Updater Action
Version updated for https://github.com/github/dependabot-action to version v2.30.0.
- This action is used across all versions by 0 repositories.
Action Type
This is a node20 action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
The github/dependabot-action enables Dependabot functionality within GitHub Actions, automating dependency updates and security vulnerability management for repositories. It supports the Dependabot version and security update features, helping users maintain secure and up-to-date project dependencies with minimal manual intervention. This action is primarily used internally by GitHub and is not designed for direct use in workflow files.
Release notes
What’s Changed
- remove unused output and repo path code by @jakecoffman in https://github.com/github/dependabot-action/pull/1537
- Bump the dependabot-core-images group in /docker with 25 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1516
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20250804193157 to v2.0.20250826205840 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1534
- add invocation of specific commands (graph) by @jakecoffman in https://github.com/github/dependabot-action/pull/1540
- Pass OIDC environment variables to proxy by @JamieMagee in https://github.com/github/dependabot-action/pull/1544
- Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1538
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20250826205840 to v2.0.20251003180402 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1546
- Bump actions/setup-node from 4 to 5 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1536
- Bump github/codeql-action from 3 to 4 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1548
- Delete the custom CodeQL config in favor of default config by @jeffwidman in https://github.com/github/dependabot-action/pull/1552
- add tenant-id and client-id to credentials by @brettfo in https://github.com/github/dependabot-action/pull/1553
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20251010195543 to v2.0.20251014173146 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1554
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20251014173146 to v2.0.20251015175503 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1555
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20251015175503 to v2.0.20251023141128 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1557
- Adding Julia to actions by @robaiken in https://github.com/github/dependabot-action/pull/1558
- Adding Bazel to actions by @robaiken in https://github.com/github/dependabot-action/pull/1560
- Extract the updater image’s SHA from the input parameters and pass it as an envvar by @brrygrdn in https://github.com/github/dependabot-action/pull/1561
- Bump actions/setup-node from 5 to 6 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1556
- Bump on-headers, compression and morgan by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1565
- Bump the prod-dependencies group across 1 directory with 2 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1539
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20251023141128 to v2.0.20251107162748 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1563
- Adding OpenTofu image by @robaiken in https://github.com/github/dependabot-action/pull/1566
- Bump the dev-dependencies group across 1 directory with 16 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1570
- Bump eslint-plugin-jest from 28.11.0 to 29.2.1 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1579
- Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1574
- Bump actions/checkout from 5 to 6 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1573
- Bump jest-circus from 29.7.0 to 30.2.0 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1577
- Bump @types/node from 22.15.21 to 24.10.1 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1578
- Bump the dev-dependencies group with 4 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1575
- Set check-dist workflow permissions by @Nishnha in https://github.com/github/dependabot-action/pull/1581
- Set test workflow permissions by @Nishnha in https://github.com/github/dependabot-action/pull/1582
- Bump the dev-dependencies group with 2 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1584
- Bump node-forge from 1.3.1 to 1.3.2 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1583
- Bump jest and @types/jest by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1576
- Bump @actions/http-client from 2.2.3 to 3.0.0 by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1569
- Update README.md to add deploy instructions by @honeyankit in https://github.com/github/dependabot-action/pull/1429
- Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20251113195050 to v2.0.20251124194534 in /docker by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1580
- Bump the dependabot-core-images group in /docker with 28 updates by @dependabot[bot] in https://github.com/github/dependabot-action/pull/1572
New Contributors
- @brettfo made their first contribution in https://github.com/github/dependabot-action/pull/1553
Full Changelog: https://github.com/github/dependabot-action/compare/v2.29.0...v2.30.0