Skip to content

chore(deps): bump MetaMask/action-checkout-and-setup from 3 to 3.4.0#29

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/main/MetaMask/action-checkout-and-setup-3.4.0
Open

chore(deps): bump MetaMask/action-checkout-and-setup from 3 to 3.4.0#29
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/main/MetaMask/action-checkout-and-setup-3.4.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps MetaMask/action-checkout-and-setup from 3 to 3.4.0.

Release notes

Sourced from MetaMask/action-checkout-and-setup's releases.

3.4.0

Added

  • Add skip-install input (#74)
    • This option can be used to skip installing Yarn dependencies, useful for when Node.js setup is needed, but dependencies are not.

3.3.1

Fixed

  • Use raw GitHub URL for public repositories (#72)
    • This solves an issue with rate limit errors caused by using the GitHub API in high-activity public repositories.

3.3.0

Added

  • Add persist-credentials input (#69)
    • This is forwarded to actions/checkout, and defaults to false.

Fixed

  • Restore support for private repositories (#68)
  • Include Yarn install state when restoring cache (#66)

3.2.0

Added

  • Allow high-risk the option to save cache without reading cache (#64)

3.1.0

Added

  • Add force-setup option to always perform checkout and setup (#61)

3.0.1

Fixed

  • Fix Windows runner compatibility by using curl instead of wget (#59)
Changelog

Sourced from MetaMask/action-checkout-and-setup's changelog.

[3.4.0]

Added

  • Add skip-install input (#74)
    • This option can be used to skip installing Yarn dependencies, useful for when Node.js setup is needed, but dependencies are not.

[3.3.1]

Fixed

  • Use raw GitHub URL for public repositories (#72)
    • This solves an issue with rate limit errors caused by using the GitHub API in high-activity public repositories.

[3.3.0]

Added

  • Add persist-credentials input (#69)
    • This is forwarded to actions/checkout, and defaults to false.

Fixed

  • Restore support for private repositories (#68)
  • Include Yarn install state when restoring cache (#66)

[3.2.0]

Added

  • Allow high-risk the option to save cache without reading cache (#64)

[3.1.0]

Added

  • Add force-setup option to always perform checkout and setup (#61)

[3.0.1]

Fixed

  • Fix Windows runner compatibility by using curl instead of wget (#59)

[3.0.0]

Changed

  • BREAKING: Security fix, removes the inputs yarn-custom-url, use-yarn-hydrate, and yarn-hydrate-command -- replaced with yarn-tarball (#57)
  • BREAKING: Made things faster when there's a cache hit, but now requires either .nvmrc or inputs.node-version (#54)

... (truncated)

Commits
  • 9928e44 chore(deps): bump MetaMask/action-is-release from 1 to 2 (#46)
  • 9cef4c0 ci: Add GitHub Actions to Dependabot config (#45)
  • 7ca9605 fix: Use environment variables for script inputs (#44)
  • d76df86 chore(deps): bump js-yaml from 3.14.1 to 3.14.2 in the npm_and_yarn group acr...
  • a108e8d 2.0.0 (#42)
  • 7521429 chore(deps): Bump actions to latest versions (#41)
  • 93ad48b refactor!: Always include runner OS and arch in cache key (#40)
  • 1743cf8 feat!: Include full Node version in cache key (#38)
  • 392abd4 1.4.0 (#36)
  • 9d93b27 feat: Add parameter for platform specific caching (#34)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [MetaMask/action-checkout-and-setup](https://github.com/metamask/action-checkout-and-setup) from 3 to 3.4.0.
- [Release notes](https://github.com/metamask/action-checkout-and-setup/releases)
- [Changelog](https://github.com/MetaMask/action-checkout-and-setup/blob/main/CHANGELOG.md)
- [Commits](MetaMask/action-checkout-and-setup@v3...v3.4.0)

---
updated-dependencies:
- dependency-name: MetaMask/action-checkout-and-setup
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 3, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 3, 2026 06:06
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants