Upgrade: [dependabot] - bump NHSDigital/eps-workflow-quality-checks from 4.1.3 to 5.1.0 (#2131)

dependabot[bot] · anthony-nhs · web-flow · commit 4b751408ecbe · 2025-10-25T10:03:53.000+01:00
Bumps [NHSDigital/eps-workflow-quality-checks](https://github.com/nhsdigital/eps-workflow-quality-checks) from 4.1.3 to 5.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nhsdigital/eps-workflow-quality-checks/releases">NHSDigital/eps-workflow-quality-checks's releases</a>.</em></p> <blockquote> <h2>v5.1.0</h2> <h1><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/compare/v5.0.0...v5.1.0">5.1.0</a> (2025-10-24)</h1> <h3>New</h3> <ul> <li>[AEA-5667] - Run CloudFormation Guard against Terraform plans (<a href="https://redirect.github.com/nhsdigital/eps-workflow-quality-checks/issues/24">#24</a>) (<a href="https://github.com/NHSDigital/eps-workflow-quality-checks/commit/4a6d03ad51516eddc448daf454805f85fe2025b9">4a6d03a</a>)</li> </ul> <h2>Info</h2> <p><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/compare/cb3642c115ce...4a6d03ad5151">See code diff</a> <a href="https://github.com/NHSDigital/eps-workflow-quality-checks/actions/runs/18777144246">Release workflow run</a></p> <p>It was initialized by <a href="https://github.com/originalphil">originalphil</a></p> <h2>v5.0.0</h2> <h1><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/compare/v4.1.3...v5.0.0">5.0.0</a> (2025-10-22)</h1> <h3>Breaking</h3> <ul> <li>[AEA-0000] - use common release tagging (<a href="https://redirect.github.com/nhsdigital/eps-workflow-quality-checks/issues/22">#22</a>) (<a href="https://github.com/NHSDigital/eps-workflow-quality-checks/commit/cb3642c115ceff7be6e2c4a7a63d36ae29b1a339">cb3642c</a>)</li> </ul> <h2>Info</h2> <p><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/compare/a7ef5c07fc99...cb3642c115ce">See code diff</a> <a href="https://github.com/NHSDigital/eps-workflow-quality-checks/actions/runs/18716186034">Release workflow run</a></p> <p>It was initialized by <a href="https://github.com/anthony-nhs">anthony-nhs</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/commit/4a6d03ad51516eddc448daf454805f85fe2025b9"><code>4a6d03a</code></a> New: [AEA-5667] - Run CloudFormation Guard against Terraform plans (<a href="https://redirect.github.com/nhsdigital/eps-workflow-quality-checks/issues/24">#24</a>)</li> <li><a href="https://github.com/NHSDigital/eps-workflow-quality-checks/commit/cb3642c115ceff7be6e2c4a7a63d36ae29b1a339"><code>cb3642c</code></a> Breaking: [AEA-0000] - use common release tagging (<a href="https://redirect.github.com/nhsdigital/eps-workflow-quality-checks/issues/22">#22</a>)</li> <li>See full diff in <a href="https://github.com/nhsdigital/eps-workflow-quality-checks/compare/v4.1.3...v5.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-workflow-quality-checks&package-manager=github_actions&previous-version=4.1.3&new-version=5.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: anthony-nhs <121869075+anthony-nhs@users.noreply.github.com>
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,21 +8,6 @@ env:
   BRANCH_NAME: ${{ github.ref_name }}
 
 jobs:
-  quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.1.3
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-  get_commit_id:
-    runs-on: ubuntu-22.04
-    outputs:
-      commit_id: ${{ steps.commit_id.outputs.commit_id }}
-    steps:
-      - name: Get Commit ID
-        id: commit_id
-        run: |
-          echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
-
   get_asdf_version:
     runs-on: ubuntu-22.04
     outputs:
@@ -40,6 +25,23 @@ jobs:
         run: |
           TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
           echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
+  quality_checks:
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v5.1.0
+    needs: [get_asdf_version]
+    with:
+      asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+  get_commit_id:
+    runs-on: ubuntu-22.04
+    outputs:
+      commit_id: ${{ steps.commit_id.outputs.commit_id }}
+    steps:
+      - name: Get Commit ID
+        id: commit_id
+        run: |
+          echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
 
   tag_release:
     needs: [quality_checks, get_commit_id, get_asdf_version]
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -8,8 +8,29 @@ env:
   BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
 
 jobs:
+  get_asdf_version:
+    runs-on: ubuntu-22.04
+    outputs:
+      asdf_version: ${{ steps.asdf-version.outputs.version }}
+      tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Get asdf version
+        id: asdf-version
+        run: echo "version=$(awk '!/^#/ && NF {print $1; exit}' .tool-versions.asdf)" >> "$GITHUB_OUTPUT"
+      - name: Load config value
+        id: load-config
+        run: |
+          TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
+          echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
+
   quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.1.3
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v5.1.0
+    needs: [get_asdf_version]
+    with:
+      asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
@@ -42,23 +63,6 @@ jobs:
               ).data[0].number;
             }
           result-encoding: string
-  get_asdf_version:
-    runs-on: ubuntu-22.04
-    outputs:
-      asdf_version: ${{ steps.asdf-version.outputs.version }}
-      tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v5
-
-      - name: Get asdf version
-        id: asdf-version
-        run: echo "version=$(awk '!/^#/ && NF {print $1; exit}' .tool-versions.asdf)" >> "$GITHUB_OUTPUT"
-      - name: Load config value
-        id: load-config
-        run: |
-          TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
-          echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
 
   tag_release:
     needs: [get_asdf_version]
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -4,21 +4,6 @@ on:
   workflow_dispatch:
 
 jobs:
-  quality_checks:
-    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.1.3
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-  get_commit_id:
-    runs-on: ubuntu-22.04
-    outputs:
-      commit_id: ${{ steps.commit_id.outputs.commit_id }}
-    steps:
-      - name: Get Commit ID
-        id: commit_id
-        run: |
-          echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
-
   get_asdf_version:
     runs-on: ubuntu-22.04
     outputs:
@@ -37,6 +22,24 @@ jobs:
           TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
           echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
 
+  quality_checks:
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v5.1.0
+    needs: [get_asdf_version]
+    with:
+      asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+  get_commit_id:
+    runs-on: ubuntu-22.04
+    outputs:
+      commit_id: ${{ steps.commit_id.outputs.commit_id }}
+    steps:
+      - name: Get Commit ID
+        id: commit_id
+        run: |
+          echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
+
   tag_release:
     needs: [quality_checks, get_commit_id, get_asdf_version]
     uses: NHSDigital/eps-workflow-semantic-release/.github/workflows/tag-release.yml@f80157cecce288dd175e61b477a1d2dbe9c88b99
