Bump the actions group with 4 updates

[dependabot]

Bumps the actions group with 4 updates: actions/checkout, actions/setup-node, chromaui/action and aws-actions/configure-aws-credentials.

Updates actions/checkout from 6.0.2 to 6.0.3

Release notes

Sourced from actions/checkout's releases.

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

v6.0.3

• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414

Commits

• df4cb1c Update changelog for v6.0.3 (#2446)
• 1cce339 Fix checkout init for SHA-256 repositories (#2439)
• 900f221 fix: expand merge commit SHA regex and add SHA-256 test cases (#2414)
• 0c366fd Update changelog (#2357)
• See full diff in compare view

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

• Limit automatic caching to npm, update workflows and documentation by @​priyagupta108 in actions/setup-node#1374

Dependency Upgrades

• Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @​dependabot[bot] in #1336
• Upgrade prettier from 2.8.8 to 3.6.2 by @​dependabot[bot] in #1334
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @​dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in actions/setup-node#1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in actions/setup-node#1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-node#1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-node#1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-node#1345

New Contributors

• @​priya-kinthali made their first contribution in actions/setup-node#1348
• @​salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

• 48b55a0 Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)
• ab72c7e Upgrade @​actions dependencies (#1525)
• 53b8394 Bump minimatch from 3.1.2 to 3.1.5 (#1498)
• 54045ab Scope test lockfiles by package manager and update cache tests (#1495)
• c882bff Replace uuid with crypto.randomUUID() (#1378)
• 774c1d6 feat(node-version-file): support parsing devEngines field (#1283)
• efcb663 fix: remove hardcoded bearer (#1467)
• d02c89d Fix npm audit issues (#1491)
• 6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
• 8e49463 Fix README typo (#1226)
• Additional commits viewable in compare view

Updates chromaui/action from 17.1.0 to 17.2.0

Changelog

Sourced from chromaui/action's changelog.

v17.2.0 (Mon Jun 01 2026)

🚀 Enhancement

• Join individual bail subreasons into a single field #1357 (@​codykaup)

Authors: 1

• Cody Kaup (@​codykaup)

---

v17.1.0 (Wed May 27 2026)

🚀 Enhancement

• Add additional bail details to changedPackageFiles #1344 (@​codykaup)

Authors: 1

• Cody Kaup (@​codykaup)

---

v17.0.1 (Tue May 26 2026)

🐛 Bug Fix

• Delay check of build-storybook script validation #1327 (@​jmhobbs)
• Force es-toolkit version to avoid bundle error in Yarn classic smoke test #1347 (@​codykaup)
• Fix TurboSnap mis-categorizing static assets as Storybook config changes #1340 (@​codykaup)

Authors: 2

• Cody Kaup (@​codykaup)
• John Hobbs (@​jmhobbs)

---

v17.0.0 (Tue May 19 2026)

💥 Breaking Change

• Drop support for Node 20 and define supported Node engines #1334 (@​codykaup)

🐛 Bug Fix

• Promotes prepare, build, and verify tasks to modules #1331 (@​justin-thurman)

Authors: 2

... (truncated)

Commits

• d92ea1c v17.2.0
• See full diff in compare view

Updates aws-actions/configure-aws-credentials from 6.1.1 to 6.2.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.0

6.2.0 (2026-06-01)

Features

• add additional session tags by default (#1775) (e0ba768)
• add more retry logic and better logging (#1764) (540d0c1)
• add regex validation to role-session-name (#1765) (e354499)
• Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)
• expose run id in STS client user-agent (#1774) (29d1be3)
• support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

• skip credential check on output-env-credentials: false (#1778) (58e7c47)
• assumeRole failing from session tag size too large (#1808) (d6f5dc3)

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

• fix: allow kubelet token symlink in aws-actions/configure-aws-credentials#1805

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

• additional filesystem checks (#1799) (c39f282)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

6.2.0 (2026-06-01)

Features

• add additional session tags by default (#1775) (e0ba768)
• add more retry logic and better logging (#1764) (540d0c1)
• add regex validation to role-session-name (#1765) (e354499)
• Allow custom session tags to be passed when assuming a role (#1759) (61f50f6)
• expose run id in STS client user-agent (#1774) (29d1be3)
• support custom STS endpoints (#1762) (8d52d05)

Bug Fixes

• skip credential check on output-env-credentials: false (#1778) (58e7c47)
• assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

• fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

• additional filesystem checks (#1799) (c39f282)

Commits

• e7f100c chore(main): release 6.2.0 (#1806)
• bbbffea chore: Update dist
• d6f5dc3 fix: assumeRole failing from session tag size too large (#1808)
• 12014c0 docs: fix typo in README.md (#1809)
• 4ab3589 chore: replay 6.2 devel changes onto main (#1807)
• 99214aa chore: Update dist
• 217d179 fix: allow kubelet token symlink (#1805)
• 5548f34 chore: Update dist
• 77cd089 chore: document container credentials provider support (and delete transitive...
• dbacf31 chore: bump release version (#1801)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud