Skip to content

build(deps): bump the actions-updates group across 1 directory with 2 updates#188

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-updates-38d5eec568
Open

build(deps): bump the actions-updates group across 1 directory with 2 updates#188
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-updates-38d5eec568

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 25, 2026
edited
Loading

Bumps the actions-updates group with 2 updates in the / directory: step-security/harden-runner and docker/setup-buildx-action.

Updates step-security/harden-runner from 2.19.1 to 2.19.4

Release notes

Sourced from step-security/harden-runner's releases.

v2.19.4

What's Changed

  • Improvements for HTTPS Monitoring for the Enterprise tier of Harden Runner

Full Changelog: step-security/harden-runner@v2.19.3...v2.19.4

v2.19.3

What's Changed

Full Changelog: step-security/harden-runner@v2.19.2...v2.19.3

v2.19.2

What's Changed

  • Update the Harden Runner agent for enterprise tier to use go 1.26 and fix minor bugs.

Full Changelog: step-security/harden-runner@v2.19.1...v2.19.2

Commits
  • 9af89fc Merge pull request #667 from step-security/update-agent-v1.8.6
  • 485dce8 Update agent to v1.8.6
  • ab7a940 Merge pull request #665 from step-security/fix/use-policy-store-default-audit
  • ec41b78 Default to audit mode when api-key missing with use-policy-store
  • 9ca718d Merge pull request #664 from step-security/update-agent-v1.8.5
  • 1dee3df Update agent to v1.8.5
  • See full diff in compare view

Updates docker/setup-buildx-action from 4.0.0 to 4.1.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.1.0

Full Changelog: docker/setup-buildx-action@v4.0.0...v4.1.0

Commits
  • d7f5e7f Merge pull request #489 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 92bc5c9 chore: update generated content
  • da11e35 build(deps): bump @​docker/actions-toolkit from 0.79.0 to 0.90.0
  • f021e16 Merge pull request #492 from docker/dependabot/npm_and_yarn/undici-6.24.1
  • b5af94f chore: update generated content
  • 16ad977 build(deps): bump undici from 6.23.0 to 6.25.0
  • d7a12d7 Merge pull request #495 from docker/dependabot/npm_and_yarn/glob-10.5.0
  • 28ff27d build(deps): bump glob from 10.3.12 to 13.0.6
  • daf436b Merge pull request #496 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
  • 9725348 chore: update generated content
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 25, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 25, 2026
@dependabot
build(deps): bump the actions-updates group across 1 directory with 2…
05d4769 
… updates

Bumps the actions-updates group with 2 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).


Updates `step-security/harden-runner` from 2.19.1 to 2.19.4
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@a5ad31d...9af89fc)

Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@4d04d5d...d7f5e7f)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-updates-38d5eec568 branch from f526525 to 05d4769 Compare May 28, 2026 01:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kaniini kaniini Awaiting requested review from kaniini kaniini is a code owner

@azenla azenla Awaiting requested review from azenla azenla is a code owner

@bleggett bleggett Awaiting requested review from bleggett bleggett is a code owner

@tycho tycho Awaiting requested review from tycho tycho is a code owner

@alexandermerritt alexandermerritt Awaiting requested review from alexandermerritt alexandermerritt is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants