KEMBAR78
Bump the "all" group with 2 updates across multiple ecosystems by dependabot[bot] · Pull Request #20893 · Homebrew/brew · GitHub
Skip to content

Bump the "all" group with 2 updates across multiple ecosystems #20893

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 17, 2025
Merged

Bump the "all" group with 2 updates across multiple ecosystems #20893

merged 3 commits into from
Oct 17, 2025
+137 −74

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 17, 2025

Bumps the all group with 2 updates: github/codeql-action and ruby/setup-ruby.

Updates github/codeql-action from 4.30.7 to 4.30.8

Release notes

Sourced from github/codeql-action's releases.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

  • [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

  • Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

  • We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
  • Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

  • Fixed a bug which could cause language autodetection to fail. #3084
  • Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

3.30.1 - 05 Sep 2025

  • Update default CodeQL bundle version to 2.23.0. #3077

3.30.0 - 01 Sep 2025

  • Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #3054

3.29.11 - 21 Aug 2025

... (truncated)

Commits
  • f443b60 Merge pull request #3198 from github/update-v4.30.8-527f0f324
  • 7a2cb62 Update changelog for v4.30.8
  • 527f0f3 Merge pull request #3195 from github/dependabot/npm_and_yarn/npm-minor-37415c...
  • f402506 Merge pull request #3196 from github/dependabot/github_actions/dot-github/wor...
  • f5e53f9 Merge pull request #3197 from github/dependabot/github_actions/dot-github/wor...
  • 4e90a42 Merge pull request #3193 from github/mbg/ff/tools-toolcache
  • 413a4a4 Rebuild
  • 4521864 Bump github/codeql-action from 3 to 4 in /.github/workflows
  • eadf14b Bump ruby/setup-ruby
  • e1257b6 Rebuild
  • Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.264.0 to 1.265.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.265.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.264.0...v1.265.0

Commits

Bumps the all group with 3 updates in the /Library/Homebrew directory: sorbet-static-and-runtime, spoom and rspec-mocks.

Updates sorbet-static-and-runtime from 0.6.12633 to 0.6.12649

Release notes

Sourced from sorbet-static-and-runtime's releases.

sorbet 0.6.12648.20251016142819-f6aa4dc10

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12648', :group => :development
gem 'sorbet-runtime', '0.6.12648'

sorbet 0.6.12647.20251016141834-ed0f11c39

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12647', :group => :development
gem 'sorbet-runtime', '0.6.12647'

sorbet 0.6.12646.20251016121338-4f0fcdbaf

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12646', :group => :development
gem 'sorbet-runtime', '0.6.12646'

sorbet 0.6.12645.20251014173456-23e5ba096

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12645', :group => :development
gem 'sorbet-runtime', '0.6.12645'

sorbet 0.6.12644.20251014170504-fbba5cd44

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12644', :group => :development
gem 'sorbet-runtime', '0.6.12644'

sorbet 0.6.12643.20251014162319-f3424245d

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12643', :group => :development
gem 'sorbet-runtime', '0.6.12643'

sorbet 0.6.12642.20251013175745-ece52e5e2

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12642', :group => :development
gem 'sorbet-runtime', '0.6.12642'

sorbet 0.6.12641.20251013132328-964c65a66

... (truncated)

Commits

Updates spoom from 1.7.7 to 1.7.8

Commits
  • f86c7c2 Bump version to v1.7.8
  • 05f1642 Merge pull request #804 from Shopify/at-rbs-override-allow-incompatible-visib...
  • d4170fc Add support for override(allow_incompatible: :visibility)
  • 526bb6a Bump rbi to v0.3.7
  • 0bef5d6 Merge pull request #807 from Shopify/dependabot/github_actions/ruby/setup-rub...
  • 044de0f Bump ruby/setup-ruby from 1.263.0 to 1.265.0
  • 2fd878b Merge pull request #805 from Shopify/at-rubocop-line-length
  • f636364 Fix Layout/LineLength code offenses
  • c9816d2 Migrate long RBS signature comments to multiline sigs
  • fdc4813 Reenable Layout/LineLength
  • Additional commits viewable in compare view

Updates sorbet-runtime from 0.6.12633 to 0.6.12649

Release notes

Sourced from sorbet-runtime's releases.

sorbet 0.6.12648.20251016142819-f6aa4dc10

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12648', :group => :development
gem 'sorbet-runtime', '0.6.12648'

sorbet 0.6.12647.20251016141834-ed0f11c39

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12647', :group => :development
gem 'sorbet-runtime', '0.6.12647'

sorbet 0.6.12646.20251016121338-4f0fcdbaf

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12646', :group => :development
gem 'sorbet-runtime', '0.6.12646'

sorbet 0.6.12645.20251014173456-23e5ba096

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12645', :group => :development
gem 'sorbet-runtime', '0.6.12645'

sorbet 0.6.12644.20251014170504-fbba5cd44

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12644', :group => :development
gem 'sorbet-runtime', '0.6.12644'

sorbet 0.6.12643.20251014162319-f3424245d

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12643', :group => :development
gem 'sorbet-runtime', '0.6.12643'

sorbet 0.6.12642.20251013175745-ece52e5e2

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12642', :group => :development
gem 'sorbet-runtime', '0.6.12642'

sorbet 0.6.12641.20251013132328-964c65a66

... (truncated)

Commits

Updates prism from 1.5.2 to 1.6.0

Release notes

Sourced from prism's releases.

v1.6.0

Added

  • Add support for passing "current" as the version option to Prism.* APIs.

Changed

  • Remove a compiler warning for a missing unsigned cast for a shift value.
Changelog

Sourced from prism's changelog.

[1.6.0] - 2025-10-16

Added

  • Add support for passing "current" as the version option to Prism.* APIs.

Changed

  • Remove a compiler warning for a missing unsigned cast for a shift value.
Commits
  • 2924f8f Merge pull request #3683 from ruby/bump-version
  • b72fcc6 Bump to v1.6.0
  • 1a22357 Merge pull request #3679 from Earlopain/parse-as-current
  • 9c5cd20 Add support for Prism.parse(foo, version: "current")
  • 8e88590 Merge pull request #3680 from tenderlove/trusted-publishers
  • f224797 use bundler cache instead of bundle install
  • 64f3c2a Add npm publishing workflow
  • 2b91919 Add crates.io publishing workflow
  • 6f56379 Add gem publishing workflow
  • 4848dbd Merge pull request #3682 from froydnj/froydnj-unsigned-shift-constant
  • Additional commits viewable in compare view

Updates rbi from 0.3.6 to 0.3.7

Release notes

Sourced from rbi's releases.

v0.3.7

What's Changed

✨ Enhancements

🛠 Other Changes

Full Changelog: Shopify/rbi@v0.3.6...v0.3.7

Commits
  • 10756d1 Bump version to v0.3.7
  • 63c85c6 Merge pull request #520 from Shopify/at-allow-incompatible-override-visibility
  • f5fa0b8 Merge pull request #524 from Shopify/dependabot/github_actions/ruby/setup-rub...
  • 5259e67 Bump ruby/setup-ruby from 1.263.0 to 1.265.0
  • 45727a5 Merge pull request #522 from Shopify/dependabot/bundler/minor-and-patch-eed4f...
  • 8b46e70 Bump the minor-and-patch group with 3 updates
  • c39bf9b Update exported RBI
  • b06b1b6 Add RBS support for allow_incompatible_override_visibility modifier
  • 32ab743 Parse allow_incompatible_override_visibility modifier
  • 7f69b0b Print allow_incompatible_override_visibility modifier
  • Additional commits viewable in compare view

Updates rspec-mocks from 3.13.5 to 3.13.6

Changelog

Sourced from rspec-mocks's changelog.

3.13.6 / 2025-10-14

Full Changelog

Bug Fixes:

  • Work around possible infinite loop when stubbing is_a?. (Erin Paget, rspec/rspec#265)
Commits
  • 0cca228 rspec-mocks-v3.13.6
  • de0f104 Merge pull request #265 from undees/undees/73-avoid-infinite-loop-on-mocked-is-a
  • 5aa0256 Change more :if / :unless to :skip
  • 6ceb263 Merge pull request #226 from rspec/general-lint-fixes
  • e82920a Fix typo for expectations
  • See full diff in compare view

Updates sorbet from 0.6.12633 to 0.6.12649

Release notes

Sourced from sorbet's releases.

sorbet 0.6.12648.20251016142819-f6aa4dc10

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12648', :group => :development
gem 'sorbet-runtime', '0.6.12648'

sorbet 0.6.12647.20251016141834-ed0f11c39

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12647', :group => :development
gem 'sorbet-runtime', '0.6.12647'

sorbet 0.6.12646.20251016121338-4f0fcdbaf

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12646', :group => :development
gem 'sorbet-runtime', '0.6.12646'

sorbet 0.6.12645.20251014173456-23e5ba096

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12645', :group => :development
gem 'sorbet-runtime', '0.6.12645'

sorbet 0.6.12644.20251014170504-fbba5cd44

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12644', :group => :development
gem 'sorbet-runtime', '0.6.12644'

sorbet 0.6.12643.20251014162319-f3424245d

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12643', :group => :development
gem 'sorbet-runtime', '0.6.12643'

sorbet 0.6.12642.20251013175745-ece52e5e2

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12642', :group => :development
gem 'sorbet-runtime', '0.6.12642'

sorbet 0.6.12641.20251013132328-964c65a66

... (truncated)

Commits

Updates sorbet-static from 0.6.12633 to 0.6.12649

Release notes

Sourced from sorbet-static's releases.

sorbet 0.6.12648.20251016142819-f6aa4dc10

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12648', :group => :development
gem 'sorbet-runtime', '0.6.12648'

sorbet 0.6.12647.20251016141834-ed0f11c39

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12647', :group => :development
gem 'sorbet-runtime', '0.6.12647'

sorbet 0.6.12646.20251016121338-4f0fcdbaf

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12646', :group => :development
gem 'sorbet-runtime', '0.6.12646'

sorbet 0.6.12645.20251014173456-23e5ba096

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12645', :group => :development
gem 'sorbet-runtime', '0.6.12645'

sorbet 0.6.12644.20251014170504-fbba5cd44

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12644', :group => :development
gem 'sorbet-runtime', '0.6.12644'

sorbet 0.6.12643.20251014162319-f3424245d

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12643', :group => :development
gem 'sorbet-runtime', '0.6.12643'

sorbet 0.6.12642.20251013175745-ece52e5e2

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12642', :group => :development
gem 'sorbet-runtime', '0.6.12642'

sorbet 0.6.12641.20251013132328-964c65a66

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all group with 2 updates
b922782 
Bumps the all group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `github/codeql-action` from 4.30.7 to 4.30.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@e296a93...f443b60)

Updates `ruby/setup-ruby` from 1.264.0 to 1.265.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@6797dcb...ab177d4)
build(deps): bump the all group across 1 directory with 8 updates

Bumps the all group with 3 updates in the /Library/Homebrew directory: [sorbet-static-and-runtime](https://github.com/sorbet/sorbet), [spoom](https://github.com/Shopify/spoom) and [rspec-mocks](https://github.com/rspec/rspec).


Updates `sorbet-static-and-runtime` from 0.6.12633 to 0.6.12649
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

Updates `spoom` from 1.7.7 to 1.7.8
- [Release notes](https://github.com/Shopify/spoom/releases)
- [Commits](Shopify/spoom@v1.7.7...v1.7.8)

Updates `sorbet-runtime` from 0.6.12633 to 0.6.12649
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

Updates `prism` from 1.5.2 to 1.6.0
- [Release notes](https://github.com/ruby/prism/releases)
- [Changelog](https://github.com/ruby/prism/blob/main/CHANGELOG.md)
- [Commits](ruby/prism@v1.5.2...v1.6.0)

Updates `rbi` from 0.3.6 to 0.3.7
- [Release notes](https://github.com/Shopify/rbi/releases)
- [Commits](Shopify/rbi@v0.3.6...v0.3.7)

Updates `rspec-mocks` from 3.13.5 to 3.13.6
- [Changelog](https://github.com/rspec/rspec/blob/rspec-mocks-v3.13.6/rspec-mocks/Changelog.md)
- [Commits](rspec/rspec@rspec-mocks-v3.13.5...rspec-mocks-v3.13.6)

Updates `sorbet` from 0.6.12633 to 0.6.12649
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

Updates `sorbet-static` from 0.6.12633 to 0.6.12649
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruby/setup-ruby
  dependency-version: 1.265.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: sorbet-static-and-runtime
  dependency-version: 0.6.12649
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: spoom
  dependency-version: 1.7.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sorbet-runtime
  dependency-version: 0.6.12649
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: prism
  dependency-version: 1.6.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: rbi
  dependency-version: 0.3.7
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rspec-mocks
  dependency-version: 3.13.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sorbet
  dependency-version: 0.6.12649
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sorbet-static
  dependency-version: 0.6.12649
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Bumping Gemfile dependencies github_actions Pull requests that update GitHub Actions code labels Oct 17, 2025
@MikeMcQuaid MikeMcQuaid enabled auto-merge October 17, 2025 09:02
@MikeMcQuaid MikeMcQuaid added this pull request to the merge queue Oct 17, 2025
Merged via the queue into main with commit 67863ea Oct 17, 2025
39 checks passed
@MikeMcQuaid MikeMcQuaid deleted the dependabot/all-adb4866129 branch October 17, 2025 09:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MikeMcQuaid MikeMcQuaid MikeMcQuaid approved these changes

Assignees

No one assigned

Labels

dependencies Bumping Gemfile dependencies github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MikeMcQuaid @BrewTestBot