Skip to content

Bump the "all" group with 3 updates across multiple ecosystems#683

Open
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/all-f6c25f7468
Open

Bump the "all" group with 3 updates across multiple ecosystems#683
dependabot[bot] wants to merge 2 commits into
masterfrom
dependabot/all-f6c25f7468

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the all group with 2 updates: golang and alpine.

Updates golang from 1.25-alpine3.22 to 1.26-alpine3.22

Updates alpine from 3.22 to 3.23

Bumps the all group with 4 updates: actions/checkout, docker/setup-buildx-action, docker/build-push-action and google-github-actions/release-please-action.

Updates actions/checkout from 3 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates docker/setup-buildx-action from 1 to 4

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

v3.12.0

Full Changelog: docker/setup-buildx-action@v3.11.1...v3.12.0

v3.11.1

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

v3.10.0

Full Changelog: docker/setup-buildx-action@v3.9.0...v3.10.0

v3.9.0

Full Changelog: docker/setup-buildx-action@v3.8.0...v3.9.0

v3.8.0

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

... (truncated)

Commits
  • 4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • cd74e05 chore: update generated content
  • eee38ec build(deps): bump @​docker/actions-toolkit from 0.77.0 to 0.79.0
  • 7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
  • a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
  • e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
  • 28a438e Merge pull request #483 from crazy-max/node24
  • 034e9d3 chore: update generated content
  • b4664d8 remove deprecated inputs/outputs
  • a8257de node 24 as default runtime
  • Additional commits viewable in compare view

Updates docker/build-push-action from 6 to 7

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

v6.19.2

Full Changelog: docker/build-push-action@v6.19.1...v6.19.2

v6.19.1

Full Changelog: docker/build-push-action@v6.19.0...v6.19.1

v6.19.0

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

v6.18.0

[!NOTE] Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

[!NOTE] Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

... (truncated)

Commits
  • bcafcac Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
  • 18e62f1 Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
  • 46580d2 chore: update generated content
  • 3f80b25 chore(deps): Bump lodash from 4.17.23 to 4.18.1
  • efeec95 Merge pull request #1505 from crazy-max/refactor-git-context
  • ddf04b0 Merge pull request #1511 from docker/dependabot/github_actions/crazy-max-dot-...
  • db08d97 chore(deps): Bump the crazy-max-dot-github group with 2 updates
  • ef1fb96 Merge pull request #1508 from docker/dependabot/github_actions/docker/login-a...
  • 2d8f2a1 chore: update generated content
  • 919ac7b fix test since secrets are not written to temp path anymore
  • Additional commits viewable in compare view

Updates google-github-actions/release-please-action from 2 to 4

Changelog

Sourced from google-github-actions/release-please-action's changelog.

4.1.1 (2024-05-13)

Bug Fixes

  • add deprecation warning to workflow run (#1) (edb78cf)

4.1.0 (2024-03-11)

Features

  • add changelog-host input to action.yml (#948) (863b06f)

4.0.3 (2024-03-11)

Bug Fixes

  • bump release-please from 16.5.0 to 16.10.0 (#953) (d7e88e0)

4.0.2 (2023-12-18)

Bug Fixes

4.0.1 (2023-12-07)

Bug Fixes

  • bump release-please from 16.3.1 to 16.4.0 (#897) (2463dad)

4.0.0 (2023-12-01)

⚠ BREAKING CHANGES

  • remove most configuration options in favor of manifest configuration to configure the release-please-action
  • rewrite in typescript
  • remove command option in favor of setting release-type and skip-github-release/skip-github-pull-request
  • run on node20
  • deps: upgrade release-please to v16
  • v4 release

Features

... (truncated)

Commits

Bumps the all group with 5 updates:

Package From To
github.com/mattn/go-sqlite3 1.14.33 1.14.42
github.com/ncruces/go-sqlite3 0.30.4 0.33.3
go.senan.xyz/wrtag 0.20.0 0.30.0
golang.org/x/net 0.49.0 0.52.0
golang.org/x/sync 0.19.0 0.20.0

Updates github.com/mattn/go-sqlite3 from 1.14.33 to 1.14.42

Commits
  • 5df13a0 Merge pull request #1387 from mattn/codex/stmt-cache
  • e302e5c document that _stmt_cache_size is per connection
  • 867dcbf move reset/clear into putCachedStmt and always finalize on failure
  • 0e58fa4 simplify prepareWithCache to call prepare instead of duplicating logic
  • e9f47da do not bail out on finalize error in closeCachedStmtsLocked
  • 325cb8d remove redundant stmtCacheSize check in putCachedStmt
  • 061c2a5 check stmtCacheSize before acquiring mutex in takeCachedStmt
  • efa9b1c add opt-in statement cache
  • 8d12439 Merge pull request #1386 from mattn/perf/reduce-cgo-overhead
  • 89f4bbe fix build with SQLITE_ENABLE_UNLOCK_NOTIFY
  • Additional commits viewable in compare view

Updates github.com/ncruces/go-sqlite3 from 0.30.4 to 0.33.3

Release notes

Sourced from github.com/ncruces/go-sqlite3's releases.

v0.33.3

[!IMPORTANT]

This is one of the first versions of this package to use wasm2go.

wasm2go is a recent project, so you may prefer to stick to previous versions, if you value stability.

Your feedback on this change is very appreciated. Please read and comment on the discussion.

What's Changed

Updates:

  • SQLite 3.53.0

Full Changelog: ncruces/go-sqlite3@v0.33.2...v0.33.3

Artifact attestations

v0.33.2

[!IMPORTANT]

This is one of the first versions of this package to use wasm2go.

wasm2go is a recent project, so you may prefer to stick to previous versions, if you value stability.

wasm2go had a bug affecting the following GOARCHs: alpha, arm, mipsle, mips64le, riscv, riscv64, sh. If you have users using these CPUs, please upgrade SQLite to v0.33.2.

Your feedback on this change is very appreciated. Please read and comment on the discussion.

This is a breaking change, but in most cases, upgrading is as simple as removing this import from your code:

import _ "github.com/ncruces/go-sqlite3/embed"

If you were configuring how much memory you gave your SQLite connections, you need to:

// Stop doing this:
sqlite3.RuntimeConfig = wazero.NewRuntimeConfig().WithMemoryLimitPages(512) // 32 MB
// And use this context to open your connections:
sqliteCtx := sqlite3.WithMaxMemory(parentCtx, 3210241024) // 32 MB

Full Changelog: ncruces/go-sqlite3@v0.32.0...v0.33.2

... (truncated)

Commits

Updates go.senan.xyz/wrtag from 0.20.0 to 0.30.0

Release notes

Sourced from go.senan.xyz/wrtag's releases.

v0.30.0

0.30.0 (2026-04-07)

⚠ BREAKING CHANGES

  • wrtag: revise path-format template data for media-aware tracks
v0.2x v0.30.0 notes
.TrackNum .Track.Position now uses MusicBrainz's real position (per-disc)
len .Tracks .Media.TrackCount track count is now per-medium, not total
.Tracks (removed)
.Media (new) access to the current medium (disc)
.Media.Position (new) disc number

Common find-and-replace in your config:

  • .TrackNum -> .Track.Position
  • len .Tracks -> .Media.TrackCount
  • {{ pad0 2 .TrackNum }} -> {{ pad0 2 .Track.Position }}
  • {{ len .Tracks | pad0 2 }} -> {{ .Media.TrackCount | pad0 2 }}

Features

  • pathformat: add validations for multi disc releases (9ea5bec)
  • pathformat: validate that there is always a safepath (3eaa31b)
  • separate rate limiting from timeouts (b9e9a70)
  • wrtag: add file-mode option to chmod files with respect to umask (05f31c9), closes #204
  • wrtag: filter out data tracks (ce435d1), closes #202
  • wrtagflag: add hint for v0.30.0 migration (ba07e0c)
  • wrtag: revise path-format template data for media-aware tracks (c48707b), closes #165 #177 #199
  • wrtag: write disc information (b9934f9)
  • wrtag: write track and disc total (3d7fa95)

Bug Fixes

  • docker: tolerate existing user on container restart (1e6eba7), closes #216
  • pathformat: populate example IDs during validation (fd6f2f4), closes #215
  • wrtag: resolve symlinks in dest paths to prevent trim deleting tracks (7054606), closes #214
  • wrtag: run HTTP timeouts after rate limiter (cebbf0a), closes #201
  • wrtagweb: recover enqueued jobs on startup (09b6f0e), closes #217
Changelog

Sourced from go.senan.xyz/wrtag's changelog.

0.30.0 (2026-04-07)

⚠ BREAKING CHANGES

  • wrtag: revise path-format template data for media-aware tracks

Features

  • pathformat: add validations for multi disc releases (9ea5bec)
  • pathformat: validate that there is always a safepath (3eaa31b)
  • separate rate limiting from timeouts (b9e9a70)
  • wrtag: add file-mode option to chmod files with respect to umask (05f31c9), closes #204
  • wrtag: filter out data tracks (ce435d1), closes #202
  • wrtagflag: add hint for v0.30.0 migration (ba07e0c)
  • wrtag: revise path-format template data for media-aware tracks (c48707b), closes #165 #177 #199
  • wrtag: write disc information (b9934f9)
  • wrtag: write track and disc total (3d7fa95)

Bug Fixes

  • docker: tolerate existing user on container restart (1e6eba7), closes #216
  • pathformat: populate example IDs during validation (fd6f2f4), closes #215
  • wrtag: resolve symlinks in dest paths to prevent trim deleting tracks (7054606), closes #214
  • wrtag: run HTTP timeouts after rate limiter (cebbf0a), closes #201
  • wrtagweb: recover enqueued jobs on startup (09b6f0e), closes #217
Commits
  • 6ae8539 chore(master): release 0.30.0 (#203)
  • 1e6eba7 fix(docker): tolerate existing user on container restart
  • ca74c16 chore(deps): bump
  • 09b6f0e fix(wrtagweb): recover enqueued jobs on startup
  • 444475e chore(deps): bump
  • fd6f2f4 fix(pathformat): populate example IDs during validation
  • 65a6d32 chore(deps): bump
  • 3eaa31b feat(pathformat): validate that there is always a safepath
  • 7054606 fix(wrtag): resolve symlinks in dest paths to prevent trim deleting tracks
  • 946cb20 remove httpcache
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.49.0 to 0.52.0

Commits
  • 316e20c go.mod: update golang.org/x dependencies
  • 9767a42 internal/http3: add support for plugging into net/http
  • 4a81284 http2: update docs to disrecommend this package
  • dec6603 dns/dnsmessage: reject too large of names early during unpack
  • 8afa12f http2: deprecate write schedulers
  • 38019a2 http2: add missing copyright header to export_test.go
  • 039b87f internal/http3: return error when Write is used after status 304 is set
  • 6267c6c internal/http3: add HTTP 103 Early Hints support to ClientConn
  • 591bdf3 internal/http3: add HTTP 103 Early Hints support to Server
  • 1faa6d8 internal/http3: avoid potential race when aborting RoundTrip
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits
  • ec11c4a errgroup: fix a typo in the documentation
  • 1a58307 all: modernize interface{} -> any
  • 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the all group with 2 updates
a7d9cca 
Bumps the all group with 2 updates: golang and alpine.


Updates `golang` from 1.25-alpine3.22 to 1.26-alpine3.22

Updates `alpine` from 3.22 to 3.23
chore(deps): bump the all group with 4 updates

Bumps the all group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/build-push-action](https://github.com/docker/build-push-action) and [google-github-actions/release-please-action](https://github.com/google-github-actions/release-please-action).


Updates `actions/checkout` from 3 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v6)

Updates `docker/setup-buildx-action` from 1 to 4
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v1...v4)

Updates `docker/build-push-action` from 6 to 7
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v6...v7)

Updates `google-github-actions/release-please-action` from 2 to 4
- [Release notes](https://github.com/google-github-actions/release-please-action/releases)
- [Changelog](https://github.com/google-github-actions/release-please-action/blob/main/CHANGELOG.md)
- [Commits](google-github-actions/release-please-action@v2...v4)
chore(deps): bump the all group with 5 updates

Bumps the all group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) | `1.14.33` | `1.14.42` |
| [github.com/ncruces/go-sqlite3](https://github.com/ncruces/go-sqlite3) | `0.30.4` | `0.33.3` |
| [go.senan.xyz/wrtag](https://github.com/sentriz/wrtag) | `0.20.0` | `0.30.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.49.0` | `0.52.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.19.0` | `0.20.0` |


Updates `github.com/mattn/go-sqlite3` from 1.14.33 to 1.14.42
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.33...v1.14.42)

Updates `github.com/ncruces/go-sqlite3` from 0.30.4 to 0.33.3
- [Release notes](https://github.com/ncruces/go-sqlite3/releases)
- [Commits](ncruces/go-sqlite3@v0.30.4...v0.33.3)

Updates `go.senan.xyz/wrtag` from 0.20.0 to 0.30.0
- [Release notes](https://github.com/sentriz/wrtag/releases)
- [Changelog](https://github.com/sentriz/wrtag/blob/master/CHANGELOG.md)
- [Commits](sentriz/wrtag@v0.20.0...v0.30.0)

Updates `golang.org/x/net` from 0.49.0 to 0.52.0
- [Commits](golang/net@v0.49.0...v0.52.0)

Updates `golang.org/x/sync` from 0.19.0 to 0.20.0
- [Commits](golang/sync@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang
  dependency-version: 1.26-alpine3.22
  dependency-type: direct:production
  dependency-group: all
- dependency-name: alpine
  dependency-version: '3.23'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: docker/build-push-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: google-github-actions/release-please-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/ncruces/go-sqlite3
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: go.senan.xyz/wrtag
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/net
  dependency-version: 0.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/sync
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file docker Pull requests that update docker code labels Apr 21, 2026
@sentriz sentriz force-pushed the master branch 4 times, most recently from 42aaccf to 6b377e7 Compare April 29, 2026 15:17
@sentriz sentriz force-pushed the master branch 2 times, most recently from c00760e to 9f706b9 Compare May 22, 2026 18:01
@sentriz
Copy link
Copy Markdown
Owner

sentriz commented May 22, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 22, 2026

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@sentriz
Copy link
Copy Markdown
Owner

sentriz commented May 22, 2026

@dependabot recreate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update docker code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sentriz