chore(deps): bump the github-actions group with 18 updates

[dependabot]

Bumps the github-actions group with 18 updates:

Package	From	To
step-security/harden-runner	2.13.2	2.14.0
actions/checkout	6.0.0	6.0.1
psf/black	25.11.0	25.12.0
github/codeql-action	4.31.6	4.31.9
actions/upload-artifact	5.0.0	6.0.0
actions/cache	4.3.0	5.0.1
nick2bad4u/generate-repo-file-list	4b742561166c6eafcf23fbb0c79ff8869bbceb27	0b66b048983ecaef45cb1bc7acc6c81e1d210de7
stefanzweifel/git-auto-commit-action	7.0.0	7.1.0
google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml	2.3.0	2.3.1
google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml	2.3.0	2.3.1
actions/setup-node	6.0.0	6.1.0
peter-evans/create-pull-request	7.0.9	8.0.0
sobelow/action	1.1.0	1.2.0
rojopolis/spellcheck-github-actions	0.55.0	0.56.0
actions/stale	10.1.0	10.1.1
super-linter/super-linter	8.3.0	8.3.2
trufflesecurity/trufflehog	3.91.1	3.92.4
crate-ci/typos	1.40.0	1.41.0

Updates step-security/harden-runner from 2.13.2 to 2.14.0

Release notes

Sourced from step-security/harden-runner's releases.

v2.14.0

What's Changed

• Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.
• Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.

Full Changelog: step-security/harden-runner@v2.13.3...v2.14.0

v2.13.3

What's Changed

• Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

Commits

• 20cf305 Merge pull request #622 from step-security/feature/custom-property-skip
• c51e8ee feat: skip agent install and post step on subsequent runs for GitHub-hosted r...
• e152b90 feat: skip harden-runner based on repository custom property
• ee1faec feat: replace skip-harden-runner with skip-on-custom-property input
• 1dc7c17 feat: add skip-harden-runner input to conditionally skip execution
• df199fb Merge pull request #620 from step-security/rc-29
• 03d096a update agent
• 4090107 fix: update agent
• See full diff in compare view

Updates actions/checkout from 6.0.0 to 6.0.1

Release notes

Sourced from actions/checkout's releases.

v6.0.1

What's Changed

• Update all references from v5 and v4 to v6 by @​ericsciple in actions/checkout#2314
• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327
• Clarify v6 README by @​ericsciple in actions/checkout#2328

Full Changelog: actions/checkout@v6...v6.0.1

Commits

• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• See full diff in compare view

Updates psf/black from 25.11.0 to 25.12.0

Release notes

Sourced from psf/black's releases.

25.12.0

Please test out the draft 2026 style in version 26.1a1! This style will be finalized in the January release (26.1.0). Most of the changes in --preview will be in the 2026 stable style, but not all. Please share your feedback!

This release (25.12.0) will still produce the 2025 style.

Highlights

• Black no longer supports running with Python 3.9 (#4842)

Stable style

• Fix bug where comments preceding # fmt: off/# fmt: on blocks were incorrectly removed, particularly affecting Jupytext's # %% [markdown] comments (#4845)
• Fix crash when multiple # fmt: skip comments are used in a multi-part if-clause, on string literals, or on dictionary entries with long lines (#4872)
• Fix possible crash when fmt: directives aren't on the top level (#4856)

Preview style

• Fix fmt: skip skipping the line after instead of the line it's on (#4855)
• Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• Fix fix_fmt_skip_in_one_liners crashing on with statements (#4853)
• Fix fix_fmt_skip_in_one_liners crashing on annotated parameters (#4854)
• Fix new lines being added after imports with # fmt: skip on them (#4894)

Packaging

• Releases now include arm64 Windows binaries and wheels (#4814)

Integrations

• Add output-file input to GitHub Action psf/black to write formatter output to a file for artifact capture and log cleanliness (#4824)

Changelog

Sourced from psf/black's changelog.

Change Log

Unreleased

Highlights

Stable style

Preview style

Configuration

Packaging

Parser

Performance

Output

Blackd

Integrations

• Upgraded PyPI upload workflow to use Trusted Publishing (#4611)

Documentation

... (truncated)

Commits

• 782e560 Pin actions/[email protected] (#4895)
• f0f4094 Fix new lines being added after imports with # fmt: skip on them (#4894)
• 70fc194 Revert "Fix # fmt: skip ignored in deeply nested expressions" (#4893)
• 7044b14 Prepare 25.12.0 release (#4891)
• 5b470f0 Fix # fmt: skip ignored in deeply nested expressions (#4883)
• 1b342ef Fix crash when multiple # fmt: skip comments are used in multi-part if-clau...
• 7b265f1 Pin Hatch to hopefully fix Docker builds (#4878)
• c9523f4 Attempt to fix Docker build failures (#4876)
• 0f376e0 Fix crashes when fmt directives are indented (#4856)
• a8bfcc1 Fix fmt: skip skipping the line after instead of the line it's on (#4855)
• Additional commits viewable in compare view

Updates github/codeql-action from 4.31.6 to 4.31.9

Release notes

Sourced from github/codeql-action's releases.

v4.31.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.9 - 16 Dec 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.31.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.8 - 11 Dec 2025

• Update default CodeQL bundle version to 2.23.8. #3354

See the full CHANGELOG.md for more information.

v4.31.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.7 - 05 Dec 2025

• Update default CodeQL bundle version to 2.23.7. #3343

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.9 - 16 Dec 2025

No user facing changes.

4.31.8 - 11 Dec 2025

• Update default CodeQL bundle version to 2.23.8. #3354

4.31.7 - 05 Dec 2025

• Update default CodeQL bundle version to 2.23.7. #3343

4.31.6 - 01 Dec 2025

No user facing changes.

4.31.5 - 24 Nov 2025

• Update default CodeQL bundle version to 2.23.6. #3321

4.31.4 - 18 Nov 2025

No user facing changes.

4.31.3 - 13 Nov 2025

• CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see Upcoming deprecation of CodeQL Action v3.
• Update default CodeQL bundle version to 2.23.5. #3288

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

• The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

• Bump minimum CodeQL bundle version to 2.17.6. #3223
• When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

... (truncated)

Commits

• 5d4e8d1 Merge pull request #3371 from github/update-v4.31.9-998798e34
• 1dc115f Update changelog for v4.31.9
• 998798e Merge pull request #3352 from github/nickrolfe/jar-min-ff-cleanup
• 5eb7519 Merge pull request #3358 from github/henrymercer/database-upload-telemetry
• d29eddb Extract version number to constant
• e962687 Merge branch 'main' into henrymercer/database-upload-telemetry
• 19c7f96 Rename isOverlayBase
• ae5de9a Use getErrorMessage in log too
• 0cb8633 Prefer performance.now()
• c07cc0d Merge pull request #3351 from github/henrymercer/ghec-dr-determine-tools-vers...
• Additional commits viewable in compare view

Updates actions/upload-artifact from 5.0.0 to 6.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

• Upload Artifact Node 24 support by @​salmanmkc in actions/upload-artifact#719
• fix: update @​actions/artifact for Node.js 24 punycode deprecation by @​salmanmkc in actions/upload-artifact#744
• prepare release v6.0.0 for Node.js 24 support by @​salmanmkc in actions/upload-artifact#745

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

Commits

• b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
• e516bc8 docs: correct description of Node.js 24 support in README
• ddc45ed docs: update README to correct action name for Node.js 24 support
• 615b319 chore: release v6.0.0 for Node.js 24 support
• 017748b Merge pull request #744 from actions/fix-storage-blob
• 38d4c79 chore: rebuild dist
• 7d27270 chore: add missing license cache files for @​actions/core, @​actions/io, and mi...
• 5f643d3 chore: update license files for @​actions/artifact@​5.0.1 dependencies
• 1df1684 chore: update package-lock.json with @​actions/artifact@​5.0.1
• b5b1a91 fix: update @​actions/artifact to ^5.0.0 for Node.js 24 punycode fix
• Additional commits viewable in compare view

Updates actions/cache from 4.3.0 to 5.0.1

Release notes

Sourced from actions/cache's releases.

v5.0.1

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

---

v5.0.1

What's Changed

• fix: update @​actions/cache for Node.js 24 punycode deprecation by @​salmanmkc in actions/cache#1685
• prepare release v5.0.1 by @​salmanmkc in actions/cache#1686

v5.0.0

What's Changed

• Upgrade to use node24 by @​salmanmkc in actions/cache#1630
• Prepare v5.0.0 release by @​salmanmkc in actions/cache#1684

Full Changelog: actions/cache@v5...v5.0.1

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

---

What's Changed

• Upgrade to use node24 by @​salmanmkc in actions/cache#1630
• Prepare v5.0.0 release by @​salmanmkc in actions/cache#1684

Full Changelog: actions/cache@v4.3.0...v5.0.0

Changelog

Sourced from actions/cache's changelog.

Releases

Changelog

5.0.1

• Update @azure/storage-blob to ^12.29.1 via @actions/[email protected] #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

• Bump @actions/cache to v4.1.0

4.2.4

• Bump @actions/cache to v4.0.5

4.2.3

• Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

• Bump @actions/cache to v4.0.2

4.2.1

• Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

... (truncated)

Commits

• 9255dc7 Merge pull request #1686 from actions/cache-v5.0.1-release
• 8ff5423 chore: release v5.0.1
• 9233019 Merge pull request #1685 from salmanmkc/node24-storage-blob-fix
• b975f2b fix: add peer property to package-lock.json for dependencies
• d0a0e18 fix: update license files for @​actions/cache, fast-xml-parser, and strnum
• 74de208 fix: update @​actions/cache to ^5.0.1 for Node.js 24 punycode fix
• ac7f115 peer
• b0f846b fix: update @​actions/cache with storage-blob fix for Node.js 24 punycode depr...
• a783357 Merge pull request #1684 from actions/prepare-cache-v5-release
• 3bb0d78 docs: highlight v5 runner requirement in releases
• Additional commits viewable in compare view

Updates nick2bad4u/generate-repo-file-list from 4b742561166c6eafcf23fbb0c79ff8869bbceb27 to 0b66b048983ecaef45cb1bc7acc6c81e1d210de7

Commits

• 0b66b04 Merge pull request #38 from Nick2bad4u/dependabot/github_actions/github-actio...
• 900c5ad Bump the github-actions group with 8 updates
• See full diff in compare view

Updates stefanzweifel/git-auto-commit-action from 7.0.0 to 7.1.0

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v7.1.0

Added

• Add skip_push input option (#401) @​kvanzuijlen

Changes

• docs: fix typo in README.md (#400) @​GideonBear

Dependency Updates

• Bump actions/checkout from 5 to 6 (#399) [@dependabot[bot]](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot))
• Bump bats from 1.12.0 to 1.13.0 (#398) [@dependabot[bot]](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot))

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

TBD

v7.1.0 - 2025-12-17

Added

• Add skip_push input option (#401) @​kvanzuijlen

Changes

• docs: fix typo in README.md (#400) @​GideonBear

Dependency Updates

• Bump actions/checkout from 5 to 6 (#399) [@dependabot[bot]](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot))
• Bump bats from 1.12.0 to 1.13.0 (#398) [@dependabot[bot]](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot))

v7.0.0 - 2025-10-12

Added

• Restore skip_fetch, skip_checkout, create_branch (#388) @​stefanzweifel
• Restore Detached State Detection (#393) @​stefanzweifel
• Add Support for Tag Messages (#391) @​EliasBoulharts

Changed

• Run Action on Node 24 (#389) @​stefanzweifel

Dependency Updates

• Bump actions/checkout from 4 to 5 (#386) [@dependabot[bot]](https://github.com/@[dependabot[bot]](https://github.com/apps/dependabot))

v6.0.1 - 2025-06-11

Fixed

• Disable Check if Repo is in Detached State (#379) @​stefanzweifel

v6.0.0 - 2025-06-10

... (truncated)

Commits

• 04702ed Bump actions/checkout from 5 to 6 (#399)
• 1e49d50 Add skip_push input option (#401)
• 65c5677 docs: fix typo in README.md (#400)
• 547c140 Bump bats from 1.12.0 to 1.13.0 (#398)
• 8fa7f5a Update CHANGELOG
• See full diff in compare view

Updates google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml from 2.3.0 to 2.3.1

Release notes

Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml's releases.

v2.3.1

What's Changed

• chore(deps): update workflows (major) by @​renovate-bot in google/osv-scanner-action#105
• chore(deps): update github/codeql-action action to v4.31.7 by @​renovate-bot in google/osv-scanner-action#108
• chore: more specific name for uploaded artifact by @​marcusburghardt in google/osv-scanner-action#111
• Update to v2.3.1 by @​cuixq in google/osv-scanner-action#112

New Contributors

• @​marcusburghardt made their first contribution in google/osv-scanner-action#111

Full Changelog: google/osv-scanner-action@v2.3.0...v2.3.1

Commits

• 375a0e8 Merge pull request #112 from google/update-to-v2.3.1
• 611152d Update unified workflow example to point to v2.3.1 reusable workflows
• ccb575f Update reusable workflows to point to v2.3.1 actions
• ffff457 "Update actions to use v2.3.1 osv-scanner image"
• f011708 Merge pull request #111 from marcusburghardt/upload_name
• 54338a3 chore: more specific name for uploaded artifact
• 2e56ca8 Merge pull request #108 from renovate-bot/renovate/workflows
• 540b498 chore(deps): update github/codeql-action action to v4.31.7
• 08b0aae Merge pull request #105 from renovate-bot/renovate/major-workflows
• 7b64497 chore(deps): update workflows
• See full diff in compare view

Updates google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml from 2.3.0 to 2.3.1

Release notes

Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's releases.

v2.3.1

What's Changed

• chore(deps): update workflows (major) by @​renovate-bot in google/osv-scanner-action#105
• chore(deps): update github/codeql-action action to v4.31.7 by @​renovate-bot in google/osv-scanner-action#108
• chore: more specific name for uploaded artifact by @​marcusburghardt in google/osv-scanner-action#111
• Update to v2.3.1 by @​cuixq in google/osv-scanner-action#112

New Contributors

• @​marcusburghardt made their first contribution in google/osv-scanner-action#111

Full Changelog: google/osv-scanner-action@v2.3.0...v2.3.1

Commits

• 375a0e8 Merge pull request #112 from google/update-to-v2.3.1
• 611152d Update unified workflow example to point to v2.3.1 reusable workflows
• ccb575f Update reusable workflows to point to v2.3.1 actions
• ffff457 "Update actions to use v2.3.1 osv-scanner image"
• f011708 Merge pull request #111 from marcusburghardt/upload_name
• 54338a3 chore: more specific name for uploaded artifact
• 2e56ca8 Merge pull request #108 from renovate-bot/renovate/workflows
• 540b498 chore(deps): update github/codeql-action action to v4.31.7
• 08b0aae Merge pull request #105 from renovate-bot/renovate/major-workflows
• 7b64497 chore(deps): update workflows
• See full diff in compare view

Updates actions/setup-node from 6.0.0 to 6.1.0

Release notes

Sourced from actions/setup-node's releases.

v6.1.0

What's Changed

Enhancement:

• Remove always-auth configuration handling by @​priyagupta108 in actions/setup-node#1436

Dependency updates:

• Upgrade @​actions/cache from 4.0.3 to 4.1.0 by @​dependabot[bot] in actions/setup-node#1384
• Upgrade actions/checkout from 5 to 6 by @​dependabot[bot] in actions/setup-node#1439
• Upgrade js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in actions/setup-node#1435

Documentation update:

• Add example for restore-only cache in documentation by @​aparnajyothi-y in actions/setup-node#1419

Full Changelog: actions/setup-node@v6...v6.1.0

Commits

• 395ad32 Bump js-yaml from 3.14.1 to 3.14.2 (#1435)
• a4d2e2b Bump actions/checkout from 5 to 6 (#1439)
• b9b25d4 Remove always-auth configuration handling from action (#1436)
• 633bb92 Bump @​actions/cache from 4.0.3 to 4.1.0 (#1384)
• dda4788 Add example for restore-only cache in documentation (#1419)
• See full diff in compare view

Updates peter-evans/create-pull-request from 7.0.9 to 8.0.0

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v8.0.0

What's new in v8

• Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

• chore: Update checkout action version to v6 by @​yonas in peter-evans/create-pull-request#4258
• Update actions/checkout references to @​v6 in docs by @​Copilot in peter-evans/create-pull-request#4259
• feat: v8 by @​peter-evans in peter-evans/create-pull-request#4260

New Contributors

• @​yonas made their first contribution in peter-evans/create-pull-request#4258
• @​Copilot made their first contribution in peter-evans/create-pull-request#4259

Full Changelog: peter-evans/create-pull-request@v7.0.11...v8.0.0

Create Pull Request v7.0.11

What's Changed

• fix: restrict remote prune to self-hosted runners by @​peter-evans in peter-evans/create-pull-request#4250

Full Changelog: peter-evans/create-pull-request@v7.0.10...v7.0.11

Create Pull Request v7.0.10

⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent.

What's Changed

• build(deps): bump the github-actions group with 2 updates by @​dependabot[bot] in peter-evans/create-pull-request#4235
• build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group by @​dependabot[bot] in peter-evans/create-pull-request#4240
• fix: provider list pulls fallback for multi fork same owner by @​peter-evans in peter-evans/create-pull-request#4245

New Contributors

• @​obnyis made their first contribution in peter-evans/create-pull-request#4064

Full Changelog: peter-evans/create-pull-request@v7.0.9...v7.0.10

Commits

• 98357b1 feat: v8 (#4260)
• 41c0e4b Update actions/checkout references to @​v6 in docs (#4259)
• 994332d chore: Update checkout action version to v6 (#4258)
• 22a9089 fix: restrict remote prune to self-hosted runners (#4250)
• d4f3be6 fix: provider list pulls fallback for multi fork same owner (#4245)
• bc8a47f build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group (#4240)
• a67ef28 build(deps): bump the github-actions group with 2 updates (#4235)
• See full diff in compare view

Updates sobelow/action from 1.1.0 to 1.2.0

Release notes

Sourced from sobelow/action's releases.

v1.2.0

What's Changed

• Update actions versions & other minor updates to docs by @​antedeguemon in sobelow/action#5

New Contributors

• @​antedeguemon made their first contribution in sobelow/action#5

Full Changelog: sobelow/action@v1.1.0...v1.2.0

Commits

• 4c2cc21 Merge pull request #5 from antedeguemon/updates-docs
• 55845e4 Update actions/checkout & actions/codeql versions
• 2b4132e Fix markdown formatting
• 6e2848d Update links to point to sobelow org
• See full diff in compare view

Updates rojopolis/spellcheck-github-actions from 0.55.0 to 0.56.0

Release notes

Sourced from rojopolis/spellcheck-github-actions's releases.

0.56.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.54.0 to 0.55.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#297
• Bump docker/metadata-action from 5.9.0 to 5.10.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#296
• Bump actions/checkout from 6.0.0 to 6.0.1 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#300
• Bump actions/upload-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#302
• Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#304
• Support for Portuguese by @​jonasbn in rojopolis/spellcheck-github-actions#305
• Update of Docker base image tp Python 3.14.2 by @​jonasbn in rojopolis/spellcheck-github-actions#306
• Preparing release 0.56.0, maintenance and feature release by @​jonasbn in rojopolis/spellcheck-github-actions#307

Full Changelog: rojopolis/spellcheck-github-actions@0.55.0...0.56.0

Changelog

Sourced from rojopolis/spellcheck-github-actions's changelog.

Change Log for spellcheck-github-actions

0.56.0, 2025-12-27, feature and maintenance release, update not required

• Support for Portuguese (Portugal and Brazil) for both Hunspell and Aspell, requested by: @​mdiazgoncalves via issue #298
• Docker image updated to Python 3.14.2 trixie slim Release notes for Python 3.14.2

0.55.0, 2025-11-27, maintenance release, update not required

• Via an issue #293 from @​shoverbj, an update to the core component PySpelling from version 2.12.0 to version 2.12.1 was made, this allows for use of large dictionaries with Aspell

0.54.0, 2025-11-05, feature release, update not required

• PySpelling the core component has been updated to version 2.12.0, which introduces support for maximum available cores. The feature is described in the release notes for PySpelling 2.12.0. See the documentation for PySpelling.

• The flag was introduced with release 2.10 of PySpelling, which was adopted in release 0.36.0 of this action.

0.53.0, 2025-10-25, maintenance release, update not required

• Docker image updated to Python 3.14.0 trixie slim Release notes for Python 3.14.0, this originated from the PR mentioned below, however updated to Trixie from Bookworm and as always the slim variant is used

• Bumped the requirement for cython to 3.0.11 or above, addressing a build issue with lxml, located when testing the PR : ...

  Description has been truncated

[dependabot]

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[Nick2bad4u]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud