feat(github-action)!: Update github/super-linter ( v6 → v7 ) (#17)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Ismo Vuorinen <ismo@ivuorinen.net>

.github/linters/.jscpd.json

@@ -0,0 +1,6 @@
+{
+  "threshold": 5,
+  "reporters": ["consoleFull"],
+  "ignore": ["**/__snapshots__/**", "**/node_modules/**"],
+  "absolute": true
+}

.github/renovate.json

@@ -1,4 +1,4 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["github>ivuorinen/.github:renovate-config"]
+  "extends": ["github>ivuorinen/renovate-config"]
 }

.github/renovate/autoMerge.json5

@@ -1,21 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "packageRules": [
-    {
-      "description": ["Auto-merge container digests updates for trusted containers"],
-      "matchDatasources": ["docker"],
-      "automerge": true,
-      "automergeType": "branch",
-      "matchUpdateTypes": ["digest"],
-      "matchPackagePatterns": ["ghcr.io/bjw-s", "ghcr.io/onedr0p"]
-    },
-    {
-      "description": ["Auto-merge GitHub Actions for minor and patch"],
-      "matchManagers": ["github-actions"],
-      "matchDatasources": ["github-tags"],
-      "automerge": true,
-      "automergeType": "branch",
-      "matchUpdateTypes": ["minor", "patch"]
-    }
-  ]
-}

.github/renovate/commitMessage.json5

@@ -1,16 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "commitMessageTopic": "{{depName}}",
-  "commitMessageExtra": "to {{newVersion}}",
-  "commitMessageSuffix": "",
-  "packageRules": [
-    {
-      "matchDatasources": ["helm"],
-      "commitMessageTopic": "chart {{depName}}"
-    },
-    {
-      "matchDatasources": ["docker"],
-      "commitMessageTopic": "image {{depName}}"
-    }
-  ]
-}

.github/renovate/labels.json5

@@ -1,49 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "packageRules": [
-    {
-      "matchUpdateTypes": ["major"],
-      "labels": ["type/major"]
-    },
-    {
-      "matchUpdateTypes": ["minor"],
-      "labels": ["type/minor"]
-    },
-    {
-      "matchUpdateTypes": ["patch"],
-      "labels": ["type/patch"]
-    },
-    {
-      "matchUpdateTypes": ["digest"],
-      "labels": ["type/digest"]
-    },
-    {
-      "matchDatasources": ["docker"],
-      "addLabels": ["renovate/container"]
-    },
-    {
-      "matchDatasources": ["helm"],
-      "addLabels": ["renovate/helm"]
-    },
-    {
-      "matchDatasources": ["galaxy", "galaxy-collection"],
-      "addLabels": ["renovate/ansible"]
-    },
-    {
-      "matchDatasources": ["terraform-provider"],
-      "addLabels": ["renovate/terraform"]
-    },
-    {
-      "matchDatasources": ["github-releases", "github-tags"],
-      "addLabels": ["renovate/github-release"]
-    },
-    {
-      "matchManagers": ["github-actions"],
-      "addLabels": ["renovate/github-action"]
-    },
-    {
-      "matchDatasources": ["pypi"],
-      "addLabels": ["renovate/pip"]
-    }
-  ]
-}

.github/renovate/semanticCommits.json5

@@ -1,151 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "packageRules": [
-    {
-      "matchDatasources": ["docker"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(container)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": " ( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["docker"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "container",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["docker"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "container",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["docker"],
-      "matchUpdateTypes": ["digest"],
-      "semanticCommitType": "chore",
-      "semanticCommitScope": "container",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentDigestShort}} → {{newDigestShort}} )"
-    },
-    {
-      "matchDatasources": ["helm"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(helm)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["helm"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "helm",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["helm"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "helm",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["galaxy", "galaxy-collection"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(ansible)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["galaxy", "galaxy-collection"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "ansible",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["galaxy", "galaxy-collection"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "ansible",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["terraform-provider"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(terraform)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["terraform-provider"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "terraform",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["terraform-provider"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "terraform",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["github-releases", "github-tags"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(github-release)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["github-releases", "github-tags"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "github-release",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchDatasources": ["github-releases", "github-tags"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "github-release",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchManagers": ["github-actions"],
-      "matchUpdateTypes": ["major"],
-      "commitMessagePrefix": "feat(github-action)!: ",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchManagers": ["github-actions"],
-      "matchUpdateTypes": ["minor"],
-      "semanticCommitType": "feat",
-      "semanticCommitScope": "github-action",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    },
-    {
-      "matchManagers": ["github-actions"],
-      "matchUpdateTypes": ["patch"],
-      "semanticCommitType": "fix",
-      "semanticCommitScope": "github-action",
-      "commitMessageTopic": "{{depName}}",
-      "commitMessageExtra": "( {{currentVersion}} → {{newVersion}} )"
-    }
-  ]
-}

.github/workflows/composer-install.yml

@@ -8,14 +8,16 @@ on:
       - "composer.json"
       - "composer.lock"
 
-permissions:
-  contents: write
-  statuses: write
+permissions: read-all
 
 jobs:
   ComposerInstall:
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: write
+      statuses: write
+
     strategy:
       matrix:
         operating-system: ["ubuntu-latest"]

.github/workflows/compress-images.yml

@@ -8,15 +8,19 @@ on:
   schedule:
     - cron: "00 23 * * 0"
 
-permissions:
-  contents: write
-  statuses: write
-  pull-requests: write
+permissions: read-all
 
 jobs:
   CompressOnDemandOrSchedule:
     name: calibreapp/image-actions
+
     runs-on: ubuntu-latest
+
+    permissions:
+      contents: write
+      statuses: write
+      pull-requests: write
+
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v4

.github/workflows/dependency-review.yml

@@ -12,12 +12,13 @@ name: "Dependency Review"
 
 on: [pull_request]
 
-permissions:
-  contents: read
+permissions: read-all
 
 jobs:
   dependency-review:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - name: "Checkout Repository"
         uses: actions/checkout@v4

.github/workflows/laravel-phpunit.yml

@@ -7,18 +7,20 @@ on:
   pull_request:
     branches: [main]
 
-permissions:
-  contents: write
-  statuses: write
+permissions: read-all
 
 jobs:
   laravel-tests:
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: write
+      statuses: write
+
     steps:
       - uses: shivammathur/setup-php@v2
         with:
-          php-version: "8.1"
+          php-version: "8.3"
 
       - uses: actions/checkout@v4
 

.github/workflows/pr-compress-images.yml

@@ -11,10 +11,7 @@ on:
       - "**.png"
       - "**.webp"
 
-permissions:
-  contents: write
-  statuses: write
-  pull-requests: write
+permissions: read-all
 
 jobs:
   CompressInPR:
@@ -22,6 +19,12 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     name: calibreapp/image-actions
     runs-on: ubuntu-latest
+
+    permissions:
+      contents: write
+      statuses: write
+      pull-requests: write
+
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v4

.github/workflows/pr-lint.yml

@@ -24,13 +24,7 @@ on:
   pull_request:
     branches: [master, main]
 
-############################################
-# Grant status permission for MULTI_STATUS #
-############################################
-permissions:
-  contents: read
-  packages: read
-  statuses: write
+permissions: read-all
 
 ###############
 # Set the Job #
@@ -42,6 +36,14 @@ jobs:
     # Set the agent to run on
     runs-on: ubuntu-latest
 
+    ############################################
+    # Grant status permission for MULTI_STATUS #
+    ############################################
+    permissions:
+      contents: read
+      packages: read
+      statuses: write
+
     ##################
     # Load all steps #
     ##################
@@ -60,9 +62,14 @@ jobs:
       # Run Linter against code base #
       ################################
       - name: Lint Code Base
-        uses: github/super-linter@v6
+        uses: github/super-linter@v7
         env:
           VALIDATE_ALL_CODEBASE: false
+          FIX_ANSIBLE: true
+          FIX_ENV: true
+          FIX_JSON: true
+          FIX_JSONC_PRETTIER: true
+          FIX_MARKDOWN: true
           # Change to 'master' if your main branch differs
           DEFAULT_BRANCH: ${{ env.MAIN_BRANCH }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release-drafter.yml

@@ -4,14 +4,15 @@ name: Release Drafter
 on:
   workflow_call:
 
-permissions:
-  contents: write
-  statuses: write
+permissions: read-all
 
 jobs:
   update_release_draft:
     name: ✏️ Draft release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      statuses: write
     steps:
       - name: 🚀 Run Release Drafter
         uses: release-drafter/release-drafter@v6.0.0

.github/workflows/release-monthly.yaml

@@ -7,13 +7,14 @@ on:
   schedule:
     - cron: "0 0 1 * *" # 1st of every month at midnight
 
-permissions:
-  contents: write
+permissions: read-all
 
 jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4

.github/workflows/reviewdog-linters.yml

@@ -3,15 +3,18 @@ name: Reviewdog Linters
 
 on: [push]
 
-permissions:
-  contents: read
-  packages: read
-  statuses: write
+permissions: read-all
 
 jobs:
   linters:
     name: Linters
     runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: read
+      statuses: write
+
     steps:
       - uses: actions/checkout@v4
 

.github/workflows/stale.yml

@@ -7,15 +7,18 @@ on:
   workflow_call:
   workflow_dispatch:
 
-permissions:
-  contents: write # only for delete-branch option
-  issues: write
-  pull-requests: write
+permissions: read-all
 
 jobs:
   stale:
     name: 🧹 Clean up stale issues and PRs
     runs-on: ubuntu-latest
+
+    permissions:
+      contents: write # only for delete-branch option
+      issues: write
+      pull-requests: write
+
     steps:
       - name: 🚀 Run stale
         uses: actions/stale@v9.0.0

.github/workflows/sync-labels-to-own-projects.yml

@@ -12,13 +12,14 @@ on:
   schedule:
     - cron: "0 0 * * *" # Every day at midnight
 
-permissions:
-  contents: write
-  statuses: write
+permissions: read-all
 
 jobs:
   sync-labels:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      statuses: write
     outputs:
       repos: ${{ steps.repos.outputs.REPOS }}
     steps:

.github/workflows/sync-labels.yml

@@ -13,13 +13,14 @@ on:
   workflow_call:
   workflow_dispatch:
 
-permissions:
-  issues: write
+permissions: read-all
 
 jobs:
   labels:
     name: ♻️ Sync labels
     runs-on: ubuntu-latest
+    permissions:
+      issues: write
     steps:
       - name: ⤵️ Download latest labels definitions
         run: |

.gitignore

@@ -0,0 +1 @@
+node_modules

.prettierignore

@@ -0,0 +1,3 @@
+# Ignore artifacts:
+build
+coverage

.prettierrc

@@ -0,0 +1 @@
+{}

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 Ismo Vuorinen
+Copyright (c) 2022-2024 Ismo Vuorinen
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -16,7 +16,7 @@ jobs:
   ReusableMatrixJobForComposerInstall:
     strategy:
       matrix:
-        target: ["8.0", "8.1", "8.2"]
+        target: ["8.0", "8.1", "8.2", "8.3"]
     uses: ivuorinen/.github/workflows/composer-install.yml@main
     with:
       php-versions: ${{ matrix.target }}
@@ -32,7 +32,7 @@ the following snippet as `.github/renovate.json`.
 ```json
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["github>ivuorinen/.github:renovate-config"]
+  "extends": ["github>ivuorinen/renovate-config"]
 }
 ```
 

package-lock.json

@@ -0,0 +1,32 @@
+{
+  "name": "@ivuorinen/dotgithub",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "@ivuorinen/dotgithub",
+      "version": "1.0.0",
+      "license": "MIT",
+      "devDependencies": {
+        "prettier": "^3.3.3"
+      }
+    },
+    "node_modules/prettier": {
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.3.tgz",
+      "integrity": "sha512-i2tDNA0O5IrMO757lfrdQZCc2jPNDVntV0m/+4whiDfWaTKfMNgR7Qz0NAeGz/nRqF4m5/6CLzbP4/liHt12Ew==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "prettier": "bin/prettier.cjs"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/prettier/prettier?sponsor=1"
+      }
+    }
+  }
+}

package.json

@@ -0,0 +1,14 @@
+{
+  "name": "@ivuorinen/dotgithub",
+  "version": "1.0.0",
+  "private": true,
+  "description": "My Shared GitHub Actions & Configurations.",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "Ismo Vuorinen <https://github.com/ivuorinen>",
+  "license": "MIT",
+  "devDependencies": {
+    "prettier": "^3.3.3"
+  }
+}

renovate-config.json

@@ -1,61 +1,5 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "description": "Renovate config for projects ivuorinen manages",
-  "extends": [
-    "config:recommended",
-    ":enableVulnerabilityAlerts",
-    ":labels(dependencies)",
-    ":maintainLockFilesWeekly",
-    ":preserveSemverRanges",
-    ":semanticCommits",
-    ":timezone(Europe/Helsinki)",
-    "github>ivuorinen/.github//.github/renovate/autoMerge.json5",
-    "github>ivuorinen/.github//.github/renovate/commitMessage.json5",
-    "github>ivuorinen/.github//.github/renovate/labels.json5",
-    "github>ivuorinen/.github//.github/renovate/semanticCommits.json5",
-    "docker:enableMajor",
-    "group:recommended",
-    "npm:unpublishSafe",
-    "replacements:all",
-    "schedule:nonOfficeHours",
-    "workarounds:all"
-  ],
-  "dependencyDashboardLabels": [
-    "no-stale"
-  ],
-  "lockFileMaintenance": {
-    "extends": [
-      "group:all"
-    ],
-    "commitMessageAction": "Update"
-  },
-  "packageRules": [
-    {
-      "matchPackagePatterns": [
-        "eslint"
-      ],
-      "groupName": "eslint"
-    }
-  ],
-  "digest": {
-    "enabled": false
-  },
-  "assigneesFromCodeOwners": true,
-  "configMigration": true,
-  "dependencyDashboardTitle": "Renovate Dashboard 🤖",
-  "ignorePaths": [
-    "**/*.sops.*",
-    "**/.archive/**"
-  ],
-  "separateMajorMinor": true,
-  "separateMinorPatch": false,
-  "separateMultipleMajor": true,
-  "suppressNotifications": [
-    "prEditedNotification",
-    "prIgnoreNotification"
-  ],
-  "vulnerabilityAlerts": {
-    "enabled": true
-  },
-  "commitBody": "Signed-off-by: {{{gitAuthor}}}"
+  "extends": ["github>ivuorinen/renovate-config"]
 }