Skip to content

chore(deps): bump actions/setup-node from 6 to 7#4492

Merged
Hmbown merged 1 commit into
mainfrom
dependabot/github_actions/actions/setup-node-7
Jul 18, 2026
Merged

chore(deps): bump actions/setup-node from 6 to 7#4492
Hmbown merged 1 commit into
mainfrom
dependabot/github_actions/actions/setup-node-7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/setup-node from 6 to 7.

Release notes

Sourced from actions/setup-node's releases.

v7.0.0

What's Changed

Enhancements:

Bug fixes:

Documentation updates:

Dependency update:

New Contributors

Full Changelog: actions/setup-node@v6...v7.0.0

v6.5.0

What's Changed

Full Changelog: actions/setup-node@v6.4.0...v6.5.0

v6.4.0

What's Changed

Dependency updates:

New Contributors

Full Changelog: actions/setup-node@v6...v6.4.0

v6.3.0

What's Changed

Enhancements:

... (truncated)

Commits
  • 8207627 Migrate to ESM and upgrade dependencies (#1574)
  • 04be95c Add cache-primary-key and cache-matched-key as outputs (#1577)
  • 7c2c68d docs: Update caching recommendations to mitigate cache poisoning risks (#1567)
  • 6a61c03 Merge pull request #1569 from jasongin/update-actions-cache-5.1.0
  • 30eb73b Resolve high-severity audit issues
  • 4e1a87a Update dist
  • 360237f Strict equality
  • 4f8aac5 Bump @​actions/cache to 5.1.0, log cache write denied
  • f4a67bb Only use mirrorToken in getManifest if it's provided (#1548)
  • 0355742 Remove dummy NODE_AUTH_TOKEN export (#1558)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 17, 2026
@dependabot
dependabot Bot requested a review from Hmbown as a code owner July 17, 2026 21:13
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 17, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Thanks @dependabot[bot] for taking the time to contribute.

This repository is observing a maintainer-managed PR intake gate in dry-run mode, so this pull request is staying open. This note helps maintainers prepare the allowlist before any enforcement is considered.

Please read CONTRIBUTING.md for the expected contribution shape. A maintainer can grant recurring PR access by commenting /lgtm on a pull request.

@Hmbown Hmbown added this to the v0.9.2 milestone Jul 17, 2026
@Hmbown

Hmbown commented Jul 17, 2026

Copy link
Copy Markdown
Owner

Maintainer triage: checks are green and this is not tied to a known v0.9.1 security advisory. Keeping the PR open and moving it to v0.9.2 so the v0.9.1 exact-head freeze is not destabilized by late workflow/Cargo.lock churn. We will harvest these dependency updates together immediately after the release train.

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6 to 7.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v6...v7)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/github_actions/actions/setup-node-7 branch from d105dfc to 1c8dccc Compare July 18, 2026 16:26
@Hmbown
Hmbown merged commit d9b00d9 into main Jul 18, 2026
27 of 28 checks passed
@dependabot
dependabot Bot deleted the dependabot/github_actions/actions/setup-node-7 branch July 18, 2026 20:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant