Vim-fork focused on extensibility and usability http://git.waynecole.info/neovim/atom?h=dependabot%2Fgithub_actions%2Fgithub-actions-c6747d2992 2026-04-24T12:29:28Z 2026-04-24T12:29:28Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-04-24T12:29:28Z urn:sha1:0728238d2361abdb43b078da68bee38a8e437c7a Bumps the github-actions group with 3 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action), [msys2/setup-msys2](https://github.com/msys2/setup-msys2) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action). Bumps the github-actions group with 1 update in the /.github/actions/cache directory: [actions/cache](https://github.com/actions/cache). Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4.35.1...v4.35.2) Updates `msys2/setup-msys2` from 2.31.0 to 2.31.1 - [Release notes](https://github.com/msys2/setup-msys2/releases) - [Changelog](https://github.com/msys2/setup-msys2/blob/main/CHANGELOG.md) - [Commits](https://github.com/msys2/setup-msys2/compare/cafece8e6baf9247cf9b1bf95097b0b983cc558d...e9898307ac31d1a803454791be09ab9973336e1c) Updates `zizmorcore/zizmor-action` from 0.5.2 to 0.5.3 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8...b1d7e1fb5de872772f31590499237e7cce841e8e) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5.0.4...v5.0.5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: msys2/setup-msys2 dependency-version: 2.31.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 2026-04-17T13:02:20Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-04-17T12:29:44Z urn:sha1:2c67daee88d789001c43948aa6350d573c039026 Bumps the github-actions group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action). Bumps the github-actions group with 1 update in the /.github/actions/cache directory: [actions/cache](https://github.com/actions/cache). Updates `github/codeql-action` from 4 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4...v4.35.1) Updates `actions/cache` from 5 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5...v5.0.4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 2026-03-10T01:36:20Z Daniel Hast hast.daniel@protonmail.com 2026-03-07T15:05:39Z urn:sha1:755087f8ef0dd42f477757eafeefd9690edf0619 The default workflow permissions are overly broad; setting permissions explicitly at the workflow level ensures excessive permissions are not unintentionally granted to jobs. For details, see: https://docs.zizmor.sh/audits/#excessive-permissions 2026-03-10T01:36:20Z Daniel Hast hast.daniel@protonmail.com 2026-03-07T14:44:52Z urn:sha1:63844b7904223212f7279316cb1a9ef22ba179d8 Set `persist-credentials: false` for all uses of `actions/checkout`. This prevents git credentials from being stored on disk, and fixes the following Zizmor audit: https://docs.zizmor.sh/audits/#artipacked 2025-11-21T12:34:28Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2025-11-21T12:07:01Z urn:sha1:c4886397570692b30a9f5963f27a713debaec150 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> 2025-10-08T20:13:58Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2025-10-08T20:13:58Z urn:sha1:0ea46563eb76ecb6ee502d62a0871faaa986e7df Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2025-08-11T20:43:53Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2025-08-11T20:43:53Z urn:sha1:b52f9a19b39998af64c3f31c537ae610b369b041 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2024-03-27T15:37:59Z dundargoc gocdundar@gmail.com 2024-03-27T13:14:25Z urn:sha1:1bfe6fdceb9d50944a963c843cbeb6dd0a399bfe This allows us to easily test the release branch if needed. 2024-03-16T14:00:09Z dundargoc gocdundar@gmail.com 2024-03-10T12:49:00Z urn:sha1:bf24298feaeab9dd5fea197b4b4422fee31ac33c `github.ref` is now defined for both pull requests and pushes, meaning that it can be used to simplify the concurrency group. `cancel-in-progress` is set to true only if the trigger is a pull request, as we don't want master runs to cancel each other out. 2023-12-14T13:16:35Z dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2023-12-14T13:16:35Z urn:sha1:7db9992445a69df16eb12d349d49ab8968e9a505 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3)