[PR #2674] [MERGED] build(deps): bump the dependencies group with 2 updates #2549

New issue

Closed

opened 2026-03-01 21:55:55 +03:00 by kerem · 0 comments

kerem commented 2026-03-01 21:55:55 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/nektos/act/pull/2674
Author: @dependabot[bot]
Created: 2/21/2025
Status: ✅ Merged
Merged: 2/21/2025
Merged by: @mergify[bot]

Base: master ← Head: dependabot/github_actions/dependencies-c11a1a921b

---

📝 Commits (1)

• 5823a3c build(deps): bump the dependencies group with 2 updates

📊 Changes

2 files changed (+3 additions, -3 deletions)

View changed files

📝 .github/workflows/checks.yml (+2 -2)
📝 .github/workflows/release.yml (+1 -1)

📄 Description

Bumps the dependencies group with 2 updates: megalinter/megalinter and goreleaser/goreleaser-action.

Updates megalinter/megalinter from 8.3.0 to 8.4.2

Release notes

Sourced from megalinter/megalinter's releases.

v8.4.2

What's Changed

• Media

  • New video (Brazilian) MegaLinter: Como Automatizar a Qualidade do Código para Todas Plataformas , by Codando TV

• Fixes

  • Fix .NET linters issue: Add --allow-roll-forward to dotnet tool install commands, by @​bdovaz in oxsecurity/megalinter#4619
  • GH-4610 : PHP CS Fixer linter version available is not correct since running on PHP 8.4 runtime, by @​llaville in oxsecurity/megalinter#4611
  • Allow cspell to work with CLI_LINT_MODE=project
  • Downgrade npm-groovy-lint until it's fixed, by @​nvuillam in oxsecurity/megalinter#4628

• Linter versions upgrades (31)

  • ansible-lint from 25.1.0 to 25.1.1
  • black from 24.10.0 to 25.1.0
  • cfn-lint from 1.22.7 to 1.23.1
  • checkov from 3.2.357 to 3.2.360
  • cspell from 8.17.2 to 8.17.3
  • dartanalyzer from 3.6.1 to 3.6.2
  • devskim from 1.0.51 to 1.0.52
  • editorconfig-checker from 3.1.2 to 3.2.0
  • gitleaks from 8.23.2 to 8.23.3
  • isort from 5.13.2 to 6.0.0
  • lightning-flow-scanner from 2.39.0 to 2.43.0
  • npm-groovy-lint from 15.0.2 to 15.0.0
  • php-cs-fixer from 3.68.0 to 3.68.5
  • powershell from 7.4.6 to 7.5.0
  • powershell_formatter from 7.4.6 to 7.5.0
  • psalm from Psalm.6.0.0@ to Psalm.6.1.0@
  • pylint from 3.3.3 to 3.3.4
  • pyright from 1.1.392 to 1.1.393
  • raku from 2024.10 to 2024.12
  • roslynator from 0.9.3.0 to 0.10.0.0
  • rubocop from 1.71.0 to 1.71.1
  • ruff-format from 0.9.3 to 0.9.4
  • ruff from 0.9.3 to 0.9.4
  • sfdx-scanner-apex from 4.8.0 to 4.9.0
  • sfdx-scanner-aura from 4.8.0 to 4.9.0
  • sfdx-scanner-lwc from 4.8.0 to 4.9.0
  • tflint from 0.55.0 to 0.55.1
  • trivy-sbom from 0.58.2 to 0.59.0
  • trivy from 0.58.2 to 0.59.0
  • trufflehog from 3.88.2 to 3.88.4

Full Changelog: https://github.com/oxsecurity/megalinter/compare/v8.4.1...v8.4.2

v8.4.1

What's Changed

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v8.4.2] - 2024-02-02

• Media

  • New video (Brazilian) MegaLinter: Como Automatizar a Qualidade do Código para Todas Plataformas , by Codando TV

• Fixes

  • Fix .NET linters issue: Add --allow-roll-forward to dotnet tool install commands, by @​bdovaz in oxsecurity/megalinter#4619
  • GH-4610 : PHP CS Fixer linter version available is not correct since running on PHP 8.4 runtime, by @​llaville in oxsecurity/megalinter#4611
  • Allow cspell to work with CLI_LINT_MODE=project
  • Downgrade npm-groovy-lint until it's fixed, by @​nvuillam in oxsecurity/megalinter#4628

• Linter versions upgrades (31)

  • ansible-lint from 25.1.0 to 25.1.1
  • black from 24.10.0 to 25.1.0
  • cfn-lint from 1.22.7 to 1.23.1
  • checkov from 3.2.357 to 3.2.360
  • cspell from 8.17.2 to 8.17.3
  • dartanalyzer from 3.6.1 to 3.6.2
  • devskim from 1.0.51 to 1.0.52
  • editorconfig-checker from 3.1.2 to 3.2.0
  • gitleaks from 8.23.2 to 8.23.3
  • isort from 5.13.2 to 6.0.0
  • lightning-flow-scanner from 2.39.0 to 2.43.0
  • npm-groovy-lint from 15.0.2 to 15.0.0
  • php-cs-fixer from 3.68.0 to 3.68.5
  • powershell from 7.4.6 to 7.5.0
  • powershell_formatter from 7.4.6 to 7.5.0
  • psalm from Psalm.6.0.0@ to Psalm.6.1.0@
  • pylint from 3.3.3 to 3.3.4
  • pyright from 1.1.392 to 1.1.393
  • raku from 2024.10 to 2024.12
  • roslynator from 0.9.3.0 to 0.10.0.0
  • rubocop from 1.71.0 to 1.71.1
  • ruff-format from 0.9.3 to 0.9.4
  • ruff from 0.9.3 to 0.9.4
  • sfdx-scanner-apex from 4.8.0 to 4.9.0
  • sfdx-scanner-aura from 4.8.0 to 4.9.0
  • sfdx-scanner-lwc from 4.8.0 to 4.9.0
  • tflint from 0.55.0 to 0.55.1
  • trivy-sbom from 0.58.2 to 0.59.0
  • trivy from 0.58.2 to 0.59.0
  • trufflehog from 3.88.2 to 3.88.4

[v8.4.1] - 2024-01-28

• Quick fix about PRE_COMMANDS crash (see oxsecurity/megalinter#4591)

• Linter versions upgrades (2)

  • checkstyle from 10.21.1 to 10.21.2
  • stylelint from 16.14.0 to 16.14.1

... (truncated)

Commits

• ec124f7 Release MegaLinter v8.4.2
• 75ba761 Merge remote-tracking branch 'origin/prepare-release'
• 8d71a26 [MegaLinter] Apply linters fixes
• a354bc0 Prepare Release
• eb2e54c [automation] Auto-update linters version, help and documentation (#4638)
• da2de0a chore(deps): update ghcr.io/terraform-linters/tflint docker tag to v0.55.1 (#...
• ec651d3 chore(deps): update dependency astral-sh/uv to v0.5.26 (#4624)
• 405780b chore(deps): update dependency aquasecurity/trivy to v0.59.0 (#4634)
• e0c2f2f chore(deps): update trufflesecurity/trufflehog docker tag to v3.88.4 (#4632)
• 0f6a363 chore(deps): update dependency npm to v11.1.0 (#4635)
• Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 5 to 6

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v6.0.0

[!WARNING] This is a breaking change!

Follow the instructions here to upgrade!

What's Changed

• feat!: use "~> v2" as default by @​caarlos0 in goreleaser/goreleaser-action#463

Full Changelog: https://github.com/goreleaser/goreleaser-action/compare/v5...v6.0.0

v5.1.0

Important

This version changes the default behavior of latest to ~> v1.

The next major of this action (v6), will change this to ~> v2, and will be launched together with GoReleaser v2.

What's Changed

• docs: bump actions to latest major by @​crazy-max in goreleaser/goreleaser-action#435
• chore(deps): bump docker/bake-action from 3 to 4 by @​dependabot in goreleaser/goreleaser-action#436
• chore(deps): bump codecov/codecov-action from 3 to 4 by @​dependabot in goreleaser/goreleaser-action#437
• chore(deps): bump actions/setup-go from 4 to 5 by @​dependabot in goreleaser/goreleaser-action#443
• chore(deps): bump actions/upload-artifact from 3 to 4 by @​dependabot in goreleaser/goreleaser-action#444
• Delete .kodiak.toml by @​vedantmgoyal9 in goreleaser/goreleaser-action#446
• chore(deps): bump codecov/codecov-action from 3 to 4 by @​dependabot in goreleaser/goreleaser-action#448
• chore(deps): bump ip from 2.0.0 to 2.0.1 by @​dependabot in goreleaser/goreleaser-action#450
• Upgrade setup-go action version in README by @​kishaningithub in goreleaser/goreleaser-action#455
• chore(deps): bump tar from 6.1.14 to 6.2.1 by @​dependabot in goreleaser/goreleaser-action#456
• chore: use corepack to install yarn by @​crazy-max in goreleaser/goreleaser-action#458
• feat: lock this major version of the action to use '~> v1' as 'latest' by @​caarlos0 in goreleaser/goreleaser-action#461
• chore(deps): bump semver from 7.6.0 to 7.6.2 by @​dependabot in goreleaser/goreleaser-action#462
• chore(deps): bump @​actions/http-client from 2.2.0 to 2.2.1 by @​dependabot in goreleaser/goreleaser-action#451

New Contributors

• @​vedantmgoyal9 made their first contribution in goreleaser/goreleaser-action#446

Full Changelog: https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0

Commits

• 90a3faa chore(deps): bake vendor
• 0262998 test: fixes
• 450d3a4 test: fix configs
• 25b92ab chore(deps): update semver and tool-cache
• bc0ac76 chore(deps): update actions
• 842e7cc feat: update for goreleaser v2.7
• d28c982 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 (#482)
• 9ed2f89 chore: update generated content (#480)
• cf63508 docs: bump upload-artifact version (#479)
• f7623f3 chore(deps): bump @​actions/core from 1.10.1 to 1.11.1 (#478)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/nektos/act/pull/2674 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 2/21/2025 **Status:** ✅ Merged **Merged:** 2/21/2025 **Merged by:** [@mergify[bot]](https://github.com/apps/mergify) **Base:** `master` ← **Head:** `dependabot/github_actions/dependencies-c11a1a921b` --- ### 📝 Commits (1) - [`5823a3c`](https://github.com/nektos/act/commit/5823a3c7b765437dd5f5c13600944dc1e9085561) build(deps): bump the dependencies group with 2 updates ### 📊 Changes **2 files changed** (+3 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/checks.yml` (+2 -2) 📝 `.github/workflows/release.yml` (+1 -1) </details> ### 📄 Description Bumps the dependencies group with 2 updates: [megalinter/megalinter](https://github.com/megalinter/megalinter) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action). Updates `megalinter/megalinter` from 8.3.0 to 8.4.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/megalinter/megalinter/releases">megalinter/megalinter's releases</a>.</em></p> <blockquote> <h2>v8.4.2</h2> <h2>What's Changed</h2> <ul> <li> <p>Media</p> <ul> <li>New video <a href="https://www.youtube.com/watch?v=YSdZ3atC2j4">(Brazilian) MegaLinter: Como Automatizar a Qualidade do Código para Todas Plataformas</a> , by Codando TV</li> </ul> </li> <li> <p>Fixes</p> <ul> <li>Fix .NET linters issue: Add --allow-roll-forward to dotnet tool install commands, by <a href="https://github.com/bdovaz"><code>@​bdovaz</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4619">oxsecurity/megalinter#4619</a></li> <li><a href="https://redirect.github.com/oxsecurity/megalinter/issues/4610">GH-4610</a> : PHP CS Fixer linter version available is not correct since running on PHP 8.4 runtime, by <a href="https://github.com/llaville"><code>@​llaville</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4611">oxsecurity/megalinter#4611</a></li> <li>Allow cspell to work with CLI_LINT_MODE=project</li> <li>Downgrade npm-groovy-lint until it's fixed, by <a href="https://github.com/nvuillam"><code>@​nvuillam</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4628">oxsecurity/megalinter#4628</a></li> </ul> </li> <li> <p>Linter versions upgrades (31)</p> <ul> <li><a href="https://ansible-lint.readthedocs.io/">ansible-lint</a> from 25.1.0 to <strong>25.1.1</strong></li> <li><a href="https://black.readthedocs.io/en/stable/">black</a> from 24.10.0 to <strong>25.1.0</strong></li> <li><a href="https://github.com/aws-cloudformation/cfn-lint">cfn-lint</a> from 1.22.7 to <strong>1.23.1</strong></li> <li><a href="https://www.checkov.io/">checkov</a> from 3.2.357 to <strong>3.2.360</strong></li> <li><a href="https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell">cspell</a> from 8.17.2 to <strong>8.17.3</strong></li> <li><a href="https://dart.dev/tools/dart-analyze">dartanalyzer</a> from 3.6.1 to <strong>3.6.2</strong></li> <li><a href="https://github.com/microsoft/DevSkim">devskim</a> from 1.0.51 to <strong>1.0.52</strong></li> <li><a href="https://editorconfig-checker.github.io/">editorconfig-checker</a> from 3.1.2 to <strong>3.2.0</strong></li> <li><a href="https://github.com/gitleaks/gitleaks">gitleaks</a> from 8.23.2 to <strong>8.23.3</strong></li> <li><a href="https://pycqa.github.io/isort/">isort</a> from 5.13.2 to <strong>6.0.0</strong></li> <li><a href="https://github.com/Lightning-Flow-Scanner">lightning-flow-scanner</a> from 2.39.0 to <strong>2.43.0</strong></li> <li><a href="https://nvuillam.github.io/npm-groovy-lint/">npm-groovy-lint</a> from 15.0.2 to <strong>15.0.0</strong></li> <li><a href="https://cs.symfony.com/">php-cs-fixer</a> from 3.68.0 to <strong>3.68.5</strong></li> <li><a href="https://github.com/PowerShell/PSScriptAnalyzer">powershell</a> from 7.4.6 to <strong>7.5.0</strong></li> <li><a href="https://github.com/PowerShell/PSScriptAnalyzer">powershell_formatter</a> from 7.4.6 to <strong>7.5.0</strong></li> <li><a href="https://psalm.dev">psalm</a> from Psalm.6.0.0@ to <strong>Psalm.6.1.0@</strong></li> <li><a href="https://pylint.readthedocs.io">pylint</a> from 3.3.3 to <strong>3.3.4</strong></li> <li><a href="https://github.com/Microsoft/pyright">pyright</a> from 1.1.392 to <strong>1.1.393</strong></li> <li><a href="https://raku.org/">raku</a> from 2024.10 to <strong>2024.12</strong></li> <li><a href="https://github.com/dotnet/Roslynator">roslynator</a> from 0.9.3.0 to <strong>0.10.0.0</strong></li> <li><a href="https://rubocop.org/">rubocop</a> from 1.71.0 to <strong>1.71.1</strong></li> <li><a href="https://github.com/astral-sh/ruff">ruff-format</a> from 0.9.3 to <strong>0.9.4</strong></li> <li><a href="https://github.com/astral-sh/ruff">ruff</a> from 0.9.3 to <strong>0.9.4</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-apex</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-aura</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-lwc</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://github.com/terraform-linters/tflint">tflint</a> from 0.55.0 to <strong>0.55.1</strong></li> <li><a href="https://aquasecurity.github.io/trivy/">trivy-sbom</a> from 0.58.2 to <strong>0.59.0</strong></li> <li><a href="https://aquasecurity.github.io/trivy/">trivy</a> from 0.58.2 to <strong>0.59.0</strong></li> <li><a href="https://github.com/trufflesecurity/trufflehog">trufflehog</a> from 3.88.2 to <strong>3.88.4</strong></li> </ul> </li> </ul> <p><a href="https://www.ox.security/?ref=megalinter"><img src="https://raw.githubusercontent.com/oxsecurity/megalinter/main/docs/assets/images/ox-banner.png" alt="MegaLinter is graciously provided by OX Security" /></a></p> <p><strong>Full Changelog</strong>: <a href="https://github.com/oxsecurity/megalinter/compare/v8.4.1...v8.4.2">https://github.com/oxsecurity/megalinter/compare/v8.4.1...v8.4.2</a></p> <h2>v8.4.1</h2> <h2>What's Changed</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md">megalinter/megalinter's changelog</a>.</em></p> <blockquote> <h2>[v8.4.2] - 2024-02-02</h2> <ul> <li> <p>Media</p> <ul> <li>New video <a href="https://www.youtube.com/watch?v=YSdZ3atC2j4">(Brazilian) MegaLinter: Como Automatizar a Qualidade do Código para Todas Plataformas</a> , by Codando TV</li> </ul> </li> <li> <p>Fixes</p> <ul> <li>Fix .NET linters issue: Add --allow-roll-forward to dotnet tool install commands, by <a href="https://github.com/bdovaz"><code>@​bdovaz</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4619">oxsecurity/megalinter#4619</a></li> <li><a href="https://redirect.github.com/oxsecurity/megalinter/issues/4610">GH-4610</a> : PHP CS Fixer linter version available is not correct since running on PHP 8.4 runtime, by <a href="https://github.com/llaville"><code>@​llaville</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4611">oxsecurity/megalinter#4611</a></li> <li>Allow cspell to work with CLI_LINT_MODE=project</li> <li>Downgrade npm-groovy-lint until it's fixed, by <a href="https://github.com/nvuillam"><code>@​nvuillam</code></a> in <a href="https://redirect.github.com/oxsecurity/megalinter/pull/4628">oxsecurity/megalinter#4628</a></li> </ul> </li> <li> <p>Linter versions upgrades (31)</p> <ul> <li><a href="https://ansible-lint.readthedocs.io/">ansible-lint</a> from 25.1.0 to <strong>25.1.1</strong></li> <li><a href="https://black.readthedocs.io/en/stable/">black</a> from 24.10.0 to <strong>25.1.0</strong></li> <li><a href="https://github.com/aws-cloudformation/cfn-lint">cfn-lint</a> from 1.22.7 to <strong>1.23.1</strong></li> <li><a href="https://www.checkov.io/">checkov</a> from 3.2.357 to <strong>3.2.360</strong></li> <li><a href="https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell">cspell</a> from 8.17.2 to <strong>8.17.3</strong></li> <li><a href="https://dart.dev/tools/dart-analyze">dartanalyzer</a> from 3.6.1 to <strong>3.6.2</strong></li> <li><a href="https://github.com/microsoft/DevSkim">devskim</a> from 1.0.51 to <strong>1.0.52</strong></li> <li><a href="https://editorconfig-checker.github.io/">editorconfig-checker</a> from 3.1.2 to <strong>3.2.0</strong></li> <li><a href="https://github.com/gitleaks/gitleaks">gitleaks</a> from 8.23.2 to <strong>8.23.3</strong></li> <li><a href="https://pycqa.github.io/isort/">isort</a> from 5.13.2 to <strong>6.0.0</strong></li> <li><a href="https://github.com/Lightning-Flow-Scanner">lightning-flow-scanner</a> from 2.39.0 to <strong>2.43.0</strong></li> <li><a href="https://nvuillam.github.io/npm-groovy-lint/">npm-groovy-lint</a> from 15.0.2 to <strong>15.0.0</strong></li> <li><a href="https://cs.symfony.com/">php-cs-fixer</a> from 3.68.0 to <strong>3.68.5</strong></li> <li><a href="https://github.com/PowerShell/PSScriptAnalyzer">powershell</a> from 7.4.6 to <strong>7.5.0</strong></li> <li><a href="https://github.com/PowerShell/PSScriptAnalyzer">powershell_formatter</a> from 7.4.6 to <strong>7.5.0</strong></li> <li><a href="https://psalm.dev">psalm</a> from Psalm.6.0.0@ to <strong>Psalm.6.1.0@</strong></li> <li><a href="https://pylint.readthedocs.io">pylint</a> from 3.3.3 to <strong>3.3.4</strong></li> <li><a href="https://github.com/Microsoft/pyright">pyright</a> from 1.1.392 to <strong>1.1.393</strong></li> <li><a href="https://raku.org/">raku</a> from 2024.10 to <strong>2024.12</strong></li> <li><a href="https://github.com/dotnet/Roslynator">roslynator</a> from 0.9.3.0 to <strong>0.10.0.0</strong></li> <li><a href="https://rubocop.org/">rubocop</a> from 1.71.0 to <strong>1.71.1</strong></li> <li><a href="https://github.com/astral-sh/ruff">ruff-format</a> from 0.9.3 to <strong>0.9.4</strong></li> <li><a href="https://github.com/astral-sh/ruff">ruff</a> from 0.9.3 to <strong>0.9.4</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-apex</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-aura</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://forcedotcom.github.io/sfdx-scanner/">sfdx-scanner-lwc</a> from 4.8.0 to <strong>4.9.0</strong></li> <li><a href="https://github.com/terraform-linters/tflint">tflint</a> from 0.55.0 to <strong>0.55.1</strong></li> <li><a href="https://aquasecurity.github.io/trivy/">trivy-sbom</a> from 0.58.2 to <strong>0.59.0</strong></li> <li><a href="https://aquasecurity.github.io/trivy/">trivy</a> from 0.58.2 to <strong>0.59.0</strong></li> <li><a href="https://github.com/trufflesecurity/trufflehog">trufflehog</a> from 3.88.2 to <strong>3.88.4</strong></li> </ul> </li> </ul> <h2>[v8.4.1] - 2024-01-28</h2> <ul> <li> <p>Quick fix about PRE_COMMANDS crash (see <a href="https://redirect.github.com/oxsecurity/megalinter/issues/4591">oxsecurity/megalinter#4591</a>)</p> </li> <li> <p>Linter versions upgrades (2)</p> <ul> <li><a href="https://checkstyle.org/">checkstyle</a> from 10.21.1 to <strong>10.21.2</strong></li> <li><a href="https://stylelint.io">stylelint</a> from 16.14.0 to <strong>16.14.1</strong></li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oxsecurity/megalinter/commit/ec124f7998718d79379a3c5b39f5359952baf21d"><code>ec124f7</code></a> Release MegaLinter v8.4.2</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/75ba761e321f89907c70dffccf85eb9a2ccdf06b"><code>75ba761</code></a> Merge remote-tracking branch 'origin/prepare-release'</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/8d71a26889cdb368720d1fd5a86958c0a9484aa0"><code>8d71a26</code></a> [MegaLinter] Apply linters fixes</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/a354bc0c500872ee731a04efe02829c34cfdfe75"><code>a354bc0</code></a> Prepare Release</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/eb2e54c625d12019649f2a115f9cde1670dd66e3"><code>eb2e54c</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://redirect.github.com/megalinter/megalinter/issues/4638">#4638</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/da2de0aef3d9a7db4d0fa49f9558e0c5cd8afabf"><code>da2de0a</code></a> chore(deps): update ghcr.io/terraform-linters/tflint docker tag to v0.55.1 (#...</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/ec651d3c3129c54c416665496adae94b3c4c96bb"><code>ec651d3</code></a> chore(deps): update dependency astral-sh/uv to v0.5.26 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4624">#4624</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/405780bad2af6afc47ae03006317192f16c367b2"><code>405780b</code></a> chore(deps): update dependency aquasecurity/trivy to v0.59.0 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4634">#4634</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/e0c2f2fde0a41318325ae65d270194b29a9f844f"><code>e0c2f2f</code></a> chore(deps): update trufflesecurity/trufflehog docker tag to v3.88.4 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4632">#4632</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/0f6a3638009fae965879447fa7e1b709c4c17daa"><code>0f6a363</code></a> chore(deps): update dependency npm to v11.1.0 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4635">#4635</a>)</li> <li>Additional commits viewable in <a href="https://github.com/megalinter/megalinter/compare/v8.3.0...v8.4.2">compare view</a></li> </ul> </details> <br /> Updates `goreleaser/goreleaser-action` from 5 to 6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/goreleaser/goreleaser-action/releases">goreleaser/goreleaser-action's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <blockquote> <p>[!WARNING] <strong>This is a breaking change!</strong></p> <p>Follow the instructions <a href="https://goreleaser.com/blog/goreleaser-v2/#upgrading">here</a> to upgrade!</p> </blockquote> <h2>What's Changed</h2> <ul> <li>feat!: use &quot;~&gt; v2&quot; as default by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/463">goreleaser/goreleaser-action#463</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v5...v6.0.0">https://github.com/goreleaser/goreleaser-action/compare/v5...v6.0.0</a></p> <h2>v5.1.0</h2> <h2>Important</h2> <p>This version changes the default behavior of <code>latest</code> to <code>~&gt; v1</code>.</p> <p>The next major of this action (v6), will change this to <code>~&gt; v2</code>, and will be launched together with GoReleaser v2.</p> <h2>What's Changed</h2> <ul> <li>docs: bump actions to latest major by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/435">goreleaser/goreleaser-action#435</a></li> <li>chore(deps): bump docker/bake-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/436">goreleaser/goreleaser-action#436</a></li> <li>chore(deps): bump codecov/codecov-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/437">goreleaser/goreleaser-action#437</a></li> <li>chore(deps): bump actions/setup-go from 4 to 5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/443">goreleaser/goreleaser-action#443</a></li> <li>chore(deps): bump actions/upload-artifact from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/444">goreleaser/goreleaser-action#444</a></li> <li>Delete .kodiak.toml by <a href="https://github.com/vedantmgoyal9"><code>@​vedantmgoyal9</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/446">goreleaser/goreleaser-action#446</a></li> <li>chore(deps): bump codecov/codecov-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/448">goreleaser/goreleaser-action#448</a></li> <li>chore(deps): bump ip from 2.0.0 to 2.0.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/450">goreleaser/goreleaser-action#450</a></li> <li>Upgrade setup-go action version in README by <a href="https://github.com/kishaningithub"><code>@​kishaningithub</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/455">goreleaser/goreleaser-action#455</a></li> <li>chore(deps): bump tar from 6.1.14 to 6.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/456">goreleaser/goreleaser-action#456</a></li> <li>chore: use corepack to install yarn by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/458">goreleaser/goreleaser-action#458</a></li> <li>feat: lock this major version of the action to use '~&gt; v1' as 'latest' by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/461">goreleaser/goreleaser-action#461</a></li> <li>chore(deps): bump semver from 7.6.0 to 7.6.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/462">goreleaser/goreleaser-action#462</a></li> <li>chore(deps): bump <code>@​actions/http-client</code> from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/451">goreleaser/goreleaser-action#451</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vedantmgoyal9"><code>@​vedantmgoyal9</code></a> made their first contribution in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/446">goreleaser/goreleaser-action#446</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0">https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/90a3faa9d0182683851fbfa97ca1a2cb983bfca3"><code>90a3faa</code></a> chore(deps): bake vendor</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/026299872805cb2db698e02dd7fb506a4da5122d"><code>0262998</code></a> test: fixes</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/450d3a4bd29d474a8b4b11e9cdae77b7542f81bd"><code>450d3a4</code></a> test: fix configs</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/25b92abef898672a04dba19527ae1554fdc55377"><code>25b92ab</code></a> chore(deps): update semver and tool-cache</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/bc0ac763469bec019016144647a0d784afa9407a"><code>bc0ac76</code></a> chore(deps): update actions</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/842e7ccd3ee4084515fdb1e7894a16da35005f4e"><code>842e7cc</code></a> feat: update for goreleaser v2.7</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/d28c98212f8e972575198214e0c3f2dbca157dc5"><code>d28c982</code></a> chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/482">#482</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/9ed2f89a662bf1735a48bc8557fd212fa902bebf"><code>9ed2f89</code></a> chore: update generated content (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/480">#480</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/cf63508052510ef52d8a6e569ae83b3e102ac7d9"><code>cf63508</code></a> docs: bump upload-artifact version (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/479">#479</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/f7623f3e7168fa800ac616fe8d03643abbc6edda"><code>f7623f3</code></a> chore(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/478">#478</a>)</li> <li>Additional commits viewable in <a href="https://github.com/goreleaser/goreleaser-action/compare/v5...v6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-01 21:55:55 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/github.com/go-git/go-git/v5-5.18.0

dependabot/go_modules/dependencies-08815e2262

mergify/configuration-deprecated-update

dependabot/github_actions/dependencies-a3a104477f

chore/simplify-ci-and-makefile

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

panekj/ci/improve-jobs

fix-skip-non-yaml-files-in-dir

normalize-pull-rebuild-flags

fix-no-recurse-by-default

2517-poor-error-for-incomplete-action-step

2472-make-use-new-action-cache-the-new-default-for-downloading-actions

act-tart

act-lxc

act-oidc

act-dind

avoid-slash-in-actor

dependabot/go_modules/github.com/docker/docker-26.1.4incompatible

meta-keep-filetime

local-repository-action-cache

pr-merger

update-docker-deps

follow_local_action_symlink

boltdb-lock-in-handler

use-socket-path

no-pull-no-rebuild

path-issues

fix/env

feat/podman

refactor/testdata

v0.2.87

v0.2.86

v0.2.85

v0.2.84

v0.2.83

v0.2.82

v0.2.81

v0.2.80

v0.2.79

v0.2.78

v0.2.77

v0.2.76

v0.2.75

v0.2.74

v0.2.73

v0.2.72

v0.2.71

v0.2.70

v0.2.69

v0.2.68

v0.2.67

v0.2.66

v0.2.65

v0.2.64

v0.2.63

v0.2.62

v0.2.61

v0.2.60

v0.2.59

v0.2.58

v0.2.57

v0.2.56

v0.2.55

v0.2.54

v0.2.53

v0.2.52

v0.2.51

v0.2.50

v0.2.49

v0.2.48

v0.2.47

v0.2.46

v0.2.45

v0.2.44

v0.2.43

v0.2.42

v0.2.41

v0.2.40

v0.2.39

v0.2.38

v0.2.37

v0.2.36

v0.2.35

v0.2.34

v0.2.33

v0.2.32

v0.2.31

v0.2.30

v0.2.29

v0.2.28

v0.2.27

v0.2.26

v0.2.25

v0.2.24

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

area/action

  

area/cli

  

area/docs

  

area/image

  

area/runner

  

area/workflow

  

backlog

  

confirmed/not-planned

  

kind/bug

  

kind/discussion

  

kind/external

  

kind/feature-request

  

kind/question

  

meta/duplicate

  

meta/invalid

  

meta/need-more-info

  

meta/resolved

  

meta/wontfix

  

meta/workaround

  

needs-work

  

pull-request

Mirrored from GitHub Pull Request

  

review/not-planned

  

size/M

  

size/XL

  

size/XXL

  

stale

  

stale-exempt

No labels

area/action

area/cli

area/docs

area/image

area/runner

area/workflow

backlog

confirmed/not-planned

kind/bug

kind/discussion

kind/external

kind/feature-request

kind/question

meta/duplicate

meta/invalid

meta/need-more-info

meta/resolved

meta/wontfix

meta/workaround

needs-work

pull-request

review/not-planned

size/M

size/XL

size/XXL

stale

stale-exempt

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/act#2549

No description provided.