Skip to content

Bump the gha-dependencies group with 2 updates #6901

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the gha-dependencies group with 2 updates #6901

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 1, 2025
edited
Loading

Bumps the gha-dependencies group with 2 updates: docker/bake-action and astral-sh/setup-uv.

Updates docker/bake-action from 5 to 6

Release notes

Sourced from docker/bake-action's releases.

v6.0.0

[!IMPORTANT] This major release uses the Git context to build from a remote bake definition by default like docker/build-push-action does to be consistent.

If you're using docker/metadata-action with bake and a remote bake definition, you need to set the cwd:// prefix to combine the remote one with the local one. More info: docker/bake-action#287

If you want to keep the old behavior using the Path context, you need to update your workflow and set source: .

Full Changelog: docker/bake-action@v5.11.0...v6.0.0

v5.13.0

Full Changelog: docker/bake-action@v5.12.0...v5.13.0

v5.12.0

Full Changelog: docker/bake-action@v5.11.0...v5.12.0

v5.11.0

list-targets subaction changes:

Full Changelog: docker/bake-action@v5.10.0...v5.11.0

v5.10.0

Full Changelog: docker/bake-action@v5.9.0...v5.10.0

v5.9.0

Full Changelog: docker/bake-action@v5.8.0...v5.9.0

v5.8.0

... (truncated)

Commits
  • 37816e7 Merge pull request #331 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • f530412 chore: update generated content
  • 4318518 set builder driver and endpoint attributes for dbc summary support
  • 0dc9342 move summary inputs sanitization to state helper
  • 64a5bce chore(deps): Bump @​docker/actions-toolkit from 0.61.0 to 0.62.1
  • 212c367 Merge pull request #325 from crazy-max/history-export-cmd
  • d1ecc3a chore: update generated content
  • ae6e8fe DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export
  • 57dcb4d Bump @​docker/actions-toolkit from 0.59.0 to 0.61.0
  • 76f9fa3 Merge pull request #316 from crazy-max/fix-no-default-attest
  • Additional commits viewable in compare view

Updates astral-sh/setup-uv from 5.2.1 to 6.1.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v6.1.0 🌈

Changes

This release adds the input server-url which defaults to https://github.com. You can set this to a custom url to control where this action downloads the uv release from. This is useful for users of gitea and comparable solutions.

@​sebadevo pointed out that we don't invalidate the cache when the prune-cache input is changed. This leads to unnessecarily big caches. The input is now used to compute the cache key, properly invalidating the cache when it is changed.

[!NOTE]
For most users this release will invalidate the cache once. You will see the known warning no-github-actions-cache-found-for-key This is expected and will only appear once.

🐛 Bug fixes

🚀 Enhancements

🧰 Maintenance

📚 Documentation

  • Add section to README explaining if packages are installed by setup-uv @​pirate (#398)

⬆️ Dependency updates

v6.0.1 🌈 Fix default cache dependency glob

Changes

The new default in v6 used illegal patterns and therefore didn't match requirements files. This is now fixed.

🐛 Bug fixes

... (truncated)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 1, 2025
@dependabot dependabot bot force-pushed the dependabot/github_actions/gha-dependencies-217dd3aace branch 2 times, most recently from 7e0c203 to 42c59f0 Compare June 2, 2025 14:19
@dependabot dependabot bot force-pushed the dependabot/github_actions/gha-dependencies-217dd3aace branch from 42c59f0 to 4bda353 Compare June 11, 2025 16:23
@dependabot dependabot bot force-pushed the dependabot/github_actions/gha-dependencies-217dd3aace branch 3 times, most recently from 6098c31 to 998dca8 Compare June 26, 2025 15:48
@dependabot dependabot bot force-pushed the dependabot/github_actions/gha-dependencies-217dd3aace branch from 998dca8 to 9039d07 Compare August 1, 2025 02:08
@dependabot @GeigerJ2
Bump the gha-dependencies group with 2 updates
614ebba 
Bumps the gha-dependencies group with 2 updates: [docker/bake-action](https://github.com/docker/bake-action) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv).


Updates `docker/bake-action` from 5 to 6
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](docker/bake-action@v5...v6)

Updates `astral-sh/setup-uv` from 5.2.1 to 6.1.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@v5.2.1...v6.1.0)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
- dependency-name: astral-sh/setup-uv
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@GeigerJ2 GeigerJ2 force-pushed the dependabot/github_actions/gha-dependencies-217dd3aace branch from 9039d07 to 614ebba Compare August 19, 2025 10:34
@GeigerJ2 GeigerJ2 requested a review from unkcpz August 19, 2025 10:34
@codecov Codecov
Copy link

codecov bot commented Aug 19, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.04%. Comparing base (5e4da5b) to head (614ebba).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6901      +/-   ##
==========================================
- Coverage   79.05%   79.04%   -0.00%     
==========================================
  Files         566      566              
  Lines       43649    43649              
==========================================
- Hits        34501    34500       -1     
- Misses       9148     9149       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@GeigerJ2
Copy link
Contributor

Maybe @unkcpz or @agoscinski as dependency managers / code owners, can get this in during the coding days?

@GeigerJ2 GeigerJ2 requested a review from agoscinski August 19, 2025 10:36
@danielhollas
Copy link
Collaborator

@dependabot recreate

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 20, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Aug 20, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/gha-dependencies-217dd3aace branch August 20, 2025 16:36
@danielhollas
Copy link
Collaborator

New PR at #6981

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@unkcpz unkcpz Awaiting requested review from unkcpz

@agoscinski agoscinski Awaiting requested review from agoscinski

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
aiida-core v2.7.1
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@GeigerJ2 @danielhollas