Bump the all-dependencies group across 1 directory with 6 updates by dependabot[bot] · Pull Request #257 · Ambiguous-Interactive/unity-helpers

dependabot · 2026-06-03T22:18:43Z

Bumps the all-dependencies group with 6 updates in the / directory:

Package	From	To
docker/setup-qemu-action	`4.0.0`	`4.1.0`
docker/setup-buildx-action	`4.0.0`	`4.1.0`
docker/login-action	`4.1.0`	`4.2.0`
docker/metadata-action	`6.0.0`	`6.1.0`
docker/build-push-action	`7.1.0`	`7.2.0`
actions/setup-dotnet	`5.2.0`	`5.3.0`

Updates docker/setup-qemu-action from 4.0.0 to 4.1.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.1.0

Add reset input to uninstall current emulators by @crazy-max in docker/setup-qemu-action#21

Bump @docker/actions-toolkit from 0.77.0 to 0.91.0 in docker/setup-qemu-action#250 docker/setup-qemu-action#247

Bump brace-expansion from 1.1.12 to 1.1.15 in docker/setup-qemu-action#265

Bump fast-xml-builder from 1.0.0 to 1.2.0 in docker/setup-qemu-action#286

Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/setup-qemu-action#255

Bump flatted from 3.3.3 to 3.4.2 in docker/setup-qemu-action#257

Bump glob from 10.3.15 to 10.5.0 in docker/setup-qemu-action#254

Bump handlebars from 4.7.8 to 4.7.9 in docker/setup-qemu-action#262

Bump lodash from 4.17.23 to 4.18.1 in docker/setup-qemu-action#273

Bump postcss from 8.5.6 to 8.5.10 in docker/setup-qemu-action#285

Bump tar from 6.2.1 to 7.5.15 in docker/setup-qemu-action#287

Bump tmp from 0.2.5 to 0.2.6 in docker/setup-qemu-action#291

Bump undici from 6.23.0 to 6.26.0 in docker/setup-qemu-action#251

Bump vite from 7.3.1 to 7.3.2 in docker/setup-qemu-action#271

Full Changelog: docker/setup-qemu-action@v4.0.0...v4.1.0

Commits

0611638 Merge pull request #21 from crazy-max/uninst
ce59c81 chore: update generated content
2ddad44 uninstall current emulators
8c37cd6 Merge pull request #250 from docker/dependabot/npm_and_yarn/docker/actions-to...
d1a0ff3 chore: update generated content
0a8f3dc build(deps): bump @docker/actions-toolkit from 0.79.0 to 0.91.0
9430f61 Merge pull request #291 from docker/dependabot/npm_and_yarn/tmp-0.2.6
978bd77 chore: update generated content
3479feb build(deps): bump tmp from 0.2.5 to 0.2.6
b113c26 Merge pull request #255 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 4.0.0 to 4.1.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.1.0

Bump @docker/actions-toolkit from 0.79.0 to 0.90.0 in docker/setup-buildx-action#489

Bump brace-expansion from 1.1.12 to 5.0.6 in docker/setup-buildx-action#547 docker/setup-buildx-action#508

Bump fast-xml-builder from 1.0.0 to 1.2.0 in docker/setup-buildx-action#540

Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/setup-buildx-action#496

Bump flatted from 3.3.3 to 3.4.2 in docker/setup-buildx-action#499

Bump glob from 10.3.12 to 13.0.6 in docker/setup-buildx-action#495

Bump handlebars from 4.7.8 to 4.7.9 in docker/setup-buildx-action#504

Bump lodash from 4.17.23 to 4.18.1 in docker/setup-buildx-action#523

Bump picomatch from 4.0.3 to 4.0.4 in docker/setup-buildx-action#503

Bump postcss from 8.5.6 to 8.5.10 in docker/setup-buildx-action#537

Bump tar from 6.2.1 to 7.5.15 in docker/setup-buildx-action#545

Bump undici from 6.23.0 to 6.25.0 in docker/setup-buildx-action#492

Bump vite from 7.3.1 to 7.3.2 in docker/setup-buildx-action#520

Full Changelog: docker/setup-buildx-action@v4.0.0...v4.1.0

Commits

d7f5e7f Merge pull request #489 from docker/dependabot/npm_and_yarn/docker/actions-to...
92bc5c9 chore: update generated content
da11e35 build(deps): bump @docker/actions-toolkit from 0.79.0 to 0.90.0
f021e16 Merge pull request #492 from docker/dependabot/npm_and_yarn/undici-6.24.1
b5af94f chore: update generated content
16ad977 build(deps): bump undici from 6.23.0 to 6.25.0
d7a12d7 Merge pull request #495 from docker/dependabot/npm_and_yarn/glob-10.5.0
28ff27d build(deps): bump glob from 10.3.12 to 13.0.6
daf436b Merge pull request #496 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
9725348 chore: update generated content
Additional commits viewable in compare view

Updates docker/login-action from 4.1.0 to 4.2.0

Release notes

Sourced from docker/login-action's releases.

v4.2.0

Bump @actions/core from 3.0.0 to 3.0.1 in docker/login-action#976

Bump @aws-sdk/client-ecr and @aws-sdk/client-ecr-public to 3.1050.0 in docker/login-action#960

Bump @docker/actions-toolkit from 0.86.0 to 0.90.0 in docker/login-action#970

Bump brace-expansion from 2.0.1 to 5.0.6 in docker/login-action#993

Bump fast-xml-builder from 1.1.4 to 1.2.0 in docker/login-action#985

Bump fast-xml-parser from 5.3.6 to 5.8.0 in docker/login-action#963

Bump http-proxy-agent and https-proxy-agent to 9.0.0 in docker/login-action#961

Bump postcss from 8.5.6 to 8.5.10 in docker/login-action#979

Bump tar from 6.2.1 to 7.5.15 in docker/login-action#991

Bump vite from 7.3.1 to 7.3.3 in docker/login-action#986

Full Changelog: docker/login-action@v4.1.0...v4.2.0

Commits

650006c Merge pull request #960 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
99df1a3 chore: update generated content
3ab375f build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
39d8580 Merge pull request #970 from docker/dependabot/npm_and_yarn/docker/actions-to...
4eefcd3 chore: update generated content
56d092c build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0
e2e31ca Merge pull request #976 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
0bced94 chore: update generated content
3e75a0f build(deps): bump @actions/core from 3.0.0 to 3.0.1
365bebd Merge pull request #984 from docker/dependabot/github_actions/aws-actions/con...
Additional commits viewable in compare view

Updates docker/metadata-action from 6.0.0 to 6.1.0

Release notes

Sourced from docker/metadata-action's releases.

v6.1.0

Bump @docker/actions-toolkit from 0.79.0 to 0.90.0 in docker/metadata-action#613

Bump brace-expansion from 1.1.12 to 5.0.6 in docker/metadata-action#658 docker/metadata-action#630

Bump csv-parse from 6.1.0 to 6.2.1 in docker/metadata-action#617

Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/metadata-action#620

Bump flatted from 3.3.3 to 3.4.2 in docker/metadata-action#623

Bump glob from 10.3.15 to 10.5.0 in docker/metadata-action#621

Bump handlebars from 4.7.8 to 4.7.9 in docker/metadata-action#629

Bump lodash from 4.17.23 to 4.18.1 in docker/metadata-action#639

Bump moment-timezone from 0.6.0 to 0.6.1 in docker/metadata-action#619

Bump picomatch from 4.0.3 to 4.0.4 in docker/metadata-action#626

Bump postcss from 8.5.6 to 8.5.10 in docker/metadata-action#649

Bump tar from 6.2.1 to 7.5.15 in docker/metadata-action#657

Bump undici from 6.23.0 to 6.25.0 in docker/metadata-action#614

Bump vite from 7.3.1 to 7.3.2 in docker/metadata-action#637

Full Changelog: docker/metadata-action@v6.0.0...v6.1.0

Commits

80c7e94 Merge pull request #613 from docker/dependabot/npm_and_yarn/docker/actions-to...
8e0ddab chore: update generated content
a8db14b chore(deps): Bump @docker/actions-toolkit from 0.79.0 to 0.90.0
63a7371 Merge pull request #617 from docker/dependabot/npm_and_yarn/csv-parse-6.2.0
c6916a6 chore: update generated content
aca9205 chore(deps): Bump csv-parse from 6.1.0 to 6.2.1
9dcfe60 Merge pull request #629 from docker/dependabot/npm_and_yarn/handlebars-4.7.9
43dea76 chore: update generated content
7a56f5a chore(deps): Bump handlebars from 4.7.8 to 4.7.9
e49e0aa Merge pull request #658 from docker/dependabot/npm_and_yarn/brace-expansion-5...
Additional commits viewable in compare view

Updates docker/build-push-action from 7.1.0 to 7.2.0

Release notes

Sourced from docker/build-push-action's releases.

v7.2.0

Bump @actions/core from 3.0.0 to 3.0.1 in docker/build-push-action#1525

Bump @docker/actions-toolkit from 0.87.0 to 0.90.0 in docker/build-push-action#1517

Bump brace-expansion from 2.0.2 to 5.0.6 in docker/build-push-action#1534

Bump fast-xml-builder from 1.1.4 to 1.2.0 in docker/build-push-action#1529

Bump fast-xml-parser from 5.5.7 to 5.8.0 in docker/build-push-action#1521

Bump postcss from 8.5.6 to 8.5.10 in docker/build-push-action#1526

Bump tar from 6.2.1 to 7.5.15 in docker/build-push-action#1533

Full Changelog: docker/build-push-action@v7.1.0...v7.2.0

Commits

f9f3042 Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-t...
812d5fd chore: update generated content
b6f6693 chore(deps): Bump @docker/actions-toolkit from 0.87.0 to 0.90.0
c1c626e Merge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
51bb284 chore: update generated content
5f7884d chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
e01deff Merge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-...
3804d49 chore: update generated content
71e8947 chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
4925ad2 Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10
Additional commits viewable in compare view

Updates actions/setup-dotnet from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-dotnet's releases.

v5.3.0

What's Changed

Enhancements

Add dotnet-version: latest support with dotnet-channel input by @mahabaleshwars in actions/setup-dotnet#730

Support global.json's rollForward latest* variants by @js6pak in actions/setup-dotnet#538

Improve version resolution by @akoeplinger in actions/setup-dotnet#560

Dependency Updates

Upgrade @actions/* and fast-xml-parser dependencies by @Copilot in actions/setup-dotnet#728

Update install scripts to v2026.05.19 (preserve archive links) by @MichaelSimons in actions/setup-dotnet#736

Add rollForward note in README, improve proxy health check in e2e tests and bump version to v5.3.0 by @priyagupta108 in actions/setup-dotnet#738

Bug Fixes

Update Test Proxy job by @priya-kinthali in actions/setup-dotnet#703

New Contributors

@Copilot made their first contribution in actions/setup-dotnet#728

@akoeplinger made their first contribution in actions/setup-dotnet#560

@MichaelSimons made their first contribution in actions/setup-dotnet#736

@js6pak made their first contribution in actions/setup-dotnet#538

Full Changelog: actions/setup-dotnet@v5...v5.3.0

Commits

9a946fd Add rollForward note in README, improve proxy health check in e2e tests and b...
98af08b Support global.json's rollForward latest* variants (#538)
8404272 Update install scripts to v2026.05.19 (#736)
f1970f5 Don't download releases-index.json to resolve major version (#560)
af9211b Add dotnet-version: latest support with dotnet-channel input (#730)
df991ae chore: bump @actions/* and fast-xml-parser dependencies (#728)
a66eefa CI: remove manual PowerShell install from test-proxy job (e2e-tests.yml) (#703)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note

Low Risk
Patch/minor action version bumps in workflows with unchanged inputs; no product code or secrets handling changes beyond existing GHCR login behavior.

Overview
Bumps pinned GitHub Actions versions in CI workflows only—no application or script logic changes.

In build-publish-devcontainer.yml, the devcontainer publish pipeline moves five Docker-related actions forward (setup-qemu, setup-buildx, login, metadata, build-push). csharpier-autofix.yml, format-on-demand.yml, and update-dotnet-tools.yml each upgrade actions/setup-dotnet from v5.2.0 to v5.3.0 while keeping dotnet-version: "8.0.x" unchanged.

^{Reviewed by Cursor Bugbot for commit 31bf7d3. Bugbot is set up for automated code reviews on this repo. Configure here.}

Bumps the all-dependencies group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `6.0.0` | `6.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` | | [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.2.0` | `5.3.0` | Updates `docker/setup-qemu-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v4.0.0...v4.1.0) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v4.0.0...v4.1.0) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v4.1.0...v4.2.0) Updates `docker/metadata-action` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v6.0.0...v6.1.0) Updates `docker/build-push-action` from 7.1.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v7.1.0...v7.2.0) Updates `actions/setup-dotnet` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v5.2.0...v5.3.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: docker/metadata-action dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: actions/setup-dotnet dependency-version: 5.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot assigned Eli Pinkerton (wallstop) Jun 3, 2026

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 3, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-dependencies group across 1 directory with 6 updates#257

Bump the all-dependencies group across 1 directory with 6 updates#257
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/all-dependencies-b3d21defc5

dependabot Bot commented on behalf of github Jun 3, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jun 3, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.1.0

v4.1.0

v4.2.0

v6.1.0

v7.2.0

v5.3.0

What's Changed

Enhancements

Dependency Updates

Bug Fixes

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jun 3, 2026 •

edited

Loading