Merge pull request #864 from alexta69/dependabot/github_actions/github-actions-151e9c363d

Bump the github-actions group with 5 updates
2026-01-02 08:21:27 +02:00 · 2026-01-02 06:15:39 +00:00 · 2026-01-02 08:14:46 +02:00 · 2025-12-31 13:05:26 +01:00
3 changed files with 20 additions and 7 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+# Keep GitHub Actions up to date with GitHub's Dependabot...
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#package-ecosystem
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    groups:
+      github-actions:
+        patterns:
+          - "*"  # Group all Actions updates into a single larger pull request
+    schedule:
+      interval: weekly
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -15,7 +15,7 @@ jobs:
        run: echo "::set-output name=date::$(date +'%Y.%m.%d')"
      -
        name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v3
@@ -37,7 +37,7 @@ jobs:
          password: ${{ secrets.GITHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          platforms: linux/amd64,linux/arm64
@@ -74,7 +74,7 @@ jobs:
        id: date
        run: echo "date=$(date +'%Y.%m.%d')" >> $GITHUB_OUTPUT
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - name: Get commits since last release
@@ -167,7 +167,7 @@ jobs:
            git push origin ":refs/tags/$TAG_NAME" || true
          fi
      - name: Create GitHub Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        with:
          tag_name: ${{ steps.date.outputs.date }}
          name: Release ${{ steps.date.outputs.date }}
--- a/.github/workflows/update-yt-dlp.yml
+++ b/.github/workflows/update-yt-dlp.yml
@@ -10,17 +10,17 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
        with:
          token: ${{ secrets.AUTOUPDATE_PAT }}
      -
        name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v6
        with:
          python-version: '3.13'
      -
        name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
      -
        name: Update yt-dlp
        run: |
Author	SHA1	Message	Date
Alex	a002af9bf2	Merge pull request #864 from alexta69/dependabot/github_actions/github-actions-151e9c363d Bump the github-actions group with 5 updates	2026-01-02 08:21:27 +02:00
dependabot[bot]	37aaa29efb	Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4` \| `6` \| \| [docker/build-push-action](https://github.com/docker/build-push-action) \| `5` \| `6` \| \| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) \| `1` \| `2` \| \| [actions/setup-python](https://github.com/actions/setup-python) \| `4` \| `6` \| \| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) \| `6` \| `7` \| Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `docker/build-push-action` from 5 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) Updates `softprops/action-gh-release` from 1 to 2 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v1...v2) Updates `actions/setup-python` from 4 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v6) Updates `astral-sh/setup-uv` from 6 to 7 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>	2026-01-02 06:15:39 +00:00
Alex	d10f2a0358	Merge pull request #863 from cclauss/patch-1 Keep GitHub Actions up to date with GitHub's Dependabot	2026-01-02 08:14:46 +02:00
Christian Clauss	351058e9f4	Keep GitHub Actions up to date with GitHub's Dependabot * [Keeping your software supply chain secure with Dependabot](https://docs.github.com/en/code-security/dependabot) * [Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) * [Configuration options for the `dependabot.yml` file - package-ecosystem](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem) To see all GitHub Actions dependencies, run the command: % `git grep 'uses: ' .github/workflows/`	2025-12-31 13:05:26 +01:00