search

jbergstroem / hadolint-gh-action

A hadolint linter for github actions that provides code annotations (and more)
MIT License
12 stars 5 forks source link

chore(deps): all non-major dependencies #158

Open renovate[bot] opened 2 months ago

renovate[bot] commented 2 months ago

This PR contains the following updates:

Package Type Update Change
crate-ci/typos action minor v1.24.4 -> v1.27.3
mvdan/sh minor 3.9.0 -> 3.10.0
rhysd/actionlint patch 1.7.1 -> 1.7.4

Release Notes

crate-ci/typos (crate-ci/typos) ### [`v1.27.3`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.27.3) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.27.2...v1.27.3) #### \[1.27.3] - 2024-11-08 ##### Fixes - Don't correct `alloced` - Don't correct `registor`, a more domain specific variant of `register` ### [`v1.27.2`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.27.2) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.27.1...v1.27.2) #### \[1.27.2] - 2024-11-06 ##### Fixes - Correct `fand` ### [`v1.27.1`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.27.1) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.27.0...v1.27.1) #### \[1.27.1] - 2024-11-06 ##### Fixes - Correct `alingment` as `alignment`, rather than `alinement` ### [`v1.27.0`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.27.0) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.8...v1.27.0) #### \[1.27.0] - 2024-11-01 ##### Features - Updated the dictionary with the [October 2024](https://redirect.github.com/crate-ci/typos/issues/1106) changes ### [`v1.26.8`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.26.8) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.7...v1.26.8) #### \[1.26.8] - 2024-10-24 ### [`v1.26.7`](https://redirect.github.com/crate-ci/typos/compare/v1.26.6...v1.26.7) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.6...v1.26.7) ### [`v1.26.6`](https://redirect.github.com/crate-ci/typos/compare/v1.26.5...v1.26.6) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.5...v1.26.6) ### [`v1.26.5`](https://redirect.github.com/crate-ci/typos/compare/v1.26.4...v1.26.5) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.4...v1.26.5) ### [`v1.26.4`](https://redirect.github.com/crate-ci/typos/compare/v1.26.3...v1.26.4) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.3...v1.26.4) ### [`v1.26.3`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.26.3) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.2...v1.26.3) #### \[1.26.3] - 2024-10-24 ##### Fixes - Accept `additionals` ### [`v1.26.2`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.26.2) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.1...v1.26.2) #### \[1.26.2] - 2024-10-24 ##### Fixes - Accept `tesselate` variants ### [`v1.26.1`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.26.1) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.26.0...v1.26.1) #### \[1.26.1] - 2024-10-23 ##### Fixes - Respect `--force-exclude` for binary files ### [`v1.26.0`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.26.0) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.25.0...v1.26.0) #### \[1.26.0] - 2024-10-07 ##### Compatibility - *(pre-commit)* Requires 3.2+ ##### Fixes - *(pre-commit)* Resolve deprecations in 4.0 about deprecated stage names ### [`v1.25.0`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.25.0) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.24.6...v1.25.0) #### \[1.25.0] - 2024-10-01 ##### Fixes - Updated the dictionary with the [September 2024](https://redirect.github.com/crate-ci/typos/issues/1107) changes ### [`v1.24.6`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.24.6) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.24.5...v1.24.6) #### \[1.24.6] - 2024-09-16 ##### Fixes - Respect negation (`!`) in `extend-exclude` ### [`v1.24.5`](https://redirect.github.com/crate-ci/typos/releases/tag/v1.24.5) [Compare Source](https://redirect.github.com/crate-ci/typos/compare/v1.24.4...v1.24.5) #### \[1.24.5] - 2024-09-04 ##### Features - *(action)* Support windows
mvdan/sh (mvdan/sh) ### [`v3.10.0`](https://redirect.github.com/mvdan/sh/blob/HEAD/CHANGELOG.md#3100---2024-10-20) [Compare Source](https://redirect.github.com/mvdan/sh/compare/v3.9.0...v3.10.0) - **cmd/shfmt** - Report the correct language variant in parser error messages - [#​1102](https://redirect.github.com/mvdan/sh/issues/1102) - Move `--filename` out of the parser options category - [#​1079](https://redirect.github.com/mvdan/sh/issues/1079) - **syntax** - Parse all CRLF line endings as LF, including inside heredocs - [#​1088](https://redirect.github.com/mvdan/sh/issues/1088) - Count skipped backslashes inside backticks in position column numbers - [#​1098](https://redirect.github.com/mvdan/sh/issues/1098) - Count skipped null bytes in position column numbers for consistency - **interp** - Fix a regression in `v3.9.0` which broke redirecting files to stdin - [#​1099](https://redirect.github.com/mvdan/sh/issues/1099) - Fix a regression in `v3.9.0` where `HandlerContext.Stdin` was never nil - Add an `Interactive` option to be used by interactive shells - [#​1100](https://redirect.github.com/mvdan/sh/issues/1100) - Support closing stdin, stdout, and stderr via redirections like `<&-` Consider [becoming a sponsor](https://redirect.github.com/sponsors/mvdan) if you benefit from the work that went into this release!
rhysd/actionlint (rhysd/actionlint) ### [`v1.7.4`](https://redirect.github.com/rhysd/actionlint/blob/HEAD/CHANGELOG.md#v174---2024-11-04) [Compare Source](https://redirect.github.com/rhysd/actionlint/compare/v1.7.3...v1.7.4) - Disallow the usage of popular actions that run on `node16` runner. The `node16` runner [will reach the end of life on November 12](https://github.blog/changelog/2024-09-25-end-of-life-for-actions-node16/). - In case of the error, please update your actions to the latest version so that they run on the latest `node20` runner. - If you're using self-hosted runner and you cannot upgrade your runner to `node20` soon, please consider to ignore the error by the `paths` configuration described below. - Provide the configuration for ignoring errors by regular expressions in `actionlint.yml` (or `actionlint.yaml`). Please see the [document](https://redirect.github.com/rhysd/actionlint/blob/v1.7.4/docs/config.md) for more details. ([#​217](https://redirect.github.com/rhysd/actionlint/issues/217), [#​342](https://redirect.github.com/rhysd/actionlint/issues/342)) - The `paths` is a mapping from the file path glob pattern to the corresponding configuration. The `ignore` configuration is a list of regular expressions to match error messages (similar to the `-ignore` command line option). ```yaml paths: ``` ### This pattern matches any YAML file under the '.github/workflows/' directory. .github/workflows/**/*.yaml: ignore: ### Ignore the specific error from shellcheck - 'shellcheck reported issue in this script: SC2086:.+' ### This pattern only matches '.github/workflows/release.yaml' file. .github/workflows/self-hosted.yaml: ignore: ### Ignore errors from the old runner check. This may be useful for (outdated) self-hosted runner environment. - 'the runner of ".+" action is too old to run on GitHub Actions' ``` - This configuration was not implemented initially because I wanted to keep the configuration as minimal as possible. However, due to several requests for it, the configuration has now been added. - Untrusted inputs check is safely skipped inside specific function calls. ([#​459](https://redirect.github.com/rhysd/actionlint/issues/459), thanks [@​IlyaGulya](https://redirect.github.com/IlyaGulya)) - For example, the following step contains the untrusted input `github.head_ref`, but it is safe because it's passed to the `contains()` argument. ```yaml - run: echo "is_release_branch=${{ contains(github.head_ref, 'release') }}" >> "$GITHUB_OUTPUT" ``` - For more details, please read the [rule document](https://redirect.github.com/rhysd/actionlint/blob/v1.7.4/docs/checks.md#untrusted-inputs). - Recognize `gcr.io` and `gcr.dev` as the correct container registry hosts. ([#​463](https://redirect.github.com/rhysd/actionlint/issues/463), thanks [@​takaidohigasi](https://redirect.github.com/takaidohigasi)) - Note that it is recommended explicitly specifying the scheme like `docker://gcr.io/...`. - Remove `macos-x.0` runner labels which are no longer available. ([#​452](https://redirect.github.com/rhysd/actionlint/issues/452)) - Disable shellcheck [`SC2043`](https://www.shellcheck.net/wiki/SC2043) rule because it can cause false positives on checking `run:`. ([#​355](https://redirect.github.com/rhysd/actionlint/issues/355)) - The [rule document](https://redirect.github.com/rhysd/actionlint/blob/v1.7.4/docs/checks.md#check-shellcheck-integ) was updated as well. ([#​466](https://redirect.github.com/rhysd/actionlint/issues/466), thanks [@​risu729](https://redirect.github.com/risu729)) - Fix the error message was not deterministic when detecting cycles in `needs` dependencies. - Fix the check for `format()` function was not applied when the function name contains upper case like `Format()`. Note that function names in `${{ }}` placeholders are case-insensitive. - Update the popular actions data set to the latest. - This includes the [new `ref` and `commit` outputs](https://redirect.github.com/actions/checkout/pull/1180) of `actions/checkout`. - Add [`actions/cache/save`](https://redirect.github.com/actions/cache/tree/main/save) and [`actions/cache/restore`](https://redirect.github.com/actions/cache/tree/main/restore) to the popular actions data set. - Links in the [README.md](https://redirect.github.com/rhysd/actionlint/blob/main/README.md) now point to the document of the latest version tag instead of HEAD of `main` branch. - Add [`Linter.LintStdin`](https://pkg.go.dev/github.com/rhysd/actionlint#Linter.LintStdin) method dedicated to linting STDIN instead of handling STDIN in `Command`. - (Dev) Add new [`check-checks` script](https://redirect.github.com/rhysd/actionlint/tree/main/scripts/check-checks) to maintain the ['Checks' document](https://redirect.github.com/rhysd/actionlint/blob/main/docs/checks.md). It automatically updates the outputs and playground links for example inputs in the document. It also checks the document is up-to-date on CI. Please read the [document](https://redirect.github.com/rhysd/actionlint/blob/main/scripts/check-checks/README.md) for more details. [Documentation](https://redirect.github.com/rhysd/actionlint/tree/v1.7.4/docs) \[Changes]\[v1.7.4] ### [`v1.7.3`](https://redirect.github.com/rhysd/actionlint/blob/HEAD/CHANGELOG.md#v173---2024-09-29) [Compare Source](https://redirect.github.com/rhysd/actionlint/compare/v1.7.2...v1.7.3) - Remove `macos-11` runner labels because [macOS 11 runner was dropped on 6/28/2024](https://github.blog/changelog/2024-05-20-actions-upcoming-changes-to-github-hosted-macos-runners/#macos-11-deprecation-and-removal). ([#​451](https://redirect.github.com/rhysd/actionlint/issues/451), thanks [@​muzimuzhi](https://redirect.github.com/muzimuzhi)) - Support `macos-15`, `macos-15-large`, and `macos-15-xlarge` runner labels. The macOS 15 runner is not globally available yet, but [they are available in beta](https://redirect.github.com/actions/runner-images?tab=readme-ov-file#available-images). ([#​453](https://redirect.github.com/rhysd/actionlint/issues/453), thanks [@​muzimuzhi](https://redirect.github.com/muzimuzhi)) - Release artifact includes checksums for the released binaries. The file name is `actionlint_{version}_checksums.txt`. ([#​449](https://redirect.github.com/rhysd/actionlint/issues/449)) - For example, the checksums for v1.7.3 can be found [here](https://redirect.github.com/rhysd/actionlint/releases/download/v1.7.3/actionlint\_1.7.3\_checksums.txt). - Fix `download-path` output is missing in `actions/download-artifact@v3` action. ([#​442](https://redirect.github.com/rhysd/actionlint/issues/442)) - Note that the latest version `actions/download-artifact@v4` was not affected by this issue. - Support Go 1.23. [Documentation](https://redirect.github.com/rhysd/actionlint/blob/v1.7.3/docs/checks.md) \[Changes]\[v1.7.3] ### [`v1.7.2`](https://redirect.github.com/rhysd/actionlint/blob/HEAD/CHANGELOG.md#v172---2024-09-23) [Compare Source](https://redirect.github.com/rhysd/actionlint/compare/v1.7.1...v1.7.2) - Fix child processes to run in parallel. - Update the popular actions data set to the latest. ([#​442](https://redirect.github.com/rhysd/actionlint/issues/442), [#​445](https://redirect.github.com/rhysd/actionlint/issues/445), [#​446](https://redirect.github.com/rhysd/actionlint/issues/446), [#​447](https://redirect.github.com/rhysd/actionlint/issues/447), thanks [@​maikelvdh](https://redirect.github.com/maikelvdh)) - Add support for checking branch filters on [`merge_group` event](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#merge_group). ([#​448](https://redirect.github.com/rhysd/actionlint/issues/448), thanks [@​muzimuzhi](https://redirect.github.com/muzimuzhi)) - [The playground](https://rhysd.github.io/actionlint/) now supports both light and dark modes and automatically applies the system's theme. - Fix releasing a failure on making a new winget package. ([#​438](https://redirect.github.com/rhysd/actionlint/issues/438), thanks [@​vedantmgoyal9](https://redirect.github.com/vedantmgoyal9)) \[Changes]\[v1.7.2]