ci(deps): bump the github-actions group across 1 directory with 10 updates

[dependabot]

Bumps the github-actions group with 10 updates in the / directory:

Package	From	To
actions-rust-lang/setup-rust-toolchain	1.15.4	1.16.1
cargo-bins/cargo-binstall	1.17.8	1.19.1
actions/upload-artifact	7.0.0	7.0.1
codecov/codecov-action	5.5.3	6.0.0
actions/github-script	8.0.0	9.0.0
MarcoIeni/release-plz-action	0.5.128	0.5.129
actions/cache	5.0.4	5.0.5
taiki-e/install-action	2.69.6	2.77.5
sigstore/cosign-installer	4.1.0	4.1.2
softprops/action-gh-release	2.6.1	3.0.0

Updates actions-rust-lang/setup-rust-toolchain from 1.15.4 to 1.16.1

Release notes

Sourced from actions-rust-lang/setup-rust-toolchain's releases.

v1.16.1

What's Changed

• Rename local variables to avoid conflicts with global variables by @​jonasbb in actions-rust-lang/setup-rust-toolchain#92

Full Changelog: actions-rust-lang/setup-rust-toolchain@v1.16.0...v1.16.1

v1.16.0

What's Changed

• Update actions/checkout to v6 on README by @​ryuapp in actions-rust-lang/setup-rust-toolchain#88
• feat: add cache-save-if input to propagate save-if to Swatinem/rust-cache by @​ChanTsune in actions-rust-lang/setup-rust-toolchain#90

New Contributors

• @​ryuapp made their first contribution in actions-rust-lang/setup-rust-toolchain#88
• @​ChanTsune made their first contribution in actions-rust-lang/setup-rust-toolchain#90

Full Changelog: actions-rust-lang/setup-rust-toolchain@v1.15.4...v1.16.0

Changelog

Sourced from actions-rust-lang/setup-rust-toolchain's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[1.16.1] - 2026-05-08

• Renamed internally used variable to avoid clashes with globally existing variables. This fixes the interference of the TOOLCHAIN variable as reported in #91.

[1.16.0] - 2026-04-13

• Add new parameter cache-save-if that is propagated to Swatinem/rust-cache as save-if (#90 by @​ChanTsune)

[1.15.4] - 2026-03-15

• Bump Swatinem/rust-cache from 2.8.2 to 2.9.1 (#87 by @​hyperfinitism) This gets rid of the warnings about Node.js 20.

[1.15.3] - 2026-03-01

• Bump Swatinem/rust-cache from 2.8.1 to 2.8.2

[1.15.2] - 2025-10-04

• Fix: Run the version detection steps in the selected rust-src-dir directory. This should enable the version selection even without a default toolchain installed. Fixes #74.

[1.15.1] - 2025-09-23

• Update Swatinem/rust-cache to v2.8.1

[1.15.0] - 2025-09-14

• Add support for non-root source directory. Accept source code and rust-toolchain.toml file in subdirectories of the repository. Adds a new parameter rust-src-dir that controls the lookup for toolchain files and sets a default value for the cache-workspace input. (#69 by @​Kubaryt)

[1.14.1] - 2025-08-28

• Pin Swatinem/rust-cache action to a full commit SHA (#68 by @​JohnTitor)

[1.14.0] - 2025-08-23

• Add new parameters cache-all-crates and cache-workspace-crates that are propagated to Swatinem/rust-cache as cache-all-crates and cache-workspace-crates

... (truncated)

Commits

• 46268bd Merge pull request #92 from actions-rust-lang/rename-local-variables
• 826365c Update changelog
• 4f937ac Rename local variables to avoid conflicts with global variables
• 2b1f5e9 Update CHANGELOG for version 1.16.0
• 9030f3d Merge pull request #90 from ChanTsune/feat/cache-save-if
• 186b99e feat: add cache-save-if input to propagate save-if to Swatinem/rust-cache
• d197c15 Merge pull request #88 from ryuapp/chore/update-chekcout-v6-on-readme
• fa057b4 Update actions/checkout to v6 on README
• See full diff in compare view

Updates cargo-bins/cargo-binstall from 1.17.8 to 1.19.1

Release notes

Sourced from cargo-bins/cargo-binstall's releases.

v1.19.1

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

• Disable dnssec and set dns timeout to 750ms (#2559 #2560)

v1.19.0

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

• Support cargo config.toml include field for recursive loading (#2531)
• Add github attestation for release artifacts verification (#2549)
• Prefer quic and tls over udp/tcp for dns configs of interfaces discovered on windows (#2550)

Bug fixes:

• Fallback to quad9, cloudflare and then google dns if reading /etc/resolv.conf fails, prefer QUIC, then http3, tls, http2, fallback to udp/TCP (#2181 #2550)
• Fix Error message outputs ANSI escape sequences (#2554 #2556)

Other changes:

• Fix clippy in async_extractor (#2538)
• Upgrade dependencies (#2540 #2541 #2542 #2544 #2546 #2551 #2555)

v1.18.1

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

Remove GITHUB_TOKEN and GH_TOKEN when fallback to installing from source using cargo-install (#2533)

This reduces the risk of leaks of tokens for users who pass the GITHUN_TOKEN or GH_TOKEN environment variables to cargo-binstall to avoid GitHub API rate limits.

v1.18.0

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

In this release:

• feat: support cargo:token and cargo:token-from-stdout auth for private registries (#2526 #2528)

Other changes:

• Upgrade dependencies

v1.17.9

Binstall is a tool to fetch and install Rust-based executables as binaries. It aims to be a drop-in replacement for cargo install in most cases. Install it today with cargo install cargo-binstall, from the binaries below, or if you already have it, upgrade with cargo binstall cargo-binstall.

... (truncated)

Commits

• aaa84a4 release: cargo-binstall v1.19.1 (#2563)
• 0f0cd6a chore: release (#2561)
• cb6e988 Disable dnssec and set dns timeout to 750ms (#2560)
• 9d36beb fix install-from-binstall-release.sh for riscv64gc riscv64 (#2558)
• 4852a15 release: cargo-binstall v1.19.0 (#2557)
• e00d89e chore: release (#2539)
• 6989632 Fix Error message outputs ANSI escape sequences (#2556)
• 618ca07 build(deps): bump hickory-resolver from 0.26.0 to 0.26.1 in the deps group (#...
• 5da0a98 fix: fallback to hickory_resolver's default config if reading /etc/resolv.con...
• c0ae933 dep: Upgrade transitive dependencies (#2551)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

• Update the readme with direct upload details by @​danwkennedy in actions/upload-artifact#795
• Readme: bump all the example versions to v7 by @​danwkennedy in actions/upload-artifact#796
• Include changes in typespec/ts-http-runtime 0.3.5 by @​yacaovsnc in actions/upload-artifact#797

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits

• 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
• 634250c Include changes in typespec/ts-http-runtime 0.3.5
• e454baa Readme: bump all the example versions to v7 (#796)
• 74fad66 Update the readme with direct upload details (#795)
• See full diff in compare view

Updates codecov/codecov-action from 5.5.3 to 6.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

• Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @​thomasrockhu-codecov in codecov/codecov-action#1929
• Th/6.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

• Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @​thomasrockhu-codecov in codecov/codecov-action#1926
• chore(release): 5.5.4 by @​thomasrockhu-codecov in codecov/codecov-action#1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• 57e3a13 Th/6.0.0 (#1928)
• f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
• 75cd116 chore(release): 5.5.4 (#1927)
• 87d39f4 Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" (#1926)
• See full diff in compare view

Updates actions/github-script from 8.0.0 to 9.0.0

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in actions/github-script#695
• ci: use deployment: false for integration test environments by @​salmanmkc in actions/github-script#712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in actions/github-script#700

New Contributors

• @​Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits

• 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
• ca10bbd fix: use @​octokit/core/types import for v7 compatibility
• 86e48e2 merge: incorporate main branch changes
• c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
• afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
• ff8117e ci: fix user-agent test to handle orchestration ID
• 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
• 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
• c17d55b ci: add getOctokit integration test job
• a047196 test: add getOctokit integration tests via callAsyncFunction
• Additional commits viewable in compare view

Updates MarcoIeni/release-plz-action from 0.5.128 to 0.5.129

Release notes

Sourced from MarcoIeni/release-plz-action's releases.

v0.5.129

What's Changed

• chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.7 by @​renovate[bot] in release-plz/action#301
• chore(deps): update dependency taiki-e/install-action to v2.68.22 by @​renovate[bot] in release-plz/action#302
• chore(deps): update dependency taiki-e/install-action to v2.68.23 by @​renovate[bot] in release-plz/action#304
• chore(deps): update dependency taiki-e/install-action to v2.68.24 by @​renovate[bot] in release-plz/action#305
• chore(deps): update dependency taiki-e/install-action to v2.68.25 by @​renovate[bot] in release-plz/action#306
• chore(deps): lock file maintenance by @​renovate[bot] in release-plz/action#307
• chore(deps): update dependency taiki-e/install-action to v2.68.26 by @​renovate[bot] in release-plz/action#308
• chore(deps): update dependency taiki-e/install-action to v2.68.27 by @​renovate[bot] in release-plz/action#309
• chore(deps): update rust crate clap to v4.6.0 by @​renovate[bot] in release-plz/action#310
• chore(deps): update dependency taiki-e/install-action to v2.68.29 by @​renovate[bot] in release-plz/action#311
• chore(deps): update dependency taiki-e/install-action to v2.68.31 by @​renovate[bot] in release-plz/action#312
• chore(deps): update dependency taiki-e/install-action to v2.68.32 by @​renovate[bot] in release-plz/action#313
• chore(deps): lock file maintenance by @​renovate[bot] in release-plz/action#314
• chore(deps): update dependency taiki-e/install-action to v2.68.33 by @​renovate[bot] in release-plz/action#315
• chore(deps): update dependency taiki-e/install-action to v2.68.34 by @​renovate[bot] in release-plz/action#316
• chore(deps): update dependency taiki-e/install-action to v2.68.35 by @​renovate[bot] in release-plz/action#317
• chore(deps): update dependency taiki-e/install-action to v2.68.36 by @​renovate[bot] in release-plz/action#318
• chore(deps): update dependency taiki-e/install-action to v2.69.1 by @​renovate[bot] in release-plz/action#319
• chore(deps): update dependency taiki-e/install-action to v2.69.2 by @​renovate[bot] in release-plz/action#320
• chore(deps): update dependency taiki-e/install-action to v2.69.3 by @​renovate[bot] in release-plz/action#321
• chore(deps): update dependency taiki-e/install-action to v2.69.4 by @​renovate[bot] in release-plz/action#322
• chore(deps): update dependency taiki-e/install-action to v2.69.5 by @​renovate[bot] in release-plz/action#323
• chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.8 by @​renovate[bot] in release-plz/action#324
• chore(deps): update dependency taiki-e/install-action to v2.69.6 by @​renovate[bot] in release-plz/action#325
• chore(deps): lock file maintenance by @​renovate[bot] in release-plz/action#326
• chore(deps): update dependency taiki-e/install-action to v2.69.7 by @​renovate[bot] in release-plz/action#327
• chore(deps): update dependency taiki-e/install-action to v2.69.8 by @​renovate[bot] in release-plz/action#328
• chore(deps): update dependency taiki-e/install-action to v2.69.9 by @​renovate[bot] in release-plz/action#329
• chore(deps): update dependency taiki-e/install-action to v2.69.10 by @​renovate[bot] in release-plz/action#330
• chore(deps): update dependency taiki-e/install-action to v2.69.11 by @​renovate[bot] in release-plz/action#331
• chore(deps): update dependency taiki-e/install-action to v2.69.12 by @​renovate[bot] in release-plz/action#332
• chore(deps): update dependency taiki-e/install-action to v2.69.13 by @​renovate[bot] in release-plz/action#333
• chore(deps): update dependency taiki-e/install-action to v2.69.14 by @​renovate[bot] in release-plz/action#334
• chore(deps): update dependency taiki-e/install-action to v2.70.0 by @​renovate[bot] in release-plz/action#335
• chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.9 by @​renovate[bot] in release-plz/action#336
• chore(deps): update dependency taiki-e/install-action to v2.70.1 by @​renovate[bot] in release-plz/action#338
• chore(deps): lock file maintenance by @​renovate[bot] in release-plz/action#339
• chore(deps): update dependency taiki-e/install-action to v2.70.2 by @​renovate[bot] in release-plz/action#340
• chore(deps): update dependency taiki-e/install-action to v2.70.3 by @​renovate[bot] in release-plz/action#341
• chore(deps): update dependency taiki-e/install-action to v2.70.4 by @​renovate[bot] in release-plz/action#342
• chore(deps): update dependency taiki-e/install-action to v2.71.0 by @​renovate[bot] in release-plz/action#343
• chore(deps): update dependency taiki-e/install-action to v2.71.1 by @​renovate[bot] in release-plz/action#344
• chore(deps): update dependency taiki-e/install-action to v2.71.2 by @​renovate[bot] in release-plz/action#345
• chore(deps): update dependency taiki-e/install-action to v2.71.3 by @​renovate[bot] in release-plz/action#346
• chore(deps): update dependency taiki-e/install-action to v2.72.0 by @​renovate[bot] in release-plz/action#347
• chore(deps): update dependency taiki-e/install-action to v2.73.0 by @​renovate[bot] in release-plz/action#348
• chore(deps): lock file maintenance by @​renovate[bot] in release-plz/action#349
• chore(deps): update dependency taiki-e/install-action to v2.74.0 by @​renovate[bot] in release-plz/action#350

... (truncated)

Commits

• 064f4d1 chore(deps): update dependency obi1kenobi/cargo-semver-checks to v0.47 (#397)
• 4f2dca0 fix cargo-semver-checks renovate update (#396)
• 39f5787 Update to 0.3.158 (#395)
• bb36e14 chore(deps): update dependency taiki-e/install-action to v2.77.4 (#394)
• 3711471 chore(deps): update dependency taiki-e/install-action to v2.77.3 (#393)
• b234371 chore(deps): update dependency taiki-e/install-action to v2.77.2 (#392)
• 3427ba6 chore(deps): update dependency cargo-bins/cargo-binstall to v1.19.1 (#391)
• 37e90aa chore(deps): update dependency taiki-e/install-action to v2.77.1 (#390)
• eef2a46 chore(deps): update dependency taiki-e/install-action to v2.77.0 (#389)
• eb60137 chore(deps): update dependency taiki-e/install-action to v2.76.0 (#388)
• Additional commits viewable in compare view

Updates actions/cache from 5.0.4 to 5.0.5

Release notes

Sourced from actions/cache's releases.

v5.0.5

What's Changed

• Update ts-http-runtime dependency by @​yacaovsnc in actions/cache#1747

Full Changelog: actions/cache@v5...v5.0.5

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

1. Switch to a new branch from main.
2. Run npm test to ensure all tests are passing.
3. Update the version in https://github.com/actions/cache/blob/main/package.json.
4. Run npm run build to update the compiled files.
5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
6. Run licensed cache to update the license report.
7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
8. Commit your changes and push your branch upstream.
9. Open a pull request against main and get it reviewed and merged.
10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

• Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)
• Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)
• Bump fast-xml-parser to v5.5.6

5.0.3

• Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)
• Bump @actions/core to v2.0.3

5.0.2

• Bump @actions/cache to v5.0.3 #1692

5.0.1

• Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

• 27d5ce7 Merge pull request #1747 from actions/yacaovsnc/update-dependency
• f280785 licensed changes
• 619aeb1 npm run build generated dist files
• bcf16c2 Update ts-http-runtime to 0.3.5
• See full diff in compare view

Updates taiki-e/install-action from 2.69.6 to 2.77.5

Release notes

Sourced from taiki-e/install-action's releases.

2.77.5

• Update biome@latest to 2.4.15.

• Update mise@latest to 2026.5.4.

• Update cargo-deny@latest to 0.19.5.

2.77.4

• Update tombi@latest to 0.11.1.

• Update cargo-llvm-cov@latest to 0.8.6.

• Update uv@latest to 0.11.12.

2.77.3

• Update typos@latest to 1.46.1.

• Update rclone@latest to 1.74.1.

• Update tombi@latest to 0.11.0.

• Update osv-scanner@latest to 2.3.8.

• Update mise@latest to 2026.5.3.

2.77.2

• Update martin@latest to 1.9.0.

• Update wasm-bindgen@latest to 0.2.121.

• Update uv@latest to 0.11.11.

• Update mise@latest to 2026.5.1.

• Update prek@latest to 0.3.13.

• Update tombi@latest to 0.10.6.

2.77.1

• Support taiki-e/install-action@rust tag.

• Update tombi@latest to 0.10.3.

• Update martin@latest to 1.8.2.

2.77.0

• Support rust. (#1779)

  This installs rust using rustup.

... (truncated)

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

• Update just@latest to 1.51.0.

[2.77.5] - 2026-05-11

• Update biome@latest to 2.4.15.

• Update mise@latest to 2026.5.4.

• Update cargo-deny@latest to 0.19.5.

[2.77.4] - 2026-05-10

• Update tombi@latest to 0.11.1.

• Update cargo-llvm-cov@latest to 0.8.6.

• Update uv@latest to 0.11.12.

[2.77.3] - 2026-05-09

• Update typos@latest to 1.46.1.

• Update rclone@latest to 1.74.1.

• Update tombi@latest to 0.11.0.

• Update osv-scanner@latest to 2.3.8.

• Update mise@latest to 2026.5.3.

[2.77.2] - 2026-05-08

• Update martin@latest to 1.9.0.

• Update wasm-bindgen@latest to 0.2.121.

• Update uv@latest to 0.11.11.

... (truncated)

Commits

• fa0dd4c Release 2.77.5
• d36d444 Update biome@latest to 2.4.15
• d218cf5 Update release-plz manifest
• d0260a1 Update mise@latest to 2026.5.4
• 831c88b Update cargo-deny@latest to 0.19.5
• ec28e28 Release 2.77.4
• 84fb204 Update tombi@latest to 0.11.1
• c0382ae Update cargo-llvm-cov@latest to 0.8.6
• e32a755 Update just manifest
• ea4c42c Update uv@latest to 0.11.12
• Additional commits viewable in compare view

Updates sigstore/cosign-installer from 4.1.0 to 4.1.2

Release notes

Sourced from sigstore/cosign-installer's releases.

v4.1.2

What's Changed

• Bump cosign to 3.0.6 in sigstore/cosign-installer#232

v4.1.1

What's Changed

• chore: update default cosign-release to v3.0.5 in sigstore/cosign-installer#223

Full Changelog: sigstore/cosign-installer@v4.1.0...v4.1.1

Commits

• 6f9f177 Bump cosign to 3.0.6 (#232)
• b5e753a Bump actions/github-script from 8.0.0 to 9.0.0 (#230)
• 115e4ce Bump actions/setup-go from 6.3.0 to 6.4.0 (#226)
• cad07c2 chore: update default cosign-release to v3.0.5 (#223)
• See full diff in compare view

Updates softprops/action-gh-release from 2.6.1 to 3.0.0

Release notes

Sourced from softprops/action-gh-release's releases.

v3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

v2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

Full Changelog: softprops/action-gh-release@v2...v2.6.2

Changelog

Sourced from softprops/action-gh-release's changelog.

3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checke...

Description has been truncated

[dependabot]

Assignees

The following users could not be added as assignees: nutthead. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

📊 Coverage Report

Metric	Covered	Total	Rate
Lines	129	143	90.21%
Branches	0	0	N/A

Additional Metric	Value
Complexity	0
Files Reported	1
Report Timestamp	2026-05-11T10:39:57.000Z

View detailed report

src/main.rs: 90.2%

---

Generated by cargo-tarpaulin