Bump the all-actions group across 1 directory with 16 updates

[dependabot]

Bumps the all-actions group with 16 updates in the / directory:

Package	From	To
actions/checkout	2	6
actions/setup-go	3	6
tj-actions/verify-changed-files	17	20
actions/github-script	3	9
azure/setup-helm	3.3	4.3.0
actions/setup-python	3	6
helm/chart-testing-action	2.7.0	2.8.0
helm/kind-action	1.12.0	1.14.0
docker/login-action	2	4
docker/setup-buildx-action	3	4
docker/build-push-action	4	7
goreleaser/goreleaser-action	6	7
rajatjindal/krew-release-bot	0.0.46	0.0.51
actions/setup-node	4	6
docker/setup-docker-action	4	5
actions/upload-artifact	4	7

Updates actions/checkout from 2 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates actions/setup-go from 3 to 6

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

• Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @​matthewhughes934 in actions/setup-go#460
• Upgrade Nodejs runtime from node20 to node 24 by @​salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot[bot] in actions/setup-go#589
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-go#591
• Upgrade @​typescript-eslint/parser from 8.31.1 to 8.35.1 by @​dependabot[bot] in actions/setup-go#590
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-go#594
• Upgrade typescript from 5.4.2 to 5.8.3 by @​dependabot[bot] in actions/setup-go#538
• Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @​dependabot[bot] in actions/setup-go#603
• Upgrade form-data to bring in fix for critical vulnerability by @​matthewhughes934 in actions/setup-go#618
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-go#631

New Contributors

• @​matthewhughes934 made their first contribution in actions/setup-go#618
• @​salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.6.0

What's Changed

• Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by @​aparnajyothi-y in actions/setup-go#689

Full Changelog: actions/setup-go@v5...v5.6.0

v5.5.0

What's Changed

Bug fixes:

• Update self-hosted environment validation by @​priyagupta108 in actions/setup-go#556
• Add manifest validation and improve error handling by @​priyagupta108 in actions/setup-go#586
• Update template link by @​jsoref in actions/setup-go#527

Dependency updates:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in actions/setup-go#574
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in actions/setup-go#573
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-go#582
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot in actions/setup-go#537

New Contributors

• @​jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

... (truncated)

Commits

• 4a36011 docs: fix Microsoft build of Go link (#734)
• 8f19afc feat: add go-download-base-url input for custom Go distributions (#721)
• 27fdb26 Bump minimatch from 3.1.2 to 3.1.5 (#727)
• def8c39 Rearrange README.md, add advanced-usage.md (#724)
• 4b73464 Fix golang download url to go.dev (#469)
• a5f9b05 Update default Go module caching to use go.mod (#705)
• 7a3fe6c Bump qs from 6.14.0 to 6.14.1 (#703)
• b9adafd Bump actions/checkout from 5 to 6 (#686)
• d73f6bc README.md: correct to actions/checkout@v6 (#683)
• ae252ee Bump @​actions/cache to v5 (#695)
• Additional commits viewable in compare view

Updates tj-actions/verify-changed-files from 17 to 20

Release notes

Sourced from tj-actions/verify-changed-files's releases.

v20

Changes in v20.0.4

What's Changed

• Upgraded to v20.0.3 by @​jackton1 in tj-actions/verify-changed-files#470

Full Changelog: tj-actions/verify-changed-files@v20...v20.0.4

---

Changes in v20.0.3

What's Changed

• Upgraded to v20.0.2 by @​jackton1 in tj-actions/verify-changed-files#468
• chore: pin github actions by @​jackton1 in tj-actions/verify-changed-files#469

Full Changelog: tj-actions/verify-changed-files@v20...v20.0.3

---

Changes in v20.0.2

What's Changed

• Upgraded to v20.0.1 by @​tj-actions-bot in tj-actions/verify-changed-files#428
• chore(deps): update actions/checkout action to v4.1.6 by @​renovate in tj-actions/verify-changed-files#429
• Bump actions/checkout from 4.1.4 to 4.1.6 by @​dependabot in tj-actions/verify-changed-files#430
• chore(deps): update actions/checkout digest to 0ad4b8f by @​renovate in tj-actions/verify-changed-files#431
• chore(deps): update actions/checkout digest to a5ac7e5 by @​renovate in tj-actions/verify-changed-files#432
• chore(deps): update reviewdog/action-shellcheck action to v1.21 by @​renovate in tj-actions/verify-changed-files#433
• chore(deps): update actions/checkout action to v4.1.7 by @​renovate in tj-actions/verify-changed-files#434
• chore(deps): update actions/checkout digest to 692973e by @​renovate in tj-actions/verify-changed-files#436
• chore(deps): update peter-evans/create-pull-request action to v6.1.0 by @​renovate in tj-actions/verify-changed-files#439
• chore(deps): update reviewdog/action-shellcheck action to v1.22 by @​renovate in tj-actions/verify-changed-files#437
• chore(deps): update reviewdog/action-shellcheck action to v1.23 by @​renovate in tj-actions/verify-changed-files#440
• chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.5 by @​renovate in tj-actions/verify-changed-files#445
• chore: Update test.yml by @​jackton1 in tj-actions/verify-changed-files#444
• chore(deps): update reviewdog/action-shellcheck action to v1.24 by @​renovate in tj-actions/verify-changed-files#442
• chore(deps): update reviewdog/action-shellcheck action to v1.25 by @​renovate in tj-actions/verify-changed-files#447
• chore(deps): update reviewdog/action-shellcheck action to v1.26 by @​renovate in tj-actions/verify-changed-files#448
• chore(deps): update peter-evans/create-pull-request action to v7 by @​renovate in tj-actions/verify-changed-files#449
• chore(deps): update peter-evans/create-pull-request action to v7.0.1 by @​renovate in tj-actions/verify-changed-files#451
• chore(deps): update peter-evans/create-pull-request action to v7.0.2 by @​renovate in tj-actions/verify-changed-files#452
• chore(deps): update reviewdog/action-shellcheck action to v1.27 by @​renovate in tj-actions/verify-changed-files#453
• chore(deps): update peter-evans/create-pull-request action to v7.0.3 by @​renovate in tj-actions/verify-changed-files#454
• chore(deps): update peter-evans/create-pull-request action to v7.0.4 by @​renovate in tj-actions/verify-changed-files#455
• chore(deps): update peter-evans/create-pull-request action to v7.0.5 by @​renovate in tj-actions/verify-changed-files#456
• chore(deps): update actions/checkout action to v4.2.0 by @​renovate in tj-actions/verify-changed-files#457
• chore(deps): update actions/checkout digest to eef6144 by @​renovate in tj-actions/verify-changed-files#458
• chore(deps): update actions/checkout action to v4.2.1 by @​renovate in tj-actions/verify-changed-files#459
• chore(deps): update actions/checkout digest to 11bd719 by @​renovate in tj-actions/verify-changed-files#460
• chore(deps): update actions/checkout action to v4.2.2 by @​renovate in tj-actions/verify-changed-files#461

... (truncated)

Changelog

Sourced from tj-actions/verify-changed-files's changelog.

20.0.4 - (2025-03-23)

⬆️ Upgrades

• Upgraded to v20.0.3 (#470)

• Upgraded from v20.0.2 -> v20.0.3

• Update sync-release-version.yml

• Update README.md

• Update update-readme.yml

• Update sync-release-version.yml (a1c6ace) - (Tonye Jack)

20.0.3 - (2025-03-23)

⚙️ Miscellaneous Tasks

• Pin github actions (#469) (418a055) - (Tonye Jack)

⬆️ Upgrades

• Upgraded from v20.0.1 -> v20.0.2 (#468)

(a661f7f) - (Tonye Jack)

20.0.2 - (2025-03-15)

📦 Bumps

• Bump actions/checkout from 4.1.4 to 4.1.6 (#430)

Bumps actions/checkout from 4.1.4 to 4.1.6.

• Release notes
• Changelog
• Commits

---

updated-dependencies:

• dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@​users.noreply.github.com> (a6ccf5c) - (dependabot[bot])

Commits

• a1c6ace Upgraded to v20.0.3 (#470)
• 418a055 chore: pin github actions (#469)
• a661f7f Upgraded from v20.0.1 -> v20.0.2 (#468)
• 9437562 Deleted renovate.json
• f7c3c73 chore(deps): update peter-evans/create-pull-request action to v7.0.8 (#466)
• 4a35708 chore(deps): update peter-evans/create-pull-request action to v7.0.7 (#465)
• 6b59fb7 chore(deps): update reviewdog/action-shellcheck action to v1.29 (#464)
• 21026c9 chore(deps): update peter-evans/create-pull-request action to v7.0.6 (#463)
• dc57d45 chore(deps): update reviewdog/action-shellcheck action to v1.28 (#462)
• 530d86d chore(deps): update actions/checkout action to v4.2.2
• Additional commits viewable in compare view

Updates actions/github-script from 3 to 9

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in actions/github-script#695
• ci: use deployment: false for integration test environments by @​salmanmkc in actions/github-script#712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in actions/github-script#700

New Contributors

• @​Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

v8.0.0

What's Changed

• Update Node.js version support to 24.x by @​salmanmkc in actions/github-script#637
• README for updating actions/github-script from v7 to v8 by @​sneha-krip in actions/github-script#653

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

• @​salmanmkc made their first contribution in actions/github-script#637
• @​sneha-krip made their first contribution in actions/github-script#653

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

• Upgrade husky to v9 by @​benelan in actions/github-script#482
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/github-script#485
• Upgrade IA Publish by @​Jcambass in actions/github-script#486
• Fix workflow status badges by @​joshmgross in actions/github-script#497
• Update usage of actions/upload-artifact by @​joshmgross in actions/github-script#512
• Clear up package name confusion by @​joshmgross in actions/github-script#514
• Update dependencies with npm audit fix by @​joshmgross in actions/github-script#515
• Specify that the used script is JavaScript by @​timotk in actions/github-script#478
• chore: Add Dependabot for NPM and Actions by @​nschonni in actions/github-script#472

... (truncated)

Commits

• 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
• ca10bbd fix: use @​octokit/core/types import for v7 compatibility
• 86e48e2 merge: incorporate main branch changes
• c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
• afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
• ff8117e ci: fix user-agent test to handle orchestration ID
• 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
• 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
• c17d55b ci: add getOctokit integration test job
• a047196 test: add getOctokit integration tests via callAsyncFunction
• Additional commits viewable in compare view

Updates azure/setup-helm from 3.3 to 3.5

Release notes

Sourced from azure/setup-helm's releases.

v3.5 release

Bump @​actions/core version to remove output warning.

v3.4 release

Improves the querying method to find the latest Helm release. Takes advantage of new GitHub api changes.

Commits

• 5119fcb v3 new release (#104)
• f382f75 v3 new release (#101)
• See full diff in compare view

Updates actions/setup-python from 3 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

• Add support for pip-version by @​priyagupta108 in actions/setup-python#1129
• Enhance reading from .python-version by @​krystof-k in actions/setup-python#787
• Add version parsing from Pipfile by @​aradkdj in actions/setup-python#1067

Bug fixes:

• Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @​aparnajyothi-y in actions/setup-python#1183
• Change missing cache directory error to warning by @​aparnajyothi-y in actions/setup-python#1182
• Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @​aparnajyothi-y in actions/setup-python#1122
• Include python version in PyPy python-version output by @​cdce8p in actions/setup-python#1110
• Update docs: clarification on pip authentication with setup-python by @​priya-kinthali in actions/setup-python#1156

Dependency updates:

• Upgrade idna from 2.9 to 3.7 in /tests/data by @​dependabot[bot] in actions/setup-python#843
• Upgrade form-data to fix critical vulnerabilities #182 & #183 by @​aparnajyothi-y in actions/setup-python#1163
• Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @​aparnajyothi-y in actions/setup-python#1165
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-python#1181
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-python#1095

New Contributors

• @​krystof-k made their first contribution in actions/setup-python#787
• @​cdce8p made their first contribution in actions/setup-python#1110
• @​aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

• Workflow updates related to Ubuntu 20.04 by @​aparnajyothi-y in actions/setup-python#1065
• Fix for Candidate Not Iterable Error by @​aparnajyothi-y in actions/setup-python#1082
• Upgrade semver and @​types/semver by @​dependabot in actions/setup-python#1091
• Upgrade prettier from 2.8.8 to 3.5.3 by @​dependabot in actions/setup-python#1046
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

• Support free threaded Python versions like '3.13t' by @​colesbury in actions/setup-python#973
• Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @​action/cache from 4.0.0 to 4.0.3 by @​priya-kinthali in actions/setup-python#1056
• Add support for .tool-versions file in setup-python by @​mahabaleshwars in actions/setup-python#1043

Bug fixes:

• Fix architecture for pypy on Linux ARM64 by @​mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

• a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
• bfe8cc5 Upgrade @​actions dependencies to Node 24 compatible versions (#1259)
• 4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
• 83679a8 Bump @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
• bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
• 97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
• 443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
• cfd55ca graalpy: add graalpy early-access and windows builds (#880)
• bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
• 18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
• Additional commits viewable in compare view

Updates helm/chart-testing-action from 2.7.0 to 2.8.0

Release notes

Sourced from helm/chart-testing-action's releases.

v2.8.0

What's Changed

• Bump the actions group across 1 directory with 4 updates by @​dependabot[bot] in helm/chart-testing-action#171
• Fix the broken link for GitHub Help Documentation by @​subramani95 in helm/chart-testing-action#174
• bump ct and yamale version by @​cpanato in helm/chart-testing-action#178
• Bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in helm/chart-testing-action#181
• Bump actions/setup-python from 5.4.0 to 6.0.0 by @​dependabot[bot] in helm/chart-testing-action#179
• Bump the actions group across 1 directory with 2 updates by @​dependabot[bot] in helm/chart-testing-action#183
• Use uv instead of python venv by @​nikolaik in helm/chart-testing-action#172
• Bump sigstore/cosign-installer from 3.8.1 to 4.0.0 by @​dependabot[bot] in helm/chart-testing-action#184

New Contributors

• @​subramani95 made their first contribution in helm/chart-testing-action#174
• @​nikolaik made their first contribution in helm/chart-testing-action#172

Full Changelog: helm/chart-testing-action@v2...v2.8.0

Commits

• 6ec842c Bump sigstore/cosign-installer from 3.8.1 to 4.0.0 (#184)
• 4ea74f6 Use uv instead of python venv (#172)
• b0c0606 Bump the actions group across 1 directory with 2 updates (#183)
• 0bfa5c0 Bump actions/setup-python from 5.4.0 to 6.0.0 (#179)
• e27de75 Bump actions/checkout from 4.2.2 to 5.0.0 (#181)
• 2fe8321 bump ct and yamale version (#178)
• 0941a6b Fix the broken link for GitHub Help Documentation (#174)
• c71c0c7 Bump the actions group across 1 directory with 4 updates (#171)
• See full diff in compare view

Updates helm/kind-action from 1.12.0 to 1.14.0

Release notes

Sourced from helm/kind-action's releases.

v1.14.0

What's Changed

• Bump actions/checkout from 5.0.0 to 6.0.1 by @​dependabot[bot] in helm/kind-action#153
• bump kind to v0.31.0 and k8s to v1.35.0 by @​MrFreezeex in helm/kind-action#155
• Bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by @​dependabot[bot] in helm/kind-action#156

New Contributors

• @​MrFreezeex made their first contribution in helm/kind-action#155

Full Changelog: helm/kind-action@v1...v1.14.0

v1.13.0

What's Changed

• chore: verify sha256sum of kubectl by @​felix-kaestner in helm/kind-action#134
• Load GITHUB_PATH in PATH to use correct binaries when creating registry by Description has been truncated

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a786cea388

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Avoid downgrading setup-helm in helm workflow

This change moves azure/setup-helm from v4.3.0 to v3.5 in the Helm CI job, which is a major-version downgrade inside a dependency-bump commit. That reintroduces older action code and drops fixes/features from the previously used v4 line, so the workflow no longer gets the intended dependency update level and may regress over time. Keeping this workflow on the v4 series (or bumping forward) would align with the rest of the upgrade set.

Useful? React with 👍 / 👎.

[kevin85421]

Hi @dentiny, is this PR opened by #4848? The downgrade looks weird.

[dentiny]

let me check

[dentiny]

Currently we're using multiple setup-helm versions in the repo, see

My guess is, dependabot is not able to resolve the version bump if multiple versions exist for the same "package".
Someone reported a similar issue earlier: dependabot/dependabot-core#14622
I pushed a new commit to this PR, which manually upgrades it to latest, should be good later on.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 5697435. Configure here.}

[cursor]

Wrong azure/setup-helm version: v4.3.0 instead of v3.5

Low Severity

The PR description states that azure/setup-helm is being bumped from v3.3 to v3.5 (a minor patch bump), but the actual code changes it to v4.3.0 — a major version jump. While v4.3.0 is a valid release and the explicit version: v3.9.4 pin mitigates the known v4 issue of auto-installing Helm v4.x binaries, this doesn't match the PR's stated intent and could mislead reviewers into thinking this is a safe minor bump.

 

^{Reviewed by Cursor Bugbot for commit 5697435. Configure here.}

[dentiny]

Yes, it's intended -- PR description updated to reflect the actual version bump.