Skip to content

[actions] Update GitHub Actions versions - 2026-03-21 #22117

New issue
New issue
Closed
#22120
Closed
[actions] Update GitHub Actions versions - 2026-03-21#22117
#22120
Assignees
pelikhancopilot-swe-agent
Labels
agentic-workflowsautomationdependenciesPull requests that update a dependency file
@github-actions

Description

@github-actions
github-actions
bot
opened on Mar 21, 2026

GitHub Actions Updates - 2026-03-21

This PR updates GitHub Actions versions in .github/aw/actions-lock.json and workflow source files to their latest compatible releases.

📦 Actions Updated (18 updates)

Actions Updated

  • actions-ecosystem/action-add-labels: v1 → v1.1.3
  • actions/ai-inference: v2.0.7 → v2.0.8
  • actions/cache: v5.0.3 → v5.0.4
  • actions/cache/restore: v5.0.3 → v5.0.4
  • actions/cache/save: v5.0.3 → v5.0.4
  • actions/create-github-app-token: v3.0.0-beta.4 → v3
  • actions/upload-artifact: v7.0.0 → v7
  • anchore/sbom-action: v0.23.1 → v0.24.0
  • astral-sh/setup-uv: v7.5.0 → v7.6
  • denoland/setup-deno: v2.0.3 → v2.0.4
  • docker/build-push-action: v7.0.0 → v7
  • docker/login-action: v4.0.0 → v4
  • docker/metadata-action: v6.0.0 → v6
  • docker/setup-buildx-action: v4.0.0 → v4
  • erlef/setup-beam: v1.22.0 → v1.23
  • github/codeql-action/upload-sarif: v4.32.6 → v4.34.1
  • github/gh-aw-actions/setup: v0 → v0.62.5
  • github/stale-repos: v9.0.2 → v9.0.4
  • oven-sh/setup-bun: v2.1.3 → v2.2.0
  • ruby/setup-ruby: v1.292.0 → v1.295.0

Summary

  • Total actions updated: 20 (some with multiple entries cleaned up)
  • Update command: gh aw update --verbose
  • Workflow lock files: Not included (will be regenerated on next compile)

Files Changed

  • .github/aw/actions-lock.json — updated version pins and SHAs
  • .github/workflows/*.md and .github/workflows/shared/*.md — updated inline action references

Notes

  • All action updates respect semantic versioning and maintain compatibility
  • Actions are pinned to commit SHAs for security
  • Workflow .lock.yml files are excluded from this PR and will be regenerated during the next compilation
  • Stale entries (old major-version tags) have been cleaned up from the lock file

Testing

The updated actions will be automatically used in workflow compilations. No manual testing required.

This PR was automatically created by the Daily Workflow Updater workflow.

Generated by Daily Workflow Updater ·

  • expires on Mar 22, 2026, 9:28 AM UTC

Note

This was originally intended as a pull request, but the git push operation failed.

Workflow Run: View run details and download patch artifact

The patch file is available in the agent-artifacts artifact in the workflow run linked above.

To create a pull request with the changes:

# Download the artifact from the workflow run
gh run download 23376628599 -n agent-artifacts -D /tmp/agent-artifacts-23376628599

# Create a new branch
git checkout -b actions/update-2026-03-21-12154645382fb363

# Apply the patch (--3way handles cross-repo patches where files may already exist)
git am --3way /tmp/agent-artifacts-23376628599/aw-actions-update-2026-03-21.patch

# Push the branch to origin
git push origin actions/update-2026-03-21-12154645382fb363

# Create the pull request
gh pr create --title '[actions] Update GitHub Actions versions - 2026-03-21' --base main --head actions/update-2026-03-21-12154645382fb363 --repo github/gh-aw
Show patch preview (484 of 484 lines) 
From cbf17583ac0c5cc1dfd0dd17a4797fd6088e3061 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sat, 21 Mar 2026 09:27:10 +0000
Subject: [PATCH] chore: update GitHub Actions versions - 2026-03-21
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updated actions-lock.json and workflow references to latest compatible versions.

- actions-ecosystem/action-add-labels: v1 → v1.1.3
- actions/ai-inference: v2.0.7 → v2.0.8
- actions/cache, cache/restore, cache/save: v5.0.3 → v5.0.4
- actions/create-github-app-token: v3.0.0-beta.4 → v3
- actions/upload-artifact: v7.0.0 → v7
- anchore/sbom-action: v0.23.1 → v0.24.0
- astral-sh/setup-uv: v7.5.0 → v7.6
- denoland/setup-deno: v2.0.3 → v2.0.4
- docker/build-push-action: v7.0.0 → v7
- docker/login-action: v4.0.0 → v4
- docker/metadata-action: v6.0.0 → v6
- docker/setup-buildx-action: v4.0.0 → v4
- erlef/setup-beam: v1.22.0 → v1.23
- github/codeql-action/upload-sarif: v4.32.6 → v4.34.1
- github/gh-aw-actions/setup: v0 → v0.62.5
- github/stale-repos: v9.0.2 → v9.0.4
- oven-sh/setup-bun: v2.1.3 → v2.2.0
- ruby/setup-ruby: v1.292.0 → v1.295.0

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 .github/aw/actions-lock.json                  | 145 +++++++-----------
 .github/workflows/release.md                  |  20 +--
 .github/workflows/shared/mcp/qmd-docs.md      |   2 +-
 .../workflows/shared/ollama-threat-scan.md    |   2 +-
 .github/workflows/shared/python-dataviz.md    |   4 +-
 .../shared/trending-charts-simple.md          |   4 +-
 .github/workflows/smoke-codex.md              |   2 +-
 .github/workflows/stale-repo-identifier.md    |   2 +-
 .github/workflows/super-linter.md             |   2 +-
 .github/workflows/update-astro.md             |   2 +-
 10 files changed, 76 insertions(+), 109 deletions(-)

diff --git a/.github/aw/actions-lock.json b/.github/aw/actions-lock.json
index dd862fd..a69ceae 100644
---
... (truncated)

Metadata

Metadata

Assignees

Labels

agentic-workflowsautomationdependenciesPull requests that update a dependency file

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions