Bump the actions group with 5 updates (#2164)

dependabot[bot] · web-flow · commit 080ebc5a5c41 · 2026-03-24T12:51:11.000+01:00
Bumps the actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.4` | | [chromaui/action](https://github.com/chromaui/action) | `15.3.0` | `16.0.0` | | [nick-fields/retry](https://github.com/nick-fields/retry) | `3.0.2` | `4.0.0` | | [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login) | `2.0.2` | `2.1.0` | | [flatherskevin/semver-action](https://github.com/flatherskevin/semver-action) | `1.1.2` | `1.1.3` | Updates `actions/cache` from 5.0.3 to 5.0.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.4</h2> <h2>What's Changed</h2> <ul> <li>Add release instructions and update maintainer docs by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1696">actions/cache#1696</a></li> <li>Potential fix for code scanning alert no. 52: Workflow does not contain permissions by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1697">actions/cache#1697</a></li> <li>Fix workflow permissions and cleanup workflow names / formatting by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1699">actions/cache#1699</a></li> <li>docs: Update examples to use the latest version by <a href="https://github.com/XZTDean"><code>@​XZTDean</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1690">actions/cache#1690</a></li> <li>Fix proxy integration tests by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1701">actions/cache#1701</a></li> <li>Fix cache key in examples.md for bun.lock by <a href="https://github.com/RyPeck"><code>@​RyPeck</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1722">actions/cache#1722</a></li> <li>Update dependencies &amp; patch security vulnerabilities by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1738">actions/cache#1738</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/XZTDean"><code>@​XZTDean</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1690">actions/cache#1690</a></li> <li><a href="https://github.com/RyPeck"><code>@​RyPeck</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1722">actions/cache#1722</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.4">https://github.com/actions/cache/compare/v5...v5.0.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h3>5.0.4</h3> <ul> <li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar patterns)</li> <li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)</li> <li>Bump <code>fast-xml-parser</code> to v5.5.6</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7"><code>6682284</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1738">#1738</a> from actions/prepare-v5.0.4</li> <li><a href="https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2"><code>e340396</code></a> Update RELEASES</li> <li><a href="https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6"><code>8a67110</code></a> Add licenses</li> <li><a href="https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830"><code>1865903</code></a> Update dependencies &amp; patch security vulnerabilities</li> <li><a href="https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c"><code>5656298</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1722">#1722</a> from RyPeck/patch-1</li> <li><a href="https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6"><code>4e380d1</code></a> Fix cache key in examples.md for bun.lock</li> <li><a href="https://github.com/actions/cache/commit/b7e8d49f17405cc70c1c120101943203c98d3a4b"><code>b7e8d49</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1701">#1701</a> from actions/Link-/fix-proxy-integration-tests</li> <li><a href="https://github.com/actions/cache/commit/984a21b1cb176a0936f4edafb42be88978f93ef1"><code>984a21b</code></a> Add traffic sanity check step</li> <li><a href="https://github.com/actions/cache/commit/acf2f1f76affe1ef80eee8e56dfddd3b3e5f0fba"><code>acf2f1f</code></a> Fix resolution</li> <li><a href="https://github.com/actions/cache/commit/95a07c51324af6001b4d6ab8dff29f4dfadc2531"><code>95a07c5</code></a> Add wait for proxy</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/v5.0.3...v5.0.4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 15.3.0 to 16.0.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/chromaui/action/blob/main/CHANGELOG.md">chromaui/action's changelog</a>.</em></p> <blockquote> <h1>v16.0.0 (Mon Mar 23 2026)</h1> <h4>💥 Breaking Change</h4> <ul> <li>Drop support for Node 18 and update GitHub Action to Node 24 <a href="https://redirect.github.com/chromaui/chromatic-cli/pull/1251">#1251</a> (<a href="https://github.com/codykaup"><code>@​codykaup</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Cody Kaup (<a href="https://github.com/codykaup"><code>@​codykaup</code></a>)</li> </ul> <hr /> <h1>v15.3.1 (Mon Mar 23 2026)</h1> <h4>🐛 Bug Fix</h4> <ul> <li>Properly timeout process tree in shell commands <a href="https://redirect.github.com/chromaui/chromatic-cli/pull/1254">#1254</a> (<a href="https://github.com/codykaup"><code>@​codykaup</code></a>)</li> </ul> <h4>Authors: 1</h4> <ul> <li>Cody Kaup (<a href="https://github.com/codykaup"><code>@​codykaup</code></a>)</li> </ul> <hr /> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/f191a0224b10e1a38b2091cefb7b7a2337009116"><code>f191a02</code></a> v16.0.0</li> <li><a href="https://github.com/chromaui/action/commit/eea1606238fd97a70b5af723d103953d1f40967b"><code>eea1606</code></a> v15.3.1</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/v15.3.0...v16.0.0">compare view</a></li> </ul> </details> <br /> Updates `nick-fields/retry` from 3.0.2 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nick-fields/retry/releases">nick-fields/retry's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h1><a href="https://github.com/nick-fields/retry/compare/v3.0.2...v4.0.0">4.0.0</a> (2026-03-20)</h1> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nick-fields/retry/commit/ad984534de44a9489a53aefd81eb77f87c70dc60"><code>ad98453</code></a> Merge pull request <a href="https://redirect.github.com/nick-fields/retry/issues/165">#165</a> from nick-fields/nrf/node24</li> <li><a href="https://github.com/nick-fields/retry/commit/16b9199fa5afaadcb0513a3eb25d7d6ff95246a0"><code>16b9199</code></a> major: upgrade to node24</li> <li><a href="https://github.com/nick-fields/retry/commit/9417ab499314dfe692edb043ded2ff9b3f5f0a68"><code>9417ab4</code></a> Merge pull request <a href="https://redirect.github.com/nick-fields/retry/issues/148">#148</a> from xavier2k6/nf_retry_p1</li> <li><a href="https://github.com/nick-fields/retry/commit/07cd61dba69c86eb0f5c2002adc167f59b5a9a9f"><code>07cd61d</code></a> Merge branch 'master' into nf_retry_p1</li> <li><a href="https://github.com/nick-fields/retry/commit/d6b241c90e867e2d605cfe1b48976c9c6e5337dc"><code>d6b241c</code></a> Merge branch 'master' into nf_retry_p1</li> <li><a href="https://github.com/nick-fields/retry/commit/8d92921684d4fc6d35bf40fd9d3ba9de4ce7e0ae"><code>8d92921</code></a> Bump ci_cd workflow actions</li> <li>See full diff in <a href="https://github.com/nick-fields/retry/compare/ce71cc2ab81d554ebbe88c79ab5975992d79ba08...ad984534de44a9489a53aefd81eb77f87c70dc60">compare view</a></li> </ul> </details> <br /> Updates `aws-actions/amazon-ecr-login` from 2.0.2 to 2.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aws-actions/amazon-ecr-login/releases">aws-actions/amazon-ecr-login's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <p>See the <a href="https://github.com/aws-actions/amazon-ecr-login/blob/HEAD/CHANGELOG.md">changelog</a> for details about the changes included in this release.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md">aws-actions/amazon-ecr-login's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/aws-actions/amazon-ecr-login/compare/v2.0.2...v2.1.0">2.1.0</a> (2026-03-19)</h2> <h3>Features</h3> <ul> <li>Add EKS Pod Identity support to Amazon ECR login action (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/624">#624</a>, <a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/735">#735</a>) (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/740">#740</a>) (<a href="https://github.com/aws-actions/amazon-ecr-login/commit/dcb4c271bc6a7911759352f7f39dfe3730e6a1d7">dcb4c27</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/261fc3d4806db1fa66a15cc11113c456db8870a7"><code>261fc3d</code></a> chore(release): 2.1.0</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/fce8c93885384b6738a5face7f5bc4faa519735a"><code>fce8c93</code></a> chore: Update dist (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/944">#944</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/fd38eb4fb566ed93135fad739d6f41ede4565d01"><code>fd38eb4</code></a> chore(deps): bump <code>@​aws-sdk/client-ecr</code> from 3.1007.0 to 3.1011.0 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/930">#930</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/a12f2e72424e666c6239c37a5fbed48fdd3009c7"><code>a12f2e7</code></a> chore: Update dist (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/939">#939</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/1f8f37544c9a1137c89852c10d9b2881ffc01424"><code>1f8f375</code></a> chore(deps): bump <code>@​aws-sdk/credential-providers</code> from 3.744.0 to 3.1011.0 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/928">#928</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/02342877c598bd6e77d18036392ea814cf057b1d"><code>0234287</code></a> chore(deps): bump <code>@​aws-sdk/client-ecr-public</code> from 3.982.0 to 3.1011.0 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/932">#932</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/400e82ee6c4857f28c7de4918dd979902044e977"><code>400e82e</code></a> chore(deps-dev): bump jest from 30.2.0 to 30.3.0 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/929">#929</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/f7873b0e9f48a47a1b9417d1711302b4858928e4"><code>f7873b0</code></a> chore(deps): bump actions/github-script from 6 to 8 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/927">#927</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/5e6bf7644a937b87befeaacf957a516bf26be232"><code>5e6bf76</code></a> chore(deps): bump github/codeql-action from 3 to 4 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/926">#926</a>)</li> <li><a href="https://github.com/aws-actions/amazon-ecr-login/commit/b37474c1593d59b29c1e67d95f315ba771c8ae9a"><code>b37474c</code></a> chore(deps): bump actions/checkout from 4 to 6 (<a href="https://redirect.github.com/aws-actions/amazon-ecr-login/issues/925">#925</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aws-actions/amazon-ecr-login/compare/v2.0.2...v2.1.0">compare view</a></li> </ul> </details> <br /> Updates `flatherskevin/semver-action` from 1.1.2 to 1.1.3 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/flatherskevin/semver-action/commit/7ce18d3c29fa36251f492a5121013455741c072c"><code>7ce18d3</code></a> Bumping to Node 24 for builds (<a href="https://redirect.github.com/flatherskevin/semver-action/issues/304">#304</a>)</li> <li>See full diff in <a href="https://github.com/flatherskevin/semver-action/compare/fc3c4e67353e3c45b8164521ddd17c9e38d6d4d8...7ce18d3c29fa36251f492a5121013455741c072c">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml
@@ -24,7 +24,7 @@ jobs:
 
       - name: Cache node_modules
         id: node-modules-cache
-        uses: actions/cache@v5.0.3
+        uses: actions/cache@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
@@ -36,7 +36,7 @@ jobs:
 
       - name: Run Chromatic
         if: env.CHROMATIC_PROJECT_TOKEN
-        uses: chromaui/action@v15.3.0
+        uses: chromaui/action@v16.0.0
         with:
           projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
           onlyChanged: true # 👈 Required option to enable TurboSnap
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v6.0.2
       - name: Lookup node_modules cache
         id: node-modules-cache
-        uses: actions/cache@v5.0.3
+        uses: actions/cache@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
@@ -34,7 +34,7 @@ jobs:
       - uses: actions/checkout@v6.0.2
       - name: Restore node_modules cache
         id: node-modules-cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
@@ -49,13 +49,13 @@ jobs:
       - uses: actions/checkout@v6.0.2
       - name: Restore node_modules cache
         id: node-modules-cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
           fail-on-cache-miss: true
       - name: Restore NX cache
-        uses: actions/cache@v5.0.3
+        uses: actions/cache@v5.0.4
         with:
           path: .nx/cache
           key: nx-lint-${{ github.sha }}
@@ -85,7 +85,7 @@ jobs:
         uses: actions/checkout@v6.0.2
       - name: Restore node_modules cache
         id: node-modules-cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
@@ -132,13 +132,13 @@ jobs:
       - uses: actions/checkout@v6.0.2
       - name: Restore node_modules cache
         id: node-modules-cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
           fail-on-cache-miss: true
       - name: Restore NX cache
-        uses: actions/cache@v5.0.3
+        uses: actions/cache@v5.0.4
         with:
           path: .nx/cache
           key: nx-test-${{ matrix.test-suits.key || matrix.test-suits.name }}-${{ github.sha }}
@@ -147,7 +147,7 @@ jobs:
       - name: Test
         if: steps.nx-test-cache.outputs.cache-hit != 'true'
         continue-on-error: false
-        uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08
+        uses: nick-fields/retry@ad984534de44a9489a53aefd81eb77f87c70dc60
         with:
           timeout_minutes: 10
           max_attempts: 3
@@ -165,13 +165,13 @@ jobs:
       - uses: actions/checkout@v6.0.2
       - name: Restore node_modules cache
         id: node-modules-cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: node_modules
           key: node-modules-cache-${{ hashFiles('package-lock.json', '.npmrc') }}
           fail-on-cache-miss: true
       - name: Restore NX cache
-        uses: actions/cache@v5.0.3
+        uses: actions/cache@v5.0.4
         with:
           path: .nx/cache
           key: nx-build-${{ github.sha }}
@@ -184,7 +184,7 @@ jobs:
           npx nx run-many --target=build
           ./tools/truncate-nx-cache.sh
       - name: Save build cache
-        uses: actions/cache/save@v5.0.3
+        uses: actions/cache/save@v5.0.4
         with:
           path: dist
           key: dist-${{ github.sha }}
@@ -205,7 +205,7 @@ jobs:
     steps:
       - uses: actions/checkout@v6.0.2
       - name: Restore build cache
-        uses: actions/cache/restore@v5.0.3
+        uses: actions/cache/restore@v5.0.4
         with:
           path: dist
           key: dist-${{ github.sha }}
@@ -222,7 +222,7 @@ jobs:
       - name: Login to Amazon ECR
         id: login-ecr
         if: vars.ECR_REGION
-        uses: aws-actions/amazon-ecr-login@v2.0.2
+        uses: aws-actions/amazon-ecr-login@v2.1.0
       - name: Format image tag parts
         env:
           BRANCH: ${{ github.head_ref || github.ref_name }}
@@ -278,7 +278,7 @@ jobs:
           aws-region: ${{ vars.ECR_REGION }}
       - name: Login to Amazon ECR
         id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2.0.2
+        uses: aws-actions/amazon-ecr-login@v2.1.0
       - name: Format image tag components
         env:
           BRANCH: ${{ github.head_ref || github.ref_name }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -25,7 +25,7 @@ jobs:
     - name: Get next version
       if: inputs.version == ''
       id: semver
-      uses: flatherskevin/semver-action@fc3c4e67353e3c45b8164521ddd17c9e38d6d4d8
+      uses: flatherskevin/semver-action@7ce18d3c29fa36251f492a5121013455741c072c
       with:
         incrementLevel: patch
         source: tags
@@ -53,9 +53,9 @@ jobs:
           aws-region: ${{ vars.ECR_REGION }}
       - name: Login to private ECR
         id: login-private-ecr
-        uses: aws-actions/amazon-ecr-login@v2.0.2
+        uses: aws-actions/amazon-ecr-login@v2.1.0
       - name: Login to public ECR
-        uses: aws-actions/amazon-ecr-login@v2.0.2
+        uses: aws-actions/amazon-ecr-login@v2.1.0
         env:
           AWS_REGION: ${{ vars.ECR_PUBLIC_REGION }}
         with:
