Skip to content

chore(deps): bump devantler-tech/actions/update-agent-skills from 8.0.0 to 9.0.0#354

Merged
botantler-1[bot] merged 1 commit into
mainfrom
dependabot/github_actions/devantler-tech/actions/update-agent-skills-9.0.0
Jul 3, 2026
Merged

chore(deps): bump devantler-tech/actions/update-agent-skills from 8.0.0 to 9.0.0#354
botantler-1[bot] merged 1 commit into
mainfrom
dependabot/github_actions/devantler-tech/actions/update-agent-skills-9.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps devantler-tech/actions/update-agent-skills from 8.0.0 to 9.0.0.

Release notes

Sourced from devantler-tech/actions/update-agent-skills's releases.

v9.0.0

9.0.0 (2026-07-03)

⚠ BREAKING CHANGES

  • remove the sync-github-labels composite action (superseded by declarative IssueLabels) (#418)
  • All callers referencing old file names, input names, output names, or secret keys must be updated.
  • run-dotnet-tests: run-dotnet-tests no longer accepts app-id or app-private-key inputs. Callers pinning by SHA are unaffected; on repin any still-passed values are simply ignored (unexpected-input warning).
  • the setup-copilot-skills/update-copilot-skills action paths are removed and setup-agent-skills's agent input is renamed to agents. Consumers on a pinned major (e.g. @​v4) are unaffected until they bump; migration guides are in each action's README.
  • the codecov-token input is removed from both actions. Callers must stop passing it (the reusable workflows are updated in lockstep).
  • copilot-skills: setup-copilot-skills and update-copilot-skills both remove the skills-lock input; setup-copilot-skills also removes the source input and redefines skills as the sole list input. Delete any skills-lock.json and move each entry onto its own <owner/repo> <skill> line in setup-copilot-skills.with.skills.
  • Action directories and input names have been renamed.

Features

  • add .NET project and test configurations (#10) (1ce56da)
  • add require-checks-in-pr composite action (#113) (1f66c91)
  • add auto-merge composite action for PRs (#14) (a8f34bd)
  • add automation configuration for PR reviews and issue sessions (f4b7152)
  • add blocked label and update label sync configuration (3041247)
  • add Calculator class with basic arithmetic operations and corresponding unit tests (f5c21a1)
  • add collapsible sections for workflow details in README (2e8d0f9)
  • add docs (aba6c52)
  • add dotnet-test-action for testing .NET solutions with GitHub Actions (ad39d59)
  • add EditorConfig file and update Calculator and CalculatorTests for consistency and clarity (f032439)
  • add GitHub workflows (861d3e2)
  • add GitOps deployment workflow for managing Kubernetes resources (f6f0ce7)
  • add GitOps validation workflow (8505da2)
  • add Hadolint action for linting Dockerfiles (9f610a8)
  • add Homebrew setup and environment initialization to GitOps workflows (c4b0fe5)
  • add Homebrew setup step to GitOps workflows for consistent environment setup (e300bd6)
  • add initial release configuration for semantic-release (3c4f906)
  • add inputs for HOSTS_FILE and ROOT_CA_CERT_FILE in GitOps workflow (6eefeeb)
  • add pull_request and merge_group triggers to Zizmor workflow (1ce3f4b)
  • add pull_request trigger to auto-merge and dotnet-test workflows (63097da)
  • add pull_request trigger to GitOps lint and test workflows (dbd5fe8)
  • add released label to labels configuration (a803193)
  • add Repo Assist labels to central config (#161) (b41fbfe)
  • add reusable workflow to sync upstream Kyverno policies and update README with usage instructions (b119b9f)
  • add schedule trigger for sync labels workflow (5f3527e)
  • add shared workflows (0fe78df)
  • add step to append hosts file if it exists (6f22cd1)
  • add upload-coverage action for GitHub Code Quality (#170) (60d895a)
  • add upsert-issue composite action (#55) (e3a0bd5)
  • add VERSION_ARGS input to dotnet-embed-binaries workflow for version retrieval (a648561)
  • add workflow for cleaning up ghcr packages (856fea4)
  • add Zizmor composite action workflow (c0b70d3)
  • add Zizmor security analysis workflow and action documentation (dbae7c7)
  • add Zizmor workflow configuration (6e1f9b5)

... (truncated)

Changelog

Sourced from devantler-tech/actions/update-agent-skills's changelog.

Changelog

9.0.0 (2026-07-03)

⚠ BREAKING CHANGES

  • remove the sync-github-labels composite action (superseded by declarative IssueLabels) (#418)
  • All callers referencing old file names, input names, output names, or secret keys must be updated.
  • run-dotnet-tests: run-dotnet-tests no longer accepts app-id or app-private-key inputs. Callers pinning by SHA are unaffected; on repin any still-passed values are simply ignored (unexpected-input warning).
  • the setup-copilot-skills/update-copilot-skills action paths are removed and setup-agent-skills's agent input is renamed to agents. Consumers on a pinned major (e.g. @​v4) are unaffected until they bump; migration guides are in each action's README.
  • the codecov-token input is removed from both actions. Callers must stop passing it (the reusable workflows are updated in lockstep).
  • copilot-skills: setup-copilot-skills and update-copilot-skills both remove the skills-lock input; setup-copilot-skills also removes the source input and redefines skills as the sole list input. Delete any skills-lock.json and move each entry onto its own <owner/repo> <skill> line in setup-copilot-skills.with.skills.
  • Action directories and input names have been renamed.

Features

  • add .NET project and test configurations (#10) (1ce56da)
  • add require-checks-in-pr composite action (#113) (1f66c91)
  • add auto-merge composite action for PRs (#14) (a8f34bd)
  • add automation configuration for PR reviews and issue sessions (f4b7152)
  • add blocked label and update label sync configuration (3041247)
  • add Calculator class with basic arithmetic operations and corresponding unit tests (f5c21a1)
  • add collapsible sections for workflow details in README (2e8d0f9)
  • add docs (aba6c52)
  • add dotnet-test-action for testing .NET solutions with GitHub Actions (ad39d59)
  • add EditorConfig file and update Calculator and CalculatorTests for consistency and clarity (f032439)
  • add GitHub workflows (861d3e2)
  • add GitOps deployment workflow for managing Kubernetes resources (f6f0ce7)
  • add GitOps validation workflow (8505da2)
  • add Hadolint action for linting Dockerfiles (9f610a8)
  • add Homebrew setup and environment initialization to GitOps workflows (c4b0fe5)
  • add Homebrew setup step to GitOps workflows for consistent environment setup (e300bd6)
  • add initial release configuration for semantic-release (3c4f906)
  • add inputs for HOSTS_FILE and ROOT_CA_CERT_FILE in GitOps workflow (6eefeeb)
  • add pull_request and merge_group triggers to Zizmor workflow (1ce3f4b)
  • add pull_request trigger to auto-merge and dotnet-test workflows (63097da)
  • add pull_request trigger to GitOps lint and test workflows (dbd5fe8)
  • add released label to labels configuration (a803193)
  • add Repo Assist labels to central config (#161) (b41fbfe)
  • add reusable workflow to sync upstream Kyverno policies and update README with usage instructions (b119b9f)
  • add schedule trigger for sync labels workflow (5f3527e)
  • add shared workflows (0fe78df)
  • add step to append hosts file if it exists (6f22cd1)
  • add upload-coverage action for GitHub Code Quality (#170) (60d895a)
  • add upsert-issue composite action (#55) (e3a0bd5)
  • add VERSION_ARGS input to dotnet-embed-binaries workflow for version retrieval (a648561)
  • add workflow for cleaning up ghcr packages (856fea4)
  • add Zizmor composite action workflow (c0b70d3)
  • add Zizmor security analysis workflow and action documentation (dbae7c7)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [devantler-tech/actions/update-agent-skills](https://github.com/devantler-tech/actions) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/devantler-tech/actions/releases)
- [Changelog](https://github.com/devantler-tech/actions/blob/main/CHANGELOG.md)
- [Commits](devantler-tech/actions@061b345...5aa2657)

---
updated-dependencies:
- dependency-name: devantler-tech/actions/update-agent-skills
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 4cce31c8-70f0-4d07-9b1b-485d48f573ce

📥 Commits

Reviewing files that changed from the base of the PR and between ff7804a and 316ed2d.

📒 Files selected for processing (1)
  • .github/workflows/update-agent-skills.yaml
📜 Recent review details
⏰ Context from checks skipped due to timeout. (8)
  • GitHub Check: [Test] Delete Workflow Runs - Minimal Parameters / Delete workflow runs
  • GitHub Check: [Test] Delete Workflow Runs - Specific Pattern / Delete workflow runs
  • GitHub Check: [Test] Delete Workflow Runs - All Workflows / Delete workflow runs
  • GitHub Check: [Test] Validate Go Project - Test Gate Blocks
  • GitHub Check: [Test] Create Release - Dry Run / Release
  • GitHub Check: [Test] Govulncheck Allowlist - Strict Path Blocks
  • GitHub Check: [Test] Govulncheck Allowlist - Allowlisted Advisory Passes
  • GitHub Check: zizmor
⚠️ CI failures not shown inline (2)

GitHub Actions: 🔀 Enable Auto-Merge / 0_auto-merge.txt: chore(deps): bump devantler-tech/actions/update-agent-skills from 8.0.0 to 9.0.0

Conclusion: failure

View job details

##[group]Run set +e
 �[36;1mset +e�[0m
 �[36;1mREVIEW_OUTPUT=$(gh pr review "$PR_NUMBER" --approve --repo "$REPOSITORY" 2>&1)�[0m
 �[36;1mREVIEW_EXIT_CODE=$?�[0m
 �[36;1mset -e�[0m
 �[36;1m�[0m
 �[36;1mif [[ $REVIEW_EXIT_CODE -eq 0 ]]; then�[0m
 �[36;1m  echo "✅ PR #${PR_NUMBER} approved"�[0m
 �[36;1melif [[ "$REVIEW_OUTPUT" == *"Can not approve your own pull request"* ]]; then�[0m
 �[36;1m  echo "::warning::Could not approve PR #${PR_NUMBER} because GitHub does not allow self-approval. Skipping approval."�[0m
 �[36;1melse�[0m
 �[36;1m  echo "::error::Failed to approve PR #${PR_NUMBER}."�[0m

GitHub Actions: 🔀 Enable Auto-Merge / auto-merge: chore(deps): bump devantler-tech/actions/update-agent-skills from 8.0.0 to 9.0.0

Conclusion: failure

View job details

##[group]Run set +e
 �[36;1mset +e�[0m
 �[36;1mREVIEW_OUTPUT=$(gh pr review "$PR_NUMBER" --approve --repo "$REPOSITORY" 2>&1)�[0m
 �[36;1mREVIEW_EXIT_CODE=$?�[0m
 �[36;1mset -e�[0m
 �[36;1m�[0m
 �[36;1mif [[ $REVIEW_EXIT_CODE -eq 0 ]]; then�[0m
 �[36;1m  echo "✅ PR #${PR_NUMBER} approved"�[0m
 �[36;1melif [[ "$REVIEW_OUTPUT" == *"Can not approve your own pull request"* ]]; then�[0m
 �[36;1m  echo "::warning::Could not approve PR #${PR_NUMBER} because GitHub does not allow self-approval. Skipping approval."�[0m
 �[36;1melse�[0m
 �[36;1m  echo "::error::Failed to approve PR #${PR_NUMBER}."�[0m
🧰 Additional context used
📓 Path-based instructions (1)
.github/workflows/*.yaml

📄 CodeRabbit inference engine (AGENTS.md)

.github/workflows/*.yaml: All reusable workflows must use the workflow_call trigger.
Pin all external actions to commit SHAs and never use floating tags such as @v4 (uses: owner/repo@<sha> # <version-comment>).
Include step-security/harden-runner as the first step of every job, with egress-policy: audit.
Set top-level permissions: {} in reusable workflows and grant permissions only at the job level.
Use persist-credentials: false on actions/checkout unless the job needs to push commits.
Reusable workflows used as organization-level repository rulesets must also include pull_request and merge_group triggers alongside workflow_call.

Files:

  • .github/workflows/update-agent-skills.yaml
🔇 Additional comments (2)
.github/workflows/update-agent-skills.yaml (2)

100-100: LGTM!


100-104: 🗄️ Data Integrity & Integration

No issue: dir, unpin, and gh-version are already declared inputs, and the pinned SHA matches v9.0.0.


📝 Walkthrough

Walkthrough

This pull request updates the pinned version of the devantler-tech/actions/update-agent-skills action used in the "Update installed skills" step of the update-agent-skills.yaml workflow, changing it from v8.0.0 to v9.0.0.

Changes

Workflow Version Bump

Layer / File(s) Summary
Update action version reference
.github/workflows/update-agent-skills.yaml
The "Update installed skills" step's uses: reference is bumped from v8.0.0 to v9.0.0.

Estimated code review effort: 1 (Trivial) | ~2 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly states the dependency bump and version change reflected in the PR.
Description check ✅ Passed The description directly describes the same version bump and includes relevant release notes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/github_actions/devantler-tech/actions/update-agent-skills-9.0.0

Comment @coderabbitai help to get the list of available commands.

@botantler-1 botantler-1 Bot enabled auto-merge (squash) July 3, 2026 16:34
@botantler-1 botantler-1 Bot merged commit ab04c20 into main Jul 3, 2026
51 checks passed
@botantler-1 botantler-1 Bot deleted the dependabot/github_actions/devantler-tech/actions/update-agent-skills-9.0.0 branch July 3, 2026 16:38
@github-project-automation github-project-automation Bot moved this from 🫴 Ready to ✅ Done in 🌊 Project Board Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

Status: ✅ Done

Development

Successfully merging this pull request may close these issues.

0 participants