chore(deps): bump @actions/cache from 4.1.0 to 6.0.0 by dependabot[bot] · Pull Request #143 · step-security/setup-zig

dependabot · 2026-05-07T07:19:59Z

Bumps @actions/cache from 4.1.0 to 6.0.0.

Changelog

Sourced from @actions/cache's changelog.

6.0.0

Breaking change: Package is now ESM-only

CommonJS consumers must use dynamic import() instead of require()

5.0.5

Bump @actions/glob to 0.5.1

5.0.4

Bump @actions/http-client to 3.0.2

5.0.3

Prevent retries for rate limited cache operations 2243.

5.0.1

Fix Node.js 24 punycode deprecation warning by updating @azure/storage-blob from ^12.13.0 to ^12.29.1 #2213

Newer storage-blob uses @azure/core-rest-pipeline instead of deprecated @azure/core-http, which eliminates the transitive dependency on node-fetch@2 → whatwg-url@5 → tr46@0.0.3 that used the deprecated punycode module

5.0.0

Remove @azure/ms-rest-js dependency #2197

The TransferProgressEvent type is now imported from @azure/core-rest-pipeline instead of @azure/ms-rest-js

Bump @actions/core from ^1.11.1 to ^2.0.0 #2198

Bump @actions/exec from ^1.0.1 to ^2.0.0 #2198

Bump @actions/glob from ^0.1.0 to ^0.5.0 #2198

Bump @actions/http-client from ^2.1.1 to ^3.0.0 #2198

Bump @actions/io from ^1.0.1 to ^2.0.0 #2198

Add support for Node.js 24 #2110

Add node-fetch override to resolve audit vulnerabilities #2110

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @actions/cache since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache) from 4.1.0 to 6.0.0. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache) --- updated-dependencies: - dependency-name: "@actions/cache" dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 7, 2026

dependabot Bot mentioned this pull request May 7, 2026

chore(deps): bump @actions/cache from 4.1.0 to 6.0.0 #106

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump @actions/cache from 4.1.0 to 6.0.0#143

chore(deps): bump @actions/cache from 4.1.0 to 6.0.0#143
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/actions/cache-6.0.0

dependabot Bot commented on behalf of github May 7, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 7, 2026

6.0.0

5.0.5

5.0.4

5.0.3

5.0.1

5.0.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants