Skip to content

chore(deps): bump the npm group across 1 directory with 4 updates#10422

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164
Open

chore(deps): bump the npm group across 1 directory with 4 updates#10422
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 16, 2026
edited
Loading

Bumps the npm group with 4 updates in the /dev/coverage-action directory: @actions/core, @actions/github, lodash and luxon.

Updates @actions/core from 1.11.1 to 3.0.0

Changelog

Sourced from @​actions/core's changelog.

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.3

  • Bump @actions/http-client to 3.0.2

2.0.1

  • Bump @​actions/exec from 1.1.1 to 2.0.0 #2199

2.0.0

  • Add support for Node 24 #2110
  • Bump @​actions/http-client from 2.0.1 to 3.0.0
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​actions/core since your current version.


Updates @actions/github from 6.0.1 to 9.0.0

Changelog

Sourced from @​actions/github's changelog.

9.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()
    • Example: const { getOctokit, context } = await import('@actions/github')
  • Fix TypeScript compilation by migrating to ESM, enabling proper imports from @octokit/core/types

8.0.1

  • Update undici to 6.23.0
  • Update @actions/http-client to 3.0.2

8.0.0

  • Update @​octokit dependencies
    • @octokit/core ^7.0.6
    • @octokit/plugin-paginate-rest ^14.0.0
    • @octokit/plugin-rest-endpoint-methods ^17.0.0
    • @octokit/request ^10.0.7
    • @octokit/request-error ^7.1.0
  • Breaking change: Minimum Node.js version is now 20 (previously 18)

7.0.0

  • Update to v3.0.1 of @actions/http-client
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​actions/github since your current version.


Updates lodash from 4.17.21 to 4.17.23

Commits

Updates luxon from 3.7.1 to 3.7.2

Changelog

Sourced from luxon's changelog.

3.7.2 (2025-07-09)

  • Fix ES6 packaging
Commits
  • 4262a38 Version 3.7.2
  • 738144d Fix the build ES6 code having the wrong file extension and use it in package....
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code major labels Feb 16, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch 2 times, most recently from b5d5f35 to 6022fdc Compare March 2, 2026 13:45
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch 2 times, most recently from d4f0755 to 7744760 Compare March 16, 2026 13:04
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch from 7744760 to 0fa79b6 Compare March 23, 2026 13:05
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch 2 times, most recently from c910b44 to b757dbd Compare April 6, 2026 13:04
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch from b757dbd to 345c180 Compare April 13, 2026 13:49
@dependabot
chore(deps): bump the npm group across 1 directory with 4 updates
8d3805a 
Bumps the npm group with 4 updates in the /dev/coverage-action directory: [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core), [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github), [lodash](https://github.com/lodash/lodash) and [luxon](https://github.com/moment/luxon).


Updates `@actions/core` from 1.11.1 to 3.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@actions/github` from 6.0.1 to 9.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

Updates `luxon` from 3.7.1 to 3.7.2
- [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md)
- [Commits](moment/luxon@3.7.1...3.7.2)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@actions/github"
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: luxon
  dependency-version: 3.7.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev/coverage-action/npm-9c97a5e164 branch from 345c180 to 8d3805a Compare April 20, 2026 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code major

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants