Bump the "all-dependencies" group with 2 updates across multiple ecosystems by dependabot[bot] · Pull Request #598 · devakesu/GhostClass

dependabot · 2026-03-09T07:50:38Z

Bumps the all-dependencies group with 3 updates: docker/setup-buildx-action, docker/build-push-action and github/codeql-action.

Updates docker/setup-buildx-action from 3.12.0 to 4.0.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-buildx-action#483

Remove deprecated inputs/outputs by @crazy-max in docker/setup-buildx-action#464

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-buildx-action#481

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475

Bump @docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485

Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472

Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

Commits

4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
cd74e05 chore: update generated content
eee38ec build(deps): bump @docker/actions-toolkit from 0.77.0 to 0.79.0
7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
28a438e Merge pull request #483 from crazy-max/node24
034e9d3 chore: update generated content
b4664d8 remove deprecated inputs/outputs
a8257de node 24 as default runtime
Additional commits viewable in compare view

Updates docker/build-push-action from 6.19.2 to 7.0.0

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/build-push-action#1470

Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @crazy-max in docker/build-push-action#1473

Remove legacy export-build tool support for build summary by @crazy-max in docker/build-push-action#1474

Switch to ESM and update config/test wiring by @crazy-max in docker/build-push-action#1466

Bump @actions/core from 1.11.1 to 3.0.0 in docker/build-push-action#1454

Bump @docker/actions-toolkit from 0.62.1 to 0.79.0 in docker/build-push-action#1453 docker/build-push-action#1472 docker/build-push-action#1479

Bump minimatch from 3.1.2 to 3.1.5 in docker/build-push-action#1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

Commits

d08e5c3 Merge pull request #1479 from docker/dependabot/npm_and_yarn/docker/actions-t...
cbd2dff chore: update generated content
f76f51f chore(deps): Bump @docker/actions-toolkit from 0.78.0 to 0.79.0
7d03e66 Merge pull request #1473 from crazy-max/rm-deprecated-envs
98f853d chore: update generated content
cadccf6 remove deprecated envs
03fe877 Merge pull request #1478 from docker/dependabot/github_actions/docker/setup-b...
827e366 chore(deps): Bump docker/setup-buildx-action from 3 to 4
e25db87 Merge pull request #1474 from crazy-max/rm-export-build-tool
1ac2573 Merge pull request #1470 from crazy-max/node24
Additional commits viewable in compare view

Updates github/codeql-action from 4.32.5 to 4.32.6

Release notes

Sourced from github/codeql-action's releases.

v4.32.6

Update default CodeQL bundle version to 2.24.3. #3548

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.32.6 - 05 Mar 2026

Update default CodeQL bundle version to 2.24.3. #3548

4.32.5 - 02 Mar 2026

Repositories owned by an organization can now set up the github-codeql-disable-overlay custom repository property to disable improved incremental analysis for CodeQL. First, create a custom repository property with the name github-codeql-disable-overlay and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to true to disable improved incremental analysis. For more information, see Managing custom properties for repositories in your organization. This feature is not yet available on GitHub Enterprise Server. #3507

Added an experimental change so that when improved incremental analysis fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. #3487

The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. #3515

Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. #3516

Added an experimental change which lowers the minimum disk space requirement for improved incremental analysis, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. #3498

Added an experimental change which allows the start-proxy action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. #3512

The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. #3503, #3504

4.32.4 - 20 Feb 2026

Update default CodeQL bundle version to 2.24.2. #3493

Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when private package registries are configured. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. #3473

When the CodeQL Action is run with debugging enabled in Default Setup and private package registries are configured, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. #3486

Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. #3485

Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a nightly CodeQL CLI release instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. #3484

4.32.3 - 13 Feb 2026

Added experimental support for testing connections to private package registries. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. #3466

4.32.2 - 05 Feb 2026

Update default CodeQL bundle version to 2.24.1. #3460

4.32.1 - 02 Feb 2026

A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #3422

Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #3421

4.32.0 - 26 Jan 2026

Update default CodeQL bundle version to 2.24.0. #3425

4.31.11 - 23 Jan 2026

When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #3409

... (truncated)

Commits

0d579ff Merge pull request #3551 from github/update-v4.32.6-72d2d850d
d4c6be7 Update changelog for v4.32.6
72d2d85 Merge pull request #3548 from github/update-bundle/codeql-bundle-v2.24.3
23f983c Merge pull request #3544 from github/dependabot/github_actions/dot-github/wor...
832e97c Merge pull request #3545 from github/dependabot/github_actions/dot-github/wor...
5ef38c0 Merge pull request #3546 from github/dependabot/npm_and_yarn/tar-7.5.10
80c9cda Add changelog note
f2669dd Update default bundle to codeql-bundle-v2.24.3
bd03c44 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actio...
102d762 Bump tar from 7.5.7 to 7.5.10
Additional commits viewable in compare view

Bumps the all-dependencies group with 4 updates: framer-motion, recharts, @eslint/js and eslint.

Updates framer-motion from 12.35.0 to 12.35.1

Changelog

Sourced from framer-motion's changelog.

[12.35.1] 2026-03-06

Fixed

Fixing combination of string keyframes, spring and delay.

Gracefully handle negative scroll values.

Fix one-frame visual gap when rapidly switching WAAPI animations.

animation.time = 0 on a finished animation sets the playhead in a paused state.

Commits

d234eff v12.35.1
f0fd746 Updating changelog
a372820 Merge pull request #3591 from motiondivision/worktree-fix-issue-3269
d494a90 Make time setter pause finished animations so time=0 alone reverts
577e2d3 Merge pull request #3588 from motiondivision/worktree-fix-issue-3569
9af2185 Fix JSAnimation time setter to work after animation finishes
5e63fb9 Fix useAnimate WAAPI mid-flight interruption jump to origin
9c0b955 Fix useAnimate WAAPI mid-flight interruption jump to origin
70497da Increase test timing margins for slow CI environments
779b109 Updating changelog
Additional commits viewable in compare view

Updates recharts from 3.7.0 to 3.8.0

Release notes

Sourced from recharts's releases.

v3.8.0

What's Changed

We added generics to our data and dataKey props and now you can have your charts validated by TypeScript. See the full guide here: https://recharts.github.io/en-US/guide/typescript/

We are releasing new helper functions and hooks that will allow you to precisely target mouse interactions, and convert coordinates. See the guide here: https://recharts.github.io/en-US/guide/coordinateSystems/

And new functions and hooks:

getRelativeCoordinate - converts mouse events to pixel positions

Convert Data → Pixels:

useXAxisScale - returns a function to convert X data values to pixel positions useYAxisScale - returns a function to convert Y data values to pixel positions useCartesianScale - convenience hook for converting both at once

Pixels → Data:

useXAxisInverseScale - returns a function to convert pixel X to the closest data value useYAxisInverseScale - returns a function to convert pixel Y to the closest data value useXAxisInverseTickSnapScale - returns a function to convert pixel X to the closest axis tick useYAxisInverseTickSnapScale - returns a function to convert pixel Y to the closest axis tick

Accessing Ticks:

useXAxisTicks - returns the calculated ticks of an X-axis useYAxisTicks - returns the calculated ticks of a Y-axis

Feat

Hooks: New hooks (see above) by @PavelVanecek in recharts/recharts#6960

Annotations: export getRelativeCoordinate helper function by @PavelVanecek in recharts/recharts#6942

Legend: Add label style prop in Legend by @devoldemar in recharts/recharts#7012

XAxis/YAxis: new niceTIcks prop - specify 'none' | 'auto' | 'equidistant' | 'nice' for different behaviors by @MaxGhenis in recharts/recharts#7009

General: Add event throttling controls to chart props by @PavelVanecek in recharts/recharts#6924

Fix

Pie: fix: enable tooltip synchronization for PieChart by @VIDHITTS in recharts/recharts#6989

Pie: fix: sync pie tooltip/legend color with per-sector fill by @2YH02 in recharts/recharts#6977

Bar: Fix activeBar highlighting with missing/null data by @Copilot in recharts/recharts#7001

Bar: Support Bar CSS transitions by @PavelVanecek in recharts/recharts#6920

XAxis/YAxis: respect user-provided textAnchor prop on XAxis/YAxis by @pierreeurope in recharts/recharts#7028

Tooltip: Close tooltip on blur by @gVguy in recharts/recharts#6958

General: fix error when onMouseEnter/Leave={undefined} by @SvetlanaVesna in recharts/recharts#6969

Animation: [animations] auto disable primitives animations based on user system preferences by @cloud-walker in recharts/recharts#6956

Animation/Line: fix: prevent animated line flicker with round/square strokeLinecap by @roy7 in recharts/recharts#7022

Performance: filter zero-dimension rectangles early by @MendyLanda in recharts/recharts#6800

Bump minimum @reduxjs/toolkit to 1.9.0 by @Copilot in recharts/recharts#6934

... (truncated)

Commits

a1044db chore(deps-dev): bump the storybook group across 1 directory with 7 updates (...
2001a72 chore(deps-dev): bump @types/node from 24.11.0 to 24.12.0 (#7102)
0ce01f0 chore(deps-dev): bump eslint-plugin-storybook from 9.1.19 to 9.1.20 (#7103)
0e0542f [Docs] fix(HighlightAndZoomLineChart): improve zoom area validation and add c...
609ca4f [Docs] New router, add links to hooks (#7099)
d33f529 chore(deps-dev): bump marked from 17.0.3 to 17.0.4 (#7098)
1c71ab6 chore(deps): bump es-toolkit from 1.45.0 to 1.45.1 (#7087)
907bab2 chore(deps-dev): bump terser-webpack-plugin from 5.3.16 to 5.3.17 (#7088)
c527fb2 chore(deps-dev): bump webpack from 5.105.3 to 5.105.4 (#7089)
473d55c New feature - typed charts helper (#7071)
Additional commits viewable in compare view

Updates @eslint/js from 9.39.3 to 9.39.4

Release notes

Sourced from @eslint/js's releases.

v9.39.4

Bug Fixes

f18f6c8 fix: update dependency minimatch to ^3.1.5 (#20564) (Milos Djermanovic)

a3c868f fix: update dependency @eslint/eslintrc to ^3.3.4 (#20554) (Milos Djermanovic)

234d005 fix: minimatch security vulnerability patch for v9.x (#20549) (Andrej Beles)

b1b37ee fix: update ajv to 6.14.0 to address security vulnerabilities (#20538) (루밀LuMir)

Documentation

4675152 docs: add deprecation notice partial (#20520) (Milos Djermanovic)

Chores

b8b4eb1 chore: update dependencies for ESLint v9.39.4 (#20596) (Francesco Trotta)

71b2f6b chore: package.json update for @eslint/js release (Jenkins)

1d16c2f ci: pin Node.js 25.6.1 (#20563) (Milos Djermanovic)

Commits

71b2f6b chore: package.json update for @eslint/js release
See full diff in compare view

Updates eslint from 9.39.3 to 9.39.4

Release notes

Sourced from eslint's releases.

v9.39.4

Bug Fixes

f18f6c8 fix: update dependency minimatch to ^3.1.5 (#20564) (Milos Djermanovic)

a3c868f fix: update dependency @eslint/eslintrc to ^3.3.4 (#20554) (Milos Djermanovic)

234d005 fix: minimatch security vulnerability patch for v9.x (#20549) (Andrej Beles)

b1b37ee fix: update ajv to 6.14.0 to address security vulnerabilities (#20538) (루밀LuMir)

Documentation

4675152 docs: add deprecation notice partial (#20520) (Milos Djermanovic)

Chores

b8b4eb1 chore: update dependencies for ESLint v9.39.4 (#20596) (Francesco Trotta)

71b2f6b chore: package.json update for @eslint/js release (Jenkins)

1d16c2f ci: pin Node.js 25.6.1 (#20563) (Milos Djermanovic)

Commits

f5770b0 9.39.4
c30147a Build: changelog update for 9.39.4
b8b4eb1 chore: update dependencies for ESLint v9.39.4 (#20596)
71b2f6b chore: package.json update for @eslint/js release
4675152 docs: add deprecation notice partial (#20520)
f18f6c8 fix: update dependency minimatch to ^3.1.5 (#20564)
1d16c2f ci: pin Node.js 25.6.1 (#20563)
a3c868f fix: update dependency @eslint/eslintrc to ^3.3.4 (#20554)
234d005 fix: minimatch security vulnerability patch for v9.x (#20549)
b1b37ee fix: update ajv to 6.14.0 to address security vulnerabilities (#20538)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-dependencies group with 3 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `docker/build-push-action` from 6.19.2 to 7.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@10e90e3...d08e5c3) Updates `github/codeql-action` from 4.32.5 to 4.32.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c793b71...0d579ff) chore(deps): bump the all-dependencies group with 4 updates Bumps the all-dependencies group with 4 updates: [framer-motion](https://github.com/motiondivision/motion), [recharts](https://github.com/recharts/recharts), [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) and [eslint](https://github.com/eslint/eslint). Updates `framer-motion` from 12.35.0 to 12.35.1 - [Changelog](https://github.com/motiondivision/motion/blob/main/CHANGELOG.md) - [Commits](motiondivision/motion@v12.35.0...v12.35.1) Updates `recharts` from 3.7.0 to 3.8.0 - [Release notes](https://github.com/recharts/recharts/releases) - [Changelog](https://github.com/recharts/recharts/blob/main/CHANGELOG.md) - [Commits](recharts/recharts@v3.7.0...v3.8.0) Updates `@eslint/js` from 9.39.3 to 9.39.4 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v9.39.4/packages/js) Updates `eslint` from 9.39.3 to 9.39.4 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.3...v9.39.4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-dependencies - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-dependencies - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: framer-motion dependency-version: 12.35.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: recharts dependency-version: 3.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: "@eslint/js" dependency-version: 9.39.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: eslint dependency-version: 9.39.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: all-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-03-09T07:50:58Z

✅ Version automatically bumped to v3.0.8

This PR now includes the version bump commit.

⚠️ Warning: Commit created with GITHUB_TOKEN (BOT_PAT not configured).

Commit will appear as unverified
CI workflows (Tests, Pipeline) will NOT trigger automatically
Please configure BOT_PAT secret to fix this issue

Rollover versioning: X.Y.Z where X ≥ 0 and Y, Z ∈ {0-9}

Example: 1.6.9 → 1.7.0, 1.9.9 → 2.0.0, 9.9.9 → 10.0.0

This PR is ready for review! 🚀

dependabot · 2026-03-31T08:04:14Z