chore(deps): bump actions/cache from 5.0.2 to 5.0.3 by dependabot[bot] · Pull Request #5912 · external-secrets/external-secrets

dependabot · 2026-02-02T08:40:26Z

Bumps actions/cache from 5.0.2 to 5.0.3.

Release notes

Sourced from actions/cache's releases.

v5.0.3

What's Changed

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

Full Changelog: actions/cache@v5...v5.0.3

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

Bump @actions/cache to v4.1.0

... (truncated)

Commits

cdf6c1f Merge pull request #1695 from actions/Link-/prepare-5.0.3
a1bee22 Add review for the @actions/http-client license
4695763 Add licensed output
dc73bb9 Upgrade dependencies and address security warnings
345d5c2 Add 5.0.3 builds
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

coderabbitai · 2026-02-02T08:40:42Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🔍 Trigger a full review

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Bumps [actions/cache](https://github.com/actions/cache) from 5.0.2 to 5.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@8b402f5...cdf6c1f) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-02-02T09:29:15Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

…#5912) Bumps [actions/cache](https://github.com/actions/cache) from 5.0.2 to 5.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@8b402f5...cdf6c1f) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Nattapong Ekudomsuk <nuttapong_mos@hotmail.com>

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://github.com/external-secrets/external-secrets) | minor | `1.2.1` → `1.3.2` | --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v1.3.2`](https://github.com/external-secrets/external-secrets/releases/tag/v1.3.2) [Compare Source](external-secrets/external-secrets@v1.3.1...v1.3.2) Image: `ghcr.io/external-secrets/external-secrets:v1.3.2` Image: `ghcr.io/external-secrets/external-secrets:v1.3.2-ubi` Image: `ghcr.io/external-secrets/external-secrets:v1.3.2-ubi-boringssl`  #### What's Changed ##### General - chore: release helm chart for v1.3.1 by [@Skarlso](https://github.com/Skarlso) in [#5860](external-secrets/external-secrets#5860) - chore(chart): Add missing tests for readinessProbe by [@jcpunk](https://github.com/jcpunk) in [#5769](external-secrets/external-secrets#5769) - docs: Update FluxCD example by [@umizoom](https://github.com/umizoom) in [#5862](external-secrets/external-secrets#5862) - fix(ci): Removed the unused check for Windows in Makefile by [@HauptJ](https://github.com/HauptJ) in [#5870](external-secrets/external-secrets#5870) - docs(release): Add actual dates for EOL of 1.x releases in stability and support page by [@n4zukker](https://github.com/n4zukker) in [#5889](external-secrets/external-secrets#5889) - docs: Passbolt provider maintenance ownership by [@stripthis](https://github.com/stripthis) in [#5886](external-secrets/external-secrets#5886) - chore: Update Passbolt MaintenanceStatus to MaintenanceStatusMaintained by [@stripthis](https://github.com/stripthis) in [#5887](external-secrets/external-secrets#5887) - fix(security): sanitize json.Unmarshal errors to prevent secret data … by [@moolen](https://github.com/moolen) in [#5884](external-secrets/external-secrets#5884) - fix: webhook initialization order by [@gusfcarvalho](https://github.com/gusfcarvalho) in [#5901](external-secrets/external-secrets#5901) - chore: Cleanup flags by [@evrardj-roche](https://github.com/evrardj-roche) in [#5845](external-secrets/external-secrets#5845) - fix: onepasswordsdk shared tenant by altering the provider in the client cache by [@Skarlso](https://github.com/Skarlso) in [#5921](external-secrets/external-secrets#5921) ##### Dependencies - chore(deps): bump github/codeql-action from 4.31.10 to 4.31.11 by [@dependabot](https://github.com/dependabot)\[bot] in [#5873](external-secrets/external-secrets#5873) - chore(deps): bump pymdown-extensions from 10.20 to 10.20.1 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5877](external-secrets/external-secrets#5877) - chore(deps): bump markdown from 3.10 to 3.10.1 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5880](external-secrets/external-secrets#5880) - chore(deps): bump ubi9/ubi from `22e9573` to `1f84f5c` by [@dependabot](https://github.com/dependabot)\[bot] in [#5871](external-secrets/external-secrets#5871) - chore(deps): bump actions/setup-python from 6.1.0 to 6.2.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#5872](external-secrets/external-secrets#5872) - chore(deps): bump hashicorp/setup-terraform from [`93d5a27`](external-secrets/external-secrets@93d5a27) to [`dcc3150`](external-secrets/external-secrets@dcc3150) by [@dependabot](https://github.com/dependabot)\[bot] in [#5875](external-secrets/external-secrets#5875) - chore(deps): bump actions/checkout from 6.0.1 to 6.0.2 by [@dependabot](https://github.com/dependabot)\[bot] in [#5876](external-secrets/external-secrets#5876) - chore(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1 by [@dependabot](https://github.com/dependabot)\[bot] in [#5878](external-secrets/external-secrets#5878) - chore(deps): bump anchore/sbom-action from 0.21.1 to 0.22.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#5874](external-secrets/external-secrets#5874) - chore(deps): bump packaging from 25.0 to 26.0 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5879](external-secrets/external-secrets#5879) - chore(deps): bump golang from `d9b2e14` to `98e6cff` by [@dependabot](https://github.com/dependabot)\[bot] in [#5907](external-secrets/external-secrets#5907) - chore(deps): bump alpine from `865b95f` to `2510918` in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5914](external-secrets/external-secrets#5914) - chore(deps): bump docker/login-action from 3.6.0 to 3.7.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#5909](external-secrets/external-secrets#5909) - chore(deps): bump actions/cache from 5.0.2 to 5.0.3 by [@dependabot](https://github.com/dependabot)\[bot] in [#5912](external-secrets/external-secrets#5912) - chore(deps): bump actions/attest-build-provenance from 3.1.0 to 3.2.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#5910](external-secrets/external-secrets#5910) - chore(deps): bump hashicorp/setup-terraform from [`dcc3150`](external-secrets/external-secrets@dcc3150) to [`ce70bcf`](external-secrets/external-secrets@ce70bcf) by [@dependabot](https://github.com/dependabot)\[bot] in [#5911](external-secrets/external-secrets#5911) - chore(deps): bump ubi9/ubi from `1f84f5c` to `c8df11b` by [@dependabot](https://github.com/dependabot)\[bot] in [#5908](external-secrets/external-secrets#5908) - chore(deps): bump alpine from 3.23.2 to 3.23.3 in /e2e by [@dependabot](https://github.com/dependabot)\[bot] in [#5915](external-secrets/external-secrets#5915) - chore(deps): bump alpine from `865b95f` to `2510918` by [@dependabot](https://github.com/dependabot)\[bot] in [#5906](external-secrets/external-secrets#5906) - chore(deps): bump pathspec from 1.0.3 to 1.0.4 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5916](external-secrets/external-secrets#5916) - chore(deps): bump babel from 2.17.0 to 2.18.0 in /hack/api-docs by [@dependabot](https://github.com/dependabot)\[bot] in [#5917](external-secrets/external-secrets#5917) - chore(deps): bump github/codeql-action from 4.31.11 to 4.32.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#5913](external-secrets/external-secrets#5913) #### New Contributors - [@umizoom](https://github.com/umizoom) made their first contribution in [#5862](external-secrets/external-secrets#5862) - [@HauptJ](https://github.com/HauptJ) made their first contribution in [#5870](external-secrets/external-secrets#5870) - [@n4zukker](https://github.com/n4zukker) made their first contribution in [#5889](external-secrets/external-secrets#5889) - [@stripthis](https://github.com/stripthis) made their first contribution in [#5886](external-secrets/external-secrets#5886) **Full Changelog**: <external-secrets/external-secrets@v1.3.1...v1.3.2> ### [`v1.3.1`](https://github.com/external-secrets/external-secrets/releases/tag/v1.3.1) [Compare Source](external-secrets/external-secrets@v1.2.1...v1.3.1) Image: `ghcr.io/external-secrets/external-secrets:v1.3.1` Image: `ghcr.io/external-secrets/external-secrets:v1.3.1-ubi` Image: `ghcr.io/external-secrets/external-secrets:v1.3.1-ubi-boringssl`  For a Full release please referre to <https://github.com/external-secrets/external-secrets/releases/tag/v1.3.0>. This is a fix build for the docker publish flow. #### What's Changed ##### General - fix: ignore the in-toto manifest when promoting the docker build by [@Skarlso](https://github.com/Skarlso) in [#5859](external-secrets/external-secrets#5859) **Full Changelog**: <external-secrets/external-secrets@v1.3.0...v1.3.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: https://kubara.git.onstackit.cloud/STACKIT/kubara/pulls/250

…#5912) Bumps [actions/cache](https://github.com/actions/cache) from 5.0.2 to 5.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@8b402f5...cdf6c1f) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 2, 2026

github-project-automation bot added this to External Secrets Feb 2, 2026

github-actions bot added area/deps kind/chore Categorizes Pull Requests for chore activities (like bumping versions) kind/dependency dependabot and upgrades component/github-actions labels Feb 2, 2026

eso-service-account-app bot approved these changes Feb 2, 2026

View reviewed changes

eso-service-account-app bot enabled auto-merge (squash) February 2, 2026 08:40

github-actions bot added the size/s label Feb 2, 2026

dependabot bot force-pushed the dependabot/github_actions/actions/cache-5.0.3 branch from 42d5ab4 to 09f62ae Compare February 2, 2026 09:28

eso-service-account-app bot merged commit ef41ff2 into main Feb 2, 2026
10 checks passed

eso-service-account-app bot deleted the dependabot/github_actions/actions/cache-5.0.3 branch February 2, 2026 09:28

github-project-automation bot moved this to Done in External Secrets Feb 2, 2026

eso-service-account-app bot approved these changes Feb 2, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump actions/cache from 5.0.2 to 5.0.3#5912

chore(deps): bump actions/cache from 5.0.2 to 5.0.3#5912
eso-service-account-app[bot] merged 1 commit intomainfrom
dependabot/github_actions/actions/cache-5.0.3

dependabot bot commented on behalf of github Feb 2, 2026 •

edited

Loading

Uh oh!

coderabbitai bot commented Feb 2, 2026

Review skipped

Uh oh!

Uh oh!

sonarqubecloud bot commented Feb 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot bot commented on behalf of github Feb 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.0.3

What's Changed

Releases

How to prepare a release

Changelog

5.0.3

5.0.2

5.0.1

5.0.0

4.3.0

Uh oh!

coderabbitai bot commented Feb 2, 2026

Review skipped

Uh oh!

Uh oh!

sonarqubecloud bot commented Feb 2, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Feb 2, 2026 •

edited

Loading