update: bump the gh-actions-packages group across 1 directory with 11 updates

[dependabot[bot]]

Bumps the gh-actions-packages group with 11 updates in the / directory:

Package	From	To
actions/checkout	4.1.6	4.1.7
snok/container-retention-policy	2.2.1	3.0.0
github/codeql-action	3.25.6	3.25.11
actions/dependency-review-action	4.3.2	4.3.3
actions/setup-python	5.1.0	5.1.1
bridgecrewio/checkov-action	12.2762.0	12.2821.0
anchore/sbom-action	0.16.0	0.16.1
docker/setup-buildx-action	3.3.0	3.4.0
docker/build-push-action	5.3.0	6.3.0
MishaKav/pytest-coverage-comment	1.1.51	1.1.52
mikepenz/action-junit-report	4.2.1	4.3.1

Updates actions/checkout from 4.1.6 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

New Contributors

• @​orhantoy made their first contribution in actions/checkout#1774

Full Changelog: https://github.com/actions/checkout/compare/v4.1.6...v4.1.7

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell

... (truncated)

Commits

• 692973e Prepare 4.1.7 release (#1775)
• 6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
• b17fe1e Handle hidden refs (#1774)
• b80ff79 Bump actions/checkout from 3 to 4 (#1697)
• b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
• See full diff in compare view

Updates snok/container-retention-policy from 2.2.1 to 3.0.0

Release notes

Sourced from snok/container-retention-policy's releases.

v3.0.0

Disclaimer: This release breaks the API of the action to a large degree. It might be wise to run the action with dry-run: true after upgrading.

This release is a complete rewrite of the action, tackling most if not all open issues in the issue tracker. Some of the highlights include:

• Simplifying and consolidating the inputs of the action
• Improving the runtime performance, and the initialization time of the action in CI
• Support for multi-platform packages
• Support for new token types (secrets.GITHUB_TOKEN and Github app tokens)
• Much better handling of GitHub API rate limits

💥 There are a lot of breaking changes, so we've included a migration guide at the bottom of this post, to make things a bit simpler.

Since the release introduces a few thousand lines of code, we expect there may be a few things left to iron out. If you run into any problems, please share them in the v3 release issue.

---

In addition to what's mentioned above, other new features and changes include:

• Significant effort has been spent on improving the logging, to give better insights into what exactly is happening
• Updated license from BSD-3 to MIT.
• The available syntax for image-names and image-tags previously allowed wildcards (using the * character). We now also allow the ? character to express a single-character wildcard. For example, the pattern ca? will match car and cat. See the wildmatch docs for details.

In addition to changing the inputs of the action (more details below), there are a few other breaking changes:

• We'll no longer maintain mutable major and minor version tags for the action. There will be no v3 target for the action, just v3.0.0 and other exact versions. Mutable major version tags are generally hard to maintain and not much safer than tracking the main branch, so more precise tag tracking should reduce the likelihood of broken runs going forward. Paired with dependabot, upgrading should not be much harder than it has been.
• The needs-assistance output was deleted

And in terms of performance improvements:

• The action has been rewritten from a composite action to a container action, and the total size of the new image is < 10Mi.
• The action would previously take ~30 seconds to initialize and would require a Python runtime. The action now starts in less than a second, and runs as a standalone binary.
• The runtime of the action has been reduced, and assuming we need to delete less than 180 package versions, the action completes in, at most, a few seconds. See this example of a recent run. When we have to delete more than 180 package versions, there's a minute of waiting for every 180 new package versions, as a consequence of GitHub's secondary API rate limits. See the new README for details.

Migration guide

• The account-type and org-name inputs have been replaced with account, which should be set to the literal string "user" if you previously used account-type: personal and to the organization name otherwise:

  - account-type: personal
  + account: user
  

  or

  - account-type: organization
  - org-name: acme
  + account: acme
  

... (truncated)

Commits

• 4f22ef8 fix: Correct oauth scope check
• def81c2 fix(ci): Use input version tag when building image
• ab30663 chore: Update docs for release and update action image
• 7793513 chore(deps): bump docker/build-push-action from 5 to 6
• 79a0b31 Remove oauth token
• 851b141 Rewrite the action in Rust
• 178bc0b chore: Update test workflow to test v3-develop branch
• e6eea47 fix(workflows): Correct script and run every 3 hours
• 3bfc979 fix(ci): Revise test dockerfile
• e66905c refactor(ci): Add variables to reduce clutter
• Additional commits viewable in compare view

Updates github/codeql-action from 3.25.6 to 3.25.11

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

• Improve the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode on GitHub Enterprise Server. This feature is already available to GitHub.com users. #2353
• Update default CodeQL bundle version to 2.18.0. #2364

3.25.11 - 28 Jun 2024

• Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349
• Update default CodeQL bundle version to 2.17.6. #2352

3.25.10 - 13 Jun 2024

• Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

• Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330
• The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

• Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

• We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

• Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

• Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273
• Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274
• The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281

3.25.4 - 08 May 2024

• Update default CodeQL bundle version to 2.17.2. #2270

3.25.3 - 25 Apr 2024

• Update default CodeQL bundle version to 2.17.1. #2247

... (truncated)

Commits

• b611370 Merge pull request #2357 from github/update-v3.25.11-de945755c
• 3e6431f Update changelog for v3.25.11
• de94575 Merge pull request #2352 from github/update-bundle/codeql-bundle-v2.17.6
• a32d305 Add changelog note
• 9ccc995 Update default bundle to codeql-bundle-v2.17.6
• 9b7c22c Merge pull request #2351 from github/dependabot/npm_and_yarn/npm-6791eaa26c
• 9cf3243 Rebuild
• 1895b29 Update checked-in dependencies
• 9dcfde9 Bump the npm group with 2 updates
• 8723b5b Merge pull request #2350 from github/angelapwen/add-exclude-pr-check-param
• Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.3.2 to 4.3.3

Release notes

Sourced from actions/dependency-review-action's releases.

Notes for v4.3.3

What's Changed

• Allow slashes in purl package names by @​juxtin in actions/dependency-review-action#765
• use the v3 version of the deps.dev API by @​josieang in actions/dependency-review-action#741
• PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @​am-stead in actions/dependency-review-action#773
• fix show-openssf-scorecard-levels input by @​ramann in actions/dependency-review-action#776
• Updates to the contribution guidelines by @​jonjanego in actions/dependency-review-action#778
• Create issue templates by @​jonjanego in actions/dependency-review-action#777
• Fix the max comment length issue by @​jhutchings1 and @​elireisman in actions/dependency-review-action#767
• Bump project version to 4.3.3 in prep for a release by @​elireisman in actions/dependency-review-action#781

New Contributors

• @​josieang made their first contribution in actions/dependency-review-action#741
• @​am-stead made their first contribution in actions/dependency-review-action#773
• @​ramann made their first contribution in actions/dependency-review-action#776

Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3

Commits

• 72eb03d Merge pull request #781 from actions/release-v4.3.3
• 137d8b4 bump to version v4.3.3
• e6b618e Merge pull request #767 from actions/max-comment-length
• 3c42649 fix ws for linter
• 8e6ea8d update packaging
• 1b3d277 post-review: add PR comment full summary test case
• 220872c Update src/main.ts
• 087d0f8 repackage to update dist
• 4531204 whitespace
• df1ca89 appease linter
• Additional commits viewable in compare view

Updates actions/setup-python from 5.1.0 to 5.1.1

Release notes

Sourced from actions/setup-python's releases.

v5.1.1

What's Changed

Bug fixes:

• fix(ci): update all failing workflows by @​mayeut in actions/setup-python#863 This update ensures compatibility and optimal performance of workflows on the latest macOS version.

Documentation changes:

• Documentation update for cache by @​gowridurgad in actions/setup-python#873

Dependency updates:

• Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @​dependabot in actions/setup-python#893

New Contributors

• @​gowridurgad made their first contribution in actions/setup-python#873

Full Changelog: https://github.com/actions/setup-python/compare/v5...v5.1.1

Commits

• 39cd149 Documentation update for cache (#873)
• a0d74c0 fix(ci): update all failing workflows (#863)
• 4eb7dbc Bump braces from 3.0.2 to 3.0.3 (#893)
• See full diff in compare view

Updates bridgecrewio/checkov-action from 12.2762.0 to 12.2821.0

Commits

• e28bcec Bump checkov container version to 3.2.186
• b1800dd Bump checkov container version to 3.2.185
• b112c6c Bump checkov container version to 3.2.184
• 879d12f Bump checkov container version to 3.2.183
• 4ad3dce Bump checkov container version to 3.2.182
• 3dbbf86 Bump checkov container version to 3.2.181
• abb92bd Bump checkov container version to 3.2.180
• a8278c9 Bump checkov container version to 3.2.179
• 716515c Bump checkov container version to 3.2.178
• b406dfe Bump checkov container version to 3.2.177
• Additional commits viewable in compare view

Updates anchore/sbom-action from 0.16.0 to 0.16.1

Release notes

Sourced from anchore/sbom-action's releases.

v0.16.1

Changes in v0.16.1

• fix: workaround windows install issue (#477) [willmurphyscode]
• fix: allow users to properly use the file input over the default path value (#471) [komish]
• chore(deps): update Syft to v1.5.0 (#470) [anchore-actions-token-generator]
• docs: notes for matrix and required permissions (#469) [kzantow]
• chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466) [dependabot]

Commits

• 95b086a fix: workaround windows install script (#477)
• 72370e1 fix: allow users to properly use the file input over the default path value (...
• e28bab5 chore(deps): update Syft to v1.5.0 (#470)
• 2283abe docs: notes for matrix and required permissions (#469)
• 07e5b3a chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466)
• See full diff in compare view

Updates docker/setup-buildx-action from 3.3.0 to 3.4.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.4.0

• Throw error message instead of exit code by @​crazy-max in docker/setup-buildx-action#315
• Bump @​docker/actions-toolkit from 0.20.0 to 0.31.0 in docker/setup-buildx-action#321 docker/setup-buildx-action#338
• Bump braces from 3.0.2 to 3.0.3 in docker/setup-buildx-action#329
• Bump undici from 5.28.3 to 5.28.4 in docker/setup-buildx-action#312
• Bump uuid from 9.0.1 to 10.0.0 in docker/setup-buildx-action#326

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.3.0...v3.4.0

Commits

• 4fd8129 Merge pull request #312 from docker/dependabot/npm_and_yarn/undici-5.28.4
• 3386dc4 chore: update generated content
• d191aef build(deps): bump undici from 5.28.3 to 5.28.4
• f686054 Merge pull request #338 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 7854785 chore: update generated content
• 830928c fix builder type path
• 26d2aec build(deps): bump @​docker/actions-toolkit from 0.23.0 to 0.31.0
• ab17e3e Merge pull request #339 from crazy-max/missing-types-jsyaml
• d79cb80 missing types for js-yaml
• 13cf788 Merge pull request #326 from docker/dependabot/npm_and_yarn/uuid-10.0.0
• Additional commits viewable in compare view

Updates docker/build-push-action from 5.3.0 to 6.3.0

Release notes

Sourced from docker/build-push-action's releases.

v6.3.0

• DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @​crazy-max in docker/build-push-action#1172
• DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @​crazy-max in docker/build-push-action#1170 docker/build-push-action#1173
• Bump @​docker/actions-toolkit from 0.28.0 to 0.31.0 in docker/build-push-action#1171 docker/build-push-action#1159 docker/build-push-action#1169

Full Changelog: https://github.com/docker/build-push-action/compare/v6.2.0...v6.3.0

v6.2.0

• Use default retention days for build export artifact by @​crazy-max in docker/build-push-action#1153
• Bump @​docker/actions-toolkit from 0.27.0 to 0.28.0 in docker/build-push-action#1158

Full Changelog: https://github.com/docker/build-push-action/compare/v6.1.0...v6.2.0

v6.1.0

• Bump @​docker/actions-toolkit from 0.26.2 to 0.27.0 in docker/build-push-action#1149

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.2...v6.1.0

v6.0.2

• Bump @​docker/actions-toolkit from 0.26.1 to 0.26.2 in docker/build-push-action#1147

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.1...v6.0.2

v6.0.1

• Bump @​docker/actions-toolkit from 0.26.0 to 0.26.1 in docker/build-push-action#1142

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.0...v6.0.1

v6.0.0

• Export build record and generate build summary by @​crazy-max in docker/build-push-action#1120
• Bump @​docker/actions-toolkit from 0.24.0 to 0.26.0 in docker/build-push-action#1132 docker/build-push-action#1136 docker/build-push-action#1138
• Bump braces from 3.0.2 to 3.0.3 in docker/build-push-action#1137

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0

v5.4.0

• Show builder information before building by @​crazy-max in docker/build-push-action#1128
• Handle attestations correctly with provenance and sbom inputs by @​crazy-max in docker/build-push-action#1086
• Bump @​docker/actions-toolkit from 0.19.0 to 0.24.0 in docker/build-push-action#1088 docker/build-push-action#1105 docker/build-push-action#1121 docker/build-push-action#1127
• Bump undici from 5.28.3 to 5.28.4 in docker/build-push-action#1090

Full Changelog: https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0

Commits

• 1a16264 Merge pull request #1172 from crazy-max/build-export-disable
• 9eea548 chore: update generated content
• 11c2faa rename DOCKER_BUILD_EXPORT_RETENTION_DAYS to DOCKER_BUILD_RECORD_RETENTION_DAYS
• de2365a opt to disable build record upload
• bca5082 Merge pull request #1173 from crazy-max/build-summary-env-change
• e7aab40 chore: update generated content
• 63eb759 switch DOCKER_BUILD_SUMMARY_DISABLE to DOCKER_BUILD_SUMMARY
• 53ec486 Merge pull request #1171 from docker/dependabot/npm_and_yarn/docker/actions-t...
• fe9d9f1 chore: update generated content
• ad37ba1 chore(deps): Bump @​docker/actions-toolkit from 0.30.0 to 0.31.0
• Additional commits viewable in compare view

Updates MishaKav/pytest-coverage-comment from 1.1.51 to 1.1.52

Release notes

Sourced from MishaKav/pytest-coverage-comment's releases.

v1.1.52

What's Changed

• Add sample of permissions/Fix permissions of existing jobs by @​m-tmatma in MishaKav/pytest-coverage-comment#162
• Fix typo s/Percantage/Percentage/ by @​jalessio in MishaKav/pytest-coverage-comment#165
• junit: use data from all testsuites by @​eltoder in MishaKav/pytest-coverage-comment#168
• Use label instead of ref for workflow_run and workflow_dispatch by @​cecheta in MishaKav/pytest-coverage-comment#160
• Fix commit SHA for workflow_run by @​cecheta in MishaKav/pytest-coverage-comment#158

New Contributors

• @​m-tmatma made their first contribution in MishaKav/pytest-coverage-comment#162
• @​jalessio made their first contribution in MishaKav/pytest-coverage-comment#165
• @​eltoder made their first contribution in MishaKav/pytest-coverage-comment#168
• @​cecheta made their first contribution in MishaKav/pytest-coverage-comment#160

Full Changelog: https://github.com/MishaKav/pytest-coverage-comment/compare/v1.1.51...v1.1.52

Changelog

Sourced from MishaKav/pytest-coverage-comment's changelog.

Changelog of the Pytest Coverage Comment

Pytest Coverage Comment 1.1.52

Release Date: 2024-06-30

Changes

• fix commit sha and ref for workflow_run, instead of from the default branch, thanks to @​cecheta for contribution
• use label instead of ref for workflow_run and workflow_dispatch, thanks to @​cecheta for contribution
• use data from all testsuites instead the first one, thanks to @​eltoder for contribution

Pytest Coverage Comment 1.1.51

Release Date: 2024-01-13

Changes

• add workflow_run to the events that can trigger this action, big thanks to @​Bouni for contribution

Pytest Coverage Comment 1.1.50

Release Date: 2023-11-26

Changes

• add support for updateing the comment in PR through workflow_dispatch event by passing manually issue number, thanks to @​alexjyong for contribution

Pytest Coverage Comment 1.1.49

Release Date: 2023-11-15

Changes

• remove warning by run in node20 instead node16
• add support for workflow_dispatch event, thanks to @​f100024 for contribution

Pytest Coverage Comment 1.1.48

Release Date: 2023-08-02

Changes

• Fix wrong badge link when have an empty space in total coverage

Pytest Coverage Comment 1.1.47

Release Date: 2023-03-18

Changes

... (truncated)

Commits

• fa1c641 changelog for 1.1.52
• 7b6b113 Fix commit SHA for workflow_run (#158)
• c1c1738 Use label instead of ref (#160)
• 2e3c380 junit: use data from all testsuites (#168)
• ed05a2e fix typo in coverageComment
• 0e5d939 Fix typo s/Percantage/Percentage/ (#165)
• 0f5f92e Add sample of permissions/Fix permissions of existing jobs (#162)
• See full diff in compare view

Updates mikepenz/action-junit-report from 4.2.1 to 4.3.1

Release notes

Sourced from mikepenz/action-junit-report's releases.

v4.3.1

🐛 Fixes

• Revert optimisation to skip processing of scucessful tests
  • PR: #1122

v4.3.0

[!CAUTION] This version has a bug resulting in passed annotations not being created. Use v4.3.1 (or newer) instead See the report here: mikepenz/action-junit-report#1121

🚀 Features

• Improve performance of action's processing
  • PR: #1105
  • Thanks @​GUI

📦 Dependencies

• Dependency Upgrades
  • PR: #1111

v4.2.2

🚀 Features

• Add classname to check_title_template
  • PR: #1095
  • Thanks @​valentin-demange

📦 Dependencies

• Dependency upgrades
  • PR: #1101

Commits

• db71d41 Merge pull request #1122 from mikepenz/fix/1121
• 2d70fb2 - revert testcase
• c4cd1de - revert annotation optimisation (Skip processing of successful tests if `inc...
• eb1a2b2 Merge pull request #1111 from mikepenz/feature/dependency_updates_20240620
• 71ce529 ```
• d8a34d8 Merge branch 'refs/heads/GUI-perf'
• 8aa8974 - slight enhancement
• a0437c7 Skip processing of successful tests if include_passed is not enabled.
• 1ba5f45 Improve performance by caching repeated file glob results.
• ac30be7 Merge pull request #1101 from mikepenz/feature/dependency_updates_20240530
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

View full job summary

[github-actions[bot]]

Coverage Report

File	Stmts	Miss	Cover	Missing
semgr8s
__main__.py	18	18	0%	5–32
app.py	81	4	95%	117, 177–178, 209
k8s_api.py	22	2	91%	43–44
updater.py	29	2	93%	49–50
TOTAL	202	26	87%

Tests	Skipped	Failures	Errors	Time
18	0 :zzz:	0 :x:	0 :fire:	2.207s :stopwatch:

[dependabot[bot]]

Superseded by #310.