This is an automated email from the ASF dual-hosted git repository.
kou pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-swift.git
The following commit(s) were added to refs/heads/main by this push:
new a427841 chore: bump actions/cache from 5.0.3 to 5.0.4 (#147)
a427841 is described below
commit a427841e605852706a3e80a7376cd785de293686
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Fri Mar 20 20:40:19 2026 +0900
chore: bump actions/cache from 5.0.3 to 5.0.4 (#147)
Bumps [actions/cache](https://github.com/actions/cache) from 5.0.3 to
5.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases";>actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add release instructions and update maintainer docs by <a
href="https://github.com/Link";><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1696";>actions/cache#1696</a></li>
<li>Potential fix for code scanning alert no. 52: Workflow does not
contain permissions by <a
href="https://github.com/Link";><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1697";>actions/cache#1697</a></li>
<li>Fix workflow permissions and cleanup workflow names / formatting by
<a href="https://github.com/Link";><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1699";>actions/cache#1699</a></li>
<li>docs: Update examples to use the latest version by <a
href="https://github.com/XZTDean";><code>@XZTDean</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1690";>actions/cache#1690</a></li>
<li>Fix proxy integration tests by <a
href="https://github.com/Link";><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1701";>actions/cache#1701</a></li>
<li>Fix cache key in examples.md for bun.lock by <a
href="https://github.com/RyPeck";><code>@RyPeck</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1722";>actions/cache#1722</a></li>
<li>Update dependencies & patch security vulnerabilities by <a
href="https://github.com/Link";><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1738";>actions/cache#1738</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/XZTDean";><code>@XZTDean</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1690";>actions/cache#1690</a></li>
<li><a href="https://github.com/RyPeck";><code>@RyPeck</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1722";>actions/cache#1722</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v5...v5.0.4";>https://github.com/actions/cache/compare/v5...v5.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md";>actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h2>How to prepare a release</h2>
<blockquote>
<p>[!NOTE]<br />
Relevant for maintainers with write access only.</p>
</blockquote>
<ol>
<li>Switch to a new branch from <code>main</code>.</li>
<li>Run <code>npm test</code> to ensure all tests are passing.</li>
<li>Update the version in <a
href="https://github.com/actions/cache/blob/main/package.json";><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li>
<li>Run <code>npm run build</code> to update the compiled files.</li>
<li>Update this <a
href="https://github.com/actions/cache/blob/main/RELEASES.md";><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a>
with the new version and changes in the <code>## Changelog</code>
section.</li>
<li>Run <code>licensed cache</code> to update the license report.</li>
<li>Run <code>licensed status</code> and resolve any warnings by
updating the <a
href="https://github.com/actions/cache/blob/main/.licensed.yml";><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a>
file with the exceptions.</li>
<li>Commit your changes and push your branch upstream.</li>
<li>Open a pull request against <code>main</code> and get it reviewed
and merged.</li>
<li>Draft a new release <a
href="https://github.com/actions/cache/releases";>https://github.com/actions/cache/releases</a>
use the same version number used in <code>package.json</code>
<ol>
<li>Create a new tag with the version number.</li>
<li>Auto generate release notes and update them to match the changes you
made in <code>RELEASES.md</code>.</li>
<li>Toggle the set as the latest release option.</li>
<li>Publish the release.</li>
</ol>
</li>
<li>Navigate to <a
href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml";>https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a>
<ol>
<li>There should be a workflow run queued with the same version
number.</li>
<li>Approve the run to publish the new version and update the major tags
for this action.</li>
</ol>
</li>
</ol>
<h2>Changelog</h2>
<h3>5.0.4</h3>
<ul>
<li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar
patterns)</li>
<li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb
protection, header validation fixes)</li>
<li>Bump <code>fast-xml-parser</code> to v5.5.6</li>
</ul>
<h3>5.0.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33";>https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<h3>5.0.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.3 <a
href="https://redirect.github.com/actions/cache/pull/1692";>#1692</a></li>
</ul>
<h3>5.0.1</h3>
<ul>
<li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via
<code>@actions/[email protected]</code> <a
href="https://redirect.github.com/actions/cache/pull/1685";>#1685</a></li>
</ul>
<h3>5.0.0</h3>
<blockquote>
<p>[!IMPORTANT]
<code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of <code>2.327.1</code>.</p>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7";><code>6682284</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1738";>#1738</a>
from actions/prepare-v5.0.4</li>
<li><a
href="https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2";><code>e340396</code></a>
Update RELEASES</li>
<li><a
href="https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6";><code>8a67110</code></a>
Add licenses</li>
<li><a
href="https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830";><code>1865903</code></a>
Update dependencies & patch security vulnerabilities</li>
<li><a
href="https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c";><code>5656298</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1722";>#1722</a>
from RyPeck/patch-1</li>
<li><a
href="https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6";><code>4e380d1</code></a>
Fix cache key in examples.md for bun.lock</li>
<li><a
href="https://github.com/actions/cache/commit/b7e8d49f17405cc70c1c120101943203c98d3a4b";><code>b7e8d49</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1701";>#1701</a>
from actions/Link-/fix-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/cache/commit/984a21b1cb176a0936f4edafb42be88978f93ef1";><code>984a21b</code></a>
Add traffic sanity check step</li>
<li><a
href="https://github.com/actions/cache/commit/acf2f1f76affe1ef80eee8e56dfddd3b3e5f0fba";><code>acf2f1f</code></a>
Fix resolution</li>
<li><a
href="https://github.com/actions/cache/commit/95a07c51324af6001b4d6ab8dff29f4dfadc2531";><code>95a07c5</code></a>
Add wait for proxy</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...668228422ae6a00e4ad889ee87cd7109ec5666a7";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/test.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 6d53d62..35390a7 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -43,7 +43,7 @@ jobs:
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 #
v6.2.0
with:
python-version: 3
- - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+ - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
with:
path: ~/.cache/pre-commit
key: pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
@@ -74,7 +74,7 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #
v6.0.2
- name: Cache
- uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+ uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
with:
path: .docker
key: docker-${{ matrix.swift-version }}-${{
hashFiles('**/Package.resolved', '**/go.sum') }}
