feat(github-action): update actions/setup-node (v4.3.0 → v4.4.0) (#110 )

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
fix(github-action): update ivuorinen/actions (25.4.5 → 25.4.8) (#108 )
2026-01-26 18:39:13 +00:00 · 2025-04-15 13:32:57 +00:00 · 2025-04-14 09:54:19 +00:00 · 2025-04-14 04:25:52 +00:00 · 2025-04-08 03:26:26 +03:00 · 2025-04-07 11:04:42 +03:00
17 changed files with 126 additions and 30 deletions
--- a/.github/workflows/action-security.yml
+++ b/.github/workflows/action-security.yml
@@ -117,14 +117,14 @@ jobs:

      - name: Upload Trivy results
        if: steps.verify-sarif.outputs.has_trivy == 'true'
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: 'trivy-results.sarif'
          category: 'trivy'

      - name: Upload Gitleaks results
        if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: 'gitleaks-report.sarif'
          category: 'gitleaks'
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,15 +32,15 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          languages: ${{ matrix.language }}
          queries: security-and-quality

      - name: Autobuild
-        uses: github/codeql-action/autobuild@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -13,4 +13,4 @@ jobs:
      - name: 'Checkout Repository'
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
+        uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -113,7 +113,7 @@ jobs:

      - name: Upload SARIF Report
        if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: megalinter-reports/sarif
          category: megalinter
--- a/.github/workflows/security-suite.yml
+++ b/.github/workflows/security-suite.yml
@@ -87,7 +87,7 @@ jobs:
            --enableExperimental
            --failOnCVSS 7
      - name: Upload OWASP Results
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: reports/dependency-check-report.sarif
          category: owasp-dependency-check
@@ -107,7 +107,7 @@ jobs:

    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
        with:
          node-version: 'lts/*'
          cache: 'npm'
@@ -119,7 +119,7 @@ jobs:
        with:
          args: --all-projects --sarif-file-output=snyk-results.sarif
      - name: Upload Snyk Results
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: snyk-results.sarif
          category: snyk
@@ -146,7 +146,7 @@ jobs:
          results_format: sarif
          publish_results: true
      - name: Upload Scorecard Results
-        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          sarif_file: scorecard-results.sarif
          category: scorecard
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -29,12 +29,12 @@ repos:
        args: [-c, .markdownlint.json, --fix]

  - repo: https://github.com/adrienverge/yamllint
-    rev: v1.35.1
+    rev: v1.37.0
    hooks:
      - id: yamllint

  - repo: https://github.com/scop/pre-commit-shfmt
-    rev: v3.10.0-2
+    rev: v3.11.0-1
    hooks:
      - id: shfmt

@@ -51,12 +51,12 @@ repos:
        args: ['-shellcheck=']

  - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 39.156.0
+    rev: 39.227.2
    hooks:
      - id: renovate-config-validator

  - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '3.2.360'
+    rev: '3.2.400'
    hooks:
      - id: checkov
        args:
--- a/ansible-lint-fix/action.yml
+++ b/ansible-lint-fix/action.yml
@@ -47,6 +47,6 @@ runs:
        fi

    - name: Upload SARIF Report
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ansible-lint.sarif
--- a/biome-check/action.yml
+++ b/biome-check/action.yml
@@ -31,6 +31,6 @@ runs:
        biome check . --json > biome-report.json

    - name: Upload Biome Results
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: biome-report.json
--- a/csharp-lint-check/action.yml
+++ b/csharp-lint-check/action.yml
@@ -40,6 +40,6 @@ runs:
        fi

    - name: Upload SARIF Report
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: dotnet-format.sarif
--- a/eslint-check/action.yml
+++ b/eslint-check/action.yml
@@ -239,7 +239,7 @@ runs:

    - name: Upload ESLint Results
      if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/eslint.sarif
        category: eslint
--- a/go-lint/action.yml
+++ b/go-lint/action.yml
@@ -266,7 +266,7 @@ runs:

    - name: Upload Lint Results
      if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/golangci-lint.sarif
        category: golangci-lint
--- a/node-setup/action.yml
+++ b/node-setup/action.yml
@@ -161,7 +161,7 @@ runs:

    - name: Setup Node.js
      id: setup
-      uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
      with:
        node-version: ${{ steps.version.outputs.version }}
        registry-url: ${{ inputs.registry-url }}
--- a/pr-lint/action.yml
+++ b/pr-lint/action.yml
@@ -12,7 +12,9 @@ branding:
 runs:
  using: composite
  steps:
-    # Git Checkout
+    #   ╭──────────────────────────────────────────────────────────╮
+    #   │                       Git Checkout                       │
+    #   ╰──────────────────────────────────────────────────────────╯
    - name: Checkout Code
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
@@ -22,15 +24,108 @@ runs:
        # improve performance
        fetch-depth: 0

+    #   ╭──────────────────────────────────────────────────────────╮
+    #   │                 Setup Git configuration                  │
+    #   ╰──────────────────────────────────────────────────────────╯
    - name: Setup Git Config
      id: git-config
-      uses: ivuorinen/actions/set-git-config@main
+      uses: ivuorinen/actions/set-git-config@312c00f77fbd73948441c8b004607e098e40c97f # 25.4.8

-    # MegaLinter
+    #   ╭──────────────────────────────────────────────────────────╮
+    #   │               Install packages for linting               │
+    #   ╰──────────────────────────────────────────────────────────╯
+
+    # Node.js tests if package.json exists
+    - name: Detect package.json
+      id: detect-node
+      shell: bash
+      run: |
+        if [ -f package.json ]; then
+          echo "found=true" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Setup Node.js and run tests
+      if: steps.detect-node.outputs.found == 'true'
+      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      with:
+        cache: 'npm'
+
+    - name: Install Node.js dependencies
+      if: steps.detect-node.outputs.found == 'true'
+      shell: bash
+      run: npm ci
+
+    # PHP tests if composer.json exists
+    - name: Detect composer.json
+      id: detect-php
+      shell: bash
+      run: |
+        if [ -f composer.json ]; then
+          echo "found=true" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Setup PHP
+      if: steps.detect-php.outputs.found == 'true'
+      uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # master
+      with:
+        tools: composer
+        coverage: none
+      env:
+        GITHUB_TOKEN: ${{ github.token }}
+
+    - name: Setup problem matchers for PHP
+      if: steps.detect-php.outputs.found == 'true'
+      shell: bash
+      run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"
+
+    - name: Install PHP dependencies
+      if: steps.detect-php.outputs.found == 'true'
+      shell: bash
+      run: composer install --no-progress --prefer-dist --no-interaction
+
+    # Python tests if requirements.txt exists
+    - name: Detect requirements.txt
+      id: detect-python
+      shell: bash
+      run: |
+        if [ -f requirements.txt ]; then
+          echo "found=true" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Setup Python
+      if: steps.detect-python.outputs.found == 'true'
+      uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
+      with:
+        cache: 'pip'
+
+    - name: Install Python dependencies
+      if: steps.detect-python.outputs.found == 'true'
+      shell: bash
+      run: pip install -r requirements.txt
+
+    # Go tests if go.mod exists
+    - name: Detect go.mod
+      id: detect-go
+      shell: bash
+      run: |
+        if [ -f go.mod ]; then
+          echo "found=true" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Setup Go
+      if: steps.detect-go.outputs.found == 'true'
+      uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
+      with:
+        go-version-file: 'go.mod'
+        cache: true
+
+    #   ╭──────────────────────────────────────────────────────────╮
+    #   │                        MegaLinter                        │
+    #   ╰──────────────────────────────────────────────────────────╯
    - name: MegaLinter
      # You can override MegaLinter flavor used to have faster performances
      # More info at https://megalinter.io/latest/flavors/
-      uses: oxsecurity/megalinter@146333030da68e2e58c6ff826633824fabe01eaf # v8.5.0
+      uses: oxsecurity/megalinter/flavors/cupcake@146333030da68e2e58c6ff826633824fabe01eaf # v8.5.0
      id: ml

      # All available variables are described in documentation
--- a/prettier-check/action.yml
+++ b/prettier-check/action.yml
@@ -305,7 +305,7 @@ runs:

    - name: Upload Prettier Results
      if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/prettier.sarif
        category: prettier
--- a/python-lint-fix/action.yml
+++ b/python-lint-fix/action.yml
@@ -213,7 +213,7 @@ runs:

    - name: Upload SARIF Report
      if: steps.check-files.outputs.result == 'found'
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/flake8.sarif
        category: 'python-lint'
--- a/run.sh
+++ b/run.sh
@@ -78,7 +78,8 @@ find . -mindepth 1 -maxdepth 1 -type d | while read -r dir; do
      echo "- ⏩ Skipping $dir - action.yml missing"
    fi
  ) || {
-    echo "- ⚠️ Warning: Error processing directory $dir" | tee -a "$log_file"
+    echo "- ⚠️ Warning: Error processing directory $dir" |
+      tee -a "$log_file"
  }
  echo ""
 done
@@ -106,7 +107,7 @@ fi
 echo ""

 echo "🔎 Running MegaLinter..."
-if ! npx --yes mega-linter-runner; then
+if ! npx --yes mega-linter-runner --flavor cupcake --fix --remove-container --container-name cupcake; then
  echo "- ⚠️ Warning: MegaLinter found issues" | tee -a "$log_file"
 fi
 echo ""
--- a/terraform-lint-fix/action.yml
+++ b/terraform-lint-fix/action.yml
@@ -225,7 +225,7 @@ runs:

    - name: Upload SARIF Report
      if: steps.check-files.outputs.found == 'true' && inputs.format == 'sarif'
-      uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
+      uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/tflint.sarif
        category: terraform-lint
Author	SHA1	Message	Date
renovate[bot]	359f34ac20	feat(github-action): update actions/setup-node (v4.3.0 → v4.4.0) (#110 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-15 13:32:57 +00:00
renovate[bot]	aa4c2076c6	fix(github-action): update ivuorinen/actions (25.4.5 → 25.4.8) (#108 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-14 09:54:19 +00:00
renovate[bot]	d513dde74c	fix(github-action): update github/codeql-action (v3.28.13 → v3.28.15) (#107 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-14 04:25:52 +00:00
Ismo Vuorinen	312c00f77f	feat(pr-lint): switch to cupcake megalinter (#105 )	2025-04-08 03:26:26 +03:00
Ismo Vuorinen	f845a14b12	fix(pr-lint): add missing shell definitions (#103 )	2025-04-07 11:04:42 +03:00
renovate[bot]	9870d3ee6c	feat(github-action): update ivuorinen/actions (25.3.25 → 25.4.5) (#102 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-07 05:20:10 +00:00
renovate[bot]	8619a7832f	feat(github-action): update actions/dependency-review-action (v4.5.0 → v4.6.0) (#100 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-04-07 01:38:22 +03:00
Ismo Vuorinen	730304e293	feat(pr-lint): Update pr-lint/action.yml: Add multi-env detection, update Git config (#98 )	2025-04-05 14:43:49 +03:00