fix(deps): bump the minor-and-patch group with 4 updates

[dependabot]

Bumps the minor-and-patch group with 4 updates: github/codeql-action, oxsecurity/megalinter, stefanzweifel/git-auto-commit-action and softprops/action-gh-release.

Updates github/codeql-action from 3.28.15 to 3.28.16

Release notes

Sourced from github/codeql-action's releases.

v3.28.16

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #2863

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

• Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772
• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

... (truncated)

Commits

• 28deaed Merge pull request #2865 from github/update-v3.28.16-2a8cbadc0
• 03c5d71 Update changelog for v3.28.16
• 2a8cbad Merge pull request #2863 from github/update-bundle/codeql-bundle-v2.21.1
• f76eaf5 Add changelog note
• e63b3f5 Update default bundle to codeql-bundle-v2.21.1
• 4c3e536 Merge pull request #2853 from github/dependabot/npm_and_yarn/npm-7d84c66b66
• 56dd02f Merge pull request #2852 from github/dependabot/github_actions/actions-457587...
• 192406d Merge branch 'main' into dependabot/github_actions/actions-4575878e06
• c7dbb20 Merge pull request #2857 from github/nickfyson/address-vulns
• 9a45cd8 move use of input variables into env vars
• Additional commits viewable in compare view

Updates oxsecurity/megalinter from 8.5.0 to 8.6.0

Release notes

Sourced from oxsecurity/megalinter's releases.

v8.6.0

What's Changed

• Core

  • New config property ENABLE_ERRORS_LINTERS. If set, only the listed linters will be considered as blocking

• New linters

  • Add cppcheck linter, by @​bdovaz in oxsecurity/megalinter#5224

• Media

  • Integrating MegaLinter to Automate Linting Across Multiple Codebases. A Technical Description, by Thorsten Foltz

• Linters enhancements

  • editorconfig_checker Changes default EditorConfig-Checker config filename by @​llaville in oxsecurity/megalinter#5061
  • TruffleHog: Ignore .git by default if not already done using --exclude-paths option

• Fixes

  • Sanitize all linter outputs by default, by @​nvuillam in oxsecurity/megalinter#5266

• Doc

  • Add j2lint to plugins, by @​wesley-dean in oxsecurity/megalinter#5151
  • Add fmlint (frontmatter linter) to plugins list by @​wesley-dean in oxsecurity/megalinter#5257
  • Remove trailing spaces by @​parkerbxyz in oxsecurity/megalinter#5185

• CI

  • Initial Renovate automerge configuration, by @​echoix in oxsecurity/megalinter#5057
  • Set update schedule for checkov updates, by @​echoix in oxsecurity/megalinter#5064
  • Always upgrade packages from base image for updated security fixes, by @​echoix in oxsecurity/megalinter#5152
  • build-command: Unshallow pull or full pull before committing changes, by @​echoix in oxsecurity/megalinter#5201

• Linter versions upgrades (50)

  • ansible-lint from 25.1.3 to 25.2.1
  • bicep_linter from 0.34.1 to 0.34.44
  • cfn-lint from 1.32.0 to 1.34.1
  • checkov from 3.2.390 to 3.2.404
  • checkstyle from 10.21.4 to 10.23.0
  • clippy from 0.1.85 to 0.1.86
  • clj-kondo from 2025.02.20 to 2025.04.07
  • cpplint from 2.0.0 to 2.0.2
  • cspell from 8.17.5 to 8.19.2
  • dartanalyzer from 3.7.2 to 3.7.3
  • devskim from 1.0.52 to 1.0.56
  • dotnet-format from 9.0.104 to 9.0.105
  • flake8 from 7.1.2 to 7.2.0
  • gitleaks from 8.24.2 to 8.24.3
  • grype from 0.90.0 to 0.91.2
  • kics from 2.1.6 to 2.1.7
  • kubescape from 3.0.32 to 3.0.34
  • lightning-flow-scanner from 3.2.0 to 3.4.0
  • ls-lint from 2.2.3 to 2.3.0

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Core

• New linters

• Disabled linters

• Media

• Linters enhancements

• Fixes

• Reporters

• Doc

• Flavors

• CI

• mega-linter-runner

• Linter versions upgrades (N)

  • checkstyle from 10.23.0 to 10.23.1 on 2025-04-29
  • v8r from 4.3.0 to 4.4.0 on 2025-04-29

[v8.6.0] - 2024-04-27

• Core

  • New config property ENABLE_ERRORS_LINTERS. If set, only the listed linters will be considered as blocking

• New linters

  • Add cppcheck linter, by @​bdovaz in oxsecurity/megalinter#5224

• Media

  • Integrating MegaLinter to Automate Linting Across Multiple Codebases. A Technical Description, by Thorsten Foltz

• Linters enhancements

  • editorconfig_checker Changes default EditorConfig-Checker config filename by @​llaville in oxsecurity/megalinter#5061

... (truncated)

Commits

• 04cf22b Release MegaLinter v8.6.0
• 08e1f53 [automation] Auto-update linters version, help and documentation (#5268)
• 75538ac Sanitize all linter outputs by default (#5266)
• e195f05 chore(deps): update dependency v8r to v4.3.0 (#5262)
• 7bcf821 [automation] Auto-update linters version, help and documentation (#5263)
• 389e87d Add fmlint (frontmatter linter) to plugins list (#5257)
• f72c1a8 [automation] Auto-update linters version, help and documentation (#5259)
• 05901b1 chore(deps): update dependency stylelint to v16.19.0 (#5261)
• c88bbe5 chore(deps): update dependency sfdx-hardis to v5.28.0 (#5260)
• 81f99d9 chore(deps): update dependency cfn-lint to v1.34.1 (#5258)
• Additional commits viewable in compare view

Updates stefanzweifel/git-auto-commit-action from 5.1.0 to 5.2.0

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v5.2.0

Added

• Add create_git_tag_only option to skip commiting and always create a git-tag. (#364) @​zMynxx
• Add Test for create_git_tag_only feature (#367) @​stefanzweifel

Fixed

• docs: Update README.md per #354 (#361) @​rasa

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

TBD

v5.2.0 - 2025-04-19

Added

• Add create_git_tag_only option to skip commiting and always create a git-tag. (#364) @​zMynxx
• Add Test for create_git_tag_only feature (#367) @​stefanzweifel

Fixed

• docs: Update README.md per #354 (#361) @​rasa

v5.1.0 - 2025-01-11

Changed

• Include github.actor_id in default commit_author (#354) @​parkerbxyz

Fixed

• docs(README): fix broken protected branch docs link (#346) @​scarf005
• Update README.md (#343) @​Kludex

Dependency Updates

• Bump bats from 1.11.0 to 1.11.1 (#353) @​dependabot
• Bump github/super-linter from 6 to 7 (#342) @​dependabot
• Bump github/super-linter from 5 to 6 (#335) @​dependabot

v5.0.1 - 2024-04-12

Fixed

• Fail if attempting to execute git commands in a directory that is not a git-repo. (#326) @​ccomendant

Dependency Updates

• Bump bats from 1.10.0 to 1.11.0 (#325) @​dependabot
• Bump release-drafter/release-drafter from 5 to 6 (#319) @​dependabot

... (truncated)

Commits

• b863ae1 Merge pull request #367 from stefanzweifel/stefanzweifel/git_tag_only_changes
• adb37b5 Update README
• 8480c68 Add Tests
• 4f8f3ad Rename Input and add output
• 11a6e5f Merge pull request #364 from zmynx/master
• 35d037a Update README.md
• bf425dc Merge branch 'master' into master
• cfd6ac4 Update git-auto-commit.bats
• 19379b4 Update git-auto-commit.bats
• 12e100d Update entrypoint.sh
• Additional commits viewable in compare view

Updates softprops/action-gh-release from 2.2.1 to 2.2.2

Release notes

Sourced from softprops/action-gh-release's releases.

v2.2.2

What's Changed

Bug fixes 🐛

• fix: updating release draft status from true to false by @​galargh in softprops/action-gh-release#316

Other Changes 🔄

• chore: simplify ref_type test by @​steinybot in softprops/action-gh-release#598
• fix(docs): clarify the default for tag_name by @​muzimuzhi in softprops/action-gh-release#599
• test(release): add unit tests when searching for a release by @​rwaskiewicz in softprops/action-gh-release#603
• dependency updates

New Contributors

• @​steinybot made their first contribution in softprops/action-gh-release#598
• @​muzimuzhi made their first contribution in softprops/action-gh-release#599
• @​galargh made their first contribution in softprops/action-gh-release#316
• @​rwaskiewicz made their first contribution in softprops/action-gh-release#603

Full Changelog: softprops/action-gh-release@v2...v2.2.2

Changelog

Sourced from softprops/action-gh-release's changelog.

2.2.2

What's Changed

Bug fixes 🐛

• fix: updating release draft status from true to false by @​galargh in softprops/action-gh-release#316

Other Changes 🔄

• chore: simplify ref_type test by @​steinybot in softprops/action-gh-release#598
• fix(docs): clarify the default for tag_name by @​muzimuzhi in softprops/action-gh-release#599
• test(release): add unit tests when searching for a release by @​rwaskiewicz in softprops/action-gh-release#603
• dependency updates

2.2.1

What's Changed

Bug fixes 🐛

• fix: big file uploads by @​xen0n in softprops/action-gh-release#562

Other Changes 🔄

• chore(deps): bump @​types/node from 22.10.1 to 22.10.2 by @​dependabot in softprops/action-gh-release#559
• chore(deps): bump @​types/node from 22.10.2 to 22.10.5 by @​dependabot in softprops/action-gh-release#569
• chore: update error and warning messages for not matching files in files field by @​ytimocin in softprops/action-gh-release#568

2.2.0

What's Changed

Exciting New Features 🎉

• feat: read the release assets asynchronously by @​xen0n in softprops/action-gh-release#552

Bug fixes 🐛

• fix(docs): clarify the default for tag_name by @​alexeagle in softprops/action-gh-release#544

Other Changes 🔄

• chore(deps): bump typescript from 5.6.3 to 5.7.2 by @​dependabot in softprops/action-gh-release#548
• chore(deps): bump @​types/node from 22.9.0 to 22.9.4 by @​dependabot in softprops/action-gh-release#547
• chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by @​dependabot in softprops/action-gh-release#545
• chore(deps): bump @​vercel/ncc from 0.38.2 to 0.38.3 by @​dependabot in softprops/action-gh-release#543
• chore(deps): bump prettier from 3.3.3 to 3.4.1 by @​dependabot in softprops/action-gh-release#550
• chore(deps): bump @​types/node from 22.9.4 to 22.10.1 by @​dependabot in softprops/action-gh-release#551
• chore(deps): bump prettier from 3.4.1 to 3.4.2 by @​dependabot in softprops/action-gh-release#554

... (truncated)

Commits

• da05d55 release 2.2.2
• 6b18c2f test(release): add unit tests when searching for a release (#603)
• e2b105c chore(deps): bump actions/setup-node in the github-actions group (#607)
• e707470 chore(deps): bump the npm group with 4 updates (#608)
• 36833a1 fix: updating release draft status (#316)
• 8bb7207 chore(deps): bump actions/setup-node in the github-actions group (#597)
• 93bb5ff fix(docs): clarify the default for tag_name (#599)
• 581b12c chore: simplify ref_type test (#598)
• b540ad2 chore(deps): bump @​octokit/request (#605)
• ac224e9 chore(deps): bump the npm group across 1 directory with 5 updates (#604)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.