ci(deps): bump the all group across 1 directory with 7 updates

[dependabot]

Bumps the all group with 7 updates in the / directory:

Package	From	To
azure/login	2.3.0	3.0.0
actions/checkout	6.0.0	6.0.2
actions/upload-artifact	5.0.0	7.0.0
actions/download-artifact	6.0.0	8.0.1
Azure/static-web-apps-deploy	4d27395796ac319302594769cfe812bd207490b1	1a947af9992250f3bc2e68ad0754c0b0c11566c9
rojopolis/spellcheck-github-actions	0.54.0	0.60.0
marocchino/sticky-pull-request-comment	2.9.4	3.0.2

Updates azure/login from 2.3.0 to 3.0.0

Release notes

Sourced from azure/login's releases.

Azure Login Action v3.0.0

What's Changed

• Upgrade nodejs from 20 to 24 and update dependencies by @​YanaXu in Azure/login#578

Full Changelog: Azure/login@v2.3.0...v3.0.0

Commits

• 532459e prepare release v3.0.0
• 893aa84 upgrade Azure Login Action version in README (#579)
• ce6a9ff upgrade nodejs from 20 to 24 and update dependencies (#578)
• See full diff in compare view

Updates actions/checkout from 6.0.0 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

• Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @​TingluoHuang in actions/checkout#2355
• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

• Update all references from v5 and v4 to v6 by @​ericsciple in actions/checkout#2314
• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327
• Clarify v6 README by @​ericsciple in actions/checkout#2328

Full Changelog: actions/checkout@v6...v6.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• See full diff in compare view

Updates actions/upload-artifact from 5.0.0 to 7.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

• Add proxy integration test by @​Link- in actions/upload-artifact#754
• Upgrade the module to ESM and bump dependencies by @​danwkennedy in actions/upload-artifact#762
• Support direct file uploads by @​danwkennedy in actions/upload-artifact#764

New Contributors

• @​Link- made their first contribution in actions/upload-artifact#754

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

• Upload Artifact Node 24 support by @​salmanmkc in actions/upload-artifact#719
• fix: update @​actions/artifact for Node.js 24 punycode deprecation by @​salmanmkc in actions/upload-artifact#744
• prepare release v6.0.0 for Node.js 24 support by @​salmanmkc in actions/upload-artifact#745

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

Commits

• bbbca2d Support direct file uploads (#764)
• 589182c Upgrade the module to ESM and bump dependencies (#762)
• 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
• 02a8460 Add proxy integration test
• b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
• e516bc8 docs: correct description of Node.js 24 support in README
• ddc45ed docs: update README to correct action name for Node.js 24 support
• 615b319 chore: release v6.0.0 for Node.js 24 support
• 017748b Merge pull request #744 from actions/fix-storage-blob
• 38d4c79 chore: rebuild dist
• Additional commits viewable in compare view

Updates actions/download-artifact from 6.0.0 to 8.0.1

Release notes

Sourced from actions/download-artifact's releases.

v8.0.1

What's Changed

• Support for CJK characters in the artifact name by @​danwkennedy in actions/download-artifact#471
• Add a regression test for artifact name + content-type mismatches by @​danwkennedy in actions/download-artifact#472

Full Changelog: actions/download-artifact@v8...v8.0.1

v8.0.0

v8 - What's new

[!IMPORTANT] actions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.

[!IMPORTANT] Hash mismatches will now error by default. Users can override this behavior with a setting change (see below).

Direct downloads

To support direct uploads in actions/upload-artifact, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the Content-Type header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new skip-decompress parameter to true.

Enforced checks (breaking)

A previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the digest-mismatch parameter. To be secure by default, we are now defaulting the behavior to error which will fail the workflow run.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

• Don't attempt to un-zip non-zipped downloads by @​danwkennedy in actions/download-artifact#460
• Add a setting to specify what to do on hash mismatch and default it to error by @​danwkennedy in actions/download-artifact#461

Full Changelog: actions/download-artifact@v7...v8.0.0

v7.0.0

v7 - What's new

[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/download-artifact#440
• Download Artifact Node24 support by @​salmanmkc in actions/download-artifact#415
• fix: update @​actions/artifact to fix Node.js 24 punycode deprecation by @​salmanmkc in actions/download-artifact#451
• prepare release v7.0.0 for Node.js 24 support by @​salmanmkc in actions/download-artifact#452

... (truncated)

Commits

• 3e5f45b Add regression tests for CJK characters (#471)
• e6d03f6 Add a regression test for artifact name + content-type mismatches (#472)
• 70fc10c Merge pull request #461 from actions/danwkennedy/digest-mismatch-behavior
• f258da9 Add change docs
• ccc058e Fix linting issues
• bd7976b Add a setting to specify what to do on hash mismatch and default it to error
• ac21fcf Merge pull request #460 from actions/danwkennedy/download-no-unzip
• 15999bf Add note about package bumps
• 974686e Bump the version to v8 and add release notes
• fbe48b1 Update test names to make it clearer what they do
• Additional commits viewable in compare view

Updates Azure/static-web-apps-deploy from 4d27395796ac319302594769cfe812bd207490b1 to 1a947af9992250f3bc2e68ad0754c0b0c11566c9

Commits

• 3683e75 Revert output location addition (#6)
• 9c29d78 Add output location (#5)
• 920eddf Update README.md (#4)
• 13ea91c Update formatting and add outputs (#3)
• 9d6724c Update README.md
• 0affc72 Update README.md
• 94a3d49 Update action.yml
• a1897fe Update README.md
• f4da27f Update README.md (#2)
• bfdda70 Merge pull request #1 from Azure/developer/miwebst/createaction
• Additional commits viewable in compare view

Updates rojopolis/spellcheck-github-actions from 0.54.0 to 0.60.0

Release notes

Sourced from rojopolis/spellcheck-github-actions's releases.

0.60.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.58.0 to 0.59.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#327
• Bump actions/upload-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#326
• Bump docker/metadata-action from 5.10.0 to 6.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#332
• Bump docker/login-action from 3.7.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#333
• Bump docker/setup-buildx-action from 3.12.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#329
• Bump docker/build-push-action from 6.19.2 to 7.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#330
• Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#331
• Bump python from 486b809 to 6a27522 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#325
• More correct error message, issue #328 by @​jonasbn in rojopolis/spellcheck-github-actions#334
• Preparing release 0.60.0 by @​jonasbn in rojopolis/spellcheck-github-actions#335

Full Changelog: rojopolis/spellcheck-github-actions@0.59.0...0.60.0

0.59.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.57.0 to 0.58.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#318
• Bump actions/checkout from 6.0.1 to 6.0.2 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#317
• Bump docker/login-action from 3.6.0 to 3.7.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#319
• Bump docker/build-push-action from 6.18.0 to 6.19.2 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#321
• Support spaces in file names by @​akohout-hai in rojopolis/spellcheck-github-actions#322
• Bump python from 3.14.2-slim-trixie to 3.14.3-slim-trixie by @​dependabot[bot] in rojopolis/spellcheck-github-actions#320
• release 0.59.0 by @​jonasbn in rojopolis/spellcheck-github-actions#323

New Contributors

• @​akohout-hai made their first contribution in rojopolis/spellcheck-github-actions#322

Full Changelog: rojopolis/spellcheck-github-actions@0.58.0...0.59.0

0.58.0

What's Changed

• Security patch for dependency pymdown-extensions by @​jonasbn in rojopolis/spellcheck-github-actions#313
• Bump rojopolis/spellcheck-github-actions from 0.56.0 to 0.57.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#315

Full Changelog: rojopolis/spellcheck-github-actions@0.57.0...0.58.0

0.57.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.55.0 to 0.56.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#309
• Bump python from 2751cbe to 3955a7d by @​dependabot[bot] in rojopolis/spellcheck-github-actions#310
• Updated base image, version intact. Maintenance release, update not required by @​jonasbn in rojopolis/spellcheck-github-actions#311

Full Changelog: rojopolis/spellcheck-github-actions@0.56.0...0.57.0

0.56.0

What's Changed

... (truncated)

Changelog

Sourced from rojopolis/spellcheck-github-actions's changelog.

Change Log for spellcheck-github-actions

0.60, 2026-03-14, minor feature release, update not required

• Docker based image updated for Python 3.14.3 slim trixie via PR #325 from Dependabot.

• Cleaned up the error messaging, to address issue #328 from @​akohout-hai, the error message is now more correct, but not improved in general

0.59.0, 2026-03-02, feature release, update recommended

• Improvements have been added to the docker entrypoint, based on a PR from @​akohout-hai which fixes an issue with handling of spaces in files names and directories, see PR #322 for details. This is his first contribution to the project and I want to thank him for his contribution, which is highly appreciated.

• Docker based image updated to Python 3.14.3 slim trixie via PR #320 from Dependabot.

0.58.0, 2026-01-20, security release, update not required

• A minor security issue in the dependency: pymdown-extensions, which is used by the core component PySpelling
  • GHSA-r6h4-mm7h-8pmq
  • Original issue: facelessuser/pymdown-extensions#2716

0.57.0, 2026-01-14, maintenance release, update not required

• Docker based image updated to Python 3.14.2 slim trixie via PR #310 from Dependabot. The version is the same, the image has had updates.

0.56.0, 2025-12-27, feature and maintenance release, update not required

• Support for Portuguese (Portugal and Brazil) for both Hunspell and Aspell, requested by: @​mdiazgoncalves via issue #298
• Docker image updated to Python 3.14.2 trixie slim Release notes for Python 3.14.2

0.55.0, 2025-11-27, maintenance release, update not required

• Via an issue #293 from @​shoverbj, an update to the core component PySpelling from version 2.12.0 to version 2.12.1 was made, this allows for use of large dictionaries with Aspell

0.54.0, 2025-11-05, feature release, update not required

• PySpelling the core component has been updated to version 2.12.0, which introduces support for maximum available cores. The feature is described in the release notes for PySpelling 2.12.0. See the documentation for PySpelling.

• The flag was introduced with release 2.10 of PySpelling, which was adopted in release 0.36.0 of this action.

0.53.0, 2025-10-25, maintenance release, update not required

• Docker image updated to Python 3.14.0 trixie slim Release notes for Python 3.14.0, this originated from the PR mentioned below, however updated to Trixie from Bookworm and as always the slim variant is used

• Bumped the requirement for cython to 3.0.11 or above, addressing a build issue with lxml, located when testing the PR : #274 from @​dependabot, the above update of Python

• In general the Docker build file had a few updates since the above changes required some tweaking of the Dockerfile

  • Order of installation of dependencies adjusted to ensure that lxml can build correctly
  • Installation of:
    • build-essential
    • pkg-config

... (truncated)

Commits

• e3cd8e9 Merge pull request #335 from rojopolis/release_candidate_0.60.0
• 1d3820d Preparing release 0.60.0
• bafc7d3 More correct error message, issue #328 (#334)
• df486cb Added update of Docker base image
• 6d6eb52 Bump python from 486b809 to 6a27522 (#325)
• 631e4a7 Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (#331)
• ebefb9d Bump docker/build-push-action from 6.19.2 to 7.0.0 (#330)
• b3b2580 Bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#329)
• dc29b58 Bump docker/login-action from 3.7.0 to 4.0.0 (#333)
• 5d55413 Bump docker/metadata-action from 5.10.0 to 6.0.0 (#332)
• Additional commits viewable in compare view

Updates marocchino/sticky-pull-request-comment from 2.9.4 to 3.0.2

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v3.0.2

What's Changed

• Add comprehensive tests for main.ts covering all branches by @​Copilot in marocchino/sticky-pull-request-comment#1660
• Don't create a comment with hide: true by @​marocchino in marocchino/sticky-pull-request-comment#1661

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.1...v3.0.2

v3.0.1

What's Changed

• Update deps
• Change build system from ncc to rollup
• Use pull_request trigger in github action

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.0...v3.0.1

v3.0.0

What's Changed

• Update node to 24
• Update deps

New Contributors

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.4...v3.0.0

Commits

• 70d2764 📦️ Build
• 308b2fd Don't create a comment with hide: true (#1661)
• 3bbec31 Add comprehensive tests for main.ts covering all branches (#1660)
• aaf6178 🔖 Version bump (#1658)
• 7d67ef6 👷 Use pull_request
• 1ed3d7b ⬆️ Update deps
• 46a16ec build(deps-dev): Bump @​types/node from 24.5.2 to 25.0.3 (#1646)
• 0a36b9e build(deps): Bump @​actions/core from 1.11.1 to 2.0.2 (#1649)
• 74297c9 build(deps-dev): Bump @​vercel/ncc from 0.38.3 to 0.38.4 (#1592)
• e736d73 📦️ Build
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions