Bump the all group across 1 directory with 2 updates by dependabot[bot] · Pull Request #13 · mellowagain/website

dependabot · 2026-05-01T20:54:33Z

Bumps the all group with 2 updates in the / directory: pnpm/action-setup and actions/cache.

Updates pnpm/action-setup from 5.0.0 to 6.0.8

Release notes

Sourced from pnpm/action-setup's releases.

v6.0.8

What's Changed

docs(README): fix cache_dependency_path type by @haines in pnpm/action-setup#257

fix: drop patchPnpmEnv so standalone+self-update works on Windows by @zkochan in pnpm/action-setup#258

fix: update pnpm to 11.1.1 by @mungodewar in pnpm/action-setup#248

New Contributors

@mungodewar made their first contribution in pnpm/action-setup#248

Full Changelog: pnpm/action-setup@v6.0.7...v6.0.8

v6.0.7

What's Changed

fix: honor devEngines.packageManager.onFail=error (#252) by @zkochan in pnpm/action-setup#254

fix: restore inputs from state in post by @haines in pnpm/action-setup#255

fix: self-update bootstrap to packageManager-pinned version (#233) by @zkochan in pnpm/action-setup#256

New Contributors

@haines made their first contribution in pnpm/action-setup#255

Full Changelog: pnpm/action-setup@v6.0.6...v6.0.7

v6.0.6

What's Changed

fix: bin_dest output points to self-updated pnpm, not bootstrap by @zkochan in pnpm/action-setup#249

Full Changelog: pnpm/action-setup@v6.0.5...v6.0.6

v6.0.5

What's Changed

fix: append (not prepend) action node dir to PATH for npm bootstrap by @zkochan in pnpm/action-setup#241

Full Changelog: pnpm/action-setup@v6.0.4...v6.0.5

v6.0.4

What's Changed

fix: use npm co-located with the action node binary by @benquarmby in pnpm/action-setup#239

New Contributors

@benquarmby made their first contribution in pnpm/action-setup#239

Full Changelog: pnpm/action-setup@v6.0.3...v6.0.4

v6.0.3

Updated pnpm to v11.0.0-rc.5

Full Changelog: pnpm/action-setup@v6.0.2...v6.0.3

... (truncated)

Commits

0e279bb fix: update pnpm to 11.1.1 (#248)
3e83581 fix: drop patchPnpmEnv so standalone+self-update works on Windows (#258)
551b42e docs(README): fix cache_dependency_path type (#257)
739bfe4 fix: self-update bootstrap to packageManager-pinned version (#233) (#256)
f61705d chore: add CODEOWNERS
7a5507b fix: restore inputs from state in post (#255)
1155470 fix: honor devEngines.packageManager.onFail=error (#252) (#254)
91ab88e fix: bin_dest output points to self-updated pnpm, not bootstrap (#249)
e578e19 fix: update pnpm to 11.0.4
8912a91 fix: append (not prepend) action node dir to PATH for npm bootstrap (#241)
Additional commits viewable in compare view

Updates actions/cache from 5.0.4 to 5.0.5

Release notes

Sourced from actions/cache's releases.

v5.0.5

What's Changed

Update ts-http-runtime dependency by @yacaovsnc in actions/cache#1747

Full Changelog: actions/cache@v5...v5.0.5

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)

Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)

Bump fast-xml-parser to v5.5.6

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

27d5ce7 Merge pull request #1747 from actions/yacaovsnc/update-dependency
f280785 licensed changes
619aeb1 npm run build generated dist files
bcf16c2 Update ts-http-runtime to 0.3.5
See full diff in compare view

vercel · 2026-05-01T20:57:05Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
mari.zip	Ready	Preview, Comment	Jun 3, 2026 1:31am

Bumps the all group with 2 updates in the / directory: [pnpm/action-setup](https://github.com/pnpm/action-setup) and [actions/cache](https://github.com/actions/cache). Updates `pnpm/action-setup` from 5.0.0 to 6.0.8 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](pnpm/action-setup@fc06bc1...0e279bb) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@6682284...27d5ce7) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: pnpm/action-setup dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 1, 2026

vercel Bot deployed to Preview May 1, 2026 20:57 View deployment

dependabot Bot changed the title ~~Bump the all group with 2 updates~~ Bump the all group across 1 directory with 2 updates Jun 3, 2026

dependabot Bot force-pushed the dependabot/github_actions/all-17e6b88453 branch from 21ebddb to 35b9566 Compare June 3, 2026 01:30

vercel Bot deployed to Preview June 3, 2026 01:31 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the all group across 1 directory with 2 updates#13

Bump the all group across 1 directory with 2 updates#13
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/all-17e6b88453

dependabot Bot commented on behalf of github May 1, 2026 •

edited

Loading

Uh oh!

vercel Bot commented May 1, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 1, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.0.8

What's Changed

New Contributors

v6.0.7

What's Changed

New Contributors

v6.0.6

What's Changed

v6.0.5

What's Changed

v6.0.4

What's Changed

New Contributors

v6.0.3

v5.0.5

What's Changed

Releases

How to prepare a release

Changelog

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

Uh oh!

vercel Bot commented May 1, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 1, 2026 •

edited

Loading

vercel Bot commented May 1, 2026 •

edited

Loading