Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump redhat-plumbers-in-action/differential-shellcheck from 5.3.1 to …
…5.4.0 (#939) Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.3.1 to 5.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases">redhat-plumbers-in-action/differential-shellcheck's releases</a>.</em></p> <blockquote> <h2>v5.4.0</h2> <h1>What's Changed</h1> <h2>New</h2> <ul> <li>Support <code>merge_group</code> event natively (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/433">#433</a>) <a href="https://github.com/masaru-iritani"><code>@masaru-iritani</code></a></li> </ul> <h2>Automation and CI changes</h2> <ul> <li>Update Differential ShellCheck workflow (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/440">#440</a>) <a href="https://github.com/jamacku"><code>@jamacku</code></a></li> <li>Run differential ShellCheck on merge_group (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/434">#434</a>) <a href="https://github.com/masaru-iritani"><code>@masaru-iritani</code></a></li> </ul> <h2>Dependency Updates</h2> <ul> <li>build(deps): bump super-linter/super-linter from 6.7.0 to 6.8.0 (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/439">#439</a>) <a href="https://github.com/dependabot"><code>@dependabot</code></a></li> <li>build(deps): bump docker/login-action from 3.2.0 to 3.3.0 (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/438">#438</a>) <a href="https://github.com/dependabot"><code>@dependabot</code></a></li> <li>build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/437">#437</a>) <a href="https://github.com/dependabot"><code>@dependabot</code></a></li> <li>build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/436">#436</a>) <a href="https://github.com/dependabot"><code>@dependabot</code></a></li> <li>build(deps): bump github/codeql-action from 3.25.13 to 3.25.15 (<a href="https://redirect.github.com/redhat-plumbers-in-action/differential-shellcheck/issues/435">#435</a>) <a href="https://github.com/dependabot"><code>@dependabot</code></a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/compare/v5.3.1...v5.4.0">https://github.com/redhat-plumbers-in-action/differential-shellcheck/compare/v5.3.1...v5.4.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md">redhat-plumbers-in-action/differential-shellcheck's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>Next release</h2> <h2>v5.4.0</h2> <ul> <li>Native support for <code>merge_group</code> trigger event</li> </ul> <h2>v5.3.1</h2> <ul> <li>Update <code>csutils</code> (<code>csdiff</code>) to 3.4.0 <ul> <li>HTML output now uses HTML5 and CSS</li> </ul> </li> </ul> <h2>v5.3.0</h2> <ul> <li>Add support for different display engines (<code>csgrep</code>, <code>sarif-fmt</code>)</li> <li>Update <code>csutils</code> (<code>csdiff</code>) to 3.3.0 <ul> <li><code>csdiff</code>: match findings by line content without spaces if available</li> <li><code>csgrep --hash-v1</code>: match <code>csdiff/v1</code> fingerprint prefix</li> <li><code>sarif</code>: initial implementation of <code>csdiff/v1</code> fingerprints</li> <li><code>sarif</code>: add descriptions for ShellCheck rules</li> </ul> </li> </ul> <h2>v5.2.0</h2> <ul> <li>Provide <code>html</code> output with detected defects</li> <li>Allow specifying <code>WORK_DIR</code> for intermediate files</li> <li>Update <code>csutils</code> (<code>csdiff</code>) to 3.2.2 <ul> <li>propagate the imp flag as level in the SARIF format</li> <li>propagate <code>endLine</code>/<code>endColumn</code> in the JSON and SARIF formats</li> </ul> </li> </ul> <h2>v5.1.2</h2> <ul> <li>Fix curl Argument list too long by using a payload.json file - by <a href="https://github.com/mpoberezhniy"><code>@mpoberezhniy</code></a></li> <li>Container images now based on Fedora 40</li> <li>Update <code>csutils</code> (<code>csdiff</code>) to 3.2.1</li> </ul> <h2>v5.1.0</h2> <ul> <li>Improve shell script detection based on emacs file mode header</li> </ul> <h2>v5.0.2</h2> <ul> <li>Container images now based on Fedora 39</li> <li>Update <code>csutils</code> (<code>csdiff</code>) to 3.1.0</li> </ul> <h2>v5.0.0</h2> <ul> <li>Added defect statistics based on severity levels. They are available in the console output and in the job Summary page.</li> <li>New option <code>scan-directory</code>. Allows to specify directories that will be scanned. By default Differential ShellCheck scans the whole repository.</li> <li>Show more context for ShellCheck defects and fixes in console output. The defect is now shown in the context of the surrounding code.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/cc6721c45a8800cc666de45493545a07a638d121"><code>cc6721c</code></a> v5.4.0</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/cea33015b6b086191441341564166d011c2901b4"><code>cea3301</code></a> build(deps): bump super-linter/super-linter from 6.7.0 to 6.8.0</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/0936526a0dcb1174b936771165974b21f80f9dac"><code>0936526</code></a> build(deps): bump docker/login-action from 3.2.0 to 3.3.0</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/653c5d10e337c85069ba1a0f38d4c31dd85aa6f6"><code>653c5d1</code></a> build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/3321ba16825bc8df5e2a4a8124fc335d1dd086b9"><code>3321ba1</code></a> build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/293489443b7f669e07e9a3528282f7980a5091c7"><code>2934894</code></a> build(deps): bump github/codeql-action from 3.25.13 to 3.25.15</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/6b56321481491d1474407769d26645d64a154f69"><code>6b56321</code></a> ci: run ShellCheck on push only if target branch is <code>main</code></li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/9e025864a44f37816013cd0bcde69a769bdd983d"><code>9e02586</code></a> ci: run unit tests in merge queue</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/c067b4a75e8c8f0d24bb763e586297ce90b23182"><code>c067b4a</code></a> lint: fix warnings</li> <li><a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/commit/33b56367142689c52c88929eee362dcdc93eca34"><code>33b5636</code></a> ci: update Differential ShellCheck workflow</li> <li>Additional commits viewable in <a href="https://github.com/redhat-plumbers-in-action/differential-shellcheck/compare/b8c7b83d16cce15d13563f5d055b34b9e3360ed3...cc6721c45a8800cc666de45493545a07a638d121">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
- Loading branch information
