Bump the "all" group with 2 updates across multiple ecosystems by dependabot[bot] · Pull Request #935 · licensee/licensed

dependabot · 2026-01-19T08:50:04Z

Bumps the all group with 5 updates:

Package	From	To
actions/setup-node	`6.1.0`	`6.2.0`
haskell-actions/setup	`2.10.1`	`2.10.3`
actions/cache	`5.0.1`	`5.0.2`
actions/setup-go	`6.1.0`	`6.2.0`
actions/setup-dotnet	`5.0.1`	`5.1.0`

Updates actions/setup-node from 6.1.0 to 6.2.0

Release notes

Sourced from actions/setup-node's releases.

v6.2.0

What's Changed

Documentation

Documentation update related to absence of Lockfile by @mahabaleshwars in actions/setup-node#1454

Correct mirror option typos by @MikeMcC399 in actions/setup-node#1442

Readme update on checkout version v6 by @deining in actions/setup-node#1446

Readme typo fixes @munyari in actions/setup-node#1226

Advanced document update on checkout version v6 by @aparnajyothi-y in actions/setup-node#1468

Dependency updates:

Upgrade @actions/cache to v5.0.1 by @salmanmkc in actions/setup-node#1449

New Contributors

@mahabaleshwars made their first contribution in actions/setup-node#1454

@MikeMcC399 made their first contribution in actions/setup-node#1442

@deining made their first contribution in actions/setup-node#1446

@munyari made their first contribution in actions/setup-node#1226

Full Changelog: actions/setup-node@v6...v6.2.0

Commits

6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
8e49463 Fix README typo (#1226)
621ac41 README.md: bump to latest released checkout version v6 (#1446)
2951748 Bump @actions/cache to v5.0.1 (#1449)
21ddc7b Correct mirror option typos (#1442)
65d868f Update Documentation for Lockfile (#1454)
See full diff in compare view

Updates haskell-actions/setup from 2.10.1 to 2.10.3

Release notes

Sourced from haskell-actions/setup's releases.

v2.10.3

Add Stack 3.9.1

What's Changed

Add Stack 3.9.1 by @andreasabel in haskell-actions/setup#138

Full Changelog: haskell-actions/setup@v2.10.2...v2.10.3

v2.10.2

Remove GHCup vanilla channel from defaults

What's Changed

Remove GHCup vanilla channel from defaults by @andreasabel in haskell-actions/setup#137

Full Changelog: haskell-actions/setup@v2.10.1...v2.10.2

Commits

f9150cb Add Stack 3.9.1
dc63c94 Remove GHCup vanilla channel from defaults
See full diff in compare view

Updates actions/cache from 5.0.1 to 5.0.2

Release notes

Sourced from actions/cache's releases.

v.5.0.2

v5.0.2

What's Changed

When creating cache entries, 429s returned from the cache service will not be retried.

Changelog

Sourced from actions/cache's changelog.

Releases

Changelog

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

Bump @actions/cache to v4.1.0

4.2.4

Bump @actions/cache to v4.0.5

4.2.3

Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

Bump @actions/cache to v4.0.2

4.2.1

Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

... (truncated)

Commits

8b402f5 Merge pull request #1692 from GhadimiR/main
304ab5a license for httpclient
609fc19 Update licensed record for cache
b22231e Build
93150cd Add PR link to releases
9b8ca9f Bump actions/cache to 5.0.3
See full diff in compare view

Updates actions/setup-go from 6.1.0 to 6.2.0

Release notes

Sourced from actions/setup-go's releases.

v6.2.0

What's Changed

Enhancements

Example for restore-only cache in documentation by @aparnajyothi-y in actions/setup-go#696

Update Node.js version in action.yml by @ccoVeille in actions/setup-go#691

Documentation update of actions/checkout by @deining in actions/setup-go#683

Dependency updates

Upgrade js-yaml from 3.14.1 to 3.14.2 by @dependabot in actions/setup-go#682

Upgrade @actions/cache to v5 by @salmanmkc in actions/setup-go#695

Upgrade actions/checkout from 5 to 6 by @dependabot in actions/setup-go#686

Upgrade qs from 6.14.0 to 6.14.1 by @dependabot in actions/setup-go#703

New Contributors

@ccoVeille made their first contribution in actions/setup-go#691

@deining made their first contribution in actions/setup-go#683

Full Changelog: actions/setup-go@v6...v6.2.0

Commits

7a3fe6c Bump qs from 6.14.0 to 6.14.1 (#703)
b9adafd Bump actions/checkout from 5 to 6 (#686)
d73f6bc README.md: correct to actions/checkout@v6 (#683)
ae252ee Bump @actions/cache to v5 (#695)
bf7446a Bump js-yaml from 3.14.1 to 3.14.2 (#682)
02aadfe Fix Node.js version in action.yml (#691)
4aaadf4 Example for restore-only cache in documentation (#696)
See full diff in compare view

Updates actions/setup-dotnet from 5.0.1 to 5.1.0

Release notes

Sourced from actions/setup-dotnet's releases.

v5.1.0

What's Changed

Documentation

Readme update for environment variable on self hosted linux runners by @priya-kinthali in actions/setup-dotnet#689

Contributor icon updates by @Falco20019 in actions/setup-dotnet#604

Dependency updates

Upgrade actions/checkout from 5 to 6 by @dependabot in actions/setup-dotnet#684

Upgrade to latest actions packages by @salmanmkc in actions/setup-dotnet#687

Upgrade dependencies in testproject and checkout in Readme by @priya-kinthali in actions/setup-dotnet#692

New Contributors

@priya-kinthali made their first contribution in actions/setup-dotnet#689

@Falco20019 made their first contribution in actions/setup-dotnet#604

Full Changelog: actions/setup-dotnet@v5...v5.1.0

Commits

baa11fb Bump test dependencies to resolve System.Net.Http vulnerability, update workf...
24ec4f2 Upgrade to latest actions packages (#687)
4c100cb Fix icons (#604)
25328d8 Bump actions/checkout from 5 to 6 (#684)
937b8dd Update README with note on setting DOTNET_INSTALL_DIR for Linux permission is...
See full diff in compare view

Bumps the all group with 2 updates: thor and parser.

Updates thor from 1.4.0 to 1.5.0

Release notes

Sourced from thor's releases.

1.5.0

What's Changed

Add specs and linter documentation by @hlascelles in rails/thor#907

Add tree command by @hlascelles in rails/thor#906

feat: support insert_into_file erroring if the file is not changed, and add insert_into_file by @G-Rath in rails/thor#908

support THOR_MERGE values with arguments by @rafaelfranca in rails/thor#910

Hidden commands should not make an invocation ambiguous by @deivid-rodriguez in rails/thor#911

Set frozen_string_literal: true in colors.rb by @tenderlove in rails/thor#913

fix encoding error when running a merge tool by @moritzschepp in rails/thor#916

New Contributors

@tenderlove made their first contribution in rails/thor#913

@dependabot[bot] made their first contribution in rails/thor#912

@moritzschepp made their first contribution in rails/thor#916

Full Changelog: rails/thor@v1.4.0...v1.5.0

Commits

6a680f2 Prepare for 1.5.0
615b0c2 Merge pull request #919 from rails/rmf-ci
f16a2db Unlock bundler development dependency
7b99536 Test with Ruby 4.0
2a1eecb Merge pull request #918 from rails/dependabot/github_actions/actions/checkout-6
ed9ffca Merge pull request #916 from moritzschepp/ec-encoding
5b85a33 Bump actions/checkout from 5 to 6
2e2b684 fix encoding error when running a merge tool
b2d98fe Remove whatisthor.com references
17a3be9 Merge pull request #912 from rails/dependabot/github_actions/actions/checkout-5
Additional commits viewable in compare view

Updates parser from 3.3.10.0 to 3.3.10.1

Changelog

Sourced from parser's changelog.

v3.3.10.1 (2026-01-15)

API modifications:

Bump maintenance branches to 3.2.10 (#1085) (Koichi ITO)

Commits

ded4fc8 Bump version
603480d * Bump maintenance branches to 3.2.10 (#1085)
c1900f8 Relax Bundler version for development (#1086)
9520c3a Update changelog.
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/setup-node](https://github.com/actions/setup-node) | `6.1.0` | `6.2.0` | | [haskell-actions/setup](https://github.com/haskell-actions/setup) | `2.10.1` | `2.10.3` | | [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.2` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.1.0` | `6.2.0` | | [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.0.1` | `5.1.0` | Updates `actions/setup-node` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@395ad32...6044e13) Updates `haskell-actions/setup` from 2.10.1 to 2.10.3 - [Release notes](https://github.com/haskell-actions/setup/releases) - [Commits](haskell-actions/setup@7786314...f9150cb) Updates `actions/cache` from 5.0.1 to 5.0.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@9255dc7...8b402f5) Updates `actions/setup-go` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4dc6199...7a3fe6c) Updates `actions/setup-dotnet` from 5.0.1 to 5.1.0 - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@2016bd2...baa11fb) build(deps): bump the all group with 2 updates Bumps the all group with 2 updates: [thor](https://github.com/rails/thor) and [parser](https://github.com/whitequark/parser). Updates `thor` from 1.4.0 to 1.5.0 - [Release notes](https://github.com/rails/thor/releases) - [Commits](rails/thor@v1.4.0...v1.5.0) Updates `parser` from 3.3.10.0 to 3.3.10.1 - [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md) - [Commits](whitequark/parser@v3.3.10.0...v3.3.10.1) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: haskell-actions/setup dependency-version: 2.10.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/cache dependency-version: 5.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/setup-go dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/setup-dotnet dependency-version: 5.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: thor dependency-version: 1.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: parser dependency-version: 3.3.10.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

Generated by https://github.com/licensee/licensed/blob/main/.github/workflows/licensed.yml

github-actions · 2026-01-19T08:50:34Z

The licensed-ci GitHub Action has created a pull request containing license metadata updates based on the changes in this branch.

Please review the pull request for any additional changes required and merge when ready.

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jan 19, 2026

Auto-update license files for PR #935

0ebf451

Generated by https://github.com/licensee/licensed/blob/main/.github/workflows/licensed.yml

github-actions Bot mentioned this pull request Jan 19, 2026

License updates for dependabot/all-a53900ec60 #936

Merged

Merge pull request #936 from licensee/dependabot/all-a53900ec60-licenses

760d4d3

MikeMcQuaid enabled auto-merge January 19, 2026 08:57

MikeMcQuaid approved these changes Jan 19, 2026

View reviewed changes

MikeMcQuaid merged commit fcf3367 into main Jan 19, 2026
46 checks passed

MikeMcQuaid deleted the dependabot/all-a53900ec60 branch January 19, 2026 09:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the "all" group with 2 updates across multiple ecosystems#935

Bump the "all" group with 2 updates across multiple ecosystems#935
MikeMcQuaid merged 3 commits into
mainfrom
dependabot/all-a53900ec60

dependabot Bot commented on behalf of github Jan 19, 2026

Uh oh!

github-actions Bot commented Jan 19, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jan 19, 2026

v6.2.0

What's Changed

Documentation

Dependency updates:

New Contributors

v2.10.3

What's Changed

v2.10.2

What's Changed

v.5.0.2

v5.0.2

What's Changed

Releases

Changelog

5.0.2

5.0.1

5.0.0

4.3.0

4.2.4

4.2.3

4.2.2

4.2.1

4.2.0

v6.2.0

What's Changed

Enhancements

Dependency updates

New Contributors

v5.1.0

What's Changed

Documentation

Dependency updates

New Contributors

1.5.0

What's Changed

New Contributors

v3.3.10.1 (2026-01-15)

Uh oh!

github-actions Bot commented Jan 19, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

1 participant