Skip to content

Bump the actions-deps group with 3 updates#39

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-f4f7c7da3a
Closed

Bump the actions-deps group with 3 updates#39
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-f4f7c7da3a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions-deps group with 3 updates: lfreleng-actions/github2gerrit-action, actions/setup-java and lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml.

Updates lfreleng-actions/github2gerrit-action from 1.3.3 to 1.4.1

Release notes

Sourced from lfreleng-actions/github2gerrit-action's releases.

v1.4.1

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

Links

v1.4.0

Downloads for this release

✨ New Features ✨

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

... (truncated)

Commits
  • f21a570 Merge pull request #324 from modeseven-lfreleng-actions/fix/topic-config-docs...
  • 2dc4f97 Fix: Unify Gerrit topic format across push/query
  • 63da4b5 Merge pull request #325 from modeseven-lfreleng-actions/chore/aislop-cleanup
  • e898cf0 Chore: Remove AI-slop comments flagged by aislop
  • 761b950 Merge pull request #323 from modeseven-lfreleng-actions/fix/reusable-workflow...
  • 31a9f6d Fix: Align reusable workflow with action inputs
  • 97cd303 Merge pull request #322 from modeseven-lfreleng-actions/docs/readme-restructure
  • 92103d9 Docs: Restructure README and consolidate docs
  • fcb97b3 Merge pull request #321 from lfreleng-actions/pre-commit-ci-update-config
  • aa111af Chore: pre-commit autoupdate
  • Additional commits viewable in compare view

Updates actions/setup-java from 5.4.0 to 5.5.0

Release notes

Sourced from actions/setup-java's releases.

v5.5.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.5.0

Commits
  • 0f481fc feat: Add distribution detection support to .sdkmanrc file (#975)
  • c4922bf docs: document problem matcher (and how to disable it), Maven Wrapper caching...
  • 6657b99 feat: Add set-default option (#1017)
  • a50fdcc dist: Support Tencent Kona JDK (#672)
  • 77ee41d fix: Maven Toolchains grows unexpectedly (#534)
  • 0765b15 chore(deps-dev): bump eslint-plugin-jest from 29.0.1 to 29.15.4 (#1074)
  • c712b2f Bump prettier from 3.6.2 to 3.9.1 (#1066)
  • 733efae feat: Disable interactiveMode in generated Maven settings.xml (#1052)
  • 6c4d4a5 feat: suppress Maven transfer progress via MAVEN_ARGS by default (add show-do...
  • 324b333 Fix arm64 e2e workflow tests mislabeled as x64 (#1073)
  • Additional commits viewable in compare view

Updates lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml from 0.7.2 to 0.7.4

Release notes

Sourced from lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml's releases.

v0.7.4

Downloads for this release

🔧 Maintenance 🔧

  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#751)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.6.1 to 0.7.2 @dependabot[bot] (#753)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#754)
  • Chore: Bump github/codeql-action/init from 4.36.2 to 4.36.3 @dependabot[bot] (#752)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#755)
  • Chore: Bump dorny/paths-filter from 4.0.1 to 4.0.2 @dependabot[bot] (#756)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#750)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#757)
  • Chore: Bump docker/build-push-action from 7.2.0 to 7.3.0 @dependabot[bot] (#758)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#760)
  • Chore: Bump lfreleng-actions/credential-load-action from 1.0.0 to 1.1.0 @dependabot[bot] (#759)
  • Chore: Bump lfreleng-actions/zizmor-scan-action from 0.3.0 to 0.3.1 @dependabot[bot] (#761)
  • Chore: Bump github/codeql-action/upload-sarif from 4.36.2 to 4.36.3 @dependabot[bot] (#762)
  • Chore: pre-commit linting updates @pre-commit-ci[bot] (#765)
  • Chore: Bump jordanconway/package-manager-hardening from 0.4.2 to 0.4.3 @dependabot[bot] (#763)
  • Chore: Bump github/codeql-action/analyze from 4.36.2 to 4.36.3 @dependabot[bot] (#764)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#769)
  • Chore: Bump github/codeql-action/upload-sarif from 4.36.3 to 4.37.0 @dependabot[bot] (#770)
  • Chore: Bump github/codeql-action/analyze from 4.36.3 to 4.37.0 @dependabot[bot] (#768)
  • Chore: Bump step-security/harden-runner from 2.19.4 to 2.20.0 @dependabot[bot] (#771)
  • Chore: Bump lfreleng-actions/credential-load-action from 1.1.0 to 2.0.0 @dependabot[bot] (#767)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#772)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#773)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#775)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#774)
  • Chore: Bump github/codeql-action/init from 4.36.3 to 4.37.0 @dependabot[bot] (#776)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#778)
  • Chore: Bump actions/setup-java from 5.4.0 to 5.5.0 @dependabot[bot] (#777)
  • Chore: Bump lfreleng-actions/zizmor-scan-action from 0.3.1 to 0.4.0 @dependabot[bot] (#779)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#780)

Links

v0.7.3

Downloads for this release

🔧 Maintenance 🔧

Links

Commits
  • 5fa62e3 Merge pull request #780 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • 34d94b1 Merge pull request #779 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 70d4d84 Merge pull request #777 from lfit/dependabot/github_actions/actions/setup-jav...
  • 55039c6 Merge pull request #778 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • d940c57 Merge pull request #776 from lfit/dependabot/github_actions/github/codeql-act...
  • 57c5c52 Merge pull request #774 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • a54a16e Merge pull request #775 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • 66b4a1c Merge pull request #773 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • aa3ba13 Merge pull request #772 from lfit/dependabot/github_actions/lfit/releng-reusa...
  • f463514 Merge pull request #767 from lfit/dependabot/github_actions/lfreleng-actions/...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions-deps group with 3 updates: [lfreleng-actions/github2gerrit-action](https://github.com/lfreleng-actions/github2gerrit-action), [actions/setup-java](https://github.com/actions/setup-java) and [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows).


Updates `lfreleng-actions/github2gerrit-action` from 1.3.3 to 1.4.1
- [Release notes](https://github.com/lfreleng-actions/github2gerrit-action/releases)
- [Commits](lfreleng-actions/github2gerrit-action@f44c168...f21a570)

Updates `actions/setup-java` from 5.4.0 to 5.5.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@1bcf9fb...0f481fc)

Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.7.2 to 0.7.4
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@fd3c1b4...5fa62e3)

---
updated-dependencies:
- dependency-name: lfreleng-actions/github2gerrit-action
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/setup-java
  dependency-version: 5.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml
  dependency-version: 0.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 10, 2026
@github-actions

Copy link
Copy Markdown

PR: #39
Mode: squash
Topic: GH-controller-39
Change-Ids:
I4b0c600ccb6ea63669b5e90c67caede8f2ea3f64
Digest: ec97a47a23a8
GitHub-Hash: d2ea05c15c6b9292

Note: This metadata is also included in the Gerrit commit message for reconciliation.

@github-actions

Copy link
Copy Markdown

Change raised in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/controller/+/123908

odl-github pushed a commit that referenced this pull request Jul 10, 2026
Bumps the actions-deps group with 3 updates: [lfreleng-actions/github2gerrit-action](https://github.com/lfreleng-actions/github2gerrit-action), [actions/setup-java](https://github.com/actions/setup-java) and [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows).
Updates `lfreleng-actions/github2gerrit-action` from 1.3.3 to 1.4.1
- [Release notes](https://github.com/lfreleng-actions/github2gerrit-action/releases)
- [Commits](lfreleng-actions/github2gerrit-action@f44c168...f21a570)
Updates `actions/setup-java` from 5.4.0 to 5.5.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@1bcf9fb...0f481fc)
Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.7.2 to 0.7.4
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@fd3c1b4...5fa62e3)

Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: I4b0c600ccb6ea63669b5e90c67caede8f2ea3f64
GitHub-PR: #39
GitHub-Hash: d2ea05c15c6b9292
Signed-off-by: gh2gerrit <releng+odl-gh2gerrit@linuxfoundation.org>
@github-actions

Copy link
Copy Markdown

Automated PR Closure

This pull request has been automatically closed by GitHub2Gerrit.

The corresponding Gerrit change has been accepted and merged ✅

The changes from this PR are now part of the main codebase in Gerrit.


This is an automated action performed by the GitHub2Gerrit tool.

@github-actions github-actions Bot closed this Jul 10, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/github_actions/actions-deps-f4f7c7da3a branch July 10, 2026 09:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Development

Successfully merging this pull request may close these issues.

0 participants