Skip to content

Bump the actions-deps group across 1 directory with 6 updates#20

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-514cbf2c9d
Closed

Bump the actions-deps group across 1 directory with 6 updates#20
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-514cbf2c9d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions-deps group with 6 updates in the / directory:

Package From To
lfreleng-actions/github2gerrit-action 1.2.4 1.3.3
actions/checkout 6.0.3 7.0.0
actions/setup-java 5.3.0 5.4.0
lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml 0.6.0 0.7.2
lfit/gerrit-review-action 1.1.1 1.1.2
im-open/workflow-conclusion 2.2.5 3.0.0

Updates lfreleng-actions/github2gerrit-action from 1.2.4 to 1.3.3

Release notes

Sourced from lfreleng-actions/github2gerrit-action's releases.

v1.3.3

Downloads for this release

🎓 Code Quality 🎓

Links

v1.3.2

Downloads for this release

🔧 Maintenance 🔧

Links

v1.3.1

Downloads for this release

🔧 Maintenance 🔧

Links

v1.3.0

Downloads for this release

✨ New Features ✨

Links

Commits
  • f44c168 Merge pull request #291 from modeseven-lfreleng-actions/chore/test-quality-ai...
  • 9cb7cbd Test: Address AI code-quality test findings
  • 121b6b0 Merge pull request #287 from modeseven-lfreleng-actions/chore/codeql-code-qua...
  • 5a157de Chore: clear CodeQL maintainability warnings
  • 1dde219 Chore: clear CodeQL reliability warnings
  • d423c3a Merge pull request #286 from modeseven-lfreleng-actions/chore/code-quality-wa...
  • 6d38c92 Chore: clear CodeQL code-quality warnings
  • 192eb96 Merge pull request #285 from modeseven-lfreleng-actions/feat/anon-supersessio...
  • d4ba932 Feat: anonymous fallback for supersession sweep
  • See full diff in compare view

Updates actions/checkout from 6.0.3 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates actions/setup-java from 5.3.0 to 5.4.0

Release notes

Sourced from actions/setup-java's releases.

v5.4.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.4.0

Commits
  • 1bcf9fb dist: Address Copilot review suggestions from PR #1042 (GraalVM Community) (#...
  • fa2c650 docs: note jdkfile approach for Early Access / unreleased JDK builds (#1058)
  • 1d56e31 dist: Add GraalVM Community distribution support (#1042)
  • 1d25252 chore: Harden workflows: least-privilege permissions + zizmor integration (#1...
  • 668c1ea docs: add post-install keytool import for the JDK cacerts trust store (#1051)
  • a9a46fb docs: document self-signed certificate / internal CA handling for GitHub Ente...
  • 5431e71 docs: add JavaFX Maven project configuration instructions (#1044)
  • 4baa9b4 docs: replace non-existent HelloWorldApp references with java --version (#1043)
  • eab4b08 Bump @​types/node from 25.9.3 to 26.0.0 (#1031)
  • bf0c0e6 Bump actions/checkout from 6 to 7 (#1032)
  • Additional commits viewable in compare view

Updates lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml from 0.6.0 to 0.7.2

Release notes

Sourced from lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml's releases.

v0.7.2

Downloads for this release

🐛 Bug Fixes 🐛

Links

v0.7.1

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#733)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#734)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#732)
  • Chore: Bump release-drafter/release-drafter from 7.4.0 to 7.5.1 @dependabot[bot] (#735)
  • Chore: Bump lfreleng-actions/credential-load-action from 0.1.2 to 1.0.0 @dependabot[bot] (#736)
  • Chore: Bump actions/setup-java from 5.3.0 to 5.4.0 @dependabot[bot] (#738)
  • Chore: Bump lfreleng-actions/zizmor-scan-action from 0.2.0 to 0.3.0 @dependabot[bot] (#737)
  • Chore: Bump release-drafter/release-drafter/autolabeler from 7.4.0 to 7.5.1 @dependabot[bot] (#740)
  • Chore: Bump lfreleng-actions/node-build-action from 0.2.1 to 0.2.2 @dependabot[bot] (#739)
  • Chore: Bump actions/cache from 6.0.0 to 6.1.0 @dependabot[bot] (#741)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#742)
  • Chore: Bump actions/setup-python from 6.2.0 to 6.3.0 @dependabot[bot] (#743)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#744)
  • Chore: Bump lfreleng-actions/gerrit-review-action from 1.1.1 to 1.1.2 @dependabot[bot] (#745)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.6.1 to 0.7.0 @dependabot[bot] (#746)
  • Chore: pre-commit linting updates @pre-commit-ci[bot] (#747)

Links

v0.7.0

Downloads for this release

✨ New Features ✨

Links

v0.6.2

... (truncated)

Commits
  • fd3c1b4 Merge pull request #749 from modeseven-lfit/fix/scorecard-allow-deps-dev
  • 6437f42 Fix: Allow api.deps.dev egress in Scorecard scan
  • 4a8c7c7 Merge pull request #747 from lfit/pre-commit-ci-update-config
  • 6186c6b Merge pull request #746 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • 8216503 Merge pull request #745 from lfit/dependabot/github_actions/lfreleng-actions/...
  • fddb9af Merge pull request #744 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • ff9f178 Merge pull request #743 from lfit/dependabot/github_actions/actions/setup-pyt...
  • eeb2995 Merge pull request #742 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • 951a140 Merge pull request #741 from lfit/dependabot/github_actions/actions/cache-6.1.0
  • 2e47bca Merge pull request #739 from lfit/dependabot/github_actions/lfreleng-actions/...
  • Additional commits viewable in compare view

Updates lfit/gerrit-review-action from 1.1.1 to 1.1.2

Release notes

Sourced from lfit/gerrit-review-action's releases.

v1.1.2

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

🎓 Code Quality 🎓

Links

Commits
  • a1c036a Merge pull request #116 from modeseven-lfreleng-actions/fix/zizmor-findings
  • 8c9161c Fix: resolve Zizmor findings in vote step
  • 48d5d48 Merge pull request #115 from lfreleng-actions/pre-commit-ci-update-config
  • 8cb9127 Chore: pre-commit autoupdate
  • 3b85ad7 Merge pull request #114 from lfreleng-actions/pre-commit-ci-update-config
  • c9bd395 Chore: pre-commit autoupdate
  • ebd4f19 Merge pull request #113 from modeseven-lfreleng-actions/chore/add-security-md
  • 0c941e7 Docs: Add SECURITY.md security policy
  • 46897b3 Merge pull request #112 from modeseven-lfreleng-actions/dependabot-cooldown
  • f95da9e CI(dependabot): Add 7-day update cooldown
  • Additional commits viewable in compare view

Updates im-open/workflow-conclusion from 2.2.5 to 3.0.0

Commits
  • 8eac7f1 Merge pull request #29 from im-open/node24
  • c4d9654 Update to node 24
  • aa85805 Merge pull request #23 from im-open/dependabot/npm_and_yarn/multi-0f30d60bd3
  • 40cf9b3 Merge branch 'main' into dependabot/npm_and_yarn/multi-0f30d60bd3
  • 58125f7 Bump @​octokit/plugin-paginate-rest and @​actions/github
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions-deps group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [lfreleng-actions/github2gerrit-action](https://github.com/lfreleng-actions/github2gerrit-action) | `1.2.4` | `1.3.3` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.3` | `7.0.0` |
| [actions/setup-java](https://github.com/actions/setup-java) | `5.3.0` | `5.4.0` |
| [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows) | `0.6.0` | `0.7.2` |
| [lfit/gerrit-review-action](https://github.com/lfit/gerrit-review-action) | `1.1.1` | `1.1.2` |
| [im-open/workflow-conclusion](https://github.com/im-open/workflow-conclusion) | `2.2.5` | `3.0.0` |



Updates `lfreleng-actions/github2gerrit-action` from 1.2.4 to 1.3.3
- [Release notes](https://github.com/lfreleng-actions/github2gerrit-action/releases)
- [Changelog](https://github.com/lfreleng-actions/github2gerrit-action/blob/main/docs/RELEASE-v0.2.0.md)
- [Commits](lfreleng-actions/github2gerrit-action@806c001...f44c168)

Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)

Updates `actions/setup-java` from 5.3.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@ad2b381...1bcf9fb)

Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.6.0 to 0.7.2
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@f43b219...fd3c1b4)

Updates `lfit/gerrit-review-action` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/lfit/gerrit-review-action/releases)
- [Commits](lfreleng-actions/gerrit-review-action@a5de1d5...a1c036a)

Updates `im-open/workflow-conclusion` from 2.2.5 to 3.0.0
- [Commits](im-open/workflow-conclusion@7b14694...8eac7f1)

---
updated-dependencies:
- dependency-name: lfreleng-actions/github2gerrit-action
  dependency-version: 1.3.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/setup-java
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml
  dependency-version: 0.7.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: lfit/gerrit-review-action
  dependency-version: 1.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: im-open/workflow-conclusion
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

PR: #20
Mode: squash
Topic: GH-openflowplugin-20
Change-Ids:
I3f3fab20b18af62a5545e83adc2a2fa287e8b28d
Digest: b765a321493c
GitHub-Hash: f02fe8baa4ca42c7

Note: This metadata is also included in the Gerrit commit message for reconciliation.

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Change raised in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/openflowplugin/+/123825

odl-github pushed a commit that referenced this pull request Jul 1, 2026
Bumps the actions-deps group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [lfreleng-actions/github2gerrit-action](https://github.com/lfreleng-actions/github2gerrit-action) | `1.2.4` | `1.3.3` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.3` | `7.0.0` |
| [actions/setup-java](https://github.com/actions/setup-java) | `5.3.0` | `5.4.0` |
| [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows) | `0.6.0` | `0.7.2` |
| [lfit/gerrit-review-action](https://github.com/lfit/gerrit-review-action) | `1.1.1` | `1.1.2` |
| [im-open/workflow-conclusion](https://github.com/im-open/workflow-conclusion) | `2.2.5` | `3.0.0` |
Updates `lfreleng-actions/github2gerrit-action` from 1.2.4 to 1.3.3
- [Release notes](https://github.com/lfreleng-actions/github2gerrit-action/releases)
- [Changelog](https://github.com/lfreleng-actions/github2gerrit-action/blob/main/docs/RELEASE-v0.2.0.md)
- [Commits](lfreleng-actions/github2gerrit-action@806c001...f44c168)
Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)
Updates `actions/setup-java` from 5.3.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@ad2b381...1bcf9fb)
Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.6.0 to 0.7.2
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@f43b219...fd3c1b4)
Updates `lfit/gerrit-review-action` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/lfit/gerrit-review-action/releases)
- [Commits](lfreleng-actions/gerrit-review-action@a5de1d5...a1c036a)
Updates `im-open/workflow-conclusion` from 2.2.5 to 3.0.0
- [Commits](im-open/workflow-conclusion@7b14694...8eac7f1)

Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: I3f3fab20b18af62a5545e83adc2a2fa287e8b28d
GitHub-PR: #20
GitHub-Hash: f02fe8baa4ca42c7
Signed-off-by: gh2gerrit <releng+odl-gh2gerrit@linuxfoundation.org>
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Automated PR Closure

This pull request has been automatically closed by GitHub2Gerrit.

The corresponding Gerrit change has been accepted and merged ✅

The changes from this PR are now part of the main codebase in Gerrit.


This is an automated action performed by the GitHub2Gerrit tool.

@github-actions github-actions Bot closed this Jul 1, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/github_actions/actions-deps-514cbf2c9d branch July 1, 2026 08:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Development

Successfully merging this pull request may close these issues.

0 participants