(arrow-js) branch main updated: chore: bump actions/setup-node from 6.2.0 to 6.3.0 (#406)

kou Mon, 09 Mar 2026 22:29:10 -0700

This is an automated email from the ASF dual-hosted git repository.

kou pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-js.git



The following commit(s) were added to refs/heads/main by this push:
     new ebab919  chore: bump actions/setup-node from 6.2.0 to 6.3.0 (#406)
ebab919 is described below

commit ebab919a50676fdf9521e6cb6dbd7a214f1b7f03
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Mar 10 14:28:56 2026 +0900

    chore: bump actions/setup-node from 6.2.0 to 6.3.0 (#406)
    
    Bumps [actions/setup-node](https://github.com/actions/setup-node) from
    6.2.0 to 6.3.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/actions/setup-node/releases";>actions/setup-node's
    releases</a>.</em></p>
    <blockquote>
    <h2>v6.3.0</h2>
    <h2>What's Changed</h2>
    <h3>Enhancements:</h3>
    <ul>
    <li>Support parsing <code>devEngines</code> field by <a
    href="https://github.com/susnux";><code>@susnux</code></a> in <a
    
href="https://redirect.github.com/actions/setup-node/pull/1283";>actions/setup-node#1283</a></li>
    </ul>
    <blockquote>
    <p>When using node-version-file: package.json, setup-node now
    prefers devEngines.runtime over engines.node.</p>
    </blockquote>
    <h3>Dependency updates:</h3>
    <ul>
    <li>Fix npm audit issues by <a
    href="https://github.com/gowridurgad";><code>@gowridurgad</code></a> in
    <a
    
href="https://redirect.github.com/actions/setup-node/pull/1491";>actions/setup-node#1491</a></li>
    <li>Replace uuid with crypto.randomUUID() by <a
    href="https://github.com/trivikr";><code>@trivikr</code></a> in <a
    
href="https://redirect.github.com/actions/setup-node/pull/1378";>actions/setup-node#1378</a></li>
    <li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a
    href="https://github.com/dependabot";><code>@dependabot</code></a> in <a
    
href="https://redirect.github.com/actions/setup-node/pull/1498";>actions/setup-node#1498</a></li>
    </ul>
    <h3>Bug fixes:</h3>
    <ul>
    <li>Remove hardcoded bearer for mirror-url <a
    href="https://github.com/marco-ippolito";><code>@marco-ippolito</code></a>
    in <a
    
href="https://redirect.github.com/actions/setup-node/pull/1467";>actions/setup-node#1467</a></li>
    <li>Scope test lockfiles by package manager and update cache tests by <a
    href="https://github.com/gowridurgad";><code>@gowridurgad</code></a> in
    <a
    
href="https://redirect.github.com/actions/setup-node/pull/1495";>actions/setup-node#1495</a></li>
    </ul>
    <h2>New Contributors</h2>
    <ul>
    <li><a href="https://github.com/susnux";><code>@susnux</code></a> made
    their first contribution in <a
    
href="https://redirect.github.com/actions/setup-node/pull/1283";>actions/setup-node#1283</a></li>
    </ul>
    <p><strong>Full Changelog</strong>: <a
    
href="https://github.com/actions/setup-node/compare/v6...v6.3.0";>https://github.com/actions/setup-node/compare/v6...v6.3.0</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    
href="https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f";><code>53b8394</code></a>
    Bump minimatch from 3.1.2 to 3.1.5 (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1498";>#1498</a>)</li>
    <li><a
    
href="https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc";><code>54045ab</code></a>
    Scope test lockfiles by package manager and update cache tests (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1495";>#1495</a>)</li>
    <li><a
    
href="https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a";><code>c882bff</code></a>
    Replace uuid with crypto.randomUUID() (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1378";>#1378</a>)</li>
    <li><a
    
href="https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d";><code>774c1d6</code></a>
    feat(node-version-file): support parsing <code>devEngines</code> field
    (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1283";>#1283</a>)</li>
    <li><a
    
href="https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e";><code>efcb663</code></a>
    fix: remove hardcoded bearer (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1467";>#1467</a>)</li>
    <li><a
    
href="https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb";><code>d02c89d</code></a>
    Fix npm audit issues (<a
    
href="https://redirect.github.com/actions/setup-node/issues/1491";>#1491</a>)</li>
    <li>See full diff in <a
    
href="https://github.com/actions/setup-node/compare/6044e13b5dc448c55e2357c09f80417699197238...53b83947a5a98c8d113130e565377fae1a50d02f";>compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=6.2.0&new-version=6.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/rc.yaml   | 4 ++--
 .github/workflows/test.yaml | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/rc.yaml b/.github/workflows/rc.yaml
index 1049f1a..c18ed0e 100644
--- a/.github/workflows/rc.yaml
+++ b/.github/workflows/rc.yaml
@@ -100,7 +100,7 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 
v6.0.2
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 
v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # 
v6.3.0
         with:
           cache: npm
           node-version: 20
@@ -163,7 +163,7 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 
v6.0.2
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 
v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # 
v6.3.0
         with:
           cache: npm
           node-version: 20
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 9a819d8..6faaee8 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -43,7 +43,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # 
v6.0.2
 
       # ESLint
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 
v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # 
v6.3.0
         with:
           cache: npm
           node-version: 20
@@ -104,7 +104,7 @@ jobs:
           path: .jest-cache
           key: jest-${{ runner.os }}-${{ hashFiles('src/**/*.ts', 
'test/**/*.ts', 'package-lock.json') }}
           restore-keys: jest-${{ runner.os }}-
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 
v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # 
v6.3.0
         with:
           node-version: ${{ matrix.node }}
       - name: Build
@@ -130,7 +130,7 @@ jobs:
           path: .jest-cache
           key: jest-${{ runner.os }}-${{ hashFiles('src/**/*.ts', 
'test/**/*.ts', 'package-lock.json') }}
           restore-keys: jest-${{ runner.os }}-
-      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # 
v6.2.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # 
v6.3.0
         with:
           node-version: ${{ matrix.node }}
       - name: Build

(arrow-js) branch main updated: chore: bump actions/setup-node from 6.2.0 to 6.3.0 (#406)

Reply via email to