GitHub Actions Dependency Submission

January 7, 2026

Version updated for https://github.com/jessehouwing/actions-dependency-submission to version v1.0.3.

This action is used across all versions by 32 repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The GitHub Actions Dependency Submission action automates the process of scanning GitHub workflow files and submitting action dependencies to GitHub’s Dependency Graph. It supports advanced features such as recursive scanning of composite actions, detection of callable workflows, and fork traversal, ensuring comprehensive dependency tracking even for forked or custom workflows. This action helps organizations maintain security by integrating with GitHub’s Dependency Graph for advisory tracking, solving challenges related to dependency visibility and management in complex workflows.

Release notes

What’s Changed

Bump ruby/setup-ruby from 1.274.0 to 1.275.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/96
Adds dependency validation workflow by @jessehouwing in https://github.com/jessehouwing/actions-dependency-submission/pull/101
Add schedule trigger and update dependency review documentation by @jessehouwing in https://github.com/jessehouwing/actions-dependency-submission/pull/103
Bump ruby/setup-ruby from 1.275.0 to 1.276.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/102
Bump the npm-development group with 5 updates by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/97
Bump the npm-development group with 3 updates by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/104
Bump ruby/setup-ruby from 1.276.0 to 1.277.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/105
Bump ruby/setup-ruby from 1.277.0 to 1.278.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/106
Bump @rollup/rollup-linux-x64-gnu from 4.54.0 to 4.55.1 by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/109
Bump the npm-development group with 4 updates by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/108
Bump ruby/setup-ruby from 1.278.0 to 1.279.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/actions-dependency-submission/pull/107
Support optional ‘v’ prefix and branch/tag lookup in version resolution by @Copilot in https://github.com/jessehouwing/actions-dependency-submission/pull/111

Full Changelog: https://github.com/jessehouwing/actions-dependency-submission/compare/v1.0.2...v1.0.3