chore(deps): update github/codeql-action action (v4.32.3 → v4.32.4)

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
chore(deps): update pre-commit hook davidanson/markdownlint-cli2 (v0.20.0 → v0.21.0) (#456 )
2026-02-23 15:50:55 +00:00 · 2026-02-23 00:42:03 +00:00 · 2026-02-17 23:20:07 +02:00 · 2026-02-17 19:15:21 +02:00 · 2026-02-17 19:13:47 +02:00 · 2026-02-17 19:13:25 +02:00
15 changed files with 22 additions and 22 deletions
--- a/.github/workflows/build-testing-image.yml
+++ b/.github/workflows/build-testing-image.yml
@@ -59,7 +59,7 @@ jobs:
            type=raw,value=${{ github.event.inputs.tag }},enable=${{ github.event.inputs.tag != '' }}

      - name: Build and push Docker image
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
        with:
          context: _tools/docker-testing-tools
          file: _tools/docker-testing-tools/Dockerfile
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -74,7 +74,7 @@ jobs:

      - name: Upload SARIF Report
        if: always() && hashFiles('megalinter-reports/sarif/*.sarif')
-        uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
        with:
          sarif_file: megalinter-reports/sarif
          category: megalinter
--- a/.github/workflows/test-actions.yml
+++ b/.github/workflows/test-actions.yml
@@ -73,7 +73,7 @@ jobs:
        if: always()

      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
        if: always() && hashFiles('_tests/reports/test-results.sarif') != ''
        with:
          sarif_file: _tests/reports/test-results.sarif
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -14,7 +14,7 @@ repos:
        types: [markdown, python, yaml]
        files: ^(docs/.*|README\.md|CONTRIBUTING\.md|CHANGELOG\.md|.*\.py|.*\.ya?ml)$
  - repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.10.0
+    rev: 0.10.3
    hooks:
      - id: uv-lock
      - id: uv-sync
@@ -44,7 +44,7 @@ repos:
        args: [--autofix, --no-sort-keys]

  - repo: https://github.com/DavidAnson/markdownlint-cli2
-    rev: v0.20.0
+    rev: v0.21.0
    hooks:
      - id: markdownlint-cli2
        args: [--fix]
@@ -55,7 +55,7 @@ repos:
      - id: yamllint

  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.15.0
+    rev: v0.15.1
    hooks:
      # Run the linter with auto-fix
      - id: ruff-check
@@ -78,13 +78,13 @@ repos:
        exclude: '^_tests/.*\.sh$'

  - repo: https://github.com/rhysd/actionlint
-    rev: v1.7.10
+    rev: v1.7.11
    hooks:
      - id: actionlint
        args: ['-shellcheck=']

  - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '3.2.500'
+    rev: '3.2.502'
    hooks:
      - id: checkov
        args:
--- a/ansible-lint-fix/action.yml
+++ b/ansible-lint-fix/action.yml
@@ -130,6 +130,6 @@ runs:

    - name: Upload SARIF Report
      if: steps.check-files.outputs.files_found == 'true'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: ansible-lint.sarif
--- a/biome-lint/action.yml
+++ b/biome-lint/action.yml
@@ -331,7 +331,7 @@ runs:

    - name: Upload SARIF Report
      if: inputs.mode == 'check' && always()
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: biome-report.sarif

--- a/codeql-analysis/action.yml
+++ b/codeql-analysis/action.yml
@@ -186,7 +186,7 @@ runs:
        echo "Using build mode: $build_mode"

    - name: Initialize CodeQL
-      uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        languages: ${{ inputs.language }}
        queries: ${{ inputs.queries }}
@@ -199,12 +199,12 @@ runs:
        threads: ${{ inputs.threads }}

    - name: Autobuild
-      uses: github/codeql-action/autobuild@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/autobuild@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      if: ${{ steps.set-build-mode.outputs.build-mode == 'autobuild' }}

    - name: Perform CodeQL Analysis
      id: analysis
-      uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        category: ${{ steps.set-category.outputs.category }}
        upload: ${{ inputs.upload-results }}
--- a/csharp-lint-check/action.yml
+++ b/csharp-lint-check/action.yml
@@ -206,6 +206,6 @@ runs:
        fi

    - name: Upload SARIF Report
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: dotnet-format.sarif
--- a/docker-build/action.yml
+++ b/docker-build/action.yml
@@ -536,7 +536,7 @@ runs:
    - name: Scan Image for Vulnerabilities
      id: scan
      if: inputs.scan-image == 'true' && inputs.dry-run != 'true'
-      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+      uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
      with:
        scan-type: 'image'
        image-ref: ${{ steps.image-name.outputs.name }}:${{ inputs.tag }}
--- a/docker-publish/action.yml
+++ b/docker-publish/action.yml
@@ -280,7 +280,7 @@ runs:

    - name: Build and Push Docker Image
      id: build
-      uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+      uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
      with:
        context: ${{ inputs.context }}
        file: ${{ inputs.dockerfile }}
--- a/eslint-lint/action.yml
+++ b/eslint-lint/action.yml
@@ -457,7 +457,7 @@ runs:

    - name: Upload SARIF Report
      if: inputs.mode == 'check' && inputs.report-format == 'sarif' && always()
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: ${{ inputs.working-directory }}/eslint-results.sarif

--- a/go-lint/action.yml
+++ b/go-lint/action.yml
@@ -414,7 +414,7 @@ runs:

    - name: Upload Lint Results
      if: always() && inputs.report-format == 'sarif'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/golangci-lint.sarif
        category: golangci-lint
--- a/python-lint-fix/action.yml
+++ b/python-lint-fix/action.yml
@@ -370,7 +370,7 @@ runs:

    - name: Upload SARIF Report
      if: steps.check-files.outputs.result == 'found'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: ${{ inputs.working-directory }}/reports/flake8.sarif
        category: 'python-lint'
--- a/security-scan/action.yml
+++ b/security-scan/action.yml
@@ -161,14 +161,14 @@ runs:

    - name: Upload Trivy results
      if: steps.verify-sarif.outputs.has_trivy == 'true'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: 'trivy-results.sarif'
        category: 'trivy'

    - name: Upload Gitleaks results
      if: steps.verify-sarif.outputs.has_gitleaks == 'true'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: 'gitleaks-report.sarif'
        category: 'gitleaks'
--- a/terraform-lint-fix/action.yml
+++ b/terraform-lint-fix/action.yml
@@ -256,7 +256,7 @@ runs:

    - name: Upload SARIF Report
      if: steps.check-files.outputs.found == 'true' && inputs.format == 'sarif'
-      uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+      uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
      with:
        sarif_file: ${{ env.VALIDATED_WORKING_DIR }}/reports/tflint.sarif
        category: terraform-lint
Author	SHA1	Message	Date
renovate[bot]	2bd39ce75f	chore(deps): update github/codeql-action action (v4.32.3 → v4.32.4) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-23 00:42:03 +00:00
renovate[bot]	309f4460ec	chore(deps): update pre-commit hook davidanson/markdownlint-cli2 (v0.20.0 → v0.21.0) (#456 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 23:20:07 +02:00
renovate[bot]	55897dfdeb	chore(deps): update pre-commit hook rhysd/actionlint (v1.7.10 → v1.7.11) (#455 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 19:15:21 +02:00
renovate[bot]	88a0b89d8d	chore(deps): update pre-commit hook astral-sh/ruff-pre-commit (v0.15.0 → v0.15.1) (#452 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 19:13:47 +02:00
renovate[bot]	0131cbfcf6	chore(deps): update docker/build-push-action action (v6.18.0 → v6.19.2) (#451 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 19:13:25 +02:00
renovate[bot]	f36f50e375	chore(deps): update aquasecurity/trivy-action action (0.33.1 → 0.34.0) (#450 ) * chore(deps): update pre-commit hook rhysd/actionlint (v1.7.10 → v1.7.11) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update aquasecurity/trivy-action action (0.33.1 → 0.34.0) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 19:11:17 +02:00
renovate[bot]	f0c398f47d	chore(deps): update pre-commit hook bridgecrewio/checkov (3.2.500 → 3.2.502) (#454 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 19:00:40 +02:00
renovate[bot]	1eb60955d1	chore(deps): update pre-commit hook astral-sh/uv-pre-commit (0.10.0 → 0.10.3) (#453 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-02-17 18:59:38 +02:00