Skip to content

chore(deps): bump svenstaro/upload-release-action from 2.11.3 to 2.11.4#559

Merged
soumeh01 merged 2 commits intomainfrom
dependabot/github_actions/svenstaro/upload-release-action-2.11.4
Mar 3, 2026
Merged

chore(deps): bump svenstaro/upload-release-action from 2.11.3 to 2.11.4#559
soumeh01 merged 2 commits intomainfrom
dependabot/github_actions/svenstaro/upload-release-action-2.11.4

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps svenstaro/upload-release-action from 2.11.3 to 2.11.4.

Release notes

Sourced from svenstaro/upload-release-action's releases.

2.11.4

What's Changed

Bumped all NPM versions

Changelog

Sourced from svenstaro/upload-release-action's changelog.

Changelog

[2.11.4] - 2026-02-25

  • Bump npm versions

[2.11.3] - 2025-11-20

  • Post-fix releases created as draft when they shouldn't have - #99

[2.11.2] - 2025-07-06

  • Solved race-condition when matrix builds try to create the same release at the same time - #147

[2.11.1] - 2025-06-30

  • Adds a release_id output, and optional input, for uploading files to release - #136 (thanks @​alexis-opolka)

[2.10.0] - 2025-06-21

  • Adds the ability to disable duplicate check, for lower Github API usage - #142 (thanks @​colinsullivan)

[2.9.1] - 2025-06-21

  • Fixed development + CI, updated dependencies #137

[2.9.0] - 2024-02-22

[2.8.0] - 2024-02-21

  • Bump all deps
  • Update to node 20

[2.7.0] - 2023-07-28

[2.6.1] - 2023-05-31

[2.6.0] - 2023-05-23

  • Add make_latest input parameter. Can be set to false to prevent the created release from being marked as the latest release for the repository #100 (thanks @​brandonkelly)
  • Don't try to upload empty files #102 (thanks @​Loyalsoldier)
  • Bump all deps #105
  • overwrite option also overwrites name and body #106 (thanks @​regevbr)
  • Add promote option to allow prereleases to be promoted #74 (thanks @​regevbr)

[2.5.0] - 2023-02-21

[2.4.1] - 2023-02-01

  • Modernize octokit usage

[2.4.0] - 2023-01-09

  • Update to node 16
  • Bump most dependencies

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump svenstaro/upload-release-action from 2.11.3 to 2.11.4
d818c14 
Bumps [svenstaro/upload-release-action](https://github.com/svenstaro/upload-release-action) from 2.11.3 to 2.11.4.
- [Release notes](https://github.com/svenstaro/upload-release-action/releases)
- [Changelog](https://github.com/svenstaro/upload-release-action/blob/master/CHANGELOG.md)
- [Commits](svenstaro/upload-release-action@6b7fa9f...b98a3b1)

---
updated-dependencies:
- dependency-name: svenstaro/upload-release-action
  dependency-version: 2.11.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 1, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 1, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/svenstaro/upload-release-action b98a3b12e86552593f3e4e577ca8a62aa2f3f22b 🟢 3
Details
CheckScoreReason
Maintained⚠️ 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 1Found 4/28 approved changesets -- score normalized to 1
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • .github/workflows/release.yml

@soumeh01 soumeh01 merged commit 41705e3 into main Mar 3, 2026
19 checks passed
@soumeh01 soumeh01 deleted the dependabot/github_actions/svenstaro/upload-release-action-2.11.4 branch March 3, 2026 09:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@soumeh01 soumeh01 soumeh01 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@soumeh01