build(deps): bump dagger.io/dagger from 0.18.19 to 0.19.0 in /cmd/firmware-action

[dependabot]

Bumps dagger.io/dagger from 0.18.19 to 0.19.0.

Changelog

Sourced from dagger.io/dagger's changelog.

sdk/go/v0.19.0 - 2025-09-30

This SDK uses 🚙 Engine + 🚗 CLI version v0.19.0. See what changed in that release.

🐹 https://pkg.go.dev/dagger.io/dagger@v0.19.0

Dependencies

• Bump Engine to v0.19.0 by @​matipan in dagger/dagger#11147

What to do next

• Read the documentation
• Join our Discord server
• Follow us on Twitter

Commits

• fd3ffa7 chore: prep for v0.19.0 (#11147)
• 4f056c1 chore: remove Container.build API (#11118)
• 20f8b35 Remove deprecated APIs for v0.19.0 (#11115)
• 967a956 Resolve git ls-remote once (#11032)
• abb94b4 fix: rename withDirectory's directory arg to source (#11050)
• d209ca0 EnvFile: better dotenv compatibility, more tests
• 7a6b0e6 chore: bump all possible things we can bump (#11104)
• 7e25471 LLM: MCP servers, contextual Env filesystem, better TUI (#10907)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	15		0	0	0.44s
✅ BASH	bash-exec	10		0	0	0.07s
✅ BASH	shellcheck	9		0	0	0.13s
✅ BASH	shfmt	9		0	0	0.0s
✅ DOCKERFILE	hadolint	5		0	0	0.37s
✅ EDITORCONFIG	editorconfig-checker	227		0	0	2.81s
✅ GO	revive	31		0	0	30.75s
✅ JSON	jsonlint	14		0	0	0.92s
✅ JSON	prettier	14		0	0	2.42s
✅ JSON	v8r	14		0	0	4.84s
✅ MARKDOWN	markdownlint	32		0	0	5.56s
✅ PYTHON	black	20		0	0	1.61s
✅ PYTHON	flake8	20		0	0	0.91s
✅ PYTHON	isort	20		0	0	0.26s
✅ PYTHON	mypy	20		0	0	8.81s
✅ PYTHON	pylint	20		0	0	10.56s
✅ PYTHON	pyright	20		0	0	0.93s
✅ PYTHON	ruff	20		0	0	0.03s
✅ REPOSITORY	gitleaks	yes		no	no	6.21s
✅ REPOSITORY	git_diff	yes		no	no	0.0s
✅ REPOSITORY	grype	yes		no	no	60.5s
✅ REPOSITORY	secretlint	yes		no	no	1.49s
✅ REPOSITORY	syft	yes		no	no	15.49s
✅ REPOSITORY	trivy	yes		no	no	13.31s
✅ REPOSITORY	trivy-sbom	yes		no	no	4.23s
✅ REPOSITORY	trufflehog	yes		no	no	8.18s
✅ SPELL	cspell	227		0	0	5.58s
⚠️ YAML	prettier	35		1	2	6.59s
✅ YAML	v8r	35		0	0	13.29s
✅ YAML	yamllint	35		0	0	4.73s

Detailed Issues

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/go-test.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.0.1 --custom-flavor-setup --custom-flavor-linters PYTHON_PYLINT,PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_MYPY,PYTHON_PYRIGHT,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,GO_REVIVE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.87%. Comparing base (883651c) to head (357832c).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #764   +/-   ##
=======================================
  Coverage   55.87%   55.87%           
=======================================
  Files          17       17           
  Lines        2801     2801           
=======================================
  Hits         1565     1565           
  Misses       1144     1144           
  Partials       92       92           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.