bump vite from 8.0.13 to 8.0.16 (#1634)
• 5e296d6 build(deps-dev): bump js-yaml from 4.1.1 to 4.2.0 (#1633)
• 86a47c9 build(deps-dev): bump shell-quote from 1.8.3 to 1.8.4 (#1632)
• bf75d71 docs: document github enterprise server support (#1627)
• cff7186 feat: unify category config around change classification (#1558)
• See full diff in compare view

Updates rojopolis/spellcheck-github-actions from 0.60.0 to 0.62.0

Release notes

Sourced from rojopolis/spellcheck-github-actions's releases.

0.62.0

What's Changed

• Workflow clean up by @​jonasbn in rojopolis/spellcheck-github-actions#355
• More workflow clean up by @​jonasbn in rojopolis/spellcheck-github-actions#356
• Bumped lxml version to address known CVEs by @​jonasbn in rojopolis/spellcheck-github-actions#357
• Upgrade for pymdown-extensions by @​jonasbn in rojopolis/spellcheck-github-actions#358
• Bumped Markdown dependency version to patched version by @​jonasbn in rojopolis/spellcheck-github-actions#359
• Release 0.62.0 by @​jonasbn in rojopolis/spellcheck-github-actions#361

Full Changelog: rojopolis/spellcheck-github-actions@0.61.0...0.62.0

0.61.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.59.0 to 0.60.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#337
• Bump docker/login-action from 4.0.0 to 4.1.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#339
• Bump docker/build-push-action from 7.0.0 to 7.1.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#342
• Bump actions/upload-artifact from 7.0.0 to 7.0.1 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#341
• Added Claude configuration for assistance with chores and maintenance by @​jonasbn in rojopolis/spellcheck-github-actions#345
• Bump python from 3.14.3-slim-trixie to 3.14.5-slim-trixie by @​dependabot[bot] in rojopolis/spellcheck-github-actions#344
• Bump docker/setup-buildx-action from 4.0.0 to 4.1.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#348
• Bump docker/metadata-action from 6.0.0 to 6.1.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#349
• Bump docker/build-push-action from 7.1.0 to 7.2.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#347
• Bump docker/login-action from 4.1.0 to 4.2.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#350
• Bump actions/checkout from 6.0.2 to 6.0.3 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#352
• Bump docker/setup-qemu-action from 4.0.0 to 4.1.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#351
• Release 0.61.0 by @​jonasbn in rojopolis/spellcheck-github-actions#353

Full Changelog: rojopolis/spellcheck-github-actions@0.60.0...0.61.0

Changelog

Sourced from rojopolis/spellcheck-github-actions's changelog.

Change Log for spellcheck-github-actions

0.62.0, 2026-06-19, security release, update recommended

• Bumped lxml from 5.3.0 to 5.4.0 to address known CVEs via PR #357.

• Bumped pymdown-extensions to patched version 10.21.3 via PR #358.

• Bumped Markdown from 3.7 to 3.8.1 to patched version via PR #359.

• Cleaned up GitHub Actions workflows using zizmor and removed ratchet annotations via PR #355 and PR #356.

• Clarified examples in README.

0.61.0, 2026-06-14, minor feature release, update not required

• Docker based image updated for Python 3.14.5 slim trixie via PR #344 from Dependabot.

0.60, 2026-03-14, minor feature release, update not required

• Docker based image updated for Python 3.14.3 slim trixie via PR #325 from Dependabot.

• Cleaned up the error messaging, to address issue #328 from @​akohout-hai, the error message is now more correct, but not improved in general

0.59.0, 2026-03-02, feature release, update recommended

• Improvements have been added to the docker entrypoint, based on a PR from @​akohout-hai which fixes an issue with handling of spaces in files names and directories, see PR #322 for details. This is his first contribution to the project and I want to thank him for his contribution, which is highly appreciated.

• Docker based image updated to Python 3.14.3 slim trixie via PR #320 from Dependabot.

0.58.0, 2026-01-20, security release, update not required

• A minor security issue in the dependency: pymdown-extensions, which is used by the core component PySpelling
  • GHSA-r6h4-mm7h-8pmq
  • Original issue: facelessuser/pymdown-extensions#2716

0.57.0, 2026-01-14, maintenance release, update not required

• Docker based image updated to Python 3.14.2 slim trixie via PR #310 from Dependabot. The version is the same, the image has had updates.

0.56.0, 2025-12-27, feature and maintenance release, update not required

• Support for Portuguese (Portugal and Brazil) for both Hunspell and Aspell, requested by: @​mdiazgoncalves via issue #298
• Docker image updated to Python 3.14.2 trixie slim Release notes for Python 3.14.2

0.55.0, 2025-11-27, maintenance release, update not required

• Via an issue #293 from @​shoverbj, an update to the core component PySpelling from version 2.12.0 to version 2.12.1 was made, this allows for use of large dictionaries with Aspell

0.54.0, 2025-11-05, feature release, update not required

... (truncated)

Commits

• 390a08e Merge pull request #361 from rojopolis/release-0.62.0
• 7c0a079 Fix YAML indentation in README with: blocks
• 56f3bd3 Updated local dictionary
• 9d173e1 Release 0.62.0
• 1d3c839 Bumped Markdown dependency version to patched version (#359)
• 014e739 Bumped pymdown-extensions to a patched version (#358)
• 76b3c1d Merge pull request #357 from rojopolis/lxml_upgrade
• 8475314 Bumped lxml version to address known CVEs
• 4ec661e Clarified examples in README
• d90f3c8 Merge pull request #356 from rojopolis/workflow_clean_up_follow_up
• Additional commits viewable in compare view

Updates taiki-e/install-action from 2.81.1 to 2.82.2

Release notes

Sourced from taiki-e/install-action's releases.

2.82.2

• Update xh@latest to 0.26.1.

• Update uv@latest to 0.11.23.

• Update trivy@latest to 0.71.2.

• Update sccache@latest to 0.16.0.

2.82.1

• Update vacuum@latest to 0.29.4.

• Update uv@latest to 0.11.22.

• Update osv-scanner@latest to 2.4.0.

• Update mise@latest to 2026.6.11.

• Update martin@latest to 1.11.0.

• Update just@latest to 1.53.0.

• Update cargo-zigbuild@latest to 0.23.0.

2.82.0

• Support cargo-vet. (#1908, thanks @​jakewimmer)

• Support cargo-crap. (#1905, thanks @​BartoszCiesla)

• Support cargo-leptos. (#1903, thanks @​404Simon)

• Update kingfisher@latest to 1.103.0.

• Update cargo-xwin@latest to 0.23.0.

• Update wasmtime@latest to 45.0.2.

• Update cargo-deny@latest to 0.19.9.

• Update prek@latest to 0.4.5.

• Update trivy@latest to 0.71.1.

• Update mise@latest to 2026.6.10.

2.81.11

• Update wasm-tools@latest to 1.252.0.

• Update wasm-bindgen@latest to 0.2.125.

... (truncated)

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[2.82.2] - 2026-06-21

• Update xh@latest to 0.26.1.

• Update uv@latest to 0.11.23.

• Update trivy@latest to 0.71.2.

• Update sccache@latest to 0.16.0.

[2.82.1] - 2026-06-20

• Update vacuum@latest to 0.29.4.

• Update uv@latest to 0.11.22.

• Update osv-scanner@latest to 2.4.0.

• Update mise@latest to 2026.6.11.

• Update martin@latest to 1.11.0.

• Update just@latest to 1.53.0.

• Update cargo-zigbuild@latest to 0.23.0.

[2.82.0] - 2026-06-17

• Support cargo-vet. (#1908, thanks @​jakewimmer)

• Support cargo-crap. (#1905, thanks @​BartoszCiesla)

• Support cargo-leptos. (#1903, thanks @​404Simon)

• Update kingfisher@latest to 1.103.0.

• Update cargo-xwin@latest to 0.23.0.

... (truncated)

Commits

• 9e1e580 Release 2.82.2
• 788896b Update zizmor manifest
• 7631577 Update xh@latest to 0.26.1
• e0f1a05 Update uv@latest to 0.11.23
• 3cda1e2 Update trivy@latest to 0.71.2
• 11ac321 Update tombi manifest
• b5f9e33 Update sccache@latest to 0.16.0
• 4e48cd5 Update cargo-tarpaulin manifest
• e0a9235 Update cargo-rdme manifest
• 8b3c737 Release 2.82.1
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
taiki-e/install-action	[< 2.63, > 2.62.12]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions