Skip to content

chore(deps): bump denoland/setup-deno from 2.0.4 to 2.0.5#2443

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/denoland/setup-deno-2.0.5
Open

chore(deps): bump denoland/setup-deno from 2.0.4 to 2.0.5#2443
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/denoland/setup-deno-2.0.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps denoland/setup-deno from 2.0.4 to 2.0.5.

Release notes

Sourced from denoland/setup-deno's releases.

v2.0.5

What's Changed

New Contributors

Full Changelog: denoland/setup-deno@v2.0.0...v2.0.5

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [denoland/setup-deno](https://github.com/denoland/setup-deno) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/denoland/setup-deno/releases)
- [Commits](denoland/setup-deno@667a34c...22d081f)

---
updated-dependencies:
- dependency-name: denoland/setup-deno
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 6, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 6, 2026 18:35
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 6, 2026
@changeset-bot

changeset-bot Bot commented Jul 6, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: bf813cb

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@pkg-pr-new

pkg-pr-new Bot commented Jul 6, 2026

Copy link
Copy Markdown

Open in StackBlitz

@modelcontextprotocol/client

npm i https://pkg.pr.new/@modelcontextprotocol/client@2443

@modelcontextprotocol/codemod

npm i https://pkg.pr.new/@modelcontextprotocol/codemod@2443

@modelcontextprotocol/core

npm i https://pkg.pr.new/@modelcontextprotocol/core@2443

@modelcontextprotocol/server

npm i https://pkg.pr.new/@modelcontextprotocol/server@2443

@modelcontextprotocol/server-legacy

npm i https://pkg.pr.new/@modelcontextprotocol/server-legacy@2443

@modelcontextprotocol/express

npm i https://pkg.pr.new/@modelcontextprotocol/express@2443

@modelcontextprotocol/fastify

npm i https://pkg.pr.new/@modelcontextprotocol/fastify@2443

@modelcontextprotocol/hono

npm i https://pkg.pr.new/@modelcontextprotocol/hono@2443

@modelcontextprotocol/node

npm i https://pkg.pr.new/@modelcontextprotocol/node@2443

commit: bf813cb

@claude claude Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — routine Dependabot bump of the pinned setup-deno action SHA (2.0.4 → 2.0.5).

Extended reasoning...

Overview

This PR is a Dependabot-generated single-line change in .github/workflows/main.yml, updating the pinned commit SHA for denoland/setup-deno from v2.0.4 (667a34c) to v2.0.5 (22d081f). The version comment remains # v2, consistent with the existing pinning convention used elsewhere in the workflow.

Security risks

Minimal. The action remains pinned to a full commit SHA (not a mutable tag), which is the safest pinning style. The new SHA corresponds to the upstream v2.0.5 release per the Dependabot-provided release notes and commit list. The action is only used in the test-runtimes job's Deno leg and does not touch publish/release workflows or secrets beyond the default job token.

Level of scrutiny

Low. This is CI configuration only — no SDK code, types, transports, or public API surface is affected. It is a within-major patch bump (2.0.4 → 2.0.5) of a widely used first-party Deno action, and the changes upstream (versions.json source change, Node runtime bump for the action) do not alter the workflow's inputs or expected behavior. Per repo conventions on CI/GitHub Actions changes, there is nothing here to flag.

Other factors

No changeset is required for workflow-only changes. The bug hunting system found no issues, and the only timeline activity is the changeset-bot notice, which is expected for a deps PR. CI on the PR will exercise the updated action directly, providing verification that the bump works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants