Skip to content

Bump the github-actions group with 4 updates#2356

Merged
auto-submit[bot] merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-ceddc1e310
Apr 1, 2026
Merged

Bump the github-actions group with 4 updates#2356
auto-submit[bot] merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-ceddc1e310

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026

Bumps the github-actions group with 4 updates: dart-lang/setup-dart, actions/configure-pages, actions/deploy-pages and nanasess/setup-chromedriver.

Updates dart-lang/setup-dart from 1.7.1 to 1.7.2

Release notes

Sourced from dart-lang/setup-dart's releases.

v1.7.2

  • Update Node.js requirement to Node 24.
  • Fix open Dependabot alerts by bumping undici to >=6.24.0.
  • Update GitHub Action dependencies (@actions/core, @actions/exec, @actions/tool-cache, @actions/http-client).
  • Update workflow actions to their latest versions (actions/checkout v6, setup-flutter).
Changelog

Sourced from dart-lang/setup-dart's changelog.

v1.7.2

  • Update Node.js requirement to Node 24.
  • Fix open Dependabot alerts by bumping undici to >=6.24.0.
  • Update GitHub Action dependencies (@actions/core, @actions/exec, @actions/tool-cache, @actions/http-client).
  • Update workflow actions to their latest versions (actions/checkout v6, setup-flutter).

v1.7.1

  • Roll undici dependency to address CVE-2025-22150.
  • Update to the latest npm dependencies.
  • Recompile the action using the new Dart / JavaScript interop.

v1.7.0

v1.6.5

  • Fix zip path handling on Windows 11 (#118[])

#118: dart-lang/setup-dart#118

v1.6.4

  • Rebuild JS code.

v1.6.3

v1.6.2

v1.6.1

  • Updated the google storage url for main channel releases.

... (truncated)

Commits
  • 65eb853 chore: prepare v1.7.2 release (#175)
  • 6e0ff0b Node 24 (#174)
  • 03a180d Group npm dependency updates (#172)
  • 74195ec Bump @​actions/exec from 1.1.1 to 3.0.0 (#167)
  • 41705c9 Bump @​actions/core from 1.11.1 to 3.0.0 (#168)
  • dd42013 Bump @​actions/tool-cache from 2.0.2 to 4.0.0 (#169)
  • b36cb5e Bump @​actions/http-client from 3.0.0 to 4.0.0 (#170)
  • 21e68f4 Bump actions/checkout from 5 to 6 in the github-actions group (#162)
  • 0bdb602 Bump @​actions/http-client from 2.2.3 to 3.0.0 (#160)
  • daef289 Bump flutter-actions/setup-flutter in the github-actions group (#159)
  • Additional commits viewable in compare view

Updates actions/configure-pages from 5 to 6

Release notes

Sourced from actions/configure-pages's releases.

v6.0.0

Changelog

See details of all code changes since previous release.

Commits
  • 45bfe01 Merge pull request #186 from salmanmkc/node24
  • d8770c2 Update Node version from 20 to 24 in action.yml
  • cb8a1a3 upgrade to node 24
  • d560657 Merge pull request #165 from actions/Jcambass-patch-1
  • 35e0ac4 Upgrade IA Publish
  • 1dfbcbf Merge pull request #163 from actions/Jcambass-patch-1
  • 2f4f988 Add workflow file for publishing releases to immutable action package
  • 0d7570c Merge pull request #162 from actions/pin-draft-release-verssion
  • 3ea1966 pin draft release version
  • aabcbc4 Merge pull request #160 from actions/dependabot/npm_and_yarn/espree-10.1.0
  • Additional commits viewable in compare view

Updates actions/deploy-pages from 4 to 5

Release notes

Sourced from actions/deploy-pages's releases.

v5.0.0

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.5

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.3

Changelog

... (truncated)

Commits
  • cd2ce8f Merge pull request #404 from salmanmkc/node24
  • bbe2a95 Update Node.js version to 24.x
  • 854d7aa Merge pull request #374 from actions/Jcambass-patch-1
  • 306bb81 Add workflow file for publishing releases to immutable action package
  • b742728 Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...
  • 7273294 Bump braces in the npm_and_yarn group across 1 directory
  • 963791f Merge pull request #361 from actions/dependabot-friendly
  • 51bb29d Make the rebuild dist workflow safer for Dependabot
  • 89f3d10 Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...
  • bce7355 Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21
  • Additional commits viewable in compare view

Updates nanasess/setup-chromedriver from 2.3.0 to 2.4.0

Release notes

Sourced from nanasess/setup-chromedriver's releases.

v2.4.0

Highlights

Node 24 Runtime Migration

This release upgrades the GitHub Actions runtime from Node 20 to Node 24, aligning with GitHub's official migration timeline.

  • Node.js 20 deprecation warnings are now resolved — workflows using nanasess/setup-chromedriver@v2 will no longer display the deprecation notice
  • Node 20 actions will be forced to run with Node 24 by default starting June 2, 2026

Requirements

Environment Minimum Version
GitHub-hosted runners No changes required
Self-hosted runners v2.327.1 or later
macOS (self-hosted) macOS 14 or later

Note: ARM32 self-hosted runners are no longer supported with Node 24.

Other Notable Changes

  • Removed deprecated macos-12 and macos-13 from CI test matrix
  • Removed support for ubuntu-20.04
  • Bumped multiple dependencies for security and compatibility

What's Changed

... (truncated)

Commits
  • c75c3d5 Merge pull request #426 from nanasess/dependabot/npm_and_yarn/multi-03a6d9d59f
  • 543a13c Merge branch 'master' into dependabot/npm_and_yarn/multi-03a6d9d59f
  • 9092c28 Merge pull request #427 from nanasess/dependabot/npm_and_yarn/vercel/ncc-0.38.4
  • 3aca667 Merge pull request #431 from nanasess/dependabot/npm_and_yarn/lodash-4.17.23
  • 9fb4669 Merge branch 'master' into dependabot/npm_and_yarn/lodash-4.17.23
  • 39077f5 Merge pull request #432 from nanasess/dependabot/npm_and_yarn/qs-6.14.2
  • 192c6a3 Merge branch 'master' into dependabot/npm_and_yarn/qs-6.14.2
  • 9305895 Merge pull request #433 from nanasess/dependabot/npm_and_yarn/minimatch-3.1.5
  • 1126b5a Merge pull request #416 from nanasess/dependabot/npm_and_yarn/types/node-24.2.1
  • da50214 Merge branch 'master' into dependabot/npm_and_yarn/types/node-24.2.1
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the github-actions group with 4 updates
1d1b6c7 
Bumps the github-actions group with 4 updates: [dart-lang/setup-dart](https://github.com/dart-lang/setup-dart), [actions/configure-pages](https://github.com/actions/configure-pages), [actions/deploy-pages](https://github.com/actions/deploy-pages) and [nanasess/setup-chromedriver](https://github.com/nanasess/setup-chromedriver).


Updates `dart-lang/setup-dart` from 1.7.1 to 1.7.2
- [Release notes](https://github.com/dart-lang/setup-dart/releases)
- [Changelog](https://github.com/dart-lang/setup-dart/blob/main/CHANGELOG.md)
- [Commits](dart-lang/setup-dart@e51d8e5...65eb853)

Updates `actions/configure-pages` from 5 to 6
- [Release notes](https://github.com/actions/configure-pages/releases)
- [Commits](actions/configure-pages@v5...v6)

Updates `actions/deploy-pages` from 4 to 5
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](actions/deploy-pages@v4...v5)

Updates `nanasess/setup-chromedriver` from 2.3.0 to 2.4.0
- [Release notes](https://github.com/nanasess/setup-chromedriver/releases)
- [Commits](nanasess/setup-chromedriver@e93e57b...c75c3d5)

---
updated-dependencies:
- dependency-name: dart-lang/setup-dart
  dependency-version: 1.7.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/configure-pages
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/deploy-pages
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: nanasess/setup-chromedriver
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the autosubmit label Apr 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 1, 2026 05:44
@github-actions github-actions Bot added the type-infra A repository infrastructure change or enhancement label Apr 1, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 1, 2026

PR Health

Changelog Entry ✔️
Package Changed Files

Changes to files need to be accounted for in their respective changelogs.

This check can be disabled by tagging the PR with skip-changelog-check.

Coverage ✔️
File Coverage

This check for test coverage is informational (issues shown here will not fail the PR).

This check can be disabled by tagging the PR with skip-coverage-check.

Unused Dependencies ✔️
Package Status
None No packages found to check.

For details on how to fix these, see dependency_validator.

This check can be disabled by tagging the PR with skip-unused-dependencies-check.

Breaking changes ✔️
Package Change Current Version New Version Needed Version Looking good?

This check can be disabled by tagging the PR with skip-breaking-check.

API leaks ✔️

The following packages contain symbols visible in the public API, but not exported by the library. Export these symbols or remove them from your publicly visible API.

Package Leaked API symbol Leaking sources

This check can be disabled by tagging the PR with skip-leaking-check.

License Headers ✔️ 
// Copyright (c) 2026, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.
Files
no missing headers

All source files should start with a license header.

Unrelated files missing license headers
Files
pkgs/bazel_worker/benchmark/benchmark.dart
pkgs/coverage/lib/src/coverage_options.dart
pkgs/html/example/main.dart
pkgs/html/lib/dom.dart
pkgs/html/lib/dom_parsing.dart
pkgs/html/lib/html_escape.dart
pkgs/html/lib/parser.dart
pkgs/html/lib/src/constants.dart
pkgs/html/lib/src/encoding_parser.dart
pkgs/html/lib/src/html_input_stream.dart
pkgs/html/lib/src/list_proxy.dart
pkgs/html/lib/src/query_selector.dart
pkgs/html/lib/src/token.dart
pkgs/html/lib/src/tokenizer.dart
pkgs/html/lib/src/treebuilder.dart
pkgs/html/lib/src/utils.dart
pkgs/html/test/dom_test.dart
pkgs/html/test/parser_feature_test.dart
pkgs/html/test/parser_test.dart
pkgs/html/test/selectors/level1_baseline_test.dart
pkgs/html/test/selectors/level1_lib.dart
pkgs/html/test/selectors/selectors.dart
pkgs/html/test/support.dart
pkgs/html/test/tokenizer_test.dart
pkgs/html/test/trie_test.dart
pkgs/html/tool/generate_trie.dart
pkgs/pubspec_parse/test/git_uri_test.dart
pkgs/watcher/test/custom_watcher_factory_test.dart

This check can be disabled by tagging the PR with skip-license-check.

1 similar comment
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 1, 2026

PR Health

Changelog Entry ✔️
Package Changed Files

Changes to files need to be accounted for in their respective changelogs.

This check can be disabled by tagging the PR with skip-changelog-check.

Coverage ✔️
File Coverage

This check for test coverage is informational (issues shown here will not fail the PR).

This check can be disabled by tagging the PR with skip-coverage-check.

Unused Dependencies ✔️
Package Status
None No packages found to check.

For details on how to fix these, see dependency_validator.

This check can be disabled by tagging the PR with skip-unused-dependencies-check.

Breaking changes ✔️
Package Change Current Version New Version Needed Version Looking good?

This check can be disabled by tagging the PR with skip-breaking-check.

API leaks ✔️

The following packages contain symbols visible in the public API, but not exported by the library. Export these symbols or remove them from your publicly visible API.

Package Leaked API symbol Leaking sources

This check can be disabled by tagging the PR with skip-leaking-check.

License Headers ✔️ 
// Copyright (c) 2026, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.
Files
no missing headers

All source files should start with a license header.

Unrelated files missing license headers
Files
pkgs/bazel_worker/benchmark/benchmark.dart
pkgs/coverage/lib/src/coverage_options.dart
pkgs/html/example/main.dart
pkgs/html/lib/dom.dart
pkgs/html/lib/dom_parsing.dart
pkgs/html/lib/html_escape.dart
pkgs/html/lib/parser.dart
pkgs/html/lib/src/constants.dart
pkgs/html/lib/src/encoding_parser.dart
pkgs/html/lib/src/html_input_stream.dart
pkgs/html/lib/src/list_proxy.dart
pkgs/html/lib/src/query_selector.dart
pkgs/html/lib/src/token.dart
pkgs/html/lib/src/tokenizer.dart
pkgs/html/lib/src/treebuilder.dart
pkgs/html/lib/src/utils.dart
pkgs/html/test/dom_test.dart
pkgs/html/test/parser_feature_test.dart
pkgs/html/test/parser_test.dart
pkgs/html/test/selectors/level1_baseline_test.dart
pkgs/html/test/selectors/level1_lib.dart
pkgs/html/test/selectors/selectors.dart
pkgs/html/test/support.dart
pkgs/html/test/tokenizer_test.dart
pkgs/html/test/trie_test.dart
pkgs/html/tool/generate_trie.dart
pkgs/pubspec_parse/test/git_uri_test.dart
pkgs/watcher/test/custom_watcher_factory_test.dart

This check can be disabled by tagging the PR with skip-license-check.

@auto-submit auto-submit Bot merged commit 3e5ece0 into main Apr 1, 2026
161 checks passed
@auto-submit auto-submit Bot deleted the dependabot/github_actions/github-actions-ceddc1e310 branch April 1, 2026 06:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fluttergithubbot fluttergithubbot fluttergithubbot approved these changes

Assignees

No one assigned

Labels

autosubmit type-infra A repository infrastructure change or enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fluttergithubbot