chore(ci): bump the actions group with 4 updates by dependabot[bot] · Pull Request #543 · radiorabe/python-acrclient

dependabot · 2026-04-06T10:13:46Z

Bumps the actions group with 4 updates: radiorabe/actions/.github/workflows/test-pre-commit.yaml, radiorabe/actions/.github/workflows/test-python-poetry.yaml, radiorabe/actions/.github/workflows/release-python-poetry.yaml and radiorabe/actions/.github/workflows/semantic-release.yaml.

Updates radiorabe/actions/.github/workflows/test-pre-commit.yaml from 0.41.3 to 0.42.0

Release notes

Sourced from radiorabe/actions/.github/workflows/test-pre-commit.yaml's releases.

v0.42.0

0.42.0 (2026-03-29)

This releases adds name: labels for all jobs and steps, users might need to update required actions.

Feature

add test-github-actions reusable workflow (zizmor SAST) (#204) (47999612). Implementing this action is strongly encourage and can be done by adding the following to an existing pull_request: workflow like test.yaml.
  github-actions:
    permissions:
      contents: read
      security-events: write # so zizmor can publish results to the Security tab
    uses: radiorabe/actions/.github/workflows/test-github-actions.yaml@479996126a091287dc3fd349786f6f8a6dd1b23c # v0.42.0
Zizmor Refactoring

release-mkdocs: implement zizmor recommendations and pin mkdocs<2.0 (#207) (4dd8c17a)

release-python-poetry: implement zizmor recommendations (#206) (45fae149)

test-pre-commit: implement zizmor recommendations (#203) (f24dab70)

release-ansible-collection: implement zizmor recommendations (#202) (59bbe0f9)

release-container: implement zizmor recommendations (#200) (94bcf38a)

schedule-trivy: implement zizmor recommendations (#201) (cd7eedcb)

Chores

formatting and names (#205) (89c02998)

Update label for permissions in new workflow template (#198) (0b42ab15)

security: Implement "ENISA TA for Secure Use of Package Managers" (#197) (d3e41444)

add empty top-level permission blocks for all actions (#193) (19453f78)

don't persist credentials in actions/checkout (#192) (d2fd8858)

Commits

4799961 feat: add test-github-actions reusable workflow (zizmor SAST) (#204)
4dd8c17 refactor(release-mkdocs): implement zizmor recommendations and pin mk… (#207)
45fae14 refactor(release-python-poetry): implement zizmor recommendations (#206)
89c0299 chore: formatting and names (#205)
f24dab7 refactor(test-pre-commit): implement zizmor recommendations (#203)
59bbe0f refactor(release-ansible-collection): implement zizmor recommendations (#202)
94bcf38 refactor(release-container): implement zizmor recommendations (#200)
cd7eedc refactor(schedule-trivy): implement zizmor recommendations (#201)
0b42ab1 chore: Update label for permissions in new workflow template (#198)
d3e4144 chore(security): Implement "ENISA TA for Secure Use of Package Managers" (#197)
Additional commits viewable in compare view

Updates radiorabe/actions/.github/workflows/test-python-poetry.yaml from 0.41.3 to 0.42.0

Release notes

Sourced from radiorabe/actions/.github/workflows/test-python-poetry.yaml's releases.

v0.42.0

0.42.0 (2026-03-29)

This releases adds name: labels for all jobs and steps, users might need to update required actions.

Feature

add test-github-actions reusable workflow (zizmor SAST) (#204) (47999612). Implementing this action is strongly encourage and can be done by adding the following to an existing pull_request: workflow like test.yaml.
  github-actions:
    permissions:
      contents: read
      security-events: write # so zizmor can publish results to the Security tab
    uses: radiorabe/actions/.github/workflows/test-github-actions.yaml@479996126a091287dc3fd349786f6f8a6dd1b23c # v0.42.0
Zizmor Refactoring

release-mkdocs: implement zizmor recommendations and pin mkdocs<2.0 (#207) (4dd8c17a)

release-python-poetry: implement zizmor recommendations (#206) (45fae149)

test-pre-commit: implement zizmor recommendations (#203) (f24dab70)

release-ansible-collection: implement zizmor recommendations (#202) (59bbe0f9)

release-container: implement zizmor recommendations (#200) (94bcf38a)

schedule-trivy: implement zizmor recommendations (#201) (cd7eedcb)

Chores

formatting and names (#205) (89c02998)

Update label for permissions in new workflow template (#198) (0b42ab15)

security: Implement "ENISA TA for Secure Use of Package Managers" (#197) (d3e41444)

add empty top-level permission blocks for all actions (#193) (19453f78)

don't persist credentials in actions/checkout (#192) (d2fd8858)

Commits

4799961 feat: add test-github-actions reusable workflow (zizmor SAST) (#204)
4dd8c17 refactor(release-mkdocs): implement zizmor recommendations and pin mk… (#207)
45fae14 refactor(release-python-poetry): implement zizmor recommendations (#206)
89c0299 chore: formatting and names (#205)
f24dab7 refactor(test-pre-commit): implement zizmor recommendations (#203)
59bbe0f refactor(release-ansible-collection): implement zizmor recommendations (#202)
94bcf38 refactor(release-container): implement zizmor recommendations (#200)
cd7eedc refactor(schedule-trivy): implement zizmor recommendations (#201)
0b42ab1 chore: Update label for permissions in new workflow template (#198)
d3e4144 chore(security): Implement "ENISA TA for Secure Use of Package Managers" (#197)
Additional commits viewable in compare view

Updates radiorabe/actions/.github/workflows/release-python-poetry.yaml from 0.41.3 to 0.42.0

Release notes

Sourced from radiorabe/actions/.github/workflows/release-python-poetry.yaml's releases.

v0.42.0

0.42.0 (2026-03-29)

This releases adds name: labels for all jobs and steps, users might need to update required actions.

Feature

add test-github-actions reusable workflow (zizmor SAST) (#204) (47999612). Implementing this action is strongly encourage and can be done by adding the following to an existing pull_request: workflow like test.yaml.
  github-actions:
    permissions:
      contents: read
      security-events: write # so zizmor can publish results to the Security tab
    uses: radiorabe/actions/.github/workflows/test-github-actions.yaml@479996126a091287dc3fd349786f6f8a6dd1b23c # v0.42.0
Zizmor Refactoring

release-mkdocs: implement zizmor recommendations and pin mkdocs<2.0 (#207) (4dd8c17a)

release-python-poetry: implement zizmor recommendations (#206) (45fae149)

test-pre-commit: implement zizmor recommendations (#203) (f24dab70)

release-ansible-collection: implement zizmor recommendations (#202) (59bbe0f9)

release-container: implement zizmor recommendations (#200) (94bcf38a)

schedule-trivy: implement zizmor recommendations (#201) (cd7eedcb)

Chores

formatting and names (#205) (89c02998)

Update label for permissions in new workflow template (#198) (0b42ab15)

security: Implement "ENISA TA for Secure Use of Package Managers" (#197) (d3e41444)

add empty top-level permission blocks for all actions (#193) (19453f78)

don't persist credentials in actions/checkout (#192) (d2fd8858)

Commits

4799961 feat: add test-github-actions reusable workflow (zizmor SAST) (#204)
4dd8c17 refactor(release-mkdocs): implement zizmor recommendations and pin mk… (#207)
45fae14 refactor(release-python-poetry): implement zizmor recommendations (#206)
89c0299 chore: formatting and names (#205)
f24dab7 refactor(test-pre-commit): implement zizmor recommendations (#203)
59bbe0f refactor(release-ansible-collection): implement zizmor recommendations (#202)
94bcf38 refactor(release-container): implement zizmor recommendations (#200)
cd7eedc refactor(schedule-trivy): implement zizmor recommendations (#201)
0b42ab1 chore: Update label for permissions in new workflow template (#198)
d3e4144 chore(security): Implement "ENISA TA for Secure Use of Package Managers" (#197)
Additional commits viewable in compare view

Updates radiorabe/actions/.github/workflows/semantic-release.yaml from 0.41.3 to 0.42.0

Release notes

Sourced from radiorabe/actions/.github/workflows/semantic-release.yaml's releases.

v0.42.0

0.42.0 (2026-03-29)

This releases adds name: labels for all jobs and steps, users might need to update required actions.

Feature

add test-github-actions reusable workflow (zizmor SAST) (#204) (47999612). Implementing this action is strongly encourage and can be done by adding the following to an existing pull_request: workflow like test.yaml.
  github-actions:
    permissions:
      contents: read
      security-events: write # so zizmor can publish results to the Security tab
    uses: radiorabe/actions/.github/workflows/test-github-actions.yaml@479996126a091287dc3fd349786f6f8a6dd1b23c # v0.42.0
Zizmor Refactoring

release-mkdocs: implement zizmor recommendations and pin mkdocs<2.0 (#207) (4dd8c17a)

release-python-poetry: implement zizmor recommendations (#206) (45fae149)

test-pre-commit: implement zizmor recommendations (#203) (f24dab70)

release-ansible-collection: implement zizmor recommendations (#202) (59bbe0f9)

release-container: implement zizmor recommendations (#200) (94bcf38a)

schedule-trivy: implement zizmor recommendations (#201) (cd7eedcb)

Chores

formatting and names (#205) (89c02998)

Update label for permissions in new workflow template (#198) (0b42ab15)

security: Implement "ENISA TA for Secure Use of Package Managers" (#197) (d3e41444)

add empty top-level permission blocks for all actions (#193) (19453f78)

don't persist credentials in actions/checkout (#192) (d2fd8858)

Commits

4799961 feat: add test-github-actions reusable workflow (zizmor SAST) (#204)
4dd8c17 refactor(release-mkdocs): implement zizmor recommendations and pin mk… (#207)
45fae14 refactor(release-python-poetry): implement zizmor recommendations (#206)
89c0299 chore: formatting and names (#205)
f24dab7 refactor(test-pre-commit): implement zizmor recommendations (#203)
59bbe0f refactor(release-ansible-collection): implement zizmor recommendations (#202)
94bcf38 refactor(release-container): implement zizmor recommendations (#200)
cd7eedc refactor(schedule-trivy): implement zizmor recommendations (#201)
0b42ab1 chore: Update label for permissions in new workflow template (#198)
d3e4144 chore(security): Implement "ENISA TA for Secure Use of Package Managers" (#197)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 4 updates: [radiorabe/actions/.github/workflows/test-pre-commit.yaml](https://github.com/radiorabe/actions), [radiorabe/actions/.github/workflows/test-python-poetry.yaml](https://github.com/radiorabe/actions), [radiorabe/actions/.github/workflows/release-python-poetry.yaml](https://github.com/radiorabe/actions) and [radiorabe/actions/.github/workflows/semantic-release.yaml](https://github.com/radiorabe/actions). Updates `radiorabe/actions/.github/workflows/test-pre-commit.yaml` from 0.41.3 to 0.42.0 - [Release notes](https://github.com/radiorabe/actions/releases) - [Commits](radiorabe/actions@c7aef99...4799961) Updates `radiorabe/actions/.github/workflows/test-python-poetry.yaml` from 0.41.3 to 0.42.0 - [Release notes](https://github.com/radiorabe/actions/releases) - [Commits](radiorabe/actions@c7aef99...4799961) Updates `radiorabe/actions/.github/workflows/release-python-poetry.yaml` from 0.41.3 to 0.42.0 - [Release notes](https://github.com/radiorabe/actions/releases) - [Commits](radiorabe/actions@c7aef99...4799961) Updates `radiorabe/actions/.github/workflows/semantic-release.yaml` from 0.41.3 to 0.42.0 - [Release notes](https://github.com/radiorabe/actions/releases) - [Commits](radiorabe/actions@c7aef99...4799961) --- updated-dependencies: - dependency-name: radiorabe/actions/.github/workflows/test-pre-commit.yaml dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: radiorabe/actions/.github/workflows/test-python-poetry.yaml dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: radiorabe/actions/.github/workflows/release-python-poetry.yaml dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: radiorabe/actions/.github/workflows/semantic-release.yaml dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>

Added GitHub Actions step for security event publishing.

github-advanced-security · 2026-04-08T18:13:53Z

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 6, 2026

chore(ci): add zizmor

2dcc770

Added GitHub Actions step for security event publishing.

hairmare merged commit 80854f8 into main Apr 8, 2026
6 checks passed

hairmare deleted the dependabot/github_actions/actions-ad8753a96d branch April 8, 2026 18:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(ci): bump the actions group with 4 updates#543

chore(ci): bump the actions group with 4 updates#543
hairmare merged 2 commits intomainfrom
dependabot/github_actions/actions-ad8753a96d

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading

Uh oh!

github-advanced-security bot commented Apr 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.42.0

0.42.0 (2026-03-29)

Feature

Zizmor Refactoring

Chores

v0.42.0

0.42.0 (2026-03-29)

Feature

Zizmor Refactoring

Chores

v0.42.0

0.42.0 (2026-03-29)

Feature

Zizmor Refactoring

Chores

v0.42.0

0.42.0 (2026-03-29)

Feature

Zizmor Refactoring

Chores

Uh oh!

github-advanced-security bot commented Apr 8, 2026

What Enabling Code Scanning Means:

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading