Thanks to visit codestin.com
Credit goes to github.com

Skip to content

build(deps): bump the aws-sdk-dependencies group with 2 updates #882

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 13, 2025
Merged

build(deps): bump the aws-sdk-dependencies group with 2 updates #882

merged 2 commits into from
Sep 13, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 7, 2025
edited
Loading

Bumps the aws-sdk-dependencies group with 2 updates: @aws-sdk/client-ecr and @aws-sdk/client-ecr-public.

Updates @aws-sdk/client-ecr from 3.859.0 to 3.862.0

Release notes

Sourced from @​aws-sdk/client-ecr's releases.

v3.862.0

3.862.0(2025-08-06)

Chores
  • codegen: sync for CborCodec idempotencyToken (#7246) (25b3eb16)
Documentation Changes
  • client-appstream: Added support for G6 instances (2fb0a994)
New Features
  • clients: update client endpoints as of 2025-08-06 (7bd2ce78)
  • client-budgets: Adds support for billing views. Billing views let you control access to cost and usage data through an AWS resource, streamlining the process of sharing cost and usage data across account boundaries. With this release, you can now create and view budgets based on billing views. (360bf1cf)
  • client-ec2: Mark Elastic Inference Accelerators and Elastic Graphics Processor parameters as deprecated on the RunInstances and LaunchTemplate APIs. (aa76eb44)
  • client-qbusiness: Amazon Q Business now supports the GetDocumentContent() API that enables customers to securely access the source documents through clickable citation links at query time (aabc7a59)
  • client-opensearchserverless: Features: add Index APIs in OpenSearchServerless to support managed semantic enrichment (9b2c5e66)

For list of updated packages, view updated-packages.md in assets-3.862.0.zip

v3.861.0

3.861.0(2025-08-05)

New Features
  • clients: update client endpoints as of 2025-08-05 (e4928f8b)
  • client-bedrock: This release introduces Automated Reasoning checks for Amazon Bedrock Guardrails. The feature adds new APIs for policy building, refinement, version management, and testing. Guardrail APIs now support Automated Reasoning policy configuration and validation output. (a2ee7d5a)
  • client-eks: Add support for deletion protection on EKS clusters (99ee72f2)
  • client-bedrock-runtime: This release adds support for Automated Reasoning checks output models for the Amazon Bedrock Guardrails ApplyGuardrail API. (860cc4f5)
  • client-rds: Adds a new Aurora Serverless v2 attribute to the DBCluster resource to expose the platform version. Also updates the attribute to be part of both the engine version and platform version descriptions. (86d2740a)
  • client-sagemaker: Add support for SageMaker Hyperpod continuous scaling and custom AMI; Introduce new APIs: ListClusterEvents, DescribeClusterEvent, BatchAddClusterNodes (02381600)

For list of updated packages, view updated-packages.md in assets-3.861.0.zip

v3.860.0

3.860.0(2025-08-04)

New Features
  • clients: update client endpoints as of 2025-08-04 (a17d458c)
  • client-evs: TagResource API now throws ServiceQuotaExceededException when the number of tags on the Amazon EVS resource exceeds the maximum allowed. TooManyTagsException is deprecated. (f98eeb0e)
  • client-codeconnections: New integration with Azure DevOps provider type. (77c6b385)
  • client-sagemaker: This release adds the ability for customers to attach and detach their EBS volumes to EKS-orchestrated HyperPod cluster nodes. (4f78a2a0)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-ecr's changelog.

3.862.0 (2025-08-06)

Note: Version bump only for package @​aws-sdk/client-ecr

Commits

Updates @aws-sdk/client-ecr-public from 3.859.0 to 3.862.0

Release notes

Sourced from @​aws-sdk/client-ecr-public's releases.

v3.862.0

3.862.0(2025-08-06)

Chores
  • codegen: sync for CborCodec idempotencyToken (#7246) (25b3eb16)
Documentation Changes
  • client-appstream: Added support for G6 instances (2fb0a994)
New Features
  • clients: update client endpoints as of 2025-08-06 (7bd2ce78)
  • client-budgets: Adds support for billing views. Billing views let you control access to cost and usage data through an AWS resource, streamlining the process of sharing cost and usage data across account boundaries. With this release, you can now create and view budgets based on billing views. (360bf1cf)
  • client-ec2: Mark Elastic Inference Accelerators and Elastic Graphics Processor parameters as deprecated on the RunInstances and LaunchTemplate APIs. (aa76eb44)
  • client-qbusiness: Amazon Q Business now supports the GetDocumentContent() API that enables customers to securely access the source documents through clickable citation links at query time (aabc7a59)
  • client-opensearchserverless: Features: add Index APIs in OpenSearchServerless to support managed semantic enrichment (9b2c5e66)

For list of updated packages, view updated-packages.md in assets-3.862.0.zip

v3.861.0

3.861.0(2025-08-05)

New Features
  • clients: update client endpoints as of 2025-08-05 (e4928f8b)
  • client-bedrock: This release introduces Automated Reasoning checks for Amazon Bedrock Guardrails. The feature adds new APIs for policy building, refinement, version management, and testing. Guardrail APIs now support Automated Reasoning policy configuration and validation output. (a2ee7d5a)
  • client-eks: Add support for deletion protection on EKS clusters (99ee72f2)
  • client-bedrock-runtime: This release adds support for Automated Reasoning checks output models for the Amazon Bedrock Guardrails ApplyGuardrail API. (860cc4f5)
  • client-rds: Adds a new Aurora Serverless v2 attribute to the DBCluster resource to expose the platform version. Also updates the attribute to be part of both the engine version and platform version descriptions. (86d2740a)
  • client-sagemaker: Add support for SageMaker Hyperpod continuous scaling and custom AMI; Introduce new APIs: ListClusterEvents, DescribeClusterEvent, BatchAddClusterNodes (02381600)

For list of updated packages, view updated-packages.md in assets-3.861.0.zip

v3.860.0

3.860.0(2025-08-04)

New Features
  • clients: update client endpoints as of 2025-08-04 (a17d458c)
  • client-evs: TagResource API now throws ServiceQuotaExceededException when the number of tags on the Amazon EVS resource exceeds the maximum allowed. TooManyTagsException is deprecated. (f98eeb0e)
  • client-codeconnections: New integration with Azure DevOps provider type. (77c6b385)
  • client-sagemaker: This release adds the ability for customers to attach and detach their EBS volumes to EKS-orchestrated HyperPod cluster nodes. (4f78a2a0)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-ecr-public's changelog.

3.862.0 (2025-08-06)

Note: Version bump only for package @​aws-sdk/client-ecr-public

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/aws-sdk-dependencies-f08b3cc7bd branch from 18307f2 to 6253244 Compare September 9, 2025 05:03
@crazy-max
Copy link
Member

crazy-max commented Sep 13, 2025

@dependabot rebase

@dependabot
build(deps): bump the aws-sdk-dependencies group with 2 updates
d468688 
Bumps the aws-sdk-dependencies group with 2 updates: [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) and [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public).


Updates `@aws-sdk/client-ecr` from 3.859.0 to 3.862.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.862.0/clients/client-ecr)

Updates `@aws-sdk/client-ecr-public` from 3.859.0 to 3.862.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.862.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-version: 3.862.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-version: 3.862.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws-sdk-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/aws-sdk-dependencies-f08b3cc7bd branch from 6253244 to d468688 Compare September 13, 2025 12:03
@crazy-max crazy-max merged commit 5b7b28b into master Sep 13, 2025
8 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/aws-sdk-dependencies-f08b3cc7bd branch September 13, 2025 12:06
mergify bot added a commit to robfrank/linklift that referenced this pull request Sep 29, 2025
@mergify
chore(deps): bump the github-actions group with 5 updates [skip ci]
27e339b 
Bumps the github-actions group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.4` | `4.3.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.6.0` |
| [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) | `1.3.7` | `1.4.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.30.3` | `3.30.5` |
| [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.262.0` | `1.263.0` |
Updates `actions/cache` from 4.2.4 to 4.3.0
Release notes

*Sourced from [actions/cache's releases](https://github.com/actions/cache/releases).*

> v4.3.0
> ------
>
> What's Changed
> --------------
>
> * Add note on runner versions by [`@​GhadimiR`](https://github.com/GhadimiR) in [actions/cache#1642](https://redirect.github.com/actions/cache/pull/1642)
> * Prepare `v4.3.0` release by [`@​Link`](https://github.com/Link)- in [actions/cache#1655](https://redirect.github.com/actions/cache/pull/1655)
>
> New Contributors
> ----------------
>
> * [`@​GhadimiR`](https://github.com/GhadimiR) made their first contribution in [actions/cache#1642](https://redirect.github.com/actions/cache/pull/1642)
>
> **Full Changelog**: <actions/cache@v4...v4.3.0>


Changelog

*Sourced from [actions/cache's changelog](https://github.com/actions/cache/blob/main/RELEASES.md).*

> Releases
> ========
>
> ### 4.3.0
>
> * Bump `@actions/cache` to [v4.1.0](https://redirect.github.com/actions/toolkit/pull/2132)
>
> ### 4.2.4
>
> * Bump `@actions/cache` to v4.0.5
>
> ### 4.2.3
>
> * Bump `@actions/cache` to v4.0.3 (obfuscates SAS token in debug logs for cache entries)
>
> ### 4.2.2
>
> * Bump `@actions/cache` to v4.0.2
>
> ### 4.2.1
>
> * Bump `@actions/cache` to v4.0.1
>
> ### 4.2.0
>
> TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs.
>
> The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**.
>
> **We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below).
>
> If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`
>
> If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail.
>
> Upgrading to the recommended versions will not break your workflows.
>
> ### 4.1.2
>
> * Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - [#1474](https://redirect.github.com/actions/cache/pull/1474)
> * Security fix: Bump braces from 3.0.2 to 3.0.3 - [#1475](https://redirect.github.com/actions/cache/pull/1475)
>
> ### 4.1.1
>
> * Restore original behavior of `cache-hit` output - [#1467](https://redirect.github.com/actions/cache/pull/1467)
>
> ### 4.1.0
>
> * Ensure `cache-hit` output is set when a cache is missed - [#1404](https://redirect.github.com/actions/cache/pull/1404)
> * Deprecate `save-always` input - [#1452](https://redirect.github.com/actions/cache/pull/1452)

... (truncated)


Commits

* [`0057852`](actions/cache@0057852) Merge pull request [#1655](https://redirect.github.com/actions/cache/issues/1655) from actions/Link-/prepare-4.3.0
* [`4f5ea67`](actions/cache@4f5ea67) Update licensed cache
* [`9fcad95`](actions/cache@9fcad95) Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release
* [`638ed79`](actions/cache@638ed79) Merge pull request [#1642](https://redirect.github.com/actions/cache/issues/1642) from actions/GhadimiR-patch-1
* [`3862dcc`](actions/cache@3862dcc) Add note on runner versions
* See full diff in [compare view](actions/cache@0400d5f...0057852)
  
Updates `docker/login-action` from 3.5.0 to 3.6.0
Release notes

*Sourced from [docker/login-action's releases](https://github.com/docker/login-action/releases).*

> v3.6.0
> ------
>
> * Add `registry-auth` input for raw authentication to registries by [`@​crazy-max`](https://github.com/crazy-max) in [docker/login-action#887](https://redirect.github.com/docker/login-action/pull/887)
> * Bump `@​aws-sdk/client-ecr` to 3.890.0 in [docker/login-action#882](https://redirect.github.com/docker/login-action/pull/882) [docker/login-action#890](https://redirect.github.com/docker/login-action/pull/890)
> * Bump `@​aws-sdk/client-ecr-public` to 3.890.0 in [docker/login-action#882](https://redirect.github.com/docker/login-action/pull/882) [docker/login-action#890](https://redirect.github.com/docker/login-action/pull/890)
> * Bump `@​docker/actions-toolkit` from 0.62.1 to 0.63.0 in [docker/login-action#883](https://redirect.github.com/docker/login-action/pull/883)
> * Bump brace-expansion from 1.1.11 to 1.1.12 in [docker/login-action#880](https://redirect.github.com/docker/login-action/pull/880)
> * Bump undici from 5.28.4 to 5.29.0 in [docker/login-action#879](https://redirect.github.com/docker/login-action/pull/879)
> * Bump tmp from 0.2.3 to 0.2.4 in [docker/login-action#881](https://redirect.github.com/docker/login-action/pull/881)
>
> **Full Changelog**: <docker/login-action@v3.5.0...v3.6.0>


Commits

* [`5e57cd1`](docker/login-action@5e57cd1) Merge pull request [#890](https://redirect.github.com/docker/login-action/issues/890) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`97e3143`](docker/login-action@97e3143) chore: update generated content
* [`3a0796b`](docker/login-action@3a0796b) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`5b7b28b`](docker/login-action@5b7b28b) Merge pull request [#882](https://redirect.github.com/docker/login-action/issues/882) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`abc9fb3`](docker/login-action@abc9fb3) chore: update generated content
* [`d468688`](docker/login-action@d468688) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`a99b2f8`](docker/login-action@a99b2f8) Merge pull request [#883](https://redirect.github.com/docker/login-action/issues/883) from docker/dependabot/npm\_and\_yarn/docker/actions-to...
* [`0d7fae8`](docker/login-action@0d7fae8) chore: update generated content
* [`9832253`](docker/login-action@9832253) build(deps): bump `@​docker/actions-toolkit` from 0.62.1 to 0.63.0
* [`09e05bb`](docker/login-action@09e05bb) Merge pull request [#881](https://redirect.github.com/docker/login-action/issues/881) from docker/dependabot/npm\_and\_yarn/tmp-0.2.4
* Additional commits viewable in [compare view](docker/login-action@184bdaa...5e57cd1)
  
Updates `graalvm/setup-graalvm` from 1.3.7 to 1.4.0
Release notes

*Sourced from [graalvm/setup-graalvm's releases](https://github.com/graalvm/setup-graalvm/releases).*

> v1.4.0
> ------
>
> What's Changed
> --------------
>
> * Convert to ESM. by [`@​fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#184](https://redirect.github.com/graalvm/setup-graalvm/pull/184)
>
> **Full Changelog**: <graalvm/setup-graalvm@v1.3.7...v1.4.0>


Commits

* [`e140024`](graalvm/setup-graalvm@e140024) Bump version to `1.4.0`.
* [`933f904`](graalvm/setup-graalvm@933f904) Bump SBOM test versions to 25
* [`0246c29`](graalvm/setup-graalvm@0246c29) Upgrade `minimatch` for ESM support.
* [`b4c67ab`](graalvm/setup-graalvm@b4c67ab) Convert to ESM.
* [`59f089d`](graalvm/setup-graalvm@59f089d) Bump the npm-updates group with 7 updates
* See full diff in [compare view](graalvm/setup-graalvm@aba6a07...e140024)
  
Updates `github/codeql-action` from 3.30.3 to 3.30.5
Release notes

*Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).*

> v3.30.5
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.30.5 - 26 Sep 2025
> --------------------
>
> * We fixed a bug that was introduced in `3.30.4` with `upload-sarif` which resulted in files without a `.sarif` extension not getting uploaded. [#3160](https://redirect.github.com/github/codeql-action/pull/3160)
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md) for more information.
>
> v3.30.4
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.30.4 - 25 Sep 2025
> --------------------
>
> * We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the `codeql-action/init` step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the `codeql-action/init` step. [#3099](https://redirect.github.com/github/codeql-action/pull/3099) and [#3100](https://redirect.github.com/github/codeql-action/pull/3100)
> * We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. [#3107](https://redirect.github.com/github/codeql-action/pull/3107)
> * You can now run the latest CodeQL nightly bundle by passing `tools: nightly` to the `init` action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. [#3130](https://redirect.github.com/github/codeql-action/pull/3130)
> * Update default CodeQL bundle version to 2.23.1. [#3118](https://redirect.github.com/github/codeql-action/pull/3118)
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md) for more information.


Changelog

*Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).*

> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> [UNRELEASED]
> ------------
>
> No user facing changes.
>
> 3.30.5 - 26 Sep 2025
> --------------------
>
> * We fixed a bug that was introduced in `3.30.4` with `upload-sarif` which resulted in files without a `.sarif` extension not getting uploaded. [#3160](https://redirect.github.com/github/codeql-action/pull/3160)
>
> 3.30.4 - 25 Sep 2025
> --------------------
>
> * We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the `codeql-action/init` step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the `codeql-action/init` step. [#3099](https://redirect.github.com/github/codeql-action/pull/3099) and [#3100](https://redirect.github.com/github/codeql-action/pull/3100)
> * We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. [#3107](https://redirect.github.com/github/codeql-action/pull/3107)
> * You can now run the latest CodeQL nightly bundle by passing `tools: nightly` to the `init` action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. [#3130](https://redirect.github.com/github/codeql-action/pull/3130)
> * Update default CodeQL bundle version to 2.23.1. [#3118](https://redirect.github.com/github/codeql-action/pull/3118)
>
> 3.30.3 - 10 Sep 2025
> --------------------
>
> No user facing changes.
>
> 3.30.2 - 09 Sep 2025
> --------------------
>
> * Fixed a bug which could cause language autodetection to fail. [#3084](https://redirect.github.com/github/codeql-action/pull/3084)
> * Experimental: The `quality-queries` input that was added in `3.29.2` as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new `analysis-kinds` input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. [#3064](https://redirect.github.com/github/codeql-action/pull/3064)
>
> 3.30.1 - 05 Sep 2025
> --------------------
>
> * Update default CodeQL bundle version to 2.23.0. [#3077](https://redirect.github.com/github/codeql-action/pull/3077)
>
> 3.30.0 - 01 Sep 2025
> --------------------
>
> * Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. [#3054](https://redirect.github.com/github/codeql-action/pull/3054)
>
> 3.29.11 - 21 Aug 2025
> ---------------------
>
> * Update default CodeQL bundle version to 2.22.4. [#3044](https://redirect.github.com/github/codeql-action/pull/3044)
>
> 3.29.10 - 18 Aug 2025
> ---------------------
>
> No user facing changes.
>
> 3.29.9 - 12 Aug 2025
> --------------------
>
> No user facing changes.
>
> 3.29.8 - 08 Aug 2025
> --------------------

... (truncated)


Commits

* [`3599b3b`](github/codeql-action@3599b3b) Merge pull request [#3161](https://redirect.github.com/github/codeql-action/issues/3161) from github/update-v3.30.5-0a67bd46a
* [`2ca0085`](github/codeql-action@2ca0085) Update changelog for v3.30.5
* [`0a67bd4`](github/codeql-action@0a67bd4) Merge pull request [#3160](https://redirect.github.com/github/codeql-action/issues/3160) from github/mbg/fix/upload-sarif
* [`8e34f2f`](github/codeql-action@8e34f2f) Add changelog
* [`0b7fc56`](github/codeql-action@0b7fc56) Fix `upload-sarif` not uploading non-`.sarif` files
* [`94a9b7a`](github/codeql-action@94a9b7a) Merge pull request [#3155](https://redirect.github.com/github/codeql-action/issues/3155) from github/mbg/node/no-install-in-actions
* [`a0ae9ba`](github/codeql-action@a0ae9ba) Log what the script is doing
* [`b27a8ef`](github/codeql-action@b27a8ef) Exit if running in an Actions workflow
* [`6592567`](github/codeql-action@6592567) Merge pull request [#3139](https://redirect.github.com/github/codeql-action/issues/3139) from github/henrymercer/fix-log-message
* [`fa64a7d`](github/codeql-action@fa64a7d) Merge pull request [#3154](https://redirect.github.com/github/codeql-action/issues/3154) from github/mbg/node/check-up-to-date-deps
* Additional commits viewable in [compare view](github/codeql-action@192325c...3599b3b)
  
Updates `ruby/setup-ruby` from 1.262.0 to 1.263.0
Release notes

*Sourced from [ruby/setup-ruby's releases](https://github.com/ruby/setup-ruby/releases).*

> v1.263.0
> --------
>
> What's Changed
> --------------
>
> * Print lockfile contents earlier by [`@​Earlopain`](https://github.com/Earlopain) in [ruby/setup-ruby#811](https://redirect.github.com/ruby/setup-ruby/pull/811)
>
> New Contributors
> ----------------
>
> * [`@​Earlopain`](https://github.com/Earlopain) made their first contribution in [ruby/setup-ruby#811](https://redirect.github.com/ruby/setup-ruby/pull/811)
>
> **Full Changelog**: <ruby/setup-ruby@v1.262.0...v1.263.0>


Commits

* [`0481980`](ruby/setup-ruby@0481980) Print lockfile contents earlier
* See full diff in [compare view](ruby/setup-ruby@cf7216d...0481980)
  
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
  
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore  major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore  minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore  ` will remove the ignore condition of the specified dependency and ignore conditions
mergify bot added a commit to ArcadeData/arcadedb that referenced this pull request Oct 5, 2025
@mergify
chore(deps): bump docker/login-action from 3.5.0 to 3.6.0 [skip ci]
3e0ada7 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.5.0 to 3.6.0.
Release notes

*Sourced from [docker/login-action's releases](https://github.com/docker/login-action/releases).*

> v3.6.0
> ------
>
> * Add `registry-auth` input for raw authentication to registries by [`@​crazy-max`](https://github.com/crazy-max) in [docker/login-action#887](https://redirect.github.com/docker/login-action/pull/887)
> * Bump `@​aws-sdk/client-ecr` to 3.890.0 in [docker/login-action#882](https://redirect.github.com/docker/login-action/pull/882) [docker/login-action#890](https://redirect.github.com/docker/login-action/pull/890)
> * Bump `@​aws-sdk/client-ecr-public` to 3.890.0 in [docker/login-action#882](https://redirect.github.com/docker/login-action/pull/882) [docker/login-action#890](https://redirect.github.com/docker/login-action/pull/890)
> * Bump `@​docker/actions-toolkit` from 0.62.1 to 0.63.0 in [docker/login-action#883](https://redirect.github.com/docker/login-action/pull/883)
> * Bump brace-expansion from 1.1.11 to 1.1.12 in [docker/login-action#880](https://redirect.github.com/docker/login-action/pull/880)
> * Bump undici from 5.28.4 to 5.29.0 in [docker/login-action#879](https://redirect.github.com/docker/login-action/pull/879)
> * Bump tmp from 0.2.3 to 0.2.4 in [docker/login-action#881](https://redirect.github.com/docker/login-action/pull/881)
>
> **Full Changelog**: <docker/login-action@v3.5.0...v3.6.0>


Commits

* [`5e57cd1`](docker/login-action@5e57cd1) Merge pull request [#890](https://redirect.github.com/docker/login-action/issues/890) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`97e3143`](docker/login-action@97e3143) chore: update generated content
* [`3a0796b`](docker/login-action@3a0796b) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`5b7b28b`](docker/login-action@5b7b28b) Merge pull request [#882](https://redirect.github.com/docker/login-action/issues/882) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`abc9fb3`](docker/login-action@abc9fb3) chore: update generated content
* [`d468688`](docker/login-action@d468688) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`a99b2f8`](docker/login-action@a99b2f8) Merge pull request [#883](https://redirect.github.com/docker/login-action/issues/883) from docker/dependabot/npm\_and\_yarn/docker/actions-to...
* [`0d7fae8`](docker/login-action@0d7fae8) chore: update generated content
* [`9832253`](docker/login-action@9832253) build(deps): bump `@​docker/actions-toolkit` from 0.62.1 to 0.63.0
* [`09e05bb`](docker/login-action@09e05bb) Merge pull request [#881](https://redirect.github.com/docker/login-action/issues/881) from docker/dependabot/npm\_and\_yarn/tmp-0.2.4
* Additional commits viewable in [compare view](docker/login-action@184bdaa...5e57cd1)
  
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility\_score?dependency-name=docker/login-action&package-manager=github\_actions&previous-version=3.5.0&new-version=3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
  
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crazy-max crazy-max crazy-max approved these changes

Assignees

No one assigned

Labels

bot dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@crazy-max