Skip to content

Bump the github-action-dependencies group across 1 directory with 3 updates#1793

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/github_actions/github-action-dependencies-57e6a8536f
Open

Bump the github-action-dependencies group across 1 directory with 3 updates#1793
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/github_actions/github-action-dependencies-57e6a8536f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-action-dependencies group with 3 updates in the / directory: actions/setup-java, mikepenz/action-junit-report and github/codeql-action.

Updates actions/setup-java from 5.2.0 to 5.4.0

Release notes

Sourced from actions/setup-java's releases.

v5.4.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.4.0

v5.3.0

What's Changed

... (truncated)

Commits
  • 1bcf9fb dist: Address Copilot review suggestions from PR #1042 (GraalVM Community) (#...
  • fa2c650 docs: note jdkfile approach for Early Access / unreleased JDK builds (#1058)
  • 1d56e31 dist: Add GraalVM Community distribution support (#1042)
  • 1d25252 chore: Harden workflows: least-privilege permissions + zizmor integration (#1...
  • 668c1ea docs: add post-install keytool import for the JDK cacerts trust store (#1051)
  • a9a46fb docs: document self-signed certificate / internal CA handling for GitHub Ente...
  • 5431e71 docs: add JavaFX Maven project configuration instructions (#1044)
  • 4baa9b4 docs: replace non-existent HelloWorldApp references with java --version (#1043)
  • eab4b08 Bump @​types/node from 25.9.3 to 26.0.0 (#1031)
  • bf0c0e6 Bump actions/checkout from 6 to 7 (#1032)
  • Additional commits viewable in compare view

Updates mikepenz/action-junit-report from 6.4.1 to 6.4.2

Release notes

Sourced from mikepenz/action-junit-report's releases.

v6.4.2

📦 Dependencies

  • chore(deps): lock file maintenance
  • chore(deps): update dependency brace-expansion to v5.0.6
  • chore(deps): update node devdependency non-major updates
  • chore(deps): lock file maintenance
  • chore(deps): update mcr.microsoft.com/devcontainers/typescript-node:24-bullseye docker digest to dc1a0af
  • chore(deps): update dependency vite to v8.0.14
  • chore(deps): lock file maintenance
  • chore(deps): update node devdependency non-major updates
  • chore(deps): update dependency vite to v8.0.16
  • chore(deps): update node devdependency non-major updates
  • chore(deps): lock file maintenance

Contributors:

Commits
  • d9f48fc Merge pull request #1568 from mikepenz/fix/undici-high-severity
  • 4a85f8c fix(deps): bump undici to 6.27.0 to resolve high severity vulnerability
  • 0337cea chore(deps): lock file maintenance (#1567)
  • a88e647 Merge pull request #1566 from mikepenz/renovate/node-devdependency-non-major-...
  • 560eef0 Merge pull request #1565 from mikepenz/renovate/vite-8.x
  • 55cab11 chore(deps): update node devdependency non-major updates
  • bd17e3d chore(deps): update dependency vite to v8.0.16
  • 82be959 Merge pull request #1563 from mikepenz/renovate/node-devdependency-non-major-...
  • 2017850 chore(deps): update node devdependency non-major updates
  • cd92a99 chore(deps): lock file maintenance (#1564)
  • Additional commits viewable in compare view

Updates github/codeql-action from 4.36.0 to 4.36.2

Release notes

Sourced from github/codeql-action's releases.

v4.36.2

  • Cache CodeQL CLI version information across Actions steps. #3943
  • Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. #3937
  • Update default CodeQL bundle version to 2.25.6. #3948

v4.36.1

No user facing changes.

Changelog

Sourced from github/codeql-action's changelog.

4.36.2 - 04 Jun 2026

  • Cache CodeQL CLI version information across Actions steps. #3943
  • Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. #3937
  • Update default CodeQL bundle version to 2.25.6. #3948

4.36.1 - 02 Jun 2026

No user facing changes.

Commits
  • 8aad20d Merge pull request #3949 from github/update-v4.36.2-dcb947ce1
  • f521b08 Add additional changelog notes
  • 8aeff0f Update changelog for v4.36.2
  • dcb947c Merge pull request #3948 from github/update-bundle/codeql-bundle-v2.25.6
  • c251bce Add changelog note
  • 62953c1 Update default bundle to codeql-bundle-v2.25.6
  • 423b570 Merge pull request #3946 from github/dependabot/npm_and_yarn/npm-minor-5d507a...
  • c35d1b1 Merge pull request #3947 from github/dependabot/github_actions/dot-github/wor...
  • cb1a588 Merge pull request #3937 from github/robertbrignull/waitForProcessing_backoff
  • ba47406 Merge pull request #3943 from github/henrymercer/cache-cli-version-info
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 22, 2026
…pdates

Bumps the github-action-dependencies group with 3 updates in the / directory: [actions/setup-java](https://github.com/actions/setup-java), [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/setup-java` from 5.2.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@v5.2.0...v5.4.0)

Updates `mikepenz/action-junit-report` from 6.4.1 to 6.4.2
- [Release notes](https://github.com/mikepenz/action-junit-report/releases)
- [Commits](mikepenz/action-junit-report@v6.4.1...v6.4.2)

Updates `github/codeql-action` from 4.36.0 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v4.36.0...v4.36.2)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-action-dependencies
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-action-dependencies
- dependency-name: mikepenz/action-junit-report
  dependency-version: 6.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-action-dependencies-57e6a8536f branch from a9a246e to e8fa9af Compare June 29, 2026 06:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants