Bump the github-actions group with 2 updates#96
Conversation
Bumps the github-actions group with 2 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [max-sixty/tend](https://github.com/max-sixty/tend). Updates `anthropics/claude-code-action` from 1.0.131 to 1.0.133 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](anthropics/claude-code-action@4481e6d...787c5a0) Updates `max-sixty/tend` from 0.0.25 to 0.1.1 - [Release notes](https://github.com/max-sixty/tend/releases) - [Commits](max-sixty/tend@0.0.25...0.1.1) --- updated-dependencies: - dependency-name: anthropics/claude-code-action dependency-version: 1.0.133 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: max-sixty/tend dependency-version: 0.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Deploying mouseterm with
|
| Latest commit: |
c521ccf
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://5c8278b3.mouseterm.pages.dev |
| Branch Preview URL: | https://dependabot-github-actions-gi-6vku.mouseterm.pages.dev |
dormouse-bot
left a comment
dormouse-bot
left a comment
There was a problem hiding this comment.
This overlaps with #93, which upgrades the same eight tend-*.yaml files to max-sixty/tend@0.1.1 via the canonical regeneration (uvx tend@latest init). The two PRs will conflict on those files, so one should be closed as a duplicate.
The tend portion of this PR is an incomplete upgrade. Dependabot only rewrites the uses: pin, so it misses two things that #93 picks up from regenerating the templates:
.github/workflows/tend-triage.yamlkeeps the oldif:condition. #93 regenerates it toif: github.repository_owner == 'diffplug' && contains(github.event.issue.labels.*.name, 'tend-outage') == false(the "skip triage on tend-outage labeled issues" behavior added in 0.1.x). Merging this PR alone bumps the action to 0.1.1 but leaves the triage workflow without that guard.- The
# Generated by tend 0.0.25header comments stay stale across all eight files.
This PR does additionally bump anthropics/claude-code-action in security-audit.yaml, which #93 doesn't touch.
Suggestion: prefer #93 for the tend upgrade (it's the full regeneration), and let the claude-code-action bump land separately. Flagging for a maintainer rather than approving, since deciding which PR to close is a maintainer call.
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
Bot
deleted the
dependabot/github_actions/github-actions-c14b086178
branch
2 participants
Bumps the github-actions group with 2 updates: anthropics/claude-code-action and max-sixty/tend.
Updates
anthropics/claude-code-actionfrom 1.0.131 to 1.0.133Release notes
Sourced from anthropics/claude-code-action's releases.
Commits
787c5a0chore: bump Claude Code to 2.1.150 and Agent SDK to 0.3.1504257c8eUse workload identity federation for Claude auth in CI workflows (#1344)bbfaf8echore: bump Claude Code to 2.1.149 and Agent SDK to 0.3.149Updates
max-sixty/tendfrom 0.0.25 to 0.1.1Commits
a33ecf5chore: release 0.1.1 (#591)a9f39e4skills(running-tend): weekly integration-test recipe (#590)924336bskills(release): keep step 10 on the release branch (#589)acf293cchore: regenerate workflows with tend 0.1.0 (#588)45a5e61chore: release 0.1.0 (#587)d485b95fix: jitter outage-issue dedup to handle concurrent matrix-leg failures (#586)1a3700afix: install-test default-branch probe on shallow checkout (#583)9aa762ffix: pin install-tend badge link to max-sixty/tend (#585)85a63f3skills(review-reviewers): call out commenter-self-edit filters as a non-issue...fdd7b58triage: skip on tend-outage labeled issues (#579)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions