Skip to content

Bump the actions group across 1 directory with 5 updates#326

Merged
Swatinem merged 1 commit intomasterfrom
dependabot/github_actions/actions-1152e6698e
Apr 14, 2026
Merged

Bump the actions group across 1 directory with 5 updates#326
Swatinem merged 1 commit intomasterfrom
dependabot/github_actions/actions-1152e6698e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 13, 2026

Bumps the actions group with 5 updates in the / directory:

Package From To
cargo-bins/cargo-binstall 1.17.9 1.18.1
actions/upload-artifact 7.0.0 7.0.1
taiki-e/install-action 2.68.34 2.75.10
dependabot/fetch-metadata 2.5.0 3.0.0
cachix/install-nix-action 31.10.1 31.10.4

Updates cargo-bins/cargo-binstall from 1.17.9 to 1.18.1

Release notes

Sourced from cargo-bins/cargo-binstall's releases.

v1.18.1

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

Remove GITHUB_TOKEN and GH_TOKEN when fallback to installing from source using cargo-install (#2533)

This reduces the risk of leaks of tokens for users who pass the GITHUN_TOKEN or GH_TOKEN environment variables to cargo-binstall to avoid GitHub API rate limits.

v1.18.0

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

  • feat: support cargo:token and cargo:token-from-stdout auth for private registries (#2526 #2528)

Other changes:

  • Upgrade dependencies
Commits

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • See full diff in compare view

Updates taiki-e/install-action from 2.68.34 to 2.75.10

Release notes

Sourced from taiki-e/install-action's releases.

2.75.10

  • Update tombi@latest to 0.9.17.

  • Update mise@latest to 2026.4.10.

2.75.9

  • Enhance security when cargo-binstall fallback is used. (acc1621b)

2.75.8

  • Update vacuum@latest to 0.25.8.

  • Update mise@latest to 2026.4.9.

  • Update cargo-binstall@latest to 1.18.0.

  • Update gungraun-runner@latest to 0.18.1.

2.75.7

  • Update covgate@latest to 0.1.4.

  • Update wasm-bindgen@latest to 0.2.118.

2.75.6

  • Update mise@latest to 2026.4.8.

  • Update cargo-deny@latest to 0.19.1.

2.75.5

  • Update biome@latest to 2.4.11.

  • Update wasmtime@latest to 43.0.1.

  • Update uv@latest to 0.11.6.

  • Update mise@latest to 2026.4.7.

  • Update gungraun-runner@latest to 0.18.0.

2.75.4

  • Enhance security when cargo-binstall fallback is enabled. (08a38582, ba626b4d)

  • Update martin@latest to 1.5.0.

  • Update uv@latest to 0.11.5.

  • Update syft@latest to 1.42.4.

  • Update dprint@latest to 0.54.0.

2.75.3

... (truncated)

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[2.75.10] - 2026-04-13

  • Update tombi@latest to 0.9.17.

  • Update mise@latest to 2026.4.10.

[2.75.9] - 2026-04-13

  • Enhance security when cargo-binstall fallback is used. (acc1621b)

[2.75.8] - 2026-04-13

  • Update vacuum@latest to 0.25.8.

  • Update mise@latest to 2026.4.9.

  • Update cargo-binstall@latest to 1.18.0.

  • Update gungraun-runner@latest to 0.18.1.

[2.75.7] - 2026-04-11

  • Update covgate@latest to 0.1.4.

  • Update wasm-bindgen@latest to 0.2.118.

[2.75.6] - 2026-04-11

  • Update mise@latest to 2026.4.8.

  • Update cargo-deny@latest to 0.19.1.

[2.75.5] - 2026-04-10

  • Update biome@latest to 2.4.11.

  • Update wasmtime@latest to 43.0.1.

... (truncated)

Commits

Updates dependabot/fetch-metadata from 2.5.0 to 3.0.0

Release notes

Sourced from dependabot/fetch-metadata's releases.

v3.0.0

The breaking change is requiring Node.js version v24 as the Actions runtime.

What's Changed

New Contributors

Full Changelog: dependabot/fetch-metadata@v2...v3.0.0

Commits
  • ffa630c v3.0.0 (#686)
  • ec8fff2 Merge pull request #674 from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2
  • caf48bd build(deps-dev): bump picomatch from 2.3.1 to 2.3.2
  • 13d8274 Upgrade @​actions/github to ^9.0.0 and @​octokit/request-error to ^7.1.0 (#678)
  • b603099 Upgrade @​actions/core from ^1.11.1 to ^3.0.0 (#677)
  • c5dc5b1 Enable noImplicitAny in tsconfig.json (#684)
  • a183f3c Add typecheck step to CI (#685)
  • 5e17564 Remove skipLibCheck from tsconfig.json (#683)
  • bb56eeb Switch tsconfig module resolution to bundler (#682)
  • 3632e3d Remove vestigial outDir from tsconfig.json (#681)
  • Additional commits viewable in compare view

Updates cachix/install-nix-action from 31.10.1 to 31.10.4

Release notes

Sourced from cachix/install-nix-action's releases.

v31.10.4

What's Changed

Full Changelog: cachix/install-nix-action@v31.10.3...v31.10.4

v31.10.3

What's Changed

Full Changelog: cachix/install-nix-action@v31...v31.10.3

v31.10.2

What's Changed

Full Changelog: cachix/install-nix-action@v31...v31.10.2

Commits
  • 6165592 Merge pull request #273 from cachix/create-pull-request/patch
  • b9f700d nix: 2.34.4 -> 2.34.5
  • 96951a3 Merge pull request #271 from cachix/create-pull-request/patch
  • 6281169 nix: 2.34.2 -> 2.34.4
  • 51f3067 Revert "ci: use 25.11 for channel tests"
  • 15118c1 ci: use 25.11 for channel tests
  • e1ac057 Merge pull request #270 from cachix/create-pull-request/patch
  • d181b96 nix: 2.34.1 -> 2.34.2
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the actions group across 1 directory with 5 updates
8b0b52b 
Bumps the actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cargo-bins/cargo-binstall](https://github.com/cargo-bins/cargo-binstall) | `1.17.9` | `1.18.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.68.34` | `2.75.10` |
| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.5.0` | `3.0.0` |
| [cachix/install-nix-action](https://github.com/cachix/install-nix-action) | `31.10.1` | `31.10.4` |



Updates `cargo-bins/cargo-binstall` from 1.17.9 to 1.18.1
- [Release notes](https://github.com/cargo-bins/cargo-binstall/releases)
- [Changelog](https://github.com/cargo-bins/cargo-binstall/blob/main/release-plz.toml)
- [Commits](cargo-bins/cargo-binstall@v1.17.9...v1.18.1)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@bbbca2d...043fb46)

Updates `taiki-e/install-action` from 2.68.34 to 2.75.10
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](taiki-e/install-action@de6bbd1...85b24a6)

Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](dependabot/fetch-metadata@21025c7...ffa630c)

Updates `cachix/install-nix-action` from 31.10.1 to 31.10.4
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Changelog](https://github.com/cachix/install-nix-action/blob/master/RELEASE.md)
- [Commits](cachix/install-nix-action@1ca7d21...6165592)

---
updated-dependencies:
- dependency-name: cargo-bins/cargo-binstall
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.75.10
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: dependabot/fetch-metadata
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: cachix/install-nix-action
  dependency-version: 31.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 13, 2026
github-advanced-security[bot]
github-advanced-security AI found potential problems Apr 13, 2026
View reviewed changes
Comment thread .github/workflows/binstall.yml
- run: rustup toolchain install stable --profile minimal --no-self-update

- uses: cargo-bins/cargo-binstall@v1.17.9
- uses: cargo-bins/cargo-binstall@v1.18.1
@Swatinem Swatinem merged commit 469cb0e into master Apr 14, 2026
66 of 68 checks passed
@Swatinem Swatinem deleted the dependabot/github_actions/actions-1152e6698e branch April 14, 2026 18:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Swatinem Swatinem Swatinem approved these changes

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Swatinem @github-advanced-security