Merge PR #325

Bumps the github-actions group with 17 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.0` | `2.14.1` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.1` |
`6.0.2` |
| [psf/black](https://github.com/psf/black) | `25.12.0` | `26.1.0` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`4.31.9` | `4.32.0` |
| [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.3`
|
| [actions/setup-python](https://github.com/actions/setup-python) |
`6.1.0` | `6.2.0` |
|
[nick2bad4u/generate-repo-file-list](https://github.com/nick2bad4u/generate-repo-file-list)
| `0b66b048983ecaef45cb1bc7acc6c81e1d210de7` |
`f1342075abdb94a6134398776eafce7931fd1444` |
| [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) |
`9.2.0` | `9.3.0` |
|
[google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action)
| `2.3.1` | `2.3.2` |
|
[google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action)
| `2.3.1` | `2.3.2` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.1.0`
| `6.2.0` |
|
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
| `8.0.0` | `8.1.0` |
|
[rojopolis/spellcheck-github-actions](https://github.com/rojopolis/spellcheck-github-actions)
| `0.56.0` | `0.58.0` |
| [actions/ai-inference](https://github.com/actions/ai-inference) |
`2.0.4` | `2.0.5` |
|
[super-linter/super-linter](https://github.com/super-linter/super-linter)
| `8.3.2` | `8.4.0` |
|
[trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog)
| `3.92.4` | `3.92.5` |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.41.0` |
`1.42.3` |

Updates `step-security/harden-runner` from 2.14.0 to 2.14.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.14.1</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>In some self-hosted environments, the agent could briefly fall back
to public DNS resolvers during startup if the system DNS was not yet
available. This behavior was unintended for GitHub-hosted runners and
has now been fixed to prevent any use of public DNS resolvers.</p>
</li>
<li>
<p>Fixed npm audit vulnerabilities</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1">https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9"><code>e3f713f</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/631">#631</a>
from step-security/rc-31</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b"><code>423acdd</code></a>
chore: fix npm audit vulnerabilities</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7"><code>0ddb86c</code></a>
update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/checkout` from 6.0.1 to 6.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a>
Fix tag handling: preserve annotations and explicit fetch-tags (<a
href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a>
Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is
set (...</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare
view</a></li>
</ul>
</details>
<br />

Updates `psf/black` from 25.12.0 to 26.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/black/releases">psf/black's
releases</a>.</em></p>
<blockquote>
<h2>26.1.0</h2>
<h3>Highlights</h3>
<p>Introduces the 2026 stable style (<a
href="https://redirect.github.com/psf/black/issues/4892">#4892</a>),
stabilizing the following changes:</p>
<ul>
<li><code>always_one_newline_after_import</code>: Always force one blank
line after import
statements, except when the line after the import is a comment or an
import statement
(<a
href="https://redirect.github.com/psf/black/issues/4489">#4489</a>)</li>
<li><code>fix_fmt_skip_in_one_liners</code>: Fix <code># fmt:
skip</code> behavior on one-liner declarations,
such as <code>def foo(): return &quot;mock&quot; # fmt: skip</code>,
where previously the declaration would
have been incorrectly collapsed (<a
href="https://redirect.github.com/psf/black/issues/4800">#4800</a>)</li>
<li><code>fix_module_docstring_detection</code>: Fix module docstrings
being treated as normal
strings if preceded by comments (<a
href="https://redirect.github.com/psf/black/issues/4764">#4764</a>)</li>
<li><code>fix_type_expansion_split</code>: Fix type expansions split in
generic functions (<a
href="https://redirect.github.com/psf/black/issues/4777">#4777</a>)</li>
<li><code>multiline_string_handling</code>: Make expressions involving
multiline strings more compact
(<a
href="https://redirect.github.com/psf/black/issues/1879">#1879</a>)</li>
<li><code>normalize_cr_newlines</code>: Add <code>\r</code> style
newlines to the potential newlines to
normalize file newlines both from and to (<a
href="https://redirect.github.com/psf/black/issues/4710">#4710</a>)</li>
<li><code>remove_parens_around_except_types</code>: Remove parentheses
around multiple exception
types in <code>except</code> and <code>except*</code> without
<code>as</code> (<a
href="https://redirect.github.com/psf/black/issues/4720">#4720</a>)</li>
<li><code>remove_parens_from_assignment_lhs</code>: Remove unnecessary
parentheses from the left-hand
side of assignments while preserving magic trailing commas and
intentional multiline
formatting (<a
href="https://redirect.github.com/psf/black/issues/4865">#4865</a>)</li>
<li><code>standardize_type_comments</code>: Format type comments which
have zero or more spaces
between <code>#</code> and <code>type:</code> or between
<code>type:</code> and value to <code># type: (value)</code> (<a
href="https://redirect.github.com/psf/black/issues/4645">#4645</a>)</li>
</ul>
<p>The following change was not in any previous stable release:</p>
<ul>
<li>Regenerated the <code>_width_table.py</code> and added tests for the
Khmer language (<a
href="https://redirect.github.com/psf/black/issues/4253">#4253</a>)</li>
</ul>
<p>This release alo bumps <code>pathspec</code> to v1 and fixes
inconsistencies with Git's
<code>.gitignore</code> logic (<a
href="https://redirect.github.com/psf/black/issues/4958">#4958</a>).
Now, files will be ignored if a pattern matches them, even
if the parent directory is directly unignored. For example, Black would
previously
format <code>exclude/not_this/foo.py</code> with this
<code>.gitignore</code>:</p>
<pre><code>exclude/
!exclude/not_this/
</code></pre>
<p>Now, <code>exclude/not_this/foo.py</code> will remain ignored. To
ensure <code>exclude/not_this/</code> and
all of it's children are included in formatting (and in Git), use this
<code>.gitignore</code>:</p>
<pre><code>*/exclude/*
!*/exclude/not_this/
</code></pre>
<p>This new behavior matches Git. The leading <code>*/</code> are only
necessary if you wish to ignore
matching subdirectories (like the previous behavior did), and not just
matching root</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/black/blob/main/CHANGES.md">psf/black's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<h2>Unreleased</h2>
<!-- raw HTML omitted -->
<h3>Highlights</h3>
<!-- raw HTML omitted -->
<h3>Stable style</h3>
<!-- raw HTML omitted -->
<ul>
<li>Don't double-decode input, causing non-UTF-8 files to be corrupted
(<a
href="https://redirect.github.com/psf/black/issues/4964">#4964</a>)</li>
</ul>
<h3>Preview style</h3>
<!-- raw HTML omitted -->
<ul>
<li>Fix <code>string_processing</code> crashing on unassigned long
string literals with trailing
commas (one-item tuples) (<a
href="https://redirect.github.com/psf/black/issues/4929">#4929</a>)</li>
<li>Simplify implementation of the power operator &quot;hugging&quot;
logic (<a
href="https://redirect.github.com/psf/black/issues/4918">#4918</a>)</li>
</ul>
<h3>Configuration</h3>
<!-- raw HTML omitted -->
<h3>Packaging</h3>
<!-- raw HTML omitted -->
<ul>
<li>Fix shutdown errors in PyInstaller builds on macOS by disabling
multiprocessing in
frozen environments (<a
href="https://redirect.github.com/psf/black/issues/4930">#4930</a>)</li>
</ul>
<h3>Parser</h3>
<!-- raw HTML omitted -->
<h3>Performance</h3>
<!-- raw HTML omitted -->
<h3>Output</h3>
<!-- raw HTML omitted -->
<h3><em>Blackd</em></h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/black/commit/6305bf1ae645ab7541be4f5028a86239316178eb"><code>6305bf1</code></a>
Prepare 2026.1.0 release (<a
href="https://redirect.github.com/psf/black/issues/4892">#4892</a>)</li>
<li><a
href="https://github.com/psf/black/commit/e71305bee302f7f9016b228361e5ae69669dca7b"><code>e71305b</code></a>
Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (<a
href="https://redirect.github.com/psf/black/issues/4961">#4961</a>)</li>
<li><a
href="https://github.com/psf/black/commit/21a2a8c2b1d0c8d47bc00cc59591470f6a9e2307"><code>21a2a8c</code></a>
Fix Shutdown multiprocessing Manager in schedule_formatting (<a
href="https://redirect.github.com/psf/black/issues/4952">#4952</a>)</li>
<li><a
href="https://github.com/psf/black/commit/e3146cea4245fcee29d007cb45d9faaf63271586"><code>e3146ce</code></a>
Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (<a
href="https://redirect.github.com/psf/black/issues/4919">#4919</a>)</li>
<li><a
href="https://github.com/psf/black/commit/fe1fbc4fdfa03fa1d460f975b8aca77e4b4f1a4a"><code>fe1fbc4</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/psf/black/issues/4923">#4923</a>)</li>
<li><a
href="https://github.com/psf/black/commit/2b4b7fcfe00bb0d99322e07e87fc2f0992f7a4d8"><code>2b4b7fc</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psf/black/issues/4922">#4922</a>)</li>
<li><a
href="https://github.com/psf/black/commit/d745be69bfa9d85ec2ef6e5f9b7ec7e253b5e8ab"><code>d745be6</code></a>
docs: document --force-exclude for pre-commit workflows (<a
href="https://redirect.github.com/psf/black/issues/4957">#4957</a>)</li>
<li><a
href="https://github.com/psf/black/commit/b41acd6ebbe76e18b49286166924f73f01c3fd02"><code>b41acd6</code></a>
Various CI and doc refactors (<a
href="https://redirect.github.com/psf/black/issues/4928">#4928</a>)</li>
<li><a
href="https://github.com/psf/black/commit/6f43612766da4a2f275b575af0802c3e73b6ed83"><code>6f43612</code></a>
Handle pathspec v1 changes (<a
href="https://redirect.github.com/psf/black/issues/4958">#4958</a>)</li>
<li><a
href="https://github.com/psf/black/commit/200c550aff44372f801a6d826a361cb26f45a504"><code>200c550</code></a>
Bump furo from 2025.9.25 to 2025.12.19 in /docs (<a
href="https://redirect.github.com/psf/black/issues/4933">#4933</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/black/compare/782e5605c86aab56be6f905da10dcd3e463fd9c2...6305bf1ae645ab7541be4f5028a86239316178eb">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 4.31.9 to 4.32.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.32.0</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>v4.31.11</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>v4.31.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.32.0 - 26 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>4.31.11 - 23 Jan 2026</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<h2>4.31.9 - 16 Dec 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.8 - 11 Dec 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.8. <a
href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li>
</ul>
<h2>4.31.7 - 05 Dec 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.7. <a
href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li>
</ul>
<h2>4.31.6 - 01 Dec 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.5 - 24 Nov 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li>
</ul>
<h2>4.31.4 - 18 Nov 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.3 - 13 Nov 2025</h2>
<ul>
<li>CodeQL Action v3 will be deprecated in December 2026. The Action now
logs a warning for customers who are running v3 but could be running v4.
For more information, see <a
href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming
deprecation of CodeQL Action v3</a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b20883b0cd1f46c72ae0ba6d1090936928f9fa30"><code>b20883b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3428">#3428</a>
from github/update-v4.32.0-e3b8227a2</li>
<li><a
href="https://github.com/github/codeql-action/commit/c9aa45dd0f8ba0b0433386779eb4798c2545156b"><code>c9aa45d</code></a>
Update changelog for v4.32.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3b8227a28dee88b8eaf5597d892a0cea497e634"><code>e3b8227</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3427">#3427</a>
from github/henrymercer/bump-for-new-minor-series</li>
<li><a
href="https://github.com/github/codeql-action/commit/8a01181ce209b3e3f51c6add1b9e1e744bdf0064"><code>8a01181</code></a>
Compare minor version number</li>
<li><a
href="https://github.com/github/codeql-action/commit/80e142568fc335997bbf78abac097448213bd9ae"><code>80e1425</code></a>
Bump minor version for CLI v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/b748848f27bc46a97bbb965c606bbc298e760a9a"><code>b748848</code></a>
Bump the Action minor version number on new CodeQL minor version
series</li>
<li><a
href="https://github.com/github/codeql-action/commit/5e767eff5aa6e2b719f353611ff3c363d6225d18"><code>5e767ef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3425">#3425</a>
from github/update-bundle/codeql-bundle-v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/975286947045be7e8b204a16b36b1b04b9feef86"><code>9752869</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/c62c214723e7c0cdfb907bede6988df3a0640c7e"><code>c62c214</code></a>
Update default bundle to codeql-bundle-v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/25a224b8085c21d4d61b7fc051468805fc3ac490"><code>25a224b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3423">#3423</a>
from github/mbg/ci/yq-windows</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...b20883b0cd1f46c72ae0ba6d1090936928f9fa30">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/cache` from 5.0.1 to 5.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p>
<h2>v.5.0.2</h2>
<h1>v5.0.2</h1>
<h2>What's Changed</h2>
<p>When creating cache entries, 429s returned from the cache service
will not be retried.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h2>How to prepare a release</h2>
<blockquote>
<p>[!NOTE]<br />
Relevant for maintainers with write access only.</p>
</blockquote>
<ol>
<li>Switch to a new branch from <code>main</code>.</li>
<li>Run <code>npm test</code> to ensure all tests are passing.</li>
<li>Update the version in <a
href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li>
<li>Run <code>npm run build</code> to update the compiled files.</li>
<li>Update this <a
href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a>
with the new version and changes in the <code>## Changelog</code>
section.</li>
<li>Run <code>licensed cache</code> to update the license report.</li>
<li>Run <code>licensed status</code> and resolve any warnings by
updating the <a
href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a>
file with the exceptions.</li>
<li>Commit your changes and push your branch upstream.</li>
<li>Open a pull request against <code>main</code> and get it reviewed
and merged.</li>
<li>Draft a new release <a
href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a>
use the same version number used in <code>package.json</code>
<ol>
<li>Create a new tag with the version number.</li>
<li>Auto generate release notes and update them to match the changes you
made in <code>RELEASES.md</code>.</li>
<li>Toggle the set as the latest release option.</li>
<li>Publish the release.</li>
</ol>
</li>
<li>Navigate to <a
href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a>
<ol>
<li>There should be a workflow run queued with the same version
number.</li>
<li>Approve the run to publish the new version and update the major tags
for this action.</li>
</ol>
</li>
</ol>
<h2>Changelog</h2>
<h3>5.0.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<h3>5.0.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.3 <a
href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li>
</ul>
<h3>5.0.1</h3>
<ul>
<li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via
<code>@actions/[email protected]</code> <a
href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li>
</ul>
<h3>5.0.0</h3>
<blockquote>
<p>[!IMPORTANT]
<code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of <code>2.327.1</code>.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1695">#1695</a>
from actions/Link-/prepare-5.0.3</li>
<li><a
href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a>
Add review for the <code>@​actions/http-client</code> license</li>
<li><a
href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a>
Add licensed output</li>
<li><a
href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a>
Upgrade dependencies and address security warnings</li>
<li><a
href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a>
Add 5.0.3 builds</li>
<li><a
href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1692">#1692</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a>
license for httpclient</li>
<li><a
href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a>
Update licensed record for cache</li>
<li><a
href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a>
Build</li>
<li><a
href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a>
Add PR link to releases</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-python` from 6.1.0 to 6.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.0</h2>
<h2>What's Changed</h2>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade dependencies to Node 24 compatible versions by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1259">actions/setup-python#1259</a></li>
<li>Upgrade urllib3 from 2.5.0 to 2.6.3 in <code>/__tests__/data</code>
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1253">actions/setup-python#1253</a>
and <a
href="https://redirect.github.com/actions/setup-python/pull/1264">actions/setup-python#1264</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v6...v6.2.0">https://github.com/actions/setup-python/compare/v6...v6.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405"><code>a309ff8</code></a>
Bump urllib3 from 2.6.0 to 2.6.3 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1264">#1264</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755"><code>bfe8cc5</code></a>
Upgrade <a href="https://github.com/actions"><code>@​actions</code></a>
dependencies to Node 24 compatible versions (<a
href="https://redirect.github.com/actions/setup-python/issues/1259">#1259</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae"><code>4f41a90</code></a>
Bump urllib3 from 2.5.0 to 2.6.0 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1253">#1253</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...a309ff8b426b58ec0e2a45f0f869d46889d02405">compare
view</a></li>
</ul>
</details>
<br />

Updates `nick2bad4u/generate-repo-file-list` from
0b66b048983ecaef45cb1bc7acc6c81e1d210de7 to
f1342075abdb94a6134398776eafce7931fd1444
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Nick2bad4u/Generate-Repo-File-List/commit/f1342075abdb94a6134398776eafce7931fd1444"><code>f134207</code></a>
Merge PR <a
href="https://redirect.github.com/nick2bad4u/generate-repo-file-list/issues/39">#39</a></li>
<li><a
href="https://github.com/Nick2bad4u/Generate-Repo-File-List/commit/d174067c162403b3f1bd8be4b31ba270d5f13f1f"><code>d174067</code></a>
Bump the github-actions group with 7 updates</li>
<li>See full diff in <a
href="https://github.com/nick2bad4u/generate-repo-file-list/compare/0b66b048983ecaef45cb1bc7acc6c81e1d210de7...f1342075abdb94a6134398776eafce7931fd1444">compare
view</a></li>
</ul>
</details>
<br />

Updates `oxsecurity/megalinter` from 9.2.0 to 9.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/oxsecurity/megalinter/releases">oxsecurity/megalinter's
releases</a>.</em></p>
<blockquote>
<h2>v9.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>
<p>Core</p>
<ul>
<li>Add enum name support in MegaLinter config Json schema for better
autocompletion in editors</li>
<li>Update base image to python:3.13-alpine3.23</li>
</ul>
</li>
<li>
<p>New linters</p>
<ul>
<li>Add <a
href="https://github.com/codespell-project/codespell">codespell</a></li>
<li>Add <a href="https://github.com/mongodb/kingfisher">kingfisher</a>
by <a href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
<li>Add <a href="https://github.com/rvben/rumdl">rumdl</a> by <a
href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
</ul>
</li>
<li>
<p>Linters enhancements</p>
<ul>
<li>Change checkmake Docker image reference by <a
href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
</ul>
</li>
<li>
<p>Reporters</p>
<ul>
<li>Handle multiple MegaLinter runs on the same repo using custom value
sent in variable <strong>MEGALINTER_MULTIRUN_KEY</strong></li>
<li>Allow to override url to CI build in Git based reporters using
<strong>REPORTERS_ACTION_RUN_URL</strong> variable</li>
<li>Fix sections display in Gitlab console logs</li>
</ul>
</li>
<li>
<p>Doc</p>
<ul>
<li>Classify all JSON schema config variables by category and
section</li>
</ul>
</li>
<li>
<p>CI</p>
<ul>
<li>Free disk space on GitHub actions runner when releasing a new
flavor</li>
<li>Add missing Dockerfile patterns to Renovate Dockerfile manager</li>
<li>Remove gitpod custom image, workflow, and makefile targets</li>
</ul>
</li>
<li>
<p>Linter versions upgrades (54)</p>
<ul>
<li><a href="https://rhysd.github.io/actionlint/">actionlint</a> from
1.7.9 to <strong>1.7.10</strong></li>
<li><a href="https://ansible-lint.readthedocs.io/">ansible-lint</a> from
25.11.1 to <strong>25.12.2</strong></li>
<li><a href="https://www.gnu.org/software/bash/">bash-exec</a> from
5.2.37 to <strong>5.3.3</strong></li>
<li><a href="https://black.readthedocs.io/en/stable/">black</a> from
25.11.0 to <strong>25.12.0</strong></li>
<li><a
href="https://github.com/aws-cloudformation/cfn-lint">cfn-lint</a> from
1.41.0 to <strong>1.43.1</strong></li>
<li><a href="https://www.checkov.io/">checkov</a> from 3.2.495 to
<strong>3.2.497</strong></li>
<li><a
href="https://releases.llvm.org/21.1.0/tools/clang/docs/ClangFormat.html">clang-format</a>
from 20.1.8 to <strong>21.1.2</strong></li>
<li><a href="https://github.com/rust-lang/rust-clippy">clippy</a> from
0.1.91 to <strong>0.1.92</strong></li>
<li><a href="https://github.com/borkdude/clj-kondo">clj-kondo</a> from
2025.10.23 to <strong>2025.12.23</strong></li>
<li><a
href="https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html">code-analyzer-apex</a>
from 5.6.1 to <strong>5.7.1</strong></li>
<li><a
href="https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html">code-analyzer-aura</a>
from 5.6.1 to <strong>5.7.1</strong></li>
<li><a
href="https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html">code-analyzer-lwc</a>
from 5.6.1 to <strong>5.7.1</strong></li>
<li><a href="https://cppcheck.sourceforge.io/">cppcheck</a> from 2.14.2
to <strong>2.18.3</strong></li>
<li><a href="https://csharpier.com/">csharpier</a> from 1.2.1 to
<strong>1.2.5</strong></li>
<li><a
href="https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell">cspell</a>
from 9.3.2 to <strong>9.4.0</strong></li>
<li><a href="https://dart.dev/tools/dart-analyze">dartanalyzer</a> from
3.8.3 to <strong>3.10.7</strong></li>
<li><a
href="https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format">dotnet-format</a>
from 9.0.111 to <strong>9.0.112</strong></li>
<li><a href="https://git-scm.com">git_diff</a> from 2.49.1 to
<strong>2.52.0</strong></li>
<li><a href="https://golangci-lint.run/">golangci-lint</a> from 2.6.2 to
<strong>2.7.2</strong></li>
<li><a href="https://github.com/anchore/grype">grype</a> from 0.104.1 to
<strong>0.104.3</strong></li>
<li><a href="https://helm.sh/docs/helm/helm_lint/">helm</a> from 3.18.4
to <strong>3.19.0</strong></li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md">oxsecurity/megalinter's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a
href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>, and
this project adheres to <a
href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2>[Unreleased] (beta, main branch content)</h2>
<p>Note: Can be used with <code>oxsecurity/megalinter@beta</code> in
your GitHub Action mega-linter.yml file, or with
<code>oxsecurity/megalinter:beta</code> docker image</p>
<ul>
<li>
<p>Core</p>
<ul>
<li>Improve files browsing performances</li>
<li>Optimize parallel linter processing and improve grouping logic</li>
<li>Improve performance of listing .gitignored files by sending excluded
directories to git ls-files</li>
<li>If there are more than 500 .gitignored files, advise to add more
excluded directories using variable ADDITIONAL_EXCLUDED_DIRECTORIES, to
improve performances</li>
</ul>
</li>
<li>
<p>New linters</p>
</li>
<li>
<p>Disabled linters</p>
<ul>
<li>LUA_SELENE: <a
href="https://redirect.github.com/Kampfkarren/selene/issues/662">Kampfkarren/selene#662</a></li>
</ul>
</li>
<li>
<p>Deprecated linters</p>
</li>
<li>
<p>Removed linters</p>
</li>
<li>
<p>Media</p>
</li>
<li>
<p>Linters enhancements</p>
<ul>
<li>Use the official checkmake image by <a
href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
<li>Add sarif support to spectral by <a
href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
</ul>
</li>
<li>
<p>Fixes</p>
<ul>
<li>Add support for SSH remote origins when building custom flavors
(fixes: <a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6511">#6511</a>)</li>
<li>Fix issue with plugins ignored when FLAVOR_SUGGESTIONS=false</li>
<li>Fix wrong tagging <code>apply_fixes=True</code> when linter has no
fix options configured</li>
<li>Python mypy: Remove <code>.ipynb</code> from file extensions (mypy
doesn't support notebooks directly) - fixes <a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6904">#6904</a></li>
</ul>
</li>
<li>
<p>Reporters</p>
<ul>
<li>Add a link inviting to star MegaLinter</li>
<li>Display in the console reporter the working directory from which the
commands are executed by <a
href="https://github.com/bdovaz"><code>@​bdovaz</code></a></li>
<li>Update WebHook reporter so it can send more events for a better
integration with UI</li>
<li>When truncating long comments in markdown reports, keep the end of
the text instead of the beginning (which usually contains less useful
information)</li>
</ul>
</li>
<li>
<p>Doc</p>
<ul>
<li>JSON Schema: add default values for file extensions and file names
variables + improve descriptions</li>
<li>Update default secured env variables documentation</li>
</ul>
</li>
<li>
<p>Flavors</p>
</li>
<li>
<p>CI</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/42bb470545e359597e7f12156947c436e4e3fb9a"><code>42bb470</code></a>
Release MegaLinter v9.3.0</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/fe74938a46307aa081eb30cdc0f1634d87e28407"><code>fe74938</code></a>
changelog</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/edb083a88af45e65c0edf84dec9373f71426fa01"><code>edb083a</code></a>
[automation] Auto-update linters version, help and documentation (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6889">#6889</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/824240c602046ce659c39db647c7f34574a106a3"><code>824240c</code></a>
JSON Schema fix (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6888">#6888</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/9af8d5b301355ede78ce73684a1ebefcbb9df913"><code>9af8d5b</code></a>
chore(deps): update dependency npm-package-json-lint to v9.1.0 (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6883">#6883</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/781c95c475fa87c0cc22830c310c7ec3f2709544"><code>781c95c</code></a>
[automation] Auto-update linters version, help and documentation (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6885">#6885</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/101b8024cd2708e6124f38171663ed77db53e7a0"><code>101b802</code></a>
JSON Schema (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6887">#6887</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/3ab7a9317fe706503889f64665b11721a0f6cd21"><code>3ab7a93</code></a>
chore(deps): update dependency friendsofphp/php-cs-fixer to v3.92.4 (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6886">#6886</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/12f7c03305fa371de9ecd6f968a6bba7a44020a9"><code>12f7c03</code></a>
chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.9.21 (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6882">#6882</a>)</li>
<li><a
href="https://github.com/oxsecurity/megalinter/commit/91a9dfb45834bcefbdc73a10ba1975bedb652d18"><code>91a9dfb</code></a>
chore(deps): update dependency sfdx-hardis to v6.20.0 (<a
href="https://redirect.github.com/oxsecurity/megalinter/issues/6884">#6884</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/oxsecurity/megalinter/compare/55a59b24a441e0e1943080d4a512d827710d4a9d...42bb470545e359597e7f12156947c436e4e3fb9a">compare
view</a></li>
</ul>
</details>
<br />

Updates
`google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml`
from 2.3.1 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/osv-scanner-action/releases">google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.2</h2>
<p>This updates OSV-Scanner to v2.3.2</p>
<p>This release includes performance improvements for local scanning,
reducing memory usage and avoiding unnecessary advisory loading. It also
fixes issues with MCP's get_vulnerability_details tool, git queries in
<code>osv-scanner.json</code>, and ignore entry tracking, along with
documentation updates.</p>
<h3>Fixes:</h3>
<ul>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2415">#2415</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2415">google/osv-scanner#2415</a>)
Add more PURL-to-ecosystem mappings</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2422">#2422</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2422">google/osv-scanner#2422</a>)
MCP error for get_vulnerability_id because type definition is
incorrect.</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2460">#2460</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2460">google/osv-scanner#2460</a>)
Enable osv-scanner.json git queries</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2456">#2456</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2456">google/osv-scanner#2456</a>)
Properly track if an ignore entry has been used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2450">#2450</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2450">google/osv-scanner#2450</a>)
<strong>Performance:</strong> Avoid loading the entire advisory unless
it will actually be used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2445">#2445</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2445">google/osv-scanner#2445</a>)
<strong>Performance:</strong> Don't read the entire zip into memory</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2433">#2433</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2433">google/osv-scanner#2433</a>)
Allow specifying user agent in v2 osvscanner package</li>
</ul>
<h3>Misc:</h3>
<ul>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2453">#2453</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2453">google/osv-scanner#2453</a>)
Switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2447">#2447</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2447">google/osv-scanner#2447</a>)
Include <code>bun.lock</code> as a supported lockfile</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2444">#2444</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2444">google/osv-scanner#2444</a>)
Document GoVersionOverride in configuration.md</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2">https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/osv-scanner-action/commit/2a387edfbe02a11d856b89172f6e978100177eb4"><code>2a387ed</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/116">#116</a>
from google/update-to-v2.3.2</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/f75042f618bfd7101a0a359f9ab4f186e78236ec"><code>f75042f</code></a>
Update unified workflow example to point to v2.3.2 reusable
workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/17ad728b580c3ea9fb48db7c0e93df5ad9edf9b3"><code>17ad728</code></a>
Update reusable workflows to point to v2.3.2 actions</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/9eebeaea7417372f39d21f50ad5ef4e6b3358566"><code>9eebeae</code></a>
&quot;Update actions to use v2.3.2 osv-scanner image&quot;</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/dcf7b89adad618874992e9033c80a024bc1eaf02"><code>dcf7b89</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/114">#114</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/6bcc4fad212794a89e23384e1ebf421c0503b430"><code>6bcc4fa</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/113">#113</a>
from renovate-bot/renovate/workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/70f73952d447f03b17045406155bae21ac1db5d7"><code>70f7395</code></a>
chore(deps): update github/codeql-action action to v4.31.9</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/7c3c2a712c77577eeea178a075d3bb34a56f61c9"><code>7c3c2a7</code></a>
chore(deps): update workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/a239d862e4b89217f3fb52de083506b2265c80f4"><code>a239d86</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/109">#109</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/5345c883711cb9760ea55b8efe94d0af4c752df5"><code>5345c88</code></a>
chore(deps): update actions/checkout action to v6</li>
<li>See full diff in <a
href="https://github.com/google/osv-scanner-action/compare/375a0e8ebdc98e99b02ac4338a724f5750f21213...2a387edfbe02a11d856b89172f6e978100177eb4">compare
view</a></li>
</ul>
</details>
<br />

Updates
`google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml`
from 2.3.1 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/osv-scanner-action/releases">google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.2</h2>
<p>This updates OSV-Scanner to v2.3.2</p>
<p>This release includes performance improvements for local scanning,
reducing memory usage and avoiding unnecessary advisory loading. It also
fixes issues with MCP's get_vulnerability_details tool, git queries in
<code>osv-scanner.json</code>, and ignore entry tracking, along with
documentation updates.</p>
<h3>Fixes:</h3>
<ul>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2415">#2415</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2415">google/osv-scanner#2415</a>)
Add more PURL-to-ecosystem mappings</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2422">#2422</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2422">google/osv-scanner#2422</a>)
MCP error for get_vulnerability_id because type definition is
incorrect.</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2460">#2460</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2460">google/osv-scanner#2460</a>)
Enable osv-scanner.json git queries</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2456">#2456</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2456">google/osv-scanner#2456</a>)
Properly track if an ignore entry has been used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2450">#2450</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2450">google/osv-scanner#2450</a>)
<strong>Performance:</strong> Avoid loading the entire advisory unless
it will actually be used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2445">#2445</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2445">google/osv-scanner#2445</a>)
<strong>Performance:</strong> Don't read the entire zip into memory</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2433">#2433</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2433">google/osv-scanner#2433</a>)
Allow specifying user agent in v2 osvscanner package</li>
</ul>
<h3>Misc:</h3>
<ul>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2453">#2453</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2453">google/osv-scanner#2453</a>)
Switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2447">#2447</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2447">google/osv-scanner#2447</a>)
Include <code>bun.lock</code> as a supported lockfile</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2444">#2444</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2444">google/osv-scanner#2444</a>)
Document GoVersionOverride in configuration.md</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2">https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/osv-scanner-action/commit/2a387edfbe02a11d856b89172f6e978100177eb4"><code>2a387ed</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/116">#116</a>
from google/update-to-v2.3.2</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/f75042f618bfd7101a0a359f9ab4f186e78236ec"><code>f75042f</code></a>
Update unified workflow example to point to v2.3.2 reusable
workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/17ad728b580c3ea9fb48db7c0e93df5ad9edf9b3"><code>17ad728</code></a>
Update reusable workflows to point to v2.3.2 actions</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/9eebeaea7417372f39d21f50ad5ef4e6b3358566"><code>9eebeae</code></a>
&quot;Update actions to use v2.3.2 osv-scanner image&quot;</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/dcf7b89adad618874992e9033c80a024bc1eaf02"><code>dcf7b89</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/114">#114</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/6bcc4fad212794a89e23384e1ebf421c0503b430"><code>6bcc4fa</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/113">#113</a>
from renovate-bot/renovate/workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/70f73952d447f03b17045406155bae21ac1db5d7"><code>70f7395</code></a>
chore(deps): update github/codeql-action action to v4.31.9</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/7c3c2a712c77577eeea178a075d3bb34a56f61c9"><code>7c3c2a7</code></a>
chore(deps): update workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/a239d862e4b89217f3fb52de083506b2265c80f4"><code>a239d86</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/109">#109</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/5345c883711cb9760ea55b8efe94d0af4c752df5"><code>5345c88</code></a>
chore(deps): update actions/checkout action to v6</li>
<li>See full diff in <a
href="https://github.com/google/osv-scanner-action/compare/375a0e8ebdc98e99b02ac4338a724f5750f21213...2a387edfbe02a11d856b89172f6e978100177eb4">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-node` from 6.1.0 to 6.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.0</h2>
<h2>What's Changed</h2>
<h3>Documentation</h3>
<ul>
<li>Documentation update related to absence of Lockfile by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1454">actions/setup-node#1454</a></li>
<li>Correct mirror option typos by <a
href="https://github.com/MikeMcC399"><code>@​MikeMcC399</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1442">actions/setup-node#1442</a></li>
<li>Readme update on checkout version v6 by <a
href="https://github.com/deining"><code>@​deining</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1446">actions/setup-node#1446</a></li>
<li>Readme typo fixes <a
href="https://github.com/munyari"><code>@​munyari</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1226">actions/setup-node#1226</a></li>
<li>Advanced document update on checkout version v6 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1468">actions/setup-node#1468</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> to v5.0.1 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1449">actions/setup-node#1449</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1454">actions/setup-node#1454</a></li>
<li><a
href="https://github.com/MikeMcC399"><code>@​MikeMcC399</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1442">actions/setup-node#1442</a></li>
<li><a href="https://github.com/deining"><code>@​deining</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1446">actions/setup-node#1446</a></li>
<li><a href="https://github.com/munyari"><code>@​munyari</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1226">actions/setup-node#1226</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v6...v6.2.0">https://github.com/actions/setup-node/compare/v6...v6.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238"><code>6044e13</code></a>
Docs: bump actions/checkout from v5 to v6 (<a
href="https://redirect.github.com/actions/setup-node/issues/1468">#1468</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657"><code>8e49463</code></a>
Fix README typo (<a
href="https://redirect.github.com/actions/setup-node/issues/1226">#1226</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/621ac41091d4227ef8fda5009c1ced96d8d36f7e"><code>621ac41</code></a>
README.md: bump to latest released checkout version v6 (<a
href="https://redirect.github.com/actions/setup-node/issues/1446">#1446</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/2951748f4c016b747952f8ca7e75fc64f2f62b53"><code>2951748</code></a>
Bump <code>@​actions/cache</code> to v5.0.1 (<a
href="https://redirect.github.com/actions/setup-node/issues/1449">#1449</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/21ddc7bc1fef4bd313efce0335fdcbf81827182c"><code>21ddc7b</code></a>
Correct mirror option typos (<a
href="https://redirect.github.com/actions/setup-node/issues/1442">#1442</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/65d868f8d4d85d7d4abb7de0875cde3fcc8798f5"><code>65d868f</code></a>
Update Documentation for Lockfile (<a
href="https://redirect.github.com/actions/setup-node/issues/1454">#1454</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/395ad3262231945c25e8478fd5baf05154b1d79f...6044e13b5dc448c55e2357c09f80417699197238">compare
view</a></li>
</ul>
</details>
<br />

Updates `peter-evans/create-pull-request` from 8.0.0 to 8.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v8.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>README.md: bump given GitHub actions to their latest versions by <a
href="https://github.com/deining"><code>@​deining</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4265">peter-evans/create-pull-request#4265</a></li>
<li>build(deps): bump the github-actions group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4273">peter-evans/create-pull-request#4273</a></li>
<li>build(deps-dev): bump the npm group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4274">peter-evans/create-pull-request#4274</a></li>
<li>build(deps-dev): bump undici from 6.22.0 to 6.23.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4284">peter-evans/create-pull-request#4284</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4289">peter-evans/create-pull-request#4289</a></li>
<li>fix: Handle remote prune failures gracefully on self-hosted runners
by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4295">peter-evans/create-pull-request#4295</a></li>
<li>feat: add <code>@​octokit/plugin-retry</code> to handle retriable
server errors by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4298">peter-evans/create-pull-request#4298</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/deining"><code>@​deining</code></a> made
…

Author: Nick2bad4u

.github/workflows/ActionLint.yml

@@ -36,10 +36,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - uses: devops-actions/actionlint@467e2ce19b2310e93c9ffa0b50fe31f86b5a7f23 #v0.1.10
         continue-on-error: true
         id: action-lint

.github/workflows/Bandit.yml

@@ -53,7 +53,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           disable-sudo: true
           egress-policy: block
@@ -63,7 +63,7 @@ jobs:
             github.com:443
             pypi.org:443
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Bandit Scan
         uses: shundor/python-bandit-scan@9cc5aa4a006482b8a7f91134412df6772dbda22c
         with: # optional arguments

.github/workflows/Snake.yml

@@ -46,7 +46,7 @@ jobs:
     steps:
       # generates a snake game from a github user (<github_user_name>) contributions graph, output a svg animation at <svg_out_path>
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 

.github/workflows/black-formatter.yml

@@ -37,7 +37,7 @@ jobs:
     steps:
       # Step to harden the runner for security purposes
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           disable-sudo: true # Disable sudo to prevent privilege escalation
           egress-policy: block # Block all egress traffic
@@ -48,8 +48,8 @@ jobs:
 
       # Step to checkout the repository code
       - name: Checkout Code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       # Step to run the Black code formatter
       - name: Run Black Formatter
-        uses: psf/black@782e5605c86aab56be6f905da10dcd3e463fd9c2 # stable
+        uses: psf/black@6305bf1ae645ab7541be4f5028a86239316178eb # stable

.github/workflows/codeql.yml

@@ -66,16 +66,16 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
+        uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -85,7 +85,7 @@ jobs:
           # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
           # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
+        uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -98,6 +98,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
+        uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/deno.yml

@@ -46,12 +46,12 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Setup repo
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup Deno
         # uses: denoland/setup-deno@v1

.github/workflows/dependency-review.yml

@@ -39,11 +39,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: "Checkout Repository"
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: "Dependency Review"
         uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2

.github/workflows/devskim.yml

@@ -30,12 +30,12 @@ jobs:
       security-events: write
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Run DevSkim scanner
         uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16
@@ -63,6 +63,6 @@ jobs:
           path: devskim-results.sarif
 
       - name: Upload DevSkim scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
         with:
           sarif_file: devskim-results.sarif

.github/workflows/eslint.yml

@@ -44,15 +44,15 @@ jobs:
       actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Cache node modules
-        uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: ./node_modules
           key: ${{ runner.os }}-.-node-modules-${{ hashFiles('./package-lock.json') }}
@@ -72,7 +72,7 @@ jobs:
         continue-on-error: true
 
       - name: Upload analysis results to GitHub
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v2.27.0
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v2.27.0
         with:
           sarif_file: eslint-results.sarif
           wait-for-processing: true

.github/workflows/generate-file-list.yml

@@ -17,12 +17,12 @@ jobs:
 
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
         with:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: List files in the repository
         run: |
@@ -36,7 +36,7 @@ jobs:
           fi
 
       - name: Set up Python
-        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: "3.x"
 
@@ -55,7 +55,7 @@ jobs:
           # For example: pip install requests
 
       - name: Run Generate Repo File List Action
-        uses: nick2bad4u/generate-repo-file-list@0b66b048983ecaef45cb1bc7acc6c81e1d210de7 # main
+        uses: nick2bad4u/generate-repo-file-list@f1342075abdb94a6134398776eafce7931fd1444 # main
         with:
           log-level: "INFO"
           directory: "."