Bump the gh-actions group across 1 directory with 4 updates by dependabot[bot] · Pull Request #82 · rdipardo/vim-cpywrite

dependabot · 2026-04-01T04:03:00Z

Bumps the gh-actions group with 4 updates in the / directory: codecov/codecov-action, rhysd/action-setup-vim, actions/upload-artifact and softprops/action-gh-release.

Updates codecov/codecov-action from 5.5.2 to 6.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @thomasrockhu-codecov in codecov/codecov-action#1929

Th/6.0.0 by @thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @thomasrockhu-codecov in codecov/codecov-action#1926

chore(release): 5.5.4 by @thomasrockhu-codecov in codecov/codecov-action#1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @dependabot[bot] in codecov/codecov-action#1874

chore(release): bump to 5.5.3 by @thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

57e3a13 Th/6.0.0 (#1928)
f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
75cd116 chore(release): 5.5.4 (#1927)
87d39f4 Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" (#1926)
1af5884 chore(release): bump to 5.5.3 (#1922)
c143300 build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (#1874)
See full diff in compare view

Updates rhysd/action-setup-vim from 1.6.0 to 1.6.1

Release notes

Sourced from rhysd/action-setup-vim's releases.

v1.6.1

This is a small patch update for security fixes.

Update major versions of @actions/* packages including some security fixes in HTTP client.

Update glob and js-yaml indirect dependencies for security fixes.

Update the major version of proxy-from-env that disables the support for the legacy npm_config_-prefixed environment variables.

Changelog

Sourced from rhysd/action-setup-vim's changelog.

v1.6.1 - 2026-03-18

This is a small patch update for security fixes.

Update major versions of @actions/* packages including some security fixes in HTTP client.

Update js-yaml indirect dependency for security fix.

Update glob indirect dependency for security fix.

Update the major version of proxy-from-env that disables the support for the legacy npm_config_-prefixed environment variables.

[Changes][v1.6.1]

v1.6.0 - 2025-11-09
Add new vim-dir output which stores the $VIM directory absolute path of the installation. See :help $VIM for more details about the directory. This output is useful to locate where the Vim/Neovim is installed by the following steps. Here is an example of setting the installation-specific vimrc configuration:
- uses: rhysd/action-setup-vim@v1
  id: vim
- name: Setup vimrc specific to the Vim installation
  run: |
    cp vimrc_for_ci.vim '${{ vim.vim-dir }}/vimrc'
Fix the Vim installation directory structure on Windows. It did not conform the standard directory layout which Vim assumes (though it worked fine for compatibility reasons). Previously the runtime directory was wrongly squashed. The paths before/after this release when installing stable version are:

Previous wrong path: ~/vim-stable/vim.exe

New correct path: ~/vim-stable/vim91/vim.exe

Clean up temporary directories created by this action after installation completes. Temporary directories containing downloaded assets were not removed previously but they could cause troubles when installing multiple Vim/Neovim instances.

Report logs via core.info() instead of directly calling console.log().
[Changes][v1.6.0]

v1.5.1 - 2025-11-02

Fix installing stable Vim on macos-15-intel runner. It was broken again after v1.4.5 release due to the change in the upstream runner. (#52)

Update @actions/io to v2.0.0 for better Node.js v24 support.

[Changes][v1.5.1]

v1.5.0 - 2025-10-26

Support arm64 native binaries on windows-11-arm runner.

When an arm64 binary is missing in the release due to some reasons (e.g. build error), it falls back to x86_64 binary so that your workflow can continue. In this case the x86_64 binary is executed via x86 emulation.

Neovim only supports arm64 binaries on nightly builds for now.

Migrate the action runtime from node20 to node24. This change only affects users running this action on self-hosted runners.

Fix the validation for installed executables was not sufficient on Windows.

... (truncated)

Commits

febef33 Release v1.6.1 at 96eb633a04e4bf2eea5ecc4cc6727cef90c1f21d
See full diff in compare view

Updates actions/upload-artifact from 6.0.0 to 7.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Add proxy integration test by @Link- in actions/upload-artifact#754

Upgrade the module to ESM and bump dependencies by @danwkennedy in actions/upload-artifact#762

Support direct file uploads by @danwkennedy in actions/upload-artifact#764

New Contributors

@Link- made their first contribution in actions/upload-artifact#754

Full Changelog: actions/upload-artifact@v6...v7.0.0

Commits

bbbca2d Support direct file uploads (#764)
589182c Upgrade the module to ESM and bump dependencies (#762)
47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
02a8460 Add proxy integration test
See full diff in compare view

Updates softprops/action-gh-release from 2.5.0 to 2.6.1

Release notes

Sourced from softprops/action-gh-release's releases.

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

fix: preserve discussion category on publish by @chenrui333 in softprops/action-gh-release#765

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

feat: support previous_tag for generate_release_notes by @pocesar in softprops/action-gh-release#372

Bug fixes 🐛

fix: recover concurrent asset metadata 404s by @chenrui333 in softprops/action-gh-release#760

Other Changes 🔄

docs: clarify reused draft release behavior by @chenrui333 in softprops/action-gh-release#759

docs: clarify working_directory input by @chenrui333 in softprops/action-gh-release#761

ci: verify dist bundle freshness by @chenrui333 in softprops/action-gh-release#762

fix: clarify immutable prerelease uploads by @chenrui333 in softprops/action-gh-release#763

v2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

fix: preserve discussion category on publish by @chenrui333 in softprops/action-gh-release#765

2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

feat: support previous_tag for generate_release_notes by @pocesar in softprops/action-gh-release#372

Bug fixes 🐛

fix: recover concurrent asset metadata 404s by @chenrui333 in softprops/action-gh-release#760

Other Changes 🔄

docs: clarify reused draft release behavior by @chenrui333 in softprops/action-gh-release#759

docs: clarify working_directory input by @chenrui333 in softprops/action-gh-release#761

ci: verify dist bundle freshness by @chenrui333 in softprops/action-gh-release#762

fix: clarify immutable prerelease uploads by @chenrui333 in softprops/action-gh-release#763

2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

... (truncated)

Commits

153bb8e release 2.6.1
569deb8 fix: preserve discussion category when publishing releases (#765)
26e8ad2 release 2.6.0
b959f31 fix: clarify immutable prerelease uploads (#763)
8a8510e ci: verify dist bundle freshness (#762)
438c15d docs: clarify working_directory input (#761)
6ca3b5d fix: recover concurrent asset metadata 404s (#760)
11f9176 chore: add RELEASE.md
1f3f350 feat: add AGENTS.md
37819cb docs: clarify reused draft release behavior (#759)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gh-actions group with 4 updates in the / directory: [codecov/codecov-action](https://github.com/codecov/codecov-action), [rhysd/action-setup-vim](https://github.com/rhysd/action-setup-vim), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [softprops/action-gh-release](https://github.com/softprops/action-gh-release). Updates `codecov/codecov-action` from 5.5.2 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) Updates `rhysd/action-setup-vim` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/rhysd/action-setup-vim/releases) - [Changelog](https://github.com/rhysd/action-setup-vim/blob/master/CHANGELOG.md) - [Commits](rhysd/action-setup-vim@19e3dd3...febef33) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@b7c566a...bbbca2d) Updates `softprops/action-gh-release` from 2.5.0 to 2.6.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@a06a81a...153bb8e) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: rhysd/action-setup-vim dependency-version: 1.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: softprops/action-gh-release dependency-version: 2.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the gh-actions group across 1 directory with 4 updates#82

Bump the gh-actions group across 1 directory with 4 updates#82
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/gh-actions-22fb4327f5

dependabot bot commented on behalf of github Apr 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 1, 2026

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

v5.5.4

What's Changed

v5.5.3

What's Changed

v5.5.2

What's Changed

v5.5.1

What's Changed

v5.5.0

What's Changed

v5.4.3

What's Changed

v5.4.2

v1.6.1

v1.6.1 - 2026-03-18

v1.6.0 - 2025-11-09

v1.5.1 - 2025-11-02

v1.5.0 - 2025-10-26

v7.0.0

v7 What's new

Direct Uploads

ESM

What's Changed

New Contributors

v2.6.1

What's Changed

Bug fixes 🐛

v2.6.0

What's Changed

Exciting New Features 🎉

Bug fixes 🐛

Other Changes 🔄

v2.5.3

What's Changed

2.6.1

What's Changed

Bug fixes 🐛

2.6.0

What's Changed

Exciting New Features 🎉

Bug fixes 🐛

Other Changes 🔄

2.5.3

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants