Skip to content

build(deps): consolidate open Dependabot dependency updates#1341

Open
Copilot wants to merge 2 commits intomainfrom
copilot/consolidate-dependabot-updates
Open

build(deps): consolidate open Dependabot dependency updates#1341
Copilot wants to merge 2 commits intomainfrom
copilot/consolidate-dependabot-updates

Conversation

Copy link

Copilot AI commented Feb 18, 2026
edited
Loading

Consolidates 10 open Dependabot PRs (#1312, #1314, #1316, #1317, #1318, #1322, #1323, #1328, #1330, #1331) into a single update. PR titles from Dependabot did not match actual diff content; versions below reflect the actual PR diffs.

Go dependencies

  • github.com/spf13/cobra: v1.9.1 → v1.10.2 (go.mod, test/e2e/plugin/go.mod)
  • github.com/spf13/pflag: v1.0.7 → v1.0.10 (go.mod)
  • golang.org/x/term: v0.37.0 → v0.40.0 (go.mod)
  • github.com/onsi/ginkgo/v2: v2.25.2 → v2.28.1 (test/e2e/go.mod)
  • github.com/onsi/gomega: v1.38.2 → v1.39.0 (test/e2e/go.mod)

GitHub Actions

  • actions/setup-go: v5.5.0 → v6.2.0 (build, codeql, release-github)
  • actions/cache: v4.2.4 → v5.0.3
  • codecov/codecov-action: v5.5.0 → v5.5.2
  • github/codeql-action: v3.29.11 → v4.32.3 (codeql, scorecard)
  • actions/stale: v9.1.0 → v10.2.0

All actions remain pinned by commit SHA. No advisory vulnerabilities found in any updated dependency.

Original prompt

This section details on the original issue you should resolve

<issue_title>Consolidate open Dependabot dependency updates</issue_title>
<issue_description>## Summary

There are currently 10 open Dependabot PRs that should be reviewed and merged to keep dependencies up to date.

Open Dependabot PRs

Go Dependencies

GitHub Actions

Suggested Approach

  1. Review each PR for breaking changes
  2. Merge non-breaking updates first (patch/minor bumps)
  3. Test and merge major version bumps individually</issue_description>

<agent_instructions>The dependabot PRs may have incorrect PR title against the content. Use the PR content as the source of truth.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

@shizhMSFT Note that the title of those dependabot PR does not match the content. Require a human dev to resolve this issue.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

@shizhMSFT
build(deps): consolidate dependabot dependency updates
2152ffa 
Update Go dependencies:
- github.com/spf13/cobra: v1.9.1 -> v1.10.2 (go.mod, test/e2e/plugin/go.mod)
- github.com/spf13/pflag: v1.0.7 -> v1.0.10 (go.mod)
- golang.org/x/term: v0.37.0 -> v0.40.0 (go.mod)
- github.com/onsi/ginkgo/v2: v2.25.2 -> v2.28.1 (test/e2e/go.mod)
- github.com/onsi/gomega: v1.38.2 -> v1.39.0 (test/e2e/go.mod)

Update GitHub Actions:
- actions/setup-go: v5.5.0 -> v6.2.0
- actions/cache: v4.2.4 -> v5.0.3
- codecov/codecov-action: v5.5.0 -> v5.5.2
- github/codeql-action: v3.29.11 -> v4.32.3
- actions/stale: v9.1.0 -> v10.2.0

Consolidates PRs #1312, #1314, #1316, #1317, #1318, #1322, #1323, #1328, #1330, #1331

Co-authored-by: shizhMSFT <32161882+shizhMSFT@users.noreply.github.com>
Copilot AI changed the title [WIP] Consolidate open Dependabot dependency updates build(deps): consolidate open Dependabot dependency updates Feb 18, 2026
Copilot AI requested a review from shizhMSFT February 18, 2026 06:29
@codecov
Copy link

codecov bot commented Feb 18, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.22%. Comparing base (2a55855) to head (2152ffa).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1341   +/-   ##
=======================================
  Coverage   79.22%   79.22%           
=======================================
  Files          68       68           
  Lines        3066     3066           
=======================================
  Hits         2429     2429           
  Misses        433      433           
  Partials      204      204

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@shizhMSFT shizhMSFT marked this pull request as ready for review February 18, 2026 06:32
shizhMSFT
shizhMSFT approved these changes Feb 18, 2026
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shizhMSFT
Copy link
Contributor

shizhMSFT commented Feb 18, 2026

Commits must have verified signatures.

Copilot does not sign the commits 😢

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@priteshbandi priteshbandi Awaiting requested review from priteshbandi priteshbandi is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@vaninrao10 vaninrao10 Awaiting requested review from vaninrao10 vaninrao10 is a code owner

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

1 more reviewer

@shizhMSFT shizhMSFT shizhMSFT approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@shizhMSFT shizhMSFT

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Consolidate open Dependabot dependency updates

2 participants

@shizhMSFT

Comments