chore(deps): update github-actions (major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker/build-push-action	action	major	v5.4.0 -> v6.9.0
google-github-actions/release-please-action	action	major	v3.7.13 -> v4.1.1
gradle/actions	action	major	v3.5.0 -> v4.1.0
lycheeverse/lychee-action	action	major	v1.10.0 -> v2.0.2
oxsecurity/megalinter	action	major	v7.13.0 -> v8.1.0
peter-evans/create-pull-request	action	major	v6.1.0 -> v7.0.5
ubuntu	github-runner	major	22.04 -> 24.04

---

Release Notes

docker/build-push-action (docker/build-push-action)

v6.9.0

Compare Source

• Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0 in https://github.com/docker/build-push-action/pull/1234
• Bump path-to-regexp from 6.2.2 to 6.3.0 in https://github.com/docker/build-push-action/pull/1232

Full Changelog: docker/build-push-action@v6.8.0...v6.9.0

v6.8.0

Compare Source

• Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0 in https://github.com/docker/build-push-action/pull/1230

Full Changelog: docker/build-push-action@v6.7.0...v6.8.0

v6.7.0

Compare Source

v6.6.1

Compare Source

• Bump @​docker/actions-toolkit from 0.37.0 to 0.37.1 in https://github.com/docker/build-push-action/pull/1205

Full Changelog: docker/build-push-action@v6.6.0...v6.6.1

v6.6.0

Compare Source

v6.5.0

Compare Source

v6.4.1

Compare Source

v6.4.0

Compare Source

• Set repository and ghtoken attributes for GitHub Actions cache backend by @​crazy-max in https://github.com/docker/build-push-action/pull/1133
• Bump @​docker/actions-toolkit from 0.31.0 to 0.33.0 in https://github.com/docker/build-push-action/pull/1179

Full Changelog: docker/build-push-action@v6.3.0...v6.4.0

v6.3.0

Compare Source

• DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @​crazy-max in https://github.com/docker/build-push-action/pull/1172
• DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @​crazy-max in https://github.com/docker/build-push-action/pull/1170 https://github.com/docker/build-push-action/pull/1173
• Bump @​docker/actions-toolkit from 0.28.0 to 0.31.0 in https://github.com/docker/build-push-action/pull/1171 https://github.com/docker/build-push-action/pull/1159 https://github.com/docker/build-push-action/pull/1169

Full Changelog: docker/build-push-action@v6.2.0...v6.3.0

v6.2.0

Compare Source

• Use default retention days for build export artifact by @​crazy-max in https://github.com/docker/build-push-action/pull/1153
• Bump @​docker/actions-toolkit from 0.27.0 to 0.28.0 in https://github.com/docker/build-push-action/pull/1158

Full Changelog: docker/build-push-action@v6.1.0...v6.2.0

v6.1.0

Compare Source

v6.0.2

Compare Source

v6.0.1

Compare Source

v6.0.0

Compare Source

google-github-actions/release-please-action (google-github-actions/release-please-action)

v4.1.1

Compare Source

Bug Fixes

• add deprecation warning to workflow run (#​1) (edb78cf)

v4.1.0

Compare Source

Features

• add changelog-host input to action.yml (#​948) (863b06f)

v4.0.3

Compare Source

Bug Fixes

• bump release-please from 16.5.0 to 16.10.0 (#​953) (d7e88e0)

v4.0.2

Compare Source

Bug Fixes

• bump release-please from 16.4.0 to 16.5.0 (#​905) (df71963)
• log release-please version (#​910) (2a496d1), closes #​325

v4.0.1

Compare Source

Bug Fixes

• bump release-please from 16.3.1 to 16.4.0 (#​897) (2463dad)

v4.0.0

Compare Source

gradle/actions (gradle/actions)

v4.1.0

Compare Source

This release brings some minor improvements:

• The latest release of Gradle is no longer required to perform cache-cleanup. If Gradle is found to on the PATH and the version meets minimum version requirements, then the version on PATH is used for cache-cleanup and Gradle is not downloaded.
• Fixes a bug where setting the develocity-token-expiry parameter had no effect (#​381)
• Numerous NPM dependency updates

Full Changelog: gradle/actions@v4.0.1...v4.1.0

v4.0.1

Compare Source

This patch release updates a number of dependencies, and fixes a bug that caused Gradle version '8.1' to be confused with '8.10'.

What's Changed

• Dependency-updates by @​bigdaz in https://github.com/gradle/actions/pull/326, https://github.com/gradle/actions/pull/356
• NPM dependency updates by @​dependabot in https://github.com/gradle/actions/pull/330, https://github.com/gradle/actions/pull/349
• Include Gradle 8.10 in known wrapper checksums in https://github.com/gradle/actions/pull/341
• Differentiate Gradle 8.1 from 8.10 when checking version by @​bigdaz in https://github.com/gradle/actions/pull/358

Full Changelog: gradle/actions@v4.0.0...v4.0.1

v4.0.0

Compare Source

Final release of v4.0.0 of the setup-gradle, dependency-submission and wrapper-validation actions provided under gradle/actions.
This release is available under the v4 tag.

Major changes from the v3 release

The arguments parameter has been removed

Using the action to execute Gradle via the arguments parameter was deprecated in v3 and this parameter has been removed.
See here for more details.

Cache cleanup enabled by default

After a number of fixes and improvements, this release enables cache-cleanup by default for all Jobs using the setup-gradle and dependency-submission actions.

Improvements and bugfixes related cache cleanup:

• By default, cache cleanup is not run if any Gradle build fails (#​71)
• Cache cleanup is not run after configuration-cache reuse (#​19)

This feature should help to minimize the size of entries written to the GitHub Actions cache, speeding up builds and reducing cache usage.

Wrapper validation enabled by default

In v3, the setup-gradle action was enhanced to support Gradle wrapper validation, removing the need to use a separate workflow
file with the gradle/actions/wrapper-validation action.

With this release, wrapper validation has been significantly improved, and is now enabled by default (#​12):

• The allow-snapshot-wrappers makes it possible to validate snapshot wrapper jars using setup-gradle.
• Checksums for nightly and snapshot Gradle versions are now validated (#​281).
• Valid wrapper checksums are cached in Gradle User Home, reducing the need to retrieve checksum values remotely (#​172).
• Reduce network calls in wrapper-validation for new Gradle versions: By only fetching wrapper checksums for Gradle versions that were not known when this action was released, this release reduces the likelihood that a network failure could cause failure in wrapper validation (#​171)
• Improved error message when wrapper-validation finds no wrapper jars (#​284)

Wrapper validation is important for supply-chain integrity. Enabling this feature by default will increase the coverage of wrapper
validation on projects using GitHub Actions.

New input parameters for Dependency Graph generation

Some dependency-graph inputs that could previously only be configured via environment variables now have dedicated action inputs:

• dependency-graph-report-dir: sets the location where dependency-graph reports will be generated
• dependency-graph-exclude-projects and dependency-graph-include-projects: select which Gradle projects will contribute to the generated dependency graph.
• dependency-graph-exclude-configurations and dependency-graph-include-configurations: select which Gradle configurations will contribute to the generated dependency graph.

Other improvements

• In Job summary, the action now provides an explanation when cache is set to read-only or disabled (#​255)
• When setup-gradle requests a specific Gradle version, the action will no longer download and install that version if it is already available on the PATH of the runner (#​270)
• To attempt to speed up builds, the setup-gradle and dependency-submission actions now attempt to use the D: drive for Gradle User Home if it is available (#​290)

Deprecations and breaking changes

• The gradle-home-cache-cleanup input parameter has been deprecated and replaced by cache-cleanup
• The undocumented dependency-graph: clear parameter has been removed without replacement
• The following parameters deprecated in v3 have been removed:
  • arguments
  • build-scan-terms-of-service-url and build-scan-terms-of-service-agree

Changelog

• Only fetch checksums for unknown wrapper versions by @​bigdaz in https://github.com/gradle/actions/pull/292
• Isolate 'dependency-submission' action from 'setup-gradle' by @​bigdaz in https://github.com/gradle/actions/pull/293
• Caching improvements by @​bigdaz in https://github.com/gradle/actions/pull/294
• Config cache cleanup by @​bigdaz in https://github.com/gradle/actions/pull/295
• Delete excluded paths on restore Gradle Home by @​bigdaz in https://github.com/gradle/actions/pull/298
• Use faster D: drive on windows for Gradle User Home and Gradle downloads by @​bigdaz in https://github.com/gradle/actions/pull/299
• Always set the GRADLE_USER_HOME env var by @​bigdaz in https://github.com/gradle/actions/pull/300
• Fix windows by @​bigdaz in https://github.com/gradle/actions/pull/302
• Use pre-installed Gradle when available by @​bigdaz in https://github.com/gradle/actions/pull/301
• Prepare for v4 release by @​bigdaz in https://github.com/gradle/actions/pull/303
• Include RUNNER_ARCH in cache key by @​bigdaz in https://github.com/gradle/actions/pull/305
• Introduce dependency graph params by @​bigdaz in https://github.com/gradle/actions/pull/304
• Finish enabling cache-cleanup by default by @​bigdaz in https://github.com/gradle/actions/pull/306
• Bump references to Develocity Gradle plugin from 3.17.5 to 3.17.6 by @​bot-githubaction in https://github.com/gradle/actions/pull/315
• Group cache-cleanup log messages by @​bigdaz in https://github.com/gradle/actions/pull/319
• Enable wrapper-validation by default in setup-gradle by @​bigdaz in https://github.com/gradle/actions/pull/318
• Improve error messages for min-wrapper-count by @​bigdaz in https://github.com/gradle/actions/pull/321

Full Changelog: gradle/actions@v3.5.0...v4.0.0

lycheeverse/lychee-action (lycheeverse/lychee-action)

v2.0.2: Version 2.0.2

Compare Source

What's Changed

• Fix a typos by @​szepeviktor in https://github.com/lycheeverse/lychee-action/pull/257
• Document and use correct permissions in the GitHub workflows by @​dscho in https://github.com/lycheeverse/lychee-action/pull/258
• Add security policy by @​mondeja in https://github.com/lycheeverse/lychee-action/pull/259

New Contributors

• @​szepeviktor made their first contribution in https://github.com/lycheeverse/lychee-action/pull/257
• @​mondeja made their first contribution in https://github.com/lycheeverse/lychee-action/pull/259

Full Changelog: lycheeverse/lychee-action@v2...v2.0.2

v2.0.1: Version 2.0.1

Compare Source

What's Changed

• Don't remove the lychee config file by @​dmathieu in https://github.com/lycheeverse/lychee-action/pull/255
• Bump lycheeverse/lychee-action from 1 to 2 by @​dependabot in https://github.com/lycheeverse/lychee-action/pull/252
• Fix variable name in docs by @​kdeldycke in https://github.com/lycheeverse/lychee-action/pull/253

New Contributors

• @​dmathieu made their first contribution in https://github.com/lycheeverse/lychee-action/pull/255

Full Changelog: lycheeverse/lychee-action@v2...v2.0.1

v2.0.0: Version 2.0.0

Compare Source

Breaking Changes

Note: This release improves the action's robustness by changing default behaviors. Changes are only required if you want to opt out of the new failure conditions. Most users won't need to modify their existing configurations.

Fail pipeline on error by default

We've changed the default behavior: pipelines will now fail on broken links automatically. This addresses user feedback that not failing on broken links was unexpected (see issue #​71).

What you need to do:

• Update to version 2 of this action to apply this change.
• Users of the lychee-action@master branch don't need to make any changes, as fail: true has been the default there for a while.
• If you prefer the old behavior, explicitly set fail to false when updating:

- name: Link Checker
  id: lychee
  uses: lycheeverse/lychee-action@v2
  with:
    fail: false  # Don't fail action on broken links

Fail pipeline if no links were found

Similar to the above change, we now fail the pipeline if no links are found during a run. This helps warn users about potential configuration issues.

What you need to do:

• If you expect links to be found in your pipeline run, you don't need to do anything.
• If you expect no links in your pipeline run, you can opt out like this:

- name: Link Checker
  id: lychee
  uses: lycheeverse/lychee-action@v2
  with:
    failIfEmpty: false  # Don't fail action if no links were found

For a more detailed description of the technical aspects behind these changes, please see the full changelog below.

What's Changed

• feat: change to use the full version tag with v-* prefix by @​kemingy in https://github.com/lycheeverse/lychee-action/pull/204
• Add failIfEmpty argument (fixes #​84) by @​mre in https://github.com/lycheeverse/lychee-action/pull/86
• Fail pipeline on error by default (fixes #​71) by @​mre in https://github.com/lycheeverse/lychee-action/pull/85
• Exit in case output is set in args and action input by @​mre in https://github.com/lycheeverse/lychee-action/pull/227
• v1 will automatically use latest version by @​jacobdalamb in https://github.com/lycheeverse/lychee-action/pull/228
• Remove unneeded text by @​jacobdalamb in https://github.com/lycheeverse/lychee-action/pull/229
• Clarify README.md defaults by @​paddyroddy in https://github.com/lycheeverse/lychee-action/pull/230
• Adjust for new asset naming scheme by @​dscho in https://github.com/lycheeverse/lychee-action/pull/234
• Test various lychee versions by @​mre in https://github.com/lycheeverse/lychee-action/pull/235
• Better cleanup of old lychee assets by @​mre in https://github.com/lycheeverse/lychee-action/pull/237
• Bump peter-evans/create-issue-from-file from v4 to v5 by @​AndreiCherniaev in https://github.com/lycheeverse/lychee-action/pull/241
• Remove dots from table by @​AndreiCherniaev in https://github.com/lycheeverse/lychee-action/pull/242
• README: update actions/cache to v4 by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/243
• Set exit_code correctly as output by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/245
• action: fix failing CI by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/246
• Split up steps in action by @​mre in https://github.com/lycheeverse/lychee-action/pull/248
• Bump version to 0.16.x, respect new tag names by @​mre in https://github.com/lycheeverse/lychee-action/pull/249
• Test latest lychee version tag by @​mre in https://github.com/lycheeverse/lychee-action/pull/236

New Contributors

• @​kemingy made their first contribution in https://github.com/lycheeverse/lychee-action/pull/204
• @​paddyroddy made their first contribution in https://github.com/lycheeverse/lychee-action/pull/230
• @​dscho made their first contribution in https://github.com/lycheeverse/lychee-action/pull/234
• @​AndreiCherniaev made their first contribution in https://github.com/lycheeverse/lychee-action/pull/241
• @​sebastiaanspeck made their first contribution in https://github.com/lycheeverse/lychee-action/pull/243

Full Changelog: lycheeverse/lychee-action@v1...v1.11.0

oxsecurity/megalinter (oxsecurity/megalinter)

v8.1.0

Compare Source

• Core

  • Allow to tag PRE_COMMANDS to run them before loading plugins, by @​nvuillam in #​3944
  • Replace usage of setup.py with a pyproject.toml package install, by @​echoix in #​3893
  • Allow to add custom messages at the end of PR / MR MegaLinter Summary using variable JOB_SUMMARY_ADDITIONAL_MARKDOWN

• New linters

  • New LUA linter: selene, by @​AlejandroSuero in #​3978
  • New LUA formatter: stylua, by @​AlejandroSuero in #​3985

• Linters enhancements

  • Trivy
    • Embed vulnerability database in Docker Image for running trivy on internet-free network
    • Retry 5 times after 3 seconds in case of TooManyRequests when downloading vulnerability database
    • If the retries did not succeed, call trivy with --skip-db-update --skip-check-update (not ideal but better than nothing)
  • Bash/Perl: Support shell scripts with no extension and only support perl shebangs at the beginning of a file in #​4076

• Fixes

  • Add debug traces to investigate reporters activation
  • Add more traces for ApiReporter
  • Activate ApiReporter by default

• Reporters

  • Fix ApiReporter not called in MegaLinter flavors

• Doc

  • Fix Grafana Home Dashboard to add missing criteria
  • Update PRE_COMMANDS documentation to describe all properties
  • Update Grafana documentation to fix secrets typo

• CI

  • Free space in release job to avoid no space left on device, by @​nvuillam in #​3914
  • Add pytest-rerunfailures to improve CI control jobs success, by @​AlejandroSuero in #​3993
  • Send GITHUB_TOKEN to trivy-action
  • Workaround to avoid to reach Docker Hub rate limits: Build & push first on ghcr.io, then login to docker hub, then push to docker hub

• Linter versions upgrades

  • actionlint from 1.7.1 to 1.7.3 on 2024-09-29
  • ansible-lint from 24.7.0 to 24.9.2 on 2024-09-20
  • bandit from 1.7.9 to 1.7.10 on 2024-09-23
  • bicep_linter from 0.29.47 to 0.30.23 on 2024-09-24
  • black from 24.8.0 to 24.10.0 on 2024-10-07
  • cfn-lint from 1.10.3 to 1.16.1 on 2024-10-11
  • checkov from 3.2.232 to 3.2.257 on 2024-10-06
  • checkstyle from 10.17.0 to 10.18.2 on 2024-09-29
  • clippy from 0.1.80 to 0.1.81 on 2024-09-06
  • clj-kondo from 2024.08.01 to 2024.09.27 on 2024-09-26
  • cpplint from 1.6.1 to 2.0.0 on 2024-10-06
  • csharpier from 0.29.0 to 0.29.2 on 2024-09-16
  • cspell from 8.14.1 to 8.15.1 on 2024-10-11
  • detekt from 1.23.6 to 1.23.7 on 2024-09-08
  • djlint from 1.34.1 to 1.35.2 on 2024-08-29
  • dotnet-format from 8.0.108 to 8.0.110 on 2024-10-11
  • eslint from 8.57.0 to 8.57.1 on 2024-09-16
  • gitleaks from 8.18.4 to 8.20.1 on 2024-10-08
  • golangci-lint from 1.60.1 to 1.61.0 on 2024-09-09
  • kics from 2.1.2 to 2.1.3 on 2024-10-04
  • lightning-flow-scanner from 2.33.0 to 2.34.0 on 2024-08-25
  • lychee from 0.15.1 to 0.16.1 on 2024-10-07
  • markdownlint from 0.41.0 to 0.42.0 on 2024-09-24
  • mypy from 1.11.1 to 1.11.2 on 2024-08-25
  • npm-groovy-lint from 14.6.0 to 15.0.2 on 2024-08-29
  • php-cs-fixer from 3.62.0 to 3.64.0 on 2024-08-31
  • phpcs from 3.10.2 to 3.10.3 on 2024-09-20
  • phplint from 9.4.1 to 9.5.3 on 2024-10-11
  • phpstan from 1.11.11 to 1.12.6 on 2024-10-06
  • pmd from 7.4.0 to 7.6.0 on 2024-09-27
  • psalm from Psalm.5.25.0@​ to Psalm.5.26.1@​ on 2024-09-09
  • pylint from 3.2.6 to 3.3.1 on 2024-09-24
  • pyright from 1.1.376 to 1.1.384 on 2024-10-11
  • revive from 1.3.9 to 1.4.0 on 2024-09-23
  • roslynator from 0.8.9.0 to 0.9.1.0 on 2024-10-11
  • rubocop from 1.65.1 to 1.66.1 on 2024-09-06
  • ruff from 0.6.1 to 0.6.9 on 2024-10-04
  • scalafix from 0.12.1 to 0.13.0 on 2024-09-27
  • secretlint from 8.2.4 to 8.4.0 on 2024-10-06
  • sfdx-scanner-apex from 4.4.0 to 4.6.0 on 2024-09-26
  • sfdx-scanner-aura from 4.4.0 to 4.6.0 on 2024-09-26
  • sfdx-scanner-lwc from 4.4.0 to 4.6.0 on 2024-09-26
  • shfmt from 3.8.0 to 3.9.0 on 2024-09-03
  • snakemake from 8.18.1 to 8.21.0 on 2024-10-13
  • spectral from 6.11.1 to 6.13.1 on 2024-09-21
  • sqlfluff from 3.1.0 to 3.2.3 on 2024-10-11
  • standard from 17.1.0 to 17.1.2 on 2024-09-13
  • stylelint from 16.8.2 to 16.10.0 on 2024-10-11
  • swiftlint from 0.56.1 to 0.57.0 on 2024-09-09
  • syft from 1.11.0 to 1.14.0 on 2024-10-07
  • terraform-fmt from 1.9.4 to 1.9.5 on 2024-08-28
  • terragrunt from 0.66.8 to 0.67.5 on 2024-09-16
  • terrascan from 1.18.11 to 1.19.9 on 2024-09-21
  • trivy-sbom from 0.54.1 to 0.56.2 on 2024-10-11
  • trivy from 0.54.1 to 0.56.2 on 2024-10-11
  • trufflehog from 3.81.10 to 3.82.8 on 2024-10-13
  • v8r from 4.0.1 to 4.1.0 on 2024-08-25
  • vale from 3.7.0 to 3.7.1 on 2024-09-26

v8.0.0

Compare Source

• Reporters
  • New ApiReporter (can be used to build Grafana dashboards), by @​nvuillam in #​3540

• Removed deprecated linters, by @​nvuillam in #​3854

  • CSS_SCSSLINT: Project discontinued and advising to use stylelint
  • OPENAPI_SPECTRAL: Replaced by API_SPECTRAL (same linter but more formats handled)
  • SQL_SQL_LINT: Project no longer maintained

• Core

  • Hide to linters by default all environment variables that contain TOKEN, USERNAME or PASSWORD, by @​nvuillam in #​3881
  • Allow to override CLI_LINT_MODE when defined as project, by @​nvuillam in #​3772
  • Allow to use absolute paths for LINTER_RULES_PATH, by @​nvuillam in #​3775
  • Allow to update variables from PRE/POST Commands using output_variables property, by @​nvuillam in #​3861

• Media

  • MegaLinter: un linter pour les gouverner tous (FR), by Guillaume Arnaud from WeScale
  • MegaLinter, by Stéphane Robert, from 3DS OutScale
  • 30 Seconds to Setup MegaLinter: Your Go-To Tool for Automated Code Quality, by Peng Cao |

• Linters enhancements

  • bandit Call bandit with quiet mode to generate less logs, by @​nvuillam in #​3892
  • grype Count number of errors returned by Grype, by @​nvuillam in #​3906
  • yamllint Fix yamllint default format to avoid special characters or GitHub sections in text logs, by @​nvuillam in #​3898

• Fixes

  • terrascan fixed errors and removed redundant code, by @​TommyE123 in #​3767
  • dotnet-format various performance improvements and ability to specify sln or proj paths, by @​TommyE123 in #​3741
  • swiftlint Remove deprecated argument --path
  • Salesforce linters: Disable SF CLI auto update warning, by @​nvuillam in #​3883

• Doc

  • Add images and links to Git, CI/CD & other tools integrations at the beginning of the README, by @​nvuillam in #​3885
  • Create README animated GIF presentation of MegaLinter, by @​nvuillam in #​3910
  • Format mkdocs search index in place, by @​echoix in #​3890
  • Use consistent spelling of 'flavor', by @​InputUsername in #​3789

• CI

  • Fix docker warnings, by @​nvuillam in #​3853
    • FromAsCasing: 'as' and 'FROM' keywords' casing do not match
    • NoEmptyContinuation: Empty continuation line
    • SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data
  • Port Beta workflows to use docker/metadata-action, by @​echoix in #​3860
  • AutoUpdate linters: Always create a PR if the job has been started manually, by @​nvuillam in #​3863
  • Add skip_checkout: true to default MegaLinter GitHub Action template
  • Remove path filters in deploy-DEV workflow as it is a required check by @​echoix in #​3894

• mega-linter-runner

  • Add new rules to upgrade to MegaLinter v8, by @​nvuillam in #​3896
  • Replace glob-promise by glob library, by @​nvuillam in #​3902
    • Minimum NodeJs version is now 20.x

• Linter versions upgrades

  • ansible-lint from 24.6.1 to 24.7.0
  • bicep_linter from 0.28.1 to 0.29.47
  • black from 24.4.2 to 24.8.0
  • cfn-lint from 1.5.0 to 1.10.3
  • checkov from 3.2.174 to 3.2.232
  • clippy from 0.1.79 to 0.1.80
  • clj-kondo from 2024.05.24 to 2024.08.01
  • csharpier from 0.28.2 to 0.29.0
  • cspell from 8.10.4 to 8.14.1
  • dotnet-format from 8.0.106 to 8.0.108
  • flake8 from 7.1.0 to 7.1.1
  • golangci-lint from 1.59.1 to 1.60.1
  • grype from 0.79.2 to 0.79.5
  • jsonlint from 14.0.3 to 16.0.0
  • kics from 2.1.1 to 2.1.2
  • kubeconform from 0.6.6 to 0.6.7
  • lightning-flow-scanner from 2.28.0 to 2.33.0
  • mypy from 1.10.1 to 1.11.1
  • php-cs-fixer from 3.59.3 to 3.62.0
  • phpcs from 3.10.1 to 3.10.2
  • phpstan from 1.11.9 to 1.11.11
  • pmd from 7.3.0 to 7.4.0
  • prettier from 3.3.2 to 3.3.3
  • protolint from 0.50.2 to 0.50.5
  • pylint from 3.2.5 to 3.2.6
  • pyright from 1.1.370 to 1.1.376
  • revive from 1.3.7 to 1.3.9
  • rstcheck from 6.2.1 to 6.2.4
  • rubocop from 1.64.1 to 1.65.1
  • ruff from 0.5.1 to 0.6.1
  • sfdx-scanner-apex from 4.3.2 to 4.4.0
  • sfdx-scanner-aura from 4.3.2 to 4.4.0
  • sfdx-scanner-lwc from 4.3.2 to 4.4.0
  • snakemake from 8.15.2 to 8.18.1
  • stylelint from 16.6.1 to 16.8.2
  • swiftlint from 0.55.1 to 0.56.1
  • syft from 1.8.0 to 1.11.0
  • terraform-fmt from 1.9.0 to 1.9.4
  • terragrunt from 0.59.6 to 0.66.8
  • tflint from 0.52.0 to 0.53.0
  • trivy-sbom from 0.53.0 to 0.54.1
  • trivy from 0.53.0 to 0.54.1
  • trufflehog from 3.79.0 to 3.81.9
  • v8r from 3.1.0 to 4.0.1
  • vale from 3.6.0 to 3.7.0

peter-evans/create-pull-request (peter-evans/create-pull-request)

v7.0.5: Create Pull Request v7.0.5

Compare Source

⚙️ Fixes an issue with commit signing to allow it to support symlinks

What's Changed

• fix: support symlinks when commit signing by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3359

Full Changelog: peter-evans/create-pull-request@v7.0.4...v7.0.5

v7.0.4: Create Pull Request v7.0.4

Compare Source

⚙️ Fixes an issue with commit signing to allow it to support submodules

What's Changed

• docs: correct suggestion for bot setup by @​henryiii in https://github.com/peter-evans/create-pull-request/pull/3342
• build(deps-dev): bump @​types/jest from 29.5.12 to 29.5.13 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3343
• build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3344
• fix: support submodules when commit signing by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3354

New Contributors

• @​henryiii made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3342

Full Changelog: peter-evans/create-pull-request@v7.0.3...v7.0.4

v7.0.3: Create Pull Request v7.0.3

Compare Source

⚙️ Fixes an issue with commit signing where commit SHAs have variable lengths when abbreviated.

What's Changed

• fix: disable abbreviated commit shas in diff by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3337

Full Changelog: peter-evans/create-pull-request@v7.0.2...v7.0.3

v7.0.2: Create Pull Request v7.0.2

Compare Source

⚙️ Fixes an issue with commit signing when a change was detected as being a rename or copy.

What's Changed

• build(deps-dev): bump @​types/node from 18.19.48 to 18.19.50 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3320
• build(deps-dev): bump typescript from 5.5.4 to 5.6.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3319
• fix: disable diff detection for renames and copies by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3330

Full Changelog: peter-evans/create-pull-request@v7.0.1...v7.0.2

v7.0.1: Create Pull Request v7.0.1

Compare Source

⚙️ Fixes an issue affecting one particular use case where the action fails on diff --stat with fatal: ambiguous argument.

What's Changed

• build(deps): bump peter-evans/create-pull-request from 6 to 7 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3283
• build(deps-dev): bump @​types/node from 18.19.46 to 18.19.48 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3288
• build(deps-dev): bump @​typescript-eslint/parser from 7.17.0 to 7.18.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3289
• build(deps-dev): bump eslint-plugin-import from 2.29.1 to 2.30.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3290
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.17.0 to 7.18.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3291
• fix: handle ambiguous argument failure on diff stat by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3312

Full Changelog: peter-evans/create-pull-request@v7.0.0...v7.0.1

v7.0.0: Create Pull Request v7.0.0

Compare Source

✨ Now supports commit signing with bot-generated tokens! See "What's new" below. ✍️🤖

Behaviour changes

• Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.
• The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total

---

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	18		0	0.22s
✅ BASH	bash-exec	5		0	0.02s
✅ BASH	shellcheck	2		0	0.11s
⚠️ BASH	shfmt	5		1	0.01s
⚠️ CSHARP	csharpier	1		1	1.29s
⚠️ CSHARP	dotnet-format	yes		1	0.82s
✅ CSHARP	roslynator	1		0	20.22s
✅ CSS	stylelint	1		0	1.64s
✅ DOCKERFILE	hadolint	4		0	0.22s
✅ EDITORCONFIG	editorconfig-checker	378		0	4.32s
✅ ENV	dotenv-linter	1		0	0.01s
✅ GROOVY	npm-groovy-lint	7		0	15.04s
✅ HTML	djlint	2		0	1.37s
✅ HTML	htmlhint	2		0	0.3s
✅ JAVA	checkstyle	59		0	6.88s
✅ JSON	jsonlint	31		0	0.33s
⚠️ JSON	prettier	31		1	4.51s
✅ JSON	v8r	31		0	83.9s
⚠️ MARKDOWN	markdownlint	22		190	1.67s
✅ PYTHON	bandit	1		0	1.12s
✅ PYTHON	black	1		0	0.79s
✅ PYTHON	flake8	1		0	0.57s
✅ PYTHON	isort	1		0	0.35s
✅ PYTHON	mypy	1		0	8.49s
✅ PYTHON	ruff	1		0	0.03s
✅ REPOSITORY	checkov	yes		no	21.89s
✅ REPOSITORY	gitleaks	yes		no	2.21s
✅ REPOSITORY	git_diff	yes		no	0.14s
✅ REPOSITORY	kics	yes		no	57.9s
✅ REPOSITORY	secretlint	yes		no	2.03s
✅ REPOSITORY	syft	yes		no	3.53s
❌ REPOSITORY	trivy	yes		1	21.2s
✅ REPOSITORY	trivy-sbom	yes		no	1.46s
✅ REPOSITORY	trufflehog	yes		no	5.02s
✅ XML	xmllint	3		0	0.01s
✅ YAML	prettier	111		0	2.83s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor

MegaLinter is graciously provided by

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.