fix(github-action): update peter-evans/create-pull-request (v7.0.7 → v7.0.8) (#74 )

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
fix(github-action): update github/codeql-action (v3.28.10 → v3.28.11) (#73 )
2026-01-26 11:34:00 +00:00 · 2025-03-18 13:57:35 +02:00 · 2025-03-18 08:48:49 +00:00 · 2025-03-13 21:50:32 +02:00 · 2025-03-02 12:39:21 +02:00 · 2025-03-02 08:27:57 +00:00
6 changed files with 17 additions and 36 deletions
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,33 +1,20 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "github>ivuorinen/renovate-config"
-  ],
+  "extends": ["github>ivuorinen/renovate-config"],
  "packageRules": [
    {
-      "matchUpdateTypes": [
-        "minor",
-        "patch"
-      ],
+      "matchUpdateTypes": ["minor", "patch"],
      "matchCurrentVersion": "!/^0/",
      "automerge": true
    },
    {
-      "matchDepTypes": [
-        "devDependencies"
-      ],
+      "matchDepTypes": ["devDependencies"],
      "automerge": true
    }
  ],
-  "schedule": [
-    "before 4am on monday"
-  ],
+  "schedule": ["before 4am on monday"],
  "vulnerabilityAlerts": {
-    "labels": [
-      "security"
-    ],
-    "assignees": [
-      "ivuorinen"
-    ]
+    "labels": ["security"],
+    "assignees": ["ivuorinen"]
  }
 }
--- a/.github/workflows/action-security.yml
+++ b/.github/workflows/action-security.yml
@@ -117,14 +117,14 @@ jobs:

      - name: Upload Trivy results
        if: steps.verify-sarif.outputs.has_trivy == 'true'
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: 'trivy-results.sarif'
          category: 'trivy'

      - name: Upload Gitleaks results
        if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: 'gitleaks-report.sarif'
          category: 'gitleaks'
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,15 +32,15 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          languages: ${{ matrix.language }}
          queries: security-and-quality

      - name: Autobuild
-        uses: github/codeql-action/autobuild@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/autobuild@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -113,7 +113,7 @@ jobs:

      - name: Upload SARIF Report
        if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: megalinter-reports/sarif
          category: megalinter
@@ -133,7 +133,7 @@ jobs:
          env.APPLY_FIXES_MODE == 'pull_request' &&
          (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) &&
          !contains(github.event.head_commit.message, 'skip fix')
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
        id: cpr
        with:
          token: ${{ secrets.FIXIMUS_TOKEN || secrets.GITHUB_TOKEN }}
--- a/.github/workflows/security-suite.yml
+++ b/.github/workflows/security-suite.yml
@@ -87,7 +87,7 @@ jobs:
            --enableExperimental
            --failOnCVSS 7
      - name: Upload OWASP Results
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: reports/dependency-check-report.sarif
          category: owasp-dependency-check
@@ -119,7 +119,7 @@ jobs:
        with:
          args: --all-projects --sarif-file-output=snyk-results.sarif
      - name: Upload Snyk Results
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: snyk-results.sarif
          category: snyk
@@ -146,7 +146,7 @@ jobs:
          results_format: sarif
          publish_results: true
      - name: Upload Scorecard Results
-        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
+        uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
        with:
          sarif_file: scorecard-results.sarif
          category: scorecard
@@ -168,7 +168,7 @@ jobs:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Download scan results
-        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.0
+        uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
        with:
          path: ./results

--- a/php-composer/action.yml
+++ b/php-composer/action.yml
@@ -238,12 +238,6 @@ runs:
          exit 1
        fi

-        # Check for any PHP errors in vendor
-        find vendor -name "*.php" -type f -exec php -l {} \; > /dev/null
-
-        # Verify Composer installation
-        composer validate --no-check-all --strict
-
    - name: Generate Optimized Autoloader
      if: success()
      shell: bash
Author	SHA1	Message	Date
renovate[bot]	55f7471ea2	fix(github-action): update peter-evans/create-pull-request (v7.0.7 → v7.0.8) (#74 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-03-18 13:57:35 +02:00
renovate[bot]	e58379d592	fix(github-action): update github/codeql-action (v3.28.10 → v3.28.11) (#73 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-03-18 08:48:49 +00:00
Ismo Vuorinen	85811a09ab	fix(ci): remove extra checks from php-composer (#70 )	2025-03-13 21:50:32 +02:00
renovate[bot]	acba21a852	fix(github-action): update peter-evans/create-pull-request (v7.0.6 → v7.0.7) (#67 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-03-02 12:39:21 +02:00
renovate[bot]	9dd848978c	fix(github-action): update actions/download-artifact (v4.1.0 → v4.1.9) (#66 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-03-02 08:27:57 +00:00