chore(deps): bump the actions-deps group across 1 directory with 3 updates by dependabot[bot] · Pull Request #7103 · kobotoolbox/kpi

dependabot · 2026-05-30T09:54:16Z

Bumps the actions-deps group with 3 updates in the / directory: snok/container-retention-policy, aws-actions/configure-aws-credentials and zulip/github-actions-zulip.

Updates snok/container-retention-policy from 3.0.1 to 3.1.0

Release notes

Sourced from snok/container-retention-policy's releases.

v3.1.0

Features

The action now automatically detects and filters out any package version that belongs to a multi-arch image meant to be retained (snok/container-retention-policy#131). This should resolve issues #90, #95, snok/container-retention-policy#97 and more. Thanks to @sennerholm for starting this work.

Fixes

Fixed an issue in negative durations causing the action to panic (snok/container-retention-policy#133). Fixes snok/container-retention-policy#128.

Fixed token parsing related to Github's token format migration (source). Fixes snok/container-retention-policy#132 and snok/container-retention-policy#129.

Misc

Updated all workflow versions

Updated dependencies and linters

Full Changelog: snok/container-retention-policy@v3.0.1...v3.1.0

Commits

d3bdcf5 chore(ci): Generate a unique image prefix per image
71e22bd chore: Parallelize test runs
7829d4c fix: Add CA certs to container
323159e fix: Clear untagged candidates if we can't fetch all images due to rate-limits
5dd3fdd fix: Clear all tagged and untagged candidates if client initiation fails
a05f900 fix: Make integration tests of older versions of the action run tagged-only s...
830dbff fix: Correct tag selection
1659258 fix: Make integration tests of older versions of the action run tagged-only s...
bd8b193 chore: Update reqwest and downgrade tracing-subscriber
33fd2dd feat: Log which package versions were kept due to multi-arch
Additional commits viewable in compare view

Updates aws-actions/configure-aws-credentials from 6.1.1 to 6.2.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.0

6.2.0 (2026-06-01)

Features

add additional session tags by default (#1775) (e0ba768)

add more retry logic and better logging (#1764) (540d0c1)

add regex validation to role-session-name (#1765) (e354499)

Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)

expose run id in STS client user-agent (#1774) (29d1be3)

support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

skip credential check on output-env-credentials: false (#1778) (58e7c47)

assumeRole failing from session tag size too large (#1808) (d6f5dc3)

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

fix: allow kubelet token symlink in aws-actions/configure-aws-credentials#1805

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

additional filesystem checks (#1799) (c39f282)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

6.2.0 (2026-06-01)

Features

add additional session tags by default (#1775) (e0ba768)

add more retry logic and better logging (#1764) (540d0c1)

add regex validation to role-session-name (#1765) (e354499)

Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)

expose run id in STS client user-agent (#1774) (29d1be3)

support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

skip credential check on output-env-credentials: false (#1778) (58e7c47)

assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

additional filesystem checks (#1799) (c39f282)

Commits

e7f100c chore(main): release 6.2.0 (#1806)
bbbffea chore: Update dist
d6f5dc3 fix: assumeRole failing from session tag size too large (#1808)
12014c0 docs: fix typo in README.md (#1809)
4ab3589 chore: replay 6.2 devel changes onto main (#1807)
99214aa chore: Update dist
217d179 fix: allow kubelet token symlink (#1805)
5548f34 chore: Update dist
77cd089 chore: document container credentials provider support (and delete transitive...
dbacf31 chore: bump release version (#1801)
Additional commits viewable in compare view

Updates zulip/github-actions-zulip from 1 to 2

Release notes

Sourced from zulip/github-actions-zulip's releases.

v2.0.0

What's Changed

workflows: Upgrade GitHub actions, restrict GitHub permissions by @andersk in zulip/github-actions-zulip#134

deps: Upgrade from NodeJS v20 to v24 by @PascalEgn in zulip/github-actions-zulip#136

workflows: Enable zizmor scanning by @andersk in zulip/github-actions-zulip#142

New Contributors

@PascalEgn made their first contribution in zulip/github-actions-zulip#136

Full Changelog: zulip/github-actions-zulip@v1.0.2...v2.0.0

v1.0.2

What's Changed

Maintainability Items: linting and typing by @klardotsh in zulip/github-actions-zulip#69

Bump eslint-plugin-unicorn from 45.0.0 to 45.0.2 by @dependabot in zulip/github-actions-zulip#73

Bump node-fetch from 2.6.1 to 2.6.7 by @dependabot in zulip/github-actions-zulip#62

Bump @actions/core from 1.4.0 to 1.10.0 by @dependabot in zulip/github-actions-zulip#64

Bump eslint-config-xo-typescript from 0.55.0 to 0.55.1 by @dependabot in zulip/github-actions-zulip#77

Bump prettier from 2.8.0 to 2.8.1 by @dependabot in zulip/github-actions-zulip#76

Bump @actions/github from 5.0.0 to 5.1.1 by @dependabot in zulip/github-actions-zulip#75

Bump typescript from 4.9.3 to 4.9.4 by @dependabot in zulip/github-actions-zulip#78

Bump @typescript-eslint/parser from 5.44.0 to 5.47.1 by @dependabot in zulip/github-actions-zulip#79

Bump @vercel/ncc from 0.34.0 to 0.36.0 by @dependabot in zulip/github-actions-zulip#82

Bump eslint from 8.28.0 to 8.30.0 by @dependabot in zulip/github-actions-zulip#80

Bump @typescript-eslint/eslint-plugin from 5.44.0 to 5.47.1 by @dependabot in zulip/github-actions-zulip#81

Bump eslint-config-prettier from 8.5.0 to 8.6.0 by @dependabot in zulip/github-actions-zulip#87

Bump eslint from 8.30.0 to 8.31.0 by @dependabot in zulip/github-actions-zulip#86

Bump @typescript-eslint/parser from 5.47.1 to 5.48.0 by @dependabot in zulip/github-actions-zulip#85

Bump @typescript-eslint/eslint-plugin from 5.47.1 to 5.48.0 by @dependabot in zulip/github-actions-zulip#84

Bump json5 from 1.0.1 to 1.0.2 by @dependabot in zulip/github-actions-zulip#88

npm: Upgrade (mostly dev) dependencies. by @klardotsh in zulip/github-actions-zulip#99

deps: Upgrade from NodeJS v16 to v20 by @SeanTAllen in zulip/github-actions-zulip#131

Upgrade dependencies by @andersk in zulip/github-actions-zulip#132

New Contributors

@SeanTAllen made their first contribution in zulip/github-actions-zulip#131

@andersk made their first contribution in zulip/github-actions-zulip#132

Full Changelog: zulip/github-actions-zulip@v1.0.1...v1.0.2

v1.0.1: A maintenance release.

This tag is dedicated entirely to maintenance and contains no changes requiring user intervention:

Upgrade from NodeJS v12 (which is deprecated on GitHub Actions) to NodeJS v16.

Document the usage and recommendation of GitHub Actions Secrets for storing api-key arguments.

Upgrade @vercel/ncc bundler to work around NodeJS v16 OpenSSL-related quirks.

Upgrade package-lock.json to v2 schema.

Changelog

Sourced from zulip/github-actions-zulip's changelog.

Commits

bd8ec52 Release v2.0.1.
78d1446 Add missing tslib dependency.
8f85235 Release v2.0.0.
74e69e3 Upgrade dependencies.
037b859 npmrc: Enable 7 day dependency cooldown.
ebcd292 eslint: Fix @typescript-eslint/no-unsafe-type-assertion.
2c5f4a4 eslint: Fix import-x/no-named-default, unicorn/no-named-default.
72abff4 eslint: Fix @typescript-eslint/no-floating-promises, unicorn/prefer-top-level...
e7daabd Fix send message return type.
1fe2d13 Set "type": "module".
Additional commits viewable in compare view

…dates Bumps the actions-deps group with 3 updates in the / directory: [snok/container-retention-policy](https://github.com/snok/container-retention-policy), [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) and [zulip/github-actions-zulip](https://github.com/zulip/github-actions-zulip). Updates `snok/container-retention-policy` from 3.0.1 to 3.1.0 - [Release notes](https://github.com/snok/container-retention-policy/releases) - [Commits](snok/container-retention-policy@v3.0.1...v3.1.0) Updates `aws-actions/configure-aws-credentials` from 6.1.1 to 6.2.0 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@v6.1.1...v6.2.0) Updates `zulip/github-actions-zulip` from 1 to 2 - [Release notes](https://github.com/zulip/github-actions-zulip/releases) - [Changelog](https://github.com/zulip/github-actions-zulip/blob/main/CHANGELOG.md) - [Commits](zulip/github-actions-zulip@v1...v2) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.1.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: snok/container-retention-policy dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: zulip/github-actions-zulip dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github actions PRs related to actions from GitHub workflows labels May 30, 2026

dependabot Bot requested review from jnm, magicznyleszek, noliveleger and olive-KTB as code owners May 30, 2026 09:54

dependabot Bot added dependencies Pull requests that update a dependency file github actions PRs related to actions from GitHub workflows labels May 30, 2026

noliveleger removed their request for review June 2, 2026 12:48

dependabot Bot force-pushed the dependabot/github_actions/actions-deps-78e37b62cc branch from a724909 to 3e92956 Compare June 6, 2026 09:54

dependabot Bot changed the title ~~build(deps): bump the actions-deps group across 1 directory with 3 updates~~ chore(deps): bump the actions-deps group across 1 directory with 3 updates Jun 13, 2026

dependabot Bot force-pushed the dependabot/github_actions/actions-deps-78e37b62cc branch from 3e92956 to c4a4194 Compare June 13, 2026 09:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the actions-deps group across 1 directory with 3 updates#7103

chore(deps): bump the actions-deps group across 1 directory with 3 updates#7103
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-deps-78e37b62cc

dependabot Bot commented on behalf of github May 30, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.1.0

Features

Fixes

Misc

v6.2.0

6.2.0 (2026-06-01)

Features

Bug Fixes

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

6.2.0 (2026-06-01)

Features

Bug Fixes

6.1.3 (2026-05-28)

Bug Fixes

6.1.2 (2026-05-26)

Bug Fixes

v2.0.0

What's Changed

New Contributors

v1.0.2

What's Changed

New Contributors

v1.0.1: A maintenance release.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 30, 2026 •

edited

Loading