build: bump the github-actions group across 1 directory with 11 updates

[dependabot]

Bumps the github-actions group with 11 updates in the / directory:

Package	From	To
actions/checkout	4	6
tj-actions/changed-files	47.0.0	47.0.5
lycheeverse/lychee-action	2.7.0	2.8.0
actions/setup-dotnet	4	5
codfish/semantic-release-action	4	5
actions/setup-python	5	6
actions/upload-pages-artifact	3	4
actions/deploy-pages	4	5
docker/setup-buildx-action	3	4
docker/build-push-action	6	7
actions/upload-artifact	4	7

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates tj-actions/changed-files from 47.0.0 to 47.0.5

Release notes

Sourced from tj-actions/changed-files's releases.

v47.0.5

What's Changed

• Upgraded to v47.0.4 by @​github-actions[bot] in tj-actions/changed-files#2802
• Updated README.md by @​github-actions[bot] in tj-actions/changed-files#2803
• Updated README.md by @​github-actions[bot] in tj-actions/changed-files#2805
• chore(deps-dev): bump @​types/node from 25.2.2 to 25.3.2 by @​dependabot[bot] in tj-actions/changed-files#2811
• chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by @​dependabot[bot] in tj-actions/changed-files#2810
• chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in tj-actions/changed-files#2809
• chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by @​dependabot[bot] in tj-actions/changed-files#2799
• chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by @​dependabot[bot] in tj-actions/changed-files#2806
• chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by @​dependabot[bot] in tj-actions/changed-files#2775
• chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 by @​dependabot[bot] in tj-actions/changed-files#2774
• chore(deps): bump lodash and @​types/lodash by @​dependabot[bot] in tj-actions/changed-files#2807
• chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by @​dependabot[bot] in tj-actions/changed-files#2764
• chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by @​dependabot[bot] in tj-actions/changed-files#2815
• chore(deps-dev): bump @​types/node from 25.3.2 to 25.3.3 by @​dependabot[bot] in tj-actions/changed-files#2814

Full Changelog: tj-actions/changed-files@v47.0.4...v47.0.5

v47.0.4

What's Changed

• update: release-tagger action to version 6.0.6 by @​jackton1 in tj-actions/changed-files#2801

Full Changelog: tj-actions/changed-files@v47.0.3...v47.0.4

v47.0.3

What's Changed

• chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by @​dependabot[bot] in tj-actions/changed-files#2790
• update: release-tagger action to version 6.0.0 by @​jackton1 in tj-actions/changed-files#2800

Full Changelog: tj-actions/changed-files@v47.0.2...v47.0.3

v47.0.2

What's Changed

• chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by @​dependabot[bot] in tj-actions/changed-files#2751
• chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in tj-actions/changed-files#2741
• chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in tj-actions/changed-files#2743
• chore(deps): bump @​actions/core from 2.0.0 to 2.0.2 by @​dependabot[bot] in tj-actions/changed-files#2757
• Updated README.md by @​github-actions[bot] in tj-actions/changed-files#2768
• chore: update dist by @​jackton1 in tj-actions/changed-files#2769
• chore: update matrix-example.yml by @​jackton1 in tj-actions/changed-files#2752
• feat: add support for excluding symlinks and fix bug with commit not found by @​jackton1 in tj-actions/changed-files#2770
• chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by @​dependabot[bot] in tj-actions/changed-files#2761
• Updated README.md by @​github-actions[bot] in tj-actions/changed-files#2771
• chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by @​dependabot[bot] in tj-actions/changed-files#2756
• chore(deps-dev): bump @​types/lodash from 4.17.21 to 4.17.23 by @​dependabot[bot] in tj-actions/changed-files#2759
• fix: Update test.yml by @​jackton1 in tj-actions/changed-files#2781

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

47.0.5 - (2026-03-03)

🔄 Update

• Updated README.md (#2805)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (35dace0) - (github-actions[bot])

• Updated README.md (#2803)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (9ee99eb) - (github-actions[bot])

⚙️ Miscellaneous Tasks

• deps-dev: Bump @​types/node from 25.3.2 to 25.3.3 (#2814) (22103cc) - (dependabot[bot])
• deps: Bump github/codeql-action from 4.32.4 to 4.32.5 (#2815) (6c02e90) - (dependabot[bot])
• deps-dev: Bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (#2764) (05f9457) - (dependabot[bot])
• deps: Bump lodash and @​types/lodash (#2807) (52ed872) - (dependabot[bot])
• deps: Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#2774) (1cc5746) - (dependabot[bot])
• deps-dev: Bump prettier from 3.7.4 to 3.8.1 (#2775) (de2962f) - (dependabot[bot])
• deps: Bump github/codeql-action from 4.32.2 to 4.32.4 (#2806) (37e96cc) - (dependabot[bot])
• deps-dev: Bump eslint-plugin-jest from 29.12.1 to 29.15.0 (#2799) (2180b0f) - (dependabot[bot])
• deps: Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#2809) (cf021c1) - (dependabot[bot])
• deps: Bump actions/download-artifact from 7.0.0 to 8.0.0 (#2810) (b54ac6f) - (dependabot[bot])
• deps-dev: Bump @​types/node from 25.2.2 to 25.3.2 (#2811) (0f2a510) - (dependabot[bot])

⬆️ Upgrades

• Upgraded to v47.0.4 (#2802)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (b7ac303) - (github-actions[bot])

47.0.4 - (2026-02-17)

🔄 Update

• Release-tagger action to version 6.0.6 (#2801) (7dee1b0) - (Tonye Jack)

47.0.3 - (2026-02-17)

🔄 Update

• Release-tagger action to version 6.0.0 (#2800) (28b28f6) - (Tonye Jack)

⚙️ Miscellaneous Tasks

• deps: Bump github/codeql-action from 4.31.10 to 4.32.2 (#2790) (875e6e5) - (dependabot[bot])

... (truncated)

Commits

• 22103cc chore(deps-dev): bump @​types/node from 25.3.2 to 25.3.3 (#2814)
• 6c02e90 chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (#2815)
• 05f9457 chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (#2764)
• 52ed872 chore(deps): bump lodash and @​types/lodash (#2807)
• 1cc5746 chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#2774)
• de2962f chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (#2775)
• 37e96cc chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (#2806)
• 2180b0f chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (#2799)
• cf021c1 chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#2809)
• b54ac6f chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (#2810)
• Additional commits viewable in compare view

Updates lycheeverse/lychee-action from 2.7.0 to 2.8.0

Release notes

Sourced from lycheeverse/lychee-action's releases.

v2.8.0

What's Changed

• Update lycheeVersion to v0.23.0 by @​github-actions[bot] in lycheeverse/lychee-action#324
• Update args for lychee-action to use root-dir by @​mre in lycheeverse/lychee-action#314
• Update test to use --root-dir instead of the deprecated --base by @​mre in lycheeverse/lychee-action#315
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in lycheeverse/lychee-action#316
• Bump actions/cache from 4 to 5 by @​dependabot[bot] in lycheeverse/lychee-action#319
• Bump peter-evans/create-pull-request from 7 to 8 by @​dependabot[bot] in lycheeverse/lychee-action#318
• Add message with Summary report URL by @​atteggiani in lycheeverse/lychee-action#326

New Contributors

• @​atteggiani made their first contribution in lycheeverse/lychee-action#326

Full Changelog: lycheeverse/lychee-action@v2.7.0...v2.8.0

Commits

• 8646ba3 Add message with Summary report URL (#326)
• c6e7911 [create-pull-request] automated change
• 631725a Bump peter-evans/create-pull-request from 7 to 8 (#318)
• 942f324 Bump actions/cache from 4 to 5 (#319)
• 79de881 Bump actions/checkout from 5 to 6 (#316)
• 1ef33e2 Update test to use --root-dir instead of the deprecated --base (#315)
• 50a631e Update args for lychee-action to use root-dir (#314)
• See full diff in compare view

Updates actions/setup-dotnet from 4 to 5

Release notes

Sourced from actions/setup-dotnet's releases.

v5.0.0

What's Changed

Breaking Changes

• Upgrade to Node.js 24 and modernize async usage by @​salmanmkc in actions/setup-dotnet#654

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Updates

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in actions/setup-dotnet#622
• Upgrade husky from 8.0.3 to 9.1.7 by @​dependabot[bot] in actions/setup-dotnet#591
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot[bot] in actions/setup-dotnet#594
• Upgrade eslint-config-prettier from 9.1.0 to 10.1.5 by @​dependabot[bot] in actions/setup-dotnet#639
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-dotnet#641
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-dotnet#652
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-dotnet#662

Bug Fixes

• Remove Support for older .NET Versions and Update installers scripts by @​gowridurgad in actions/setup-dotnet#647

New Contributors

• @​gowridurgad made their first contribution in actions/setup-dotnet#647
• @​salmanmkc made their first contribution in actions/setup-dotnet#654

Full Changelog: actions/setup-dotnet@v4...v5.0.0

v4.3.1

What's Changed

• v4 - Remove azureedge.net fallback logic and update install scripts by @​zaataylor in actions/setup-dotnet#572 As outlined in Critical .NET Install Links Are Changing, remove the storage account fallback logic added for v4 in actions/setup-dotnet#566 and update the install scripts accordingly. Related issue: dotnet/install-scripts#559
• upgrade @​actions/cache to 4.0.2 by @​HarithaVattikuti in actions/setup-dotnet#615

Full Changelog: actions/setup-dotnet@v4...v4.3.1

v4.3.0

What's Changed

• README update - add permissions section by @​benwells in actions/setup-dotnet#587
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-dotnet#585
• Upgrade cache from 3.2.4 to 4.0.0 by @​aparnajyothi-y in actions/setup-dotnet#586
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-dotnet#590
• Upgrade @​actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in actions/setup-dotnet#592
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-dotnet#596

New Contributors

• @​benwells made their first contribution in actions/setup-dotnet#587
• @​aparnajyothi-y made their first contribution in actions/setup-dotnet#586

... (truncated)

Commits

• c2fa09f Bump minimatch from 3.1.2 to 3.1.5 (#705)
• 02574b1 Add support for optional architecture input for cross-architecture .NET insta...
• 16c7b3c Bump fast-xml-parser from 4.4.1 to 5.3.6 (#671)
• 131b410 Add support for workloads input (#693)
• baa11fb Bump test dependencies to resolve System.Net.Http vulnerability, update workf...
• 24ec4f2 Upgrade to latest actions packages (#687)
• 4c100cb Fix icons (#604)
• 25328d8 Bump actions/checkout from 5 to 6 (#684)
• 937b8dd Update README with note on setting DOTNET_INSTALL_DIR for Linux permission is...
• 2016bd2 Bump actions/publish-action from 0.3.0 to 0.4.0 and update macos-13 to macos-...
• Additional commits viewable in compare view

Updates codfish/semantic-release-action from 4 to 5

Release notes

Sourced from codfish/semantic-release-action's releases.

v5.0.0

5.0.0 (2026-02-08)

Features

• upgrade deps, node, bump semantic-release to v25 (#231) (6abd188)

BREAKING CHANGES

• @​semantic-release/github no longer consumes the GitHub Search API in the plugin.

Upgraded to semantic-release v25 with breaking changes in the GitHub plugin. Any breaking changes from v25 apply to this github action version except for Node version requirements. Because this is a docker-based github action, the version of node in use is defined inside of the docker image, not by the consuming runner or your code.

• @​semantic-release/github v12: The GitHub plugin no longer uses the GitHub Search API (/search/issues endpoint). It now uses GraphQL queries exclusively for issue retrieval. This architectural change may affect issue management in edge cases. See github plugin v12 release notes.

• semantic-release v25: Upgraded from v24.2.7 to v25.0.3

  • @​semantic-release/npm upgraded to v13
  • @​semantic-release/commit-analyzer and @​semantic-release/release-notes-generator moved from beta to stable
  • Dependency updates (yargs v18, hosted-git-info v9)
  • See semantic-release v25 release notes

• npm OIDC Trusted Publishing Support: The upgrade to @​semantic-release/npm v13 enables support for npm's new OIDC-based trusted publishing. This allows publishing to npm without long-lived access tokens by using GitHub's OIDC token provider. This is more secure and eliminates the need to store NPM_TOKEN as a repository secret when publishing from GitHub Actions. See npm documentation for configuration details.

• Node.js: Upgraded to v24.13.0 (bundled in Docker, not a breaking change for users)

• @​actions/core: Upgraded to v3.0.0 (internal implementation only)

1. Test in a separate branch first - the GitHub plugin's architectural change could affect issue management behavior
2. Review semantic-release v25 changes
3. Review @​semantic-release/github v12 changes
4. Update your workflows to use @v5
5. (Optional) Migrate to npm OIDC Trusted Publishing:
   • Configure your package on npmjs.com to enable trusted publishing from GitHub Actions
   • Add id-token: write permission to your workflow job
   • Remove the NPM_TOKEN secret (you won't need it anymore!)
   • See npm's trusted publishing guide

... (truncated)

Changelog

Sourced from codfish/semantic-release-action's changelog.

v5.0.0 Release Notes Draft

Breaking Changes

Upgraded to semantic-release v25 with breaking changes in the GitHub plugin. Any breaking changes from v25 apply to this GitHub action version except for Node version requirements. Because this is a Docker-based github action, the version of Node.js in use is defined inside of the Docker image, not by the consuming runner or your code.

What Changed

• @​semantic-release/github v12: The GitHub plugin no longer uses the GitHub Search API (/search/issues endpoint). It now uses GraphQL queries exclusively for issue retrieval. This architectural change may affect issue management in edge cases. See GitHub plugin v12 release notes.

• semantic-release v25: Upgraded from v24.2.7 to v25.0.3

  • @​semantic-release/npm upgraded to v13
  • @​semantic-release/commit-analyzer and @​semantic-release/release-notes-generator moved from beta to stable
  • Dependency updates (yargs v18, hosted-git-info v9)
  • See semantic-release v25 release notes

• npm OIDC Trusted Publishing Support: The upgrade to @​semantic-release/npm v13 enables support for npm's new OIDC-based trusted publishing. This allows publishing to npm without long-lived access tokens by using GitHub's OIDC token provider. This is more secure and eliminates the need to store NPM_TOKEN as a repository secret when publishing from GitHub Actions. See npm documentation for configuration details.

• Node.js: Upgraded to v24.13.0 (bundled in Docker, not a breaking change for users)

• @​actions/core: Upgraded to v3.0.0 (internal implementation only)

Migration Steps

1. Test in a separate branch first - the GitHub plugin's architectural change could affect issue management behavior
2. Review semantic-release v25 changes
3. Review @​semantic-release/github v12 changes
4. Update your workflows to use @v5
5. (Optional) Migrate to npm OIDC Trusted Publishing:
   • Configure your package on npmjs.com to enable trusted publishing from GitHub Actions
   • Add id-token: write permission to your workflow job
   • Remove the NPM_TOKEN secret (you won't need it anymore!)
   • See npm's trusted publishing guide

Version History

• v5 uses semantic-release v25 & Node.js v24.13.0
• v4 uses semantic-release v24 & Node.js v22.18.0
• v3 uses semantic-release v22 & Node.js v20.9
• v2 uses semantic-release v20 & Node.js v18.7

Full Changelog

... (truncated)

Commits

• 6abd188 feat: upgrade deps, node, bump semantic-release to v25 (#231)
• 626240e ci: normalize branch name for docker pr images (#230)
• ec8c36d ci: only update docker images if new release was published
• 1d49992 Add renovate.json (#217)
• 517b713 docs: update README with latest version
• See full diff in compare view

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

• Add support for pip-version by @​priyagupta108 in actions/setup-python#1129
• Enhance reading from .python-version by @​krystof-k in actions/setup-python#787
• Add version parsing from Pipfile by @​aradkdj in actions/setup-python#1067

Bug fixes:

• Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @​aparnajyothi-y in actions/setup-python#1183
• Change missing cache directory error to warning by @​aparnajyothi-y in actions/setup-python#1182
• Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @​aparnajyothi-y in actions/setup-python#1122
• Include python version in PyPy python-version output by @​cdce8p in actions/setup-python#1110
• Update docs: clarification on pip authentication with setup-python by @​priya-kinthali in actions/setup-python#1156

Dependency updates:

• Upgrade idna from 2.9 to 3.7 in /tests/data by @​dependabot[bot] in actions/setup-python#843
• Upgrade form-data to fix critical vulnerabilities #182 & #183 by @​aparnajyothi-y in actions/setup-python#1163
• Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @​aparnajyothi-y in actions/setup-python#1165
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-python#1181
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-python#1095

New Contributors

• @​krystof-k made their first contribution in actions/setup-python#787
• @​cdce8p made their first contribution in actions/setup-python#1110
• @​aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

• Workflow updates related to Ubuntu 20.04 by @​aparnajyothi-y in actions/setup-python#1065
• Fix for Candidate Not Iterable Error by @​aparnajyothi-y in actions/setup-python#1082
• Upgrade semver and @​types/semver by @​dependabot in actions/setup-python#1091
• Upgrade prettier from 2.8.8 to 3.5.3 by @​dependabot in actions/setup-python#1046
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

• Support free threaded Python versions like '3.13t' by @​colesbury in actions/setup-python#973
• Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @​action/cache from 4.0.0 to 4.0.3 by @​priya-kinthali in actions/setup-python#1056
• Add support for .tool-versions file in setup-python by @​mahabaleshwars in actions/setup-python#1043

Bug fixes:

• Fix architecture for pypy on Linux ARM64 by @​mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

• a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
• bfe8cc5 Upgrade @​actions dependencies to Node 24 compatible versions (#1259)
• 4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
• 83679a8 Bump @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
• bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
• 97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
• 443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
• cfd55ca graalpy: add graalpy early-access and windows builds (#880)
• bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
• 18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
• Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 3 to 4

Release notes

Sourced from actions/upload-pages-artifact's releases.

v4.0.0

What's Changed

• Potential...

  Description has been truncated