build(deps): bump the actions group with 4 updates #4508

dependabot · 2025-10-01T12:04:35Z

Bumps the actions group with 4 updates: actions/setup-python, ansys/actions, docker/login-action and actions/labeler.

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

e797f83 Upgrade to node 24 (#1164)
3d1e2d2 Revert "Enhance cache-dependency-path handling to support files outside the w...
65b0712 Clarify pythonLocation behavior for PyPy and GraalPy in environment variables...
5b668cf Bump actions/checkout from 4 to 5 (#1181)
f62a0e2 Change missing cache directory error to warning (#1182)
9322b3c Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIn...
fbeb884 Bump form-data to fix critical vulnerabilities #182 & #183 (#1163)
03bb615 Bump idna from 2.9 to 3.7 in /tests/data (#843)
36da51d Add version parsing from Pipfile (#1067)
3c6f142 update documentation (#1156)
Additional commits viewable in compare view

Updates ansys/actions from 10.0 to 10.1

Release notes

Sourced from ansys/actions's releases.

v10.1.0

If you are migrating the actions of your project to a new major release, breaking changes can be expected. To make sure everything is compatible with your current workflow, refer to the Migration Guide for v10 to find out more about new features and potential breaking changes.

What's Changed

docs: update v6 changes by @SMoraisAnsys in ansys/actions#463

docs: Add code spell hook changes in vale migration guide by @dipinknair in ansys/actions#464

docs: implementing changelog as part of the documentation by @RobPasMue in ansys/actions#465

fix: Update the sitemap with .html suffix to entries by @Revathyvenugopal162 in ansys/actions#468

fix: docs for changelog setup on RST by @RobPasMue in ansys/actions#469

fix: canonical link injection in HTML files by @jorgepiloto in ansys/actions#472

docs: fixing links and removing empty table by @clatapie in ansys/actions#471

feat: enable validate-build option to build-library action by @RobPasMue in ansys/actions#473

fix: fail doc-style action when wrong Vale config is present by @jorgepiloto in ansys/actions#470

fix: vale check by @RobPasMue in ansys/actions#474

fix: remove unnecessary curly brackets in doc-deploy-changelog docs by @klmcadams in ansys/actions#476

feat: vale ignore towncrier directory by @klmcadams in ansys/actions#478

fix: check pyproject.toml file exists before opening it by @klmcadams in ansys/actions#480

fix: typo in ci/cd by @RobPasMue in ansys/actions#482

chore: gh-pages does not exist message for doc-deploy-dev by @klmcadams in ansys/actions#475

feat: use github context action_path for vulnerabilities action by @RobPasMue in ansys/actions#483

fix: allow backtick, single, and double quotes for PR titles in the doc-changelog action by @klmcadams in ansys/actions#484

docs: fix broken link in the documentation by @Revathyvenugopal162 in ansys/actions#487

build: bump ansys-sphinx-theme from 0.15.2 to 0.16.2 in /requirements by @dependabot[bot] in ansys/actions#489

build: bump sphinx-design from 0.5.0 to 0.6.0 in /requirements by @dependabot[bot] in ansys/actions#490

feat: make optional use latest index in landing page by @vgelbgras in ansys/actions#493

feat: allow the usage of trusted publishers by @RobPasMue in ansys/actions#491

fix: update doc deploy actions to to correct local search path on landing page by @Revathyvenugopal162 in ansys/actions#494

build: bump ansys-sphinx-theme from 0.16.2 to 0.16.4 in /requirements by @dependabot[bot] in ansys/actions#495

build: bump ansys-sphinx-theme from 0.16.4 to 0.16.5 in /requirements by @dependabot[bot] in ansys/actions#498

feat: allow upper case in doc-deploy-changelog by @SMoraisAnsys in ansys/actions#497

feat: update dependabot to new wildcard syntaxt by @jorgepiloto in ansys/actions#500

chore: enhance doc-changelog migration guide by @klmcadams in ansys/actions#499

fix: investigate dependabot syntax by @jorgepiloto in ansys/actions#501

build: bump sphinx from 7.2.6 to 7.3.7 in /requirements by @dependabot[bot] in ansys/actions#502

feat: add upload assets to doc-build by @SMoraisAnsys in ansys/actions#467

fix: only zip and upload if asked by @SMoraisAnsys in ansys/actions#503

feat: add an optional input for checkout so it can be skipped, if needed by @myoung301 in ansys/actions#504

fix: ignoring jinja2 vulnerability ID by @clatapie in ansys/actions#505

docs: adding a warning for vulnerability_checks with private repositories by @clatapie in ansys/actions#506

fix: only compress content inside html folder by @RobPasMue in ansys/actions#507

chore: optional targets run at the end by @RobPasMue in ansys/actions#508

build: bump ansys-sphinx-theme from 0.16.5 to 0.16.6 in /requirements by @dependabot[bot] in ansys/actions#511

feat: allow users to indicate files dir by @jorgepiloto in ansys/actions#509

fix: peaceiris/actions-gh-pages@v4 version by @jorgepiloto in ansys/actions#512

fix: make doc-changelog commit message compliant by @klmcadams in ansys/actions#513

fix: email address in doc-changelog and doc-deploy* by @SMoraisAnsys in ansys/actions#514

fix: update the build-ci wheels actions by @Revathyvenugopal162 in ansys/actions#518

refactor: remove non needed inputs by @SMoraisAnsys in ansys/actions#519

... (truncated)

Commits

123a1f1 chore: updating CHANGELOG for v10.1.3
80c5a65 release: v10.1.3
c6838e6 fix: GitHub command-line tool command in ansys/release-github (#1012)
9de5aa7 chore: updating CHANGELOG for v10.1.2
68a3799 release: v10.1.2
d34dcaa docs: update check-actions-security action documentation (#1007)
e0de7dd chore: updating CHANGELOG for v10.1.1
97b3ab0 release: v10.1.1
7aeebd6 docs: improve migration guide (#1003)
ed773ab release: v10.1.0
Additional commits viewable in compare view

Updates docker/login-action from 3.5.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

Add registry-auth input for raw authentication to registries by @crazy-max in docker/login-action#887

Bump @aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880

Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879

Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

Commits

5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
97e3143 chore: update generated content
3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
abc9fb3 chore: update generated content
d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
0d7fae8 chore: update generated content
9832253 build(deps): bump @docker/actions-toolkit from 0.62.1 to 0.63.0
09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
Additional commits viewable in compare view

Updates actions/labeler from 5 to 6

Release notes

Sourced from actions/labeler's releases.

v6.0.0

What's Changed

Add workflow file for publishing releases to immutable action package by @jcambass in actions/labeler#802

Breaking Changes

Upgrade Node.js version to 24 in action and dependencies @salmanmkc in actions/labeler#891 Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. Release Notes

Dependency Upgrades

Upgrade eslint-config-prettier from 9.0.0 to 9.1.0 by @dependabot[bot] in actions/labeler#711

Upgrade eslint from 8.52.0 to 8.55.0 by @dependabot[bot] in actions/labeler#720

Upgrade @types/jest from 29.5.6 to 29.5.11 by @dependabot[bot] in actions/labeler#719

Upgrade @types/js-yaml from 4.0.8 to 4.0.9 by @dependabot[bot] in actions/labeler#718

Upgrade @typescript-eslint/parser from 6.9.0 to 6.14.0 by @dependabot[bot] in actions/labeler#717

Upgrade prettier from 3.0.3 to 3.1.1 by @dependabot[bot] in actions/labeler#726

Upgrade eslint from 8.55.0 to 8.56.0 by @dependabot[bot] in actions/labeler#725

Upgrade @typescript-eslint/parser from 6.14.0 to 6.19.0 by @dependabot[bot] in actions/labeler#745

Upgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by @dependabot[bot] in actions/labeler#744

Upgrade @typescript-eslint/eslint-plugin from 6.9.0 to 6.20.0 by @dependabot[bot] in actions/labeler#750

Upgrade prettier from 3.1.1 to 3.2.5 by @dependabot[bot] in actions/labeler#752

Upgrade undici from 5.26.5 to 5.28.3 by @dependabot[bot] in actions/labeler#757

Upgrade braces from 3.0.2 to 3.0.3 by @dependabot[bot] in actions/labeler#789

Upgrade minimatch from 9.0.3 to 10.0.1 by @dependabot[bot] in actions/labeler#805

Upgrade @actions/core from 1.10.1 to 1.11.1 by @dependabot[bot] in actions/labeler#811

Upgrade typescript from 5.4.3 to 5.7.2 by @dependabot[bot] in actions/labeler#819

Upgrade @typescript-eslint/parser from 7.3.1 to 8.17.0 by @dependabot[bot] in actions/labeler#824

Upgrade prettier from 3.2.5 to 3.4.2 by @dependabot[bot] in actions/labeler#825

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/labeler#827

Upgrade eslint-plugin-jest from 27.9.0 to 28.9.0 by @dependabot[bot] in actions/labeler#832

Upgrade ts-jest from 29.1.2 to 29.2.5 by @dependabot[bot] in actions/labeler#831

Upgrade @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot[bot] in actions/labeler#830

Upgrade typescript from 5.7.2 to 5.7.3 by @dependabot[bot] in actions/labeler#835

Upgrade eslint-plugin-jest from 28.9.0 to 28.11.0 by @dependabot[bot] in actions/labeler#839

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/labeler#842

Upgrade @octokit/request-error from 5.0.1 to 5.1.1 by @dependabot[bot] in actions/labeler#846

Documentation changes

Add note regarding pull_request_target to README.md by @silverwind in actions/labeler#669

Update readme with additional examples and important note about pull_request_target event by @IvanZosimov in actions/labeler#721

Document update - permission section by @harithavattikuti in actions/labeler#840

Improvement in documentation for pull_request_target event usage in README by @suyashgaonkar in actions/labeler#871

Fix broken links in documentation by @suyashgaonkar in actions/labeler#822

New Contributors

@silverwind made their first contribution in actions/labeler#669

@Jcambass made their first contribution in actions/labeler#802

@suyashgaonkar made their first contribution in actions/labeler#822

@HarithaVattikuti made their first contribution in actions/labeler#840

@salmanmkc made their first contribution in actions/labeler#891

... (truncated)

Commits

634933e publish-action upgrade to 0.4.0 from 0.2.2 (#901)
f1a63e8 Update Node.js version to 24 in action and dependencies (#891)
b0a1180 Bump @octokit/request-error from 5.0.1 to 5.1.1 (#846)
110d441 Update README.md (#871)
bee50fe Bump undici from 5.28.4 to 5.28.5 (#842)
6463cdb Bump eslint-plugin-jest from 28.9.0 to 28.11.0 (#839)
c209686 Bump typescript from 5.7.2 to 5.7.3 (#835)
5184940 Bump @vercel/ncc from 0.38.1 to 0.38.3 (#830)
3629d55 Document update - permission section (#840)
d24f7f3 Bump ts-jest from 29.1.2 to 29.2.5 (#831)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 4 updates: [actions/setup-python](https://github.com/actions/setup-python), [ansys/actions](https://github.com/ansys/actions), [docker/login-action](https://github.com/docker/login-action) and [actions/labeler](https://github.com/actions/labeler). Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) Updates `ansys/actions` from 10.0 to 10.1 - [Release notes](https://github.com/ansys/actions/releases) - [Changelog](https://github.com/ansys/actions/blob/main/CHANGELOG.md) - [Commits](ansys/actions@v10.0...v10.1) Updates `docker/login-action` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@184bdaa...5e57cd1) Updates `actions/labeler` from 5 to 6 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: ansys/actions dependency-version: '10.1' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/labeler dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/ci.yml

      pull-requests: write
    steps:
-      - uses: ansys/actions/doc-deploy-changelog@v10.0
+      - uses: ansys/actions/doc-deploy-changelog@v10.1


.github/workflows/ci.yml

    steps:
      - name: Running Vale
-        uses: ansys/actions/doc-style@v10.0
+        uses: ansys/actions/doc-style@v10.1


.github/workflows/ci.yml

    steps:
      - name: "Run PyAnsys code style checks"
-        uses: ansys/actions/code-style@v10.0
+        uses: ansys/actions/code-style@v10.1


.github/workflows/ci.yml

    runs-on: ubuntu-latest
    steps:
-      - uses: ansys/actions/check-pr-title@v10.0
+      - uses: ansys/actions/check-pr-title@v10.1


.github/workflows/ci.yml

    steps:
      - name: Build wheelhouse and perform smoke test
-        uses: ansys/actions/build-wheelhouse@v10.0
+        uses: ansys/actions/build-wheelhouse@v10.1


.github/workflows/doc-build-dev-nightly.yml

    steps:
      - name: "Deploy development documentation"
-        uses: ansys/actions/doc-deploy-dev@v10.0
+        uses: ansys/actions/doc-deploy-dev@v10.1


.github/workflows/doc-build-release.yml

    steps:
      - name: "Deploy release documentation"
-        uses: ansys/actions/doc-deploy-stable@v10.0
+        uses: ansys/actions/doc-deploy-stable@v10.1


.github/workflows/label.yml

    runs-on: ubuntu-latest
    steps:
-      - uses: ansys/actions/doc-changelog@v10.0
+      - uses: ansys/actions/doc-changelog@v10.1


dependabot bot added the maintenance General maintenance of the repo (libraries, cicd, etc) label Oct 1, 2025

dependabot bot requested review from mkundu1, seanpearsonuk, prmukherj, hpohekar and mayankansys as code owners October 1, 2025 12:04

dependabot bot added the maintenance General maintenance of the repo (libraries, cicd, etc) label Oct 1, 2025

github-actions bot added the CI/CD Related to CI/CD label Oct 1, 2025

chore: adding changelog file 4508.dependencies.md [dependabot-skip]

e57b9f4

github-advanced-security bot found potential problems Oct 1, 2025

View reviewed changes

hpohekar approved these changes Oct 3, 2025

View reviewed changes

seanpearsonuk approved these changes Oct 6, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the actions group with 4 updates #4508

build(deps): bump the actions group with 4 updates #4508

Uh oh!

dependabot bot commented on behalf of github Oct 1, 2025

Uh oh!

Check warning

Check warning

Check warning

Check warning

Check warning

Check warning

Check warning

Check warning

Uh oh!

build(deps): bump the actions group with 4 updates #4508

Are you sure you want to change the base?

build(deps): bump the actions group with 4 updates #4508

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 1, 2025

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v10.1.0

What's Changed

v3.6.0

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Documentation changes

New Contributors

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Check warning

Uh oh!

Uh oh!