Tags: github/contributors
Tags
chore(deps): bump pytest from 9.0.1 to 9.0.2 in the dependencies group ( #374) Bumps the dependencies group with 1 update: [pytest](https://github.com/pytest-dev/pytest). Updates `pytest` from 9.0.1 to 9.0.2 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@9.0.1...9.0.2) --- updated-dependencies: - dependency-name: pytest dependency-version: 9.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
chore(deps): bump the dependencies group with 4 updates (#368) * chore(deps): bump the dependencies group with 4 updates Bumps the dependencies group with 4 updates: [github/contributors](https://github.com/github/contributors), [actions/setup-python](https://github.com/actions/setup-python), [github/codeql-action](https://github.com/github/codeql-action) and [super-linter/super-linter](https://github.com/super-linter/super-linter). Updates `github/contributors` from 1.7.5 to 1.7.6 - [Release notes](https://github.com/github/contributors/releases) - [Commits](8b75869...abf3681) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v6.0.0...v6.1.0) Updates `github/codeql-action` from 4.31.4 to 4.31.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e12f017...fdbfb4d) Updates `super-linter/super-linter` from 8.2.1 to 8.3.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](super-linter/super-linter@2bdd90e...502f4fe) --- updated-dependencies: - dependency-name: github/contributors dependency-version: 1.7.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 4.31.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: super-linter/super-linter dependency-version: 8.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * fix: linting - add dependabot cooldown feature (7 days). [docs](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#cooldown-) Signed-off-by: jmeridth <jmeridth@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: jmeridth <jmeridth@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jmeridth <jmeridth@gmail.com>
chore(deps): bump python from `9813eec` to `0aecac0` (#365) Bumps python from `9813eec` to `0aecac0`. --- updated-dependencies: - dependency-name: python dependency-version: 3.14.0-slim dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
chore(deps): bump the dependencies group with 4 updates (#339) * chore(deps): bump the dependencies group with 4 updates Bumps the dependencies group with 4 updates: [ossf/scorecard-action](https://github.com/ossf/scorecard-action), [github/codeql-action](https://github.com/github/codeql-action), [actions/stale](https://github.com/actions/stale) and [super-linter/super-linter](https://github.com/super-linter/super-linter). Updates `ossf/scorecard-action` from 2.4.2 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@05b42c6...4eaacf0) Updates `github/codeql-action` from 3.30.5 to 3.30.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@3599b3b...64d10c1) Updates `actions/stale` from 10.0.0 to 10.1.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v10.0.0...v10.1.0) Updates `super-linter/super-linter` from 8.1.0 to 8.2.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](super-linter/super-linter@ffde3b2...7bba2ee) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 3.30.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/stale dependency-version: 10.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: super-linter/super-linter dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * fix: disable biome and ruff - fix scorecard workflow tag comments (remove them) - add .tool-versions (asdf) to .gitignore Signed-off-by: jmeridth <jmeridth@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: jmeridth <jmeridth@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jmeridth <jmeridth@gmail.com>
fix: go back to using root user in Dockerfile (#335) We have to do this because we have no active way to change permissions to $GITHUB_OUTPUT to a specific user when running the container Add trivy ignore to top of Dockerfile to pass linting Signed-off-by: jmeridth <jmeridth@gmail.com>
chore(deps): bump the dependencies group with 4 updates (#320) * chore(deps): bump the dependencies group with 4 updates Bumps the dependencies group with 4 updates: [github/ospo-reusable-workflows](https://github.com/github/ospo-reusable-workflows), [github/contributors](https://github.com/github/contributors), [github/codeql-action](https://github.com/github/codeql-action) and [super-linter/super-linter](https://github.com/super-linter/super-linter). Updates `github/ospo-reusable-workflows` from 0.5.2 to 0.5.3 - [Release notes](https://github.com/github/ospo-reusable-workflows/releases) - [Changelog](https://github.com/github/ospo-reusable-workflows/blob/main/docs/release-image.md) - [Commits](github/ospo-reusable-workflows@ebb4e21...c9afb9b) Updates `github/contributors` from 1.5.11 to 1.7.0 - [Release notes](https://github.com/github/contributors/releases) - [Commits](69e531b...ae62be2) Updates `github/codeql-action` from 3.29.9 to 3.29.11 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@df55935...3c3833e) Updates `super-linter/super-linter` from 8.0.0 to 8.1.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](super-linter/super-linter@5119dcd...ffde3b2) --- updated-dependencies: - dependency-name: github/ospo-reusable-workflows dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github/contributors dependency-version: 1.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 3.29.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: super-linter/super-linter dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * fix: linting - ensure credentials are not persisted past checkout of code - add zizmor.yml file to allow pull_request_target in actions for auto-labeler to work on fork pull requests - add HEALTHCHECK and non-root user to Dockerfile Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: missing slash at end of Dockerfile run command Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: create the group Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: move zizmor config so super-linter can use it Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: zizmor config super linter is still using 1.12.1 so have to use that config for ignore/disable disable is available in v1.13.0 Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: zizmor.yml is not the default filename for super-linter yaml extension needed Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: move zizmor.yaml back into linters folder, default place super-linter checks Signed-off-by: jmeridth <jmeridth@gmail.com> * fix: add trivy config file to ignore mypy_cache Signed-off-by: jmeridth <jmeridth@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: jmeridth <jmeridth@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jmeridth <jmeridth@gmail.com>
PreviousNext