deps: Bump the all group across 1 directory with 10 updates

[dependabot]

Bumps the all group with 10 updates in the / directory:

Package	From	To
step-security/harden-runner	2.13.1	2.15.0
KineticCafe/actions-dco	2.0.0	2.1.1
actions/dependency-review-action	4.8.1	4.8.3
erlef/setup-beam	1.20.4	1.21.0
actions/setup-node	6.0.0	6.2.0
ruby/setup-ruby	1.267.0	1.288.0
reviewdog/action-actionlint	1.68.0	1.71.0
reviewdog/action-setup	1.4.0	1.5.0
mongolyy/reviewdog-action-biome	2.5.0	2.9.0
zizmorcore/zizmor-action	0.2.0	0.5.0

Updates step-security/harden-runner from 2.13.1 to 2.15.0

Release notes

Sourced from step-security/harden-runner's releases.

v2.15.0

What's Changed

Windows and macOS runner support

We are excited to announce that Harden Runner now supports Windows and macOS runners, extending runtime security beyond Linux for the first time.

Insights for Windows and macOS runners will be displayed in the same consistent format you are already familiar with from Linux runners, giving you a unified view of runtime activity across all platforms.

Full Changelog: step-security/harden-runner@v2.14.2...v2.15.0

v2.14.2

What's Changed

Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.

Full Changelog: step-security/harden-runner@v2.14.1...v2.14.2

v2.14.1

What's Changed

1. In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.

2. Fixed npm audit vulnerabilities

Full Changelog: step-security/harden-runner@v2.14.0...v2.14.1

v2.14.0

What's Changed

• Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.
• Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.

Full Changelog: step-security/harden-runner@v2.13.3...v2.14.0

v2.13.3

What's Changed

• Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

v2.13.2

What's Changed

• Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
• Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

Commits

• a90bcbc Update readme (#637)
• f0a59d8 Release v2.15.0 (#639)
• 5ef0c07 Merge pull request #635 from step-security/rc-34
• eb43c7b update agent
• e3f713f Merge pull request #631 from step-security/rc-31
• 423acdd chore: fix npm audit vulnerabilities
• 0ddb86c update agent
• 20cf305 Merge pull request #622 from step-security/feature/custom-property-skip
• c51e8ee feat: skip agent install and post step on subsequent runs for GitHub-hosted r...
• e152b90 feat: skip harden-runner based on repository custom property
• Additional commits viewable in compare view

Updates KineticCafe/actions-dco from 2.0.0 to 2.1.1

Release notes

Sourced from KineticCafe/actions-dco's releases.

v2.1.1

What's Changed

• deps: bump actions/checkout from 5.0.0 to 6.0.0 by @​dependabot[bot] in KineticCafe/actions-dco#197
• deps: bump actions/setup-node from 6.0.0 to 6.1.0 in the actions group across 1 directory by @​dependabot[bot] in KineticCafe/actions-dco#200

Full Changelog: KineticCafe/actions-dco@v2.1.0...v2.1.1

v2.1.0

What's Changed

• deps: Bump pnpm/action-setup from 4.1.0 to 4.2.0 in the actions group by @​dependabot[bot] in KineticCafe/actions-dco#189
• deps: bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in KineticCafe/actions-dco#192
• deps: bump actions/setup-node from 5.0.0 to 6.0.0 by @​dependabot[bot] in KineticCafe/actions-dco#190
• deps: bump the bundler group with 2 updates by @​dependabot[bot] in KineticCafe/actions-dco#191
• deps: bump js-yaml from 4.1.0 to 4.1.1 by @​dependabot[bot] in KineticCafe/actions-dco#193
• fix: Escape the reason in the summary table by @​halostatue in KineticCafe/actions-dco#199

Full Changelog: KineticCafe/actions-dco@v2.0.0...v2.1.0

Changelog

Sourced from KineticCafe/actions-dco's changelog.

KineticCafe/actions-dco Changelog

2.1.0 / 2025-12-17

• Upgraded dependencies.

• Added a possible workaround to #198[issue-198].

2.0.0 / 2025-10-17

• Upgraded dependencies and set runtime as Node v24.

1.3.8 / 2025-09-07

• Upgrade dependencies.

1.3.7 / 2025-08-23

• Bump version number as it was forgotten for 1.3.6.

1.3.6 / 2025-08-17

• Upgrade dependencies.

• Added debug logs to try to debug #169[issue-169].

• Change gitSignoffs to use String.prototype.matchAll() instead of Regexp.prototype.exec(), and to use named capture groups. While I don't expect this to fix #169[issue-169] based on the example data provided, it should result in improved pattern matching across multiple commits.

1.3.5 / 2025-08-01

• Upgrade dependencies.

1.3.4 / 2025-03-01

• Upgrade dependencies.

1.3.3 / 2025-02-18

• Upgrade dependencies, resolving a potential security issue.

1.3.2 / 2024-12-01

• Upgrade dependencies.

1.3.1 / 2024-11-01

• Upgrade dependencies.

... (truncated)

Commits

• 6e1652e chore: Update dependencies
• cd037df deps: bump actions/setup-node in the actions group across 1 directory
• 07b1ace chore: Update dist to try to fix a token issue
• b256b18 deps: bump actions/checkout from 5.0.0 to 6.0.0
• 76b7fc3 fix: Escape the reason in the summary table
• bc076f2 deps: Update dist/ after dependabot update
• 3899b64 deps: Add autofix capability to Dependabot PRs
• dc1cf81 deps: bump js-yaml from 4.1.0 to 4.1.1
• 28c71a1 deps: bump the bundler group with 2 updates
• 7fc90a9 deps: bump actions/setup-node from 5.0.0 to 6.0.0
• Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.8.1 to 4.8.3

Release notes

Sourced from actions/dependency-review-action's releases.

4.8.3

Dependency Review Action v4.8.3

This is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.

We have also updated the release process to use a long-lived v4 branch for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.

What's Changed

• GitHub Actions can't push to our protected main by @​dangoor in actions/dependency-review-action#1017
• Bump actions/stale from 9.1.0 to 10.1.0 by @​dependabot[bot] in actions/dependency-review-action#995
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in actions/dependency-review-action#1003
• Bump actions/setup-node from 4 to 6 by @​dependabot[bot] in actions/dependency-review-action#1005
• Upgrade glob to address a vulnerability by @​brrygrdn in actions/dependency-review-action#1024
• Bump js-yaml by @​dependabot[bot] in actions/dependency-review-action#1020
• Addressing vulnerabilities by @​Ahmed3lmallah in actions/dependency-review-action#1036
• Bump fast-xml-parser from 5.3.3 to 5.3.5 by @​dependabot[bot] in actions/dependency-review-action#1050
• Bump fast-xml-parser from 5.3.5 to 5.3.6 by @​dependabot[bot] in actions/dependency-review-action#1053
• Properly truncate long summaries and catch errors by @​juxtin in actions/dependency-review-action#1052
• Bump spdx-expression-parse from 3.0.1 to 4.0.0 in the spdx-licenses group across 1 directory by @​dependabot[bot] in actions/dependency-review-action#931
• Changes for Release 4.8.3 by @​ahpook in actions/dependency-review-action#1054

Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3

v4.8.2

Minor fixes:

• Fix PURL parsing for scoped packages (#1008 from @​danielhardej)
• Fix for large summaries (#1007 from @​gitulisca)
• README includes a working example for allow-dependencies-licenses (#1009 from @​danielhardej)

Commits

• 05fe457 Merge pull request #1054 from actions/ahpook/release-4.8.3
• 3a8496c Update generated package files for v4.8.3
• 0f22a01 Update CONTRIBUTING for new release process
• 58be343 Updating package versions for 4.8.3
• 9284e0c Merge pull request #931 from actions/dependabot/npm_and_yarn/spdx-licenses-20...
• 8b76656 Bump spdx-expression-parse in the spdx-licenses group across 1 directory
• 43f5f02 Merge pull request #1052 from actions/juxtin/fix-long-summaries
• f0033fc Merge pull request #1053 from actions/dependabot/npm_and_yarn/fast-xml-parser...
• b379e2e Bump fast-xml-parser from 5.3.5 to 5.3.6
• 2e1cf54 Properly truncate long summaries and catch errors
• Additional commits viewable in compare view

Updates erlef/setup-beam from 1.20.4 to 1.21.0

Release notes

Sourced from erlef/setup-beam's releases.

v1.21.0

What's Changed

• Bump eslint from 9.30.1 to 9.31.0 by @​dependabot[bot] in erlef/setup-beam#365
• Bump csv-parse from 5.6.0 to 6.0.0 by @​dependabot[bot] in erlef/setup-beam#364
• Bump @​eslint/js from 9.30.1 to 9.31.0 by @​dependabot[bot] in erlef/setup-beam#363
• Bump csv-parse from 6.0.0 to 6.1.0 by @​dependabot[bot] in erlef/setup-beam#366
• Allow for Windows'25 container by @​essen in erlef/setup-beam#388
• Bump raven-actions/actionlint from 2.0.1 to 2.1.0 by @​dependabot[bot] in erlef/setup-beam#401
• Bump actions/setup-node from 4.4.0 to 6.1.0 by @​dependabot[bot] in erlef/setup-beam#400
• Bump js-yaml from 4.1.0 to 4.1.1 in the npm_and_yarn group across 1 directory by @​dependabot[bot] in erlef/setup-beam#396
• Bump eslint from 9.31.0 to 9.38.0 by @​dependabot[bot] in erlef/setup-beam#394
• Bump shellcheck from 3.1.0 to 4.1.0 by @​dependabot[bot] in erlef/setup-beam#376
• Bump globals from 16.3.0 to 16.4.0 by @​dependabot[bot] in erlef/setup-beam#383
• Bump @​vercel/ncc from 0.38.3 to 0.38.4 by @​dependabot[bot] in erlef/setup-beam#387
• Improve output (around "Requested ... version") when we know input by @​paulo-ferraz-oliveira in erlef/setup-beam#368
• Bump actions/checkout from 4.2.2 to 6.0.1 by @​dependabot[bot] in erlef/setup-beam#399
• Bump the npm_and_yarn group across 1 directory with 2 updates by @​dependabot[bot] in erlef/setup-beam#403
• Bump @​eslint/js from 9.31.0 to 9.38.0 by @​dependabot[bot] in erlef/setup-beam#393

New Contributors

• @​essen made their first contribution in erlef/setup-beam#388

Full Changelog: erlef/setup-beam@v1...v1.21.0

Commits

• 3580539 Automation: update setup-beam version output to fe5485f
• fe5485f Bump @​eslint/js from 9.31.0 to 9.38.0 (#393)
• 98de8ff Automation: update setup-beam version output to 6c5fe27
• 6c5fe27 Bump the npm_and_yarn group across 1 directory with 2 updates (#403)
• 36214a4 Automation: update setup-beam version output to 972bec8
• 972bec8 Bump actions/checkout from 4.2.2 to 6.0.1 (#399)
• 10e9985 Automation: update setup-beam version output to 542d9a8
• 542d9a8 Improve output (around "Requested ... version") when we know input (#368)
• b764149 Automation: update setup-beam version output to cba803d
• cba803d Bump @​vercel/ncc from 0.38.3 to 0.38.4 (#387)
• Additional commits viewable in compare view

Updates actions/setup-node from 6.0.0 to 6.2.0

Release notes

Sourced from actions/setup-node's releases.

v6.2.0

What's Changed

Documentation

• Documentation update related to absence of Lockfile by @​mahabaleshwars in actions/setup-node#1454
• Correct mirror option typos by @​MikeMcC399 in actions/setup-node#1442
• Readme update on checkout version v6 by @​deining in actions/setup-node#1446
• Readme typo fixes @​munyari in actions/setup-node#1226
• Advanced document update on checkout version v6 by @​aparnajyothi-y in actions/setup-node#1468

Dependency updates:

• Upgrade @​actions/cache to v5.0.1 by @​salmanmkc in actions/setup-node#1449

New Contributors

• @​mahabaleshwars made their first contribution in actions/setup-node#1454
• @​MikeMcC399 made their first contribution in actions/setup-node#1442
• @​deining made their first contribution in actions/setup-node#1446
• @​munyari made their first contribution in actions/setup-node#1226

Full Changelog: actions/setup-node@v6...v6.2.0

v6.1.0

What's Changed

Enhancement:

• Remove always-auth configuration handling by @​priyagupta108 in actions/setup-node#1436

Dependency updates:

• Upgrade @​actions/cache from 4.0.3 to 4.1.0 by @​dependabot[bot] in actions/setup-node#1384
• Upgrade actions/checkout from 5 to 6 by @​dependabot[bot] in actions/setup-node#1439
• Upgrade js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in actions/setup-node#1435

Documentation update:

• Add example for restore-only cache in documentation by @​aparnajyothi-y in actions/setup-node#1419

Full Changelog: actions/setup-node@v6...v6.1.0

Commits

• 6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
• 8e49463 Fix README typo (#1226)
• 621ac41 README.md: bump to latest released checkout version v6 (#1446)
• 2951748 Bump @​actions/cache to v5.0.1 (#1449)
• 21ddc7b Correct mirror option typos (#1442)
• 65d868f Update Documentation for Lockfile (#1454)
• 395ad32 Bump js-yaml from 3.14.1 to 3.14.2 (#1435)
• a4d2e2b Bump actions/checkout from 5 to 6 (#1439)
• b9b25d4 Remove always-auth configuration handling from action (#1436)
• 633bb92 Bump @​actions/cache from 4.0.3 to 4.1.0 (#1384)
• Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.267.0 to 1.288.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.288.0

What's Changed

• Move check-new-windows-versions.yml workflow from ruby/ruby-builder to ruby/setup-ruby by @​eregon in ruby/setup-ruby#870
• Add jruby-10.0.3.0 by @​ruby-builder-bot in ruby/setup-ruby#875

Full Changelog: ruby/setup-ruby@v1.287.0...v1.288.0

v1.287.0

What's Changed

• Improve the mise.toml parser to conform to the TOML specification by @​pan93412 in ruby/setup-ruby#868

New Contributors

• @​pan93412 made their first contribution in ruby/setup-ruby#868

Full Changelog: ruby/setup-ruby@v1.286.0...v1.287.0

v1.286.0

What's Changed

• Add truffleruby-33.0.1,truffleruby+graalvm-33.0.1 by @​ruby-builder-bot in ruby/setup-ruby#864

Full Changelog: ruby/setup-ruby@v1.285.0...v1.286.0

v1.285.0

What's Changed

• Convert to String earlier in generate-windows-versions.rb by @​eregon in ruby/setup-ruby#862
• Update all dependencies to latest by @​eregon in ruby/setup-ruby#863

Full Changelog: ruby/setup-ruby@v1.284.0...v1.285.0

v1.284.0

What's Changed

• Fix compatibility to ruby-3.2 by @​larskanis in ruby/setup-ruby#861

Full Changelog: ruby/setup-ruby@v1.283.0...v1.284.0

v1.283.0

What's Changed

• Add restriction and validation for download urls by @​ntkme in ruby/setup-ruby#856
• Add ruby-3.2.10 by @​ruby-builder-bot in ruby/setup-ruby#860

Full Changelog: ruby/setup-ruby@v1.282.0...v1.283.0

v1.282.0

What's Changed

• Add ruby-4.0.1 by @​ruby-builder-bot in ruby/setup-ruby#859

... (truncated)

Commits

• 09a7688 Add jruby-10.0.3.0
• 67178a2 Improve the automated PR description
• ede5b72 Shorten workflow name
• aaddd68 new-versions.rb is no longer used for RubyInstaller releases
• c7aa9f4 Move check-new-windows-versions.yml workflow from ruby/ruby-builder to ruby/s...
• 8d27f39 Improve the mise.toml parser to conform to the TOML specification
• 90be115 Add truffleruby-33.0.1,truffleruby+graalvm-33.0.1
• e69dcf3 Update all dependencies to latest
• 9f55308 Convert to String earlier in generate-windows-versions.rb
• 80740b3 Add new RubyInstaller releases 4.0.1-1 and 3.2.10-1
• Additional commits viewable in compare view

Updates reviewdog/action-actionlint from 1.68.0 to 1.71.0

Release notes

Sourced from reviewdog/action-actionlint's releases.

Release v1.71.0

v1.71.0: PR #193 - chore(deps): update actionlint to 1.7.11

Release v1.70.0

v1.70.0: PR #191 - chore(deps): update actionlint to 1.7.10

Release v1.69.1

v1.69.1: PR #185 - feat: update action.yml

Release v1.69.0

v1.69.0: PR #183 - chore(deps): update actionlint to 1.7.9

Commits

• 0d952c5 bump v1.71.0
• e9dfe1d Merge branch 'main' into releases/v1
• 2a3d15f Merge pull request #193 from reviewdog/depup/actionlint
• e5de731 chore(deps): update actionlint to 1.7.11
• e58ee9d bump v1.70.0
• 1d73978 Merge branch 'main' into releases/v1
• f4bb4d5 Merge pull request #191 from reviewdog/depup/actionlint
• 1c29cc9 chore(deps): update actionlint to 1.7.10
• 83e4ed2 bump v1.69.1
• 651f708 Merge branch 'main' into releases/v1
• Additional commits viewable in compare view

Updates reviewdog/action-setup from 1.4.0 to 1.5.0

Release notes

Sourced from reviewdog/action-setup's releases.

Release v1.5.0

What's Changed

• update hash in README by @​haya14busa in reviewdog/action-setup#72
• feat: Add GitHub Actions workflow permissions and signed commits by @​haya14busa in reviewdog/action-setup#63
• chore(deps): update actions/checkout action to v5 - autoclosed by @​renovate[bot] in reviewdog/action-setup#70
• chore(deps): update haya14busa/action-update-semver action to v1.5.1 by @​renovate[bot] in reviewdog/action-setup#65
• chore(deps): update actions/checkout action to v5.0.1 by @​renovate[bot] in reviewdog/action-setup#76
• chore(deps): update haya14busa/action-bumpr action to v1.11.4 by @​renovate[bot] in reviewdog/action-setup#64
• chore(deps): update reviewdog/action-actionlint action to v1.68.0 by @​renovate[bot] in reviewdog/action-setup#67
• chore(deps): update reviewdog/action-shellcheck action to v1.32.0 by @​renovate[bot] in reviewdog/action-setup#68
• chore(deps): update chainguard-dev/actions digest to 4aa3402 - autoclosed by @​renovate[bot] in reviewdog/action-setup#73
• chore(deps): update reviewdog/action-misspell action to v1.27.0 by @​renovate[bot] in reviewdog/action-setup#75
• chore(deps): update reviewdog to 0.21.0 by @​github-actions[bot] in reviewdog/action-setup#74

Full Changelog: reviewdog/action-setup@v1.4.0...v1.5.0

Commits

• d8a7baa Merge pull request #74 from reviewdog/depup/reviewdog
• b041f0d Merge pull request #75 from reviewdog/renovate/reviewdog-action-misspell-1.x
• 05dc1a3 Merge pull request #73 from reviewdog/renovate/chainguard-dev-actions-digest
• f2ffb34 Merge pull request #68 from reviewdog/renovate/reviewdog-action-shellcheck-1.x
• 28695c5 Merge pull request #67 from reviewdog/renovate/reviewdog-action-actionlint-1.x
• 65d14e0 chore(deps): update reviewdog/action-misspell action to v1.27.0
• f3a4e22 Merge pull request #64 from reviewdog/renovate/haya14busa-action-bumpr-1.x
• f257542 chore(deps): update reviewdog/action-actionlint action to v1.68.0
• 78083cb chore(deps): update chainguard-dev/actions digest to 4aa3402
• 0eb086b Merge pull request #76 from reviewdog/renovate/actions-checkout-5.x
• Additional commits viewable in compare view

Updates mongolyy/reviewdog-action-biome from 2.5.0 to 2.9.0

Release notes

Sourced from mongolyy/reviewdog-action-biome's releases.

Release v2.9.0

v2.9.0: PR #137 - chore(deps): update reviewdog/action-actionlint action to v1.70.0

Release v2.8.1

What's Changed

• fix(ci): add persist-credentials: false to fix duplicate Authorization header by @​mongolyy in mongolyy/reviewdog-action-biome#133
• chore(deps): update dependency @​biomejs/biome to v2.3.12 by @​renovate[bot] in mongolyy/reviewdog-action-biome#135
• chore(deps): update actions/checkout action to v6.0.2 by @​renovate[bot] in mongolyy/reviewdog-action-biome#134

Full Changelog: mongolyy/reviewdog-action-biome@v2.8.0...v2.8.1

Release v2.8.0

What's Changed

• chore(deps): update dependency @​biomejs/biome to v2.3.11 by @​renovate[bot] in mongolyy/reviewdog-action-biome#131
• chore(deps): update biomejs/setup-biome action to v2.7.0 by @​renovate[bot] in mongolyy/reviewdog-action-biome#132

Full Changelog: mongolyy/reviewdog-action-biome@v2.7...v2.8.0

Release v2.7.1

What's Changed

• chore(deps): update dependency @​biomejs/biome to v2.3.8 by @​renovate[bot] in mongolyy/reviewdog-action-biome#128
• chore(deps): update reviewdog/action-actionlint action to v1.69.1 by @​renovate[bot] in mongolyy/reviewdog-action-biome#129
• chore(deps): update actions/checkout action to v6.0.1 by @​renovate[bot] in mongolyy/reviewdog-action-biome#130

Full Changelog: mongolyy/reviewdog-action-biome@v2.7.0...v2.7.1

Release v2.7.0

What's Changed

• chore(deps): update actions/checkout action to v6 by @​renovate[bot] in mongolyy/reviewdog-action-biome#126

Full Changelog: mongolyy/reviewdog-action-biome@v2.6...v2.7.0

Release v2.6.0

What's Changed

• chore(deps): update dependency @​biomejs/biome to v2.2.6 by @​renovate[bot] in mongolyy/reviewdog-action-biome#120
• chore(deps): update reviewdog/action-actionlint action to v1.68.0 by @​renovate[bot] in mongolyy/reviewdog-action-biome#121
• chore(deps): update dependency @​biomejs/biome to v2.3.7 by @​renovate[bot] in mongolyy/reviewdog-action-biome#122
• chore(deps): update reviewdog/action-misspell action to v1.27.0 by @​renovate[bot] in mongolyy/reviewdog-action-biome#123
• chore(deps): update reviewdog/action-setup action to v1.5.0 by @​renovate[bot] in mongolyy/reviewdog-action-biome#125
• chore(deps): update reviewdog/action-actionlint action to v1.69.0 by @​renovate[bot] in mongolyy/reviewdog-action-biome#127
• chore(deps): update actions/checkout action to v5.0.1 by @​renovate[bot] in mongolyy/reviewdog-action-biome#124

Full Changelog: mongolyy/reviewdog-action-biome@v2.5...v2.6.0

Commits

• eaba62a Merge pull request #137 from mongolyy/renovate/reviewdog-action-actionlint-1.x
• 929de18 chore(deps): update reviewdog/action-actionlint action to v1.70.0
• aabb3e0 Merge pull request #138 from mongolyy/renovate/biomejs-biome-2.x-lockfile
• 0e93cdd chore(deps): update dependency @​biomejs/biome to v2.3.14
• 12328ad Merge pull request #136 from mongolyy/renovate/biomejs-biome-2.x-lockfile
• f6c6e43 chore(deps): update dependency @​biomejs/biome to v2.3.13
• cf9206b Merge pull request #134 from mongolyy/renovate/actions-checkout-6.x
• a515792 chore(deps): update actions/checkout action to v6.0.2
• 4861947 Merge pull request #135 from mongolyy/renovate/biomejs-biome-2.x-lockfile
• 86f64fc chore(deps): update dependency @​biomejs/biome to v2.3.12
• Additional commits viewable in compare view

Updates zizmorcore/zizmor-action from 0.2.0 to 0.5.0

Release notes

Sourced from zizmorcore/zizmor-action's releases.

v0.5.0

What's Changed

• Expose output-file as an output when advanced-security: true by @​unlobito in zizmorcore/zizmor-action#87

New Contributors

• @​unlobito made their first contribution in zizmorcore/zizmor-action#87

Full Changelog: zizmorcore/zizmor-action@v0.4.1...v0.5.0

v0.4.1

This version fixes an error in the 0.4.0 release that prevented non-relative use of the action.

What's Changed

• Fix version file path by @​woodruffw in zizmorcore/zizmor-action#83

Full Changelog: zizmorcore/zizmor-action@v0.4.0...v0.4.1

v0.4.0

This new version of zizmor-action brings two major changes:

• The new fail-on-no-inputs option can be used to control whether zizmor-action fails if no inputs were collected by zizmor. The default remains true, reflecting the pre-existing behavior.

• The action's use of the official zizmor Docker images is now fully hash-checked internally, preventing accidental or malicious modification to the images. This also means that subsequent releases of zizmor will induce a release of this action, rather than the action always picking up the latest version by default.

What's Changed

• docs: extended permissions required for internal repos by @​AntoineSebert in zizmorcore/zizmor-action#61
• docs: clarify description of "token" to indicate it is only used for online audits by @​rmuir in zizmorcore/zizmor-action#63
• Hash-check zizmor Docker images by @​woodruffw in zizmorcore/zizmor-action#68
• Add fail-on-no-inputs option by @​woodruffw in zizmorcore/zizmor-action#67

New Contributors

• @​AntoineSebert made their first contribution in zizmorcore/zizmor-action#61
• @​rmuir made their first contribution in zizmorcore/zizmor-action#63

Full Changelog: zizmorcore/zizmor-action@v0.3.0...v0.4.0

v0.3.0

What's Changed

• README: fix troubleshooting link by @​woodruffw in zizmorcore/zizmor-action#50
• README: add a troubleshooting section about Advanced Security by @​woodruffw in zizmorcore/zizmor-action#51
• feat: Support a config option by @​naokihaba in zizmorcore/zizmor-action#56

... (truncated)

Commits

• 0dce257 chore(deps): bump peter-evans/create-pull-request (#88)
• fb94974 Expose output-file as an output when advanced-security: true (#87)
• 867562a chore(deps): bump the github-actions group with 2 updates (#85)
• 7462f07 Bump pins in README (#84)
• 1356984Description has been truncated