Skip to content

chore(deps): bump the dependencies group with 6 updates#272

Merged
jmeridth merged 1 commit intomainfrom
dependabot/github_actions/dependencies-e54ae28bb2
Mar 20, 2026
Merged

chore(deps): bump the dependencies group with 6 updates#272
jmeridth merged 1 commit intomainfrom
dependabot/github_actions/dependencies-e54ae28bb2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 20, 2026

Bumps the dependencies group with 6 updates:

Package From To
github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml 0.5.7 0.6.0
github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml 0.5.7 0.6.0
github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml 0.5.7 0.6.0
github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml 0.5.7 0.6.0
anchore/sbom-action 0.23.1 0.24.0
actions/attest-sbom 4.0.0 4.1.0

Updates github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml from 0.5.7 to 0.6.0

Release notes

Sourced from github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml's releases.

v0.6.0

Changelog

🚀 Features

  • feat: add automatic major version tag update to release workflow @​jmeridth (#120)

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 7.1.0 to 7.1.1 in the dependencies group @dependabot[bot] (#119)

See details of all code changes since previous release

v0.5.8

Changelog

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 @dependabot[bot] (#117)
  • chore(deps): bump kenyonj/mark-ready-when-ready from 33b13c51ba23786efb933701ef253352baf05bdd to b6279addd55dd13208965a9eff24b2cf1989a8ef @dependabot[bot] (#114)
  • chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 in the dependencies group @dependabot[bot] (#113)

See details of all code changes since previous release

Commits
  • a0cf79b Merge pull request #120 from github-community-projects/jm_major_version_updater
  • 2ce2ae3 doc: update release doc with new update-major-tag input
  • f1e8f08 fix: cleanup of old major-version-updater
  • 6bc46d4 fix: persist credentials so username can be found on git push
  • 1360e49 fix: add claude local settings to gitignore
  • 389119e feat: add automatic major version tag update to release workflow
  • 469b195 chore(deps): bump release-drafter/release-drafter (#119)
  • 5d90c7a chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 (#117)
  • ed4846f chore(deps): bump kenyonj/mark-ready-when-ready (#114)
  • b4300b5 chore(deps): bump step-security/harden-runner in the dependencies group (#113)
  • See full diff in compare view

Updates github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml from 0.5.7 to 0.6.0

Release notes

Sourced from github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml's releases.

v0.6.0

Changelog

🚀 Features

  • feat: add automatic major version tag update to release workflow @​jmeridth (#120)

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 7.1.0 to 7.1.1 in the dependencies group @dependabot[bot] (#119)

See details of all code changes since previous release

v0.5.8

Changelog

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 @dependabot[bot] (#117)
  • chore(deps): bump kenyonj/mark-ready-when-ready from 33b13c51ba23786efb933701ef253352baf05bdd to b6279addd55dd13208965a9eff24b2cf1989a8ef @dependabot[bot] (#114)
  • chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 in the dependencies group @dependabot[bot] (#113)

See details of all code changes since previous release

Commits
  • a0cf79b Merge pull request #120 from github-community-projects/jm_major_version_updater
  • 2ce2ae3 doc: update release doc with new update-major-tag input
  • f1e8f08 fix: cleanup of old major-version-updater
  • 6bc46d4 fix: persist credentials so username can be found on git push
  • 1360e49 fix: add claude local settings to gitignore
  • 389119e feat: add automatic major version tag update to release workflow
  • 469b195 chore(deps): bump release-drafter/release-drafter (#119)
  • 5d90c7a chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 (#117)
  • ed4846f chore(deps): bump kenyonj/mark-ready-when-ready (#114)
  • b4300b5 chore(deps): bump step-security/harden-runner in the dependencies group (#113)
  • See full diff in compare view

Updates github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml from 0.5.7 to 0.6.0

Release notes

Sourced from github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml's releases.

v0.6.0

Changelog

🚀 Features

  • feat: add automatic major version tag update to release workflow @​jmeridth (#120)

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 7.1.0 to 7.1.1 in the dependencies group @dependabot[bot] (#119)

See details of all code changes since previous release

v0.5.8

Changelog

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 @dependabot[bot] (#117)
  • chore(deps): bump kenyonj/mark-ready-when-ready from 33b13c51ba23786efb933701ef253352baf05bdd to b6279addd55dd13208965a9eff24b2cf1989a8ef @dependabot[bot] (#114)
  • chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 in the dependencies group @dependabot[bot] (#113)

See details of all code changes since previous release

Commits
  • a0cf79b Merge pull request #120 from github-community-projects/jm_major_version_updater
  • 2ce2ae3 doc: update release doc with new update-major-tag input
  • f1e8f08 fix: cleanup of old major-version-updater
  • 6bc46d4 fix: persist credentials so username can be found on git push
  • 1360e49 fix: add claude local settings to gitignore
  • 389119e feat: add automatic major version tag update to release workflow
  • 469b195 chore(deps): bump release-drafter/release-drafter (#119)
  • 5d90c7a chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 (#117)
  • ed4846f chore(deps): bump kenyonj/mark-ready-when-ready (#114)
  • b4300b5 chore(deps): bump step-security/harden-runner in the dependencies group (#113)
  • See full diff in compare view

Updates github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml from 0.5.7 to 0.6.0

Release notes

Sourced from github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml's releases.

v0.6.0

Changelog

🚀 Features

  • feat: add automatic major version tag update to release workflow @​jmeridth (#120)

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 7.1.0 to 7.1.1 in the dependencies group @dependabot[bot] (#119)

See details of all code changes since previous release

v0.5.8

Changelog

🧰 Maintenance

  • chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 @dependabot[bot] (#117)
  • chore(deps): bump kenyonj/mark-ready-when-ready from 33b13c51ba23786efb933701ef253352baf05bdd to b6279addd55dd13208965a9eff24b2cf1989a8ef @dependabot[bot] (#114)
  • chore(deps): bump step-security/harden-runner from 2.15.1 to 2.16.0 in the dependencies group @dependabot[bot] (#113)

See details of all code changes since previous release

Commits
  • a0cf79b Merge pull request #120 from github-community-projects/jm_major_version_updater
  • 2ce2ae3 doc: update release doc with new update-major-tag input
  • f1e8f08 fix: cleanup of old major-version-updater
  • 6bc46d4 fix: persist credentials so username can be found on git push
  • 1360e49 fix: add claude local settings to gitignore
  • 389119e feat: add automatic major version tag update to release workflow
  • 469b195 chore(deps): bump release-drafter/release-drafter (#119)
  • 5d90c7a chore(deps): bump release-drafter/release-drafter from 6.4.0 to 7.1.0 (#117)
  • ed4846f chore(deps): bump kenyonj/mark-ready-when-ready (#114)
  • b4300b5 chore(deps): bump step-security/harden-runner in the dependencies group (#113)
  • See full diff in compare view

Updates anchore/sbom-action from 0.23.1 to 0.24.0

Release notes

Sourced from anchore/sbom-action's releases.

v0.24.0

⬆️ Dependencies

Commits

Updates actions/attest-sbom from 4.0.0 to 4.1.0

Release notes

Sourced from actions/attest-sbom's releases.

v4.1.0

[!WARNING] As of version 4.0.0 this action is being deprecated in favor of actions/attest. actions/attest-sbom will continue to function as a wrapper on top of actions/attest for some period of time, but applications should make plans to migrate.

All of the existing action inputs are compatible with the actions/attest interface.

What's Changed

Full Changelog: actions/attest-sbom@v4.0.0...v4.1.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group with 6 updates
be47688 
Bumps the dependencies group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `0.5.7` | `0.6.0` |
| [github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `0.5.7` | `0.6.0` |
| [github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `0.5.7` | `0.6.0` |
| [github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `0.5.7` | `0.6.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.23.1` | `0.24.0` |
| [actions/attest-sbom](https://github.com/actions/attest-sbom) | `4.0.0` | `4.1.0` |


Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml` from 0.5.7 to 0.6.0
- [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release-discussion.md)
- [Commits](github-community-projects/ospo-reusable-workflows@6381f5d...a0cf79b)

Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml` from 0.5.7 to 0.6.0
- [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release-discussion.md)
- [Commits](github-community-projects/ospo-reusable-workflows@6381f5d...a0cf79b)

Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml` from 0.5.7 to 0.6.0
- [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release-discussion.md)
- [Commits](github-community-projects/ospo-reusable-workflows@6381f5d...a0cf79b)

Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml` from 0.5.7 to 0.6.0
- [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release-discussion.md)
- [Commits](github-community-projects/ospo-reusable-workflows@6381f5d...a0cf79b)

Updates `anchore/sbom-action` from 0.23.1 to 0.24.0
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@57aae52...e22c389)

Updates `actions/attest-sbom` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/actions/attest-sbom/releases)
- [Changelog](https://github.com/actions/attest-sbom/blob/main/RELEASE.md)
- [Commits](actions/attest-sbom@07e74fc...c604332)

---
updated-dependencies:
- dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/release-image.yaml
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: anchore/sbom-action
  dependency-version: 0.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/attest-sbom
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 20, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 20, 2026 20:28
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 20, 2026
@jmeridth jmeridth merged commit b2d1773 into main Mar 20, 2026
9 checks passed
@jmeridth jmeridth deleted the dependabot/github_actions/dependencies-e54ae28bb2 branch March 20, 2026 20:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmeridth jmeridth jmeridth approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jmeridth