Bump senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml from 3 to 4

[dependabot]

Bumps senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml from 3 to 4.

Release notes

Sourced from senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml's releases.

4.0.0

What's Changed

• #260 make shared workflows generic, misc cleanup by @​kernelsam in senzing-factory/build-resources#261

Full Changelog: senzing-factory/build-resources@v3...4.0.0

3.0.31

What's Changed

• Bump super-linter/super-linter from 8.4.0 to 8.5.0 by @​dependabot[bot] in senzing-factory/build-resources#257
• if the PR's REFRESHED_AT matches main's value, it only passes if that… by @​kernelsam in senzing-factory/build-resources#259

Full Changelog: senzing-factory/build-resources@v3...3.0.31

3.0.30

What's Changed

• Bump super-linter/super-linter from 8.3.1 to 8.3.2 by @​dependabot[bot] in senzing-factory/build-resources#254
• Bump actions/download-artifact from 6 to 7 by @​dependabot[bot] in senzing-factory/build-resources#250
• Bump super-linter/super-linter from 8.3.2 to 8.4.0 by @​dependabot[bot] in senzing-factory/build-resources#255
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in senzing-factory/build-resources#249
• Fix regex for filtering GitHub workflows by @​kernelsam in senzing-factory/build-resources#256

Full Changelog: senzing-factory/build-resources@v3...3.0.30

3.0.29

What's Changed

• Bump super-linter/super-linter from 8.3.0 to 8.3.1 by @​dependabot[bot] in senzing-factory/build-resources#252
• Remove validation for natural language in workflows by @​kernelsam in senzing-factory/build-resources#253

Full Changelog: senzing-factory/build-resources@v3...3.0.29

3.0.28

What's Changed

• Add Markdown formatting guidelines to PR template by @​kernelsam in senzing-factory/build-resources#244
• Enhance PR review instructions for local and GitHub by @​kernelsam in senzing-factory/build-resources#246
• 247 dockter 1 by @​docktermj in senzing-factory/build-resources#248

New Contributors

• @​docktermj made their first contribution in senzing-factory/build-resources#248

Full Changelog: senzing-factory/build-resources@v3...3.0.28

3.0.27

Full Changelog: senzing-factory/build-resources@v3...3.0.27

3.0.26

Full Changelog: senzing-factory/build-resources@v3...3.0.26

... (truncated)

Changelog

Sourced from senzing-factory/build-resources/.github/workflows/build-failure-slack-notification.yaml's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, markdownlint, and this project adheres to Semantic Versioning.

[Unreleased]

• Thing 5
• Thing 4

[1.0.1] - yyyy-mm-dd

Added to 1.0.1

• Thing 3

Fixed in 1.0.1

• Thing 2

[1.0.0] - yyyy-mm-dd

Added to 1.0.0

• Thing 2
• Thing 1

Commits

• 52eb86b bump tags to v4, slack channel override, missing claude settings (#262)
• 08fb769 #260 make shared workflows generic, misc cleanup (#261)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Claude Code Review

❌ CHANGELOG.md should be updated

• A CHANGELOG.md exists at /home/runner/work/mapper-npi/mapper-npi/CHANGELOG.md
• The diff shows no updates to CHANGELOG.md
• Recommendation: Add an entry under [Unreleased] section documenting the workflow version bump, such as:

  ### Changed
  - Updated build-failure-slack-notification workflow reference from v3 to v4
  

✅ Markdown formatting

• N/A - No markdown files modified in this PR

Security

✅ No hardcoded credentials

• No credentials added or exposed
• Secrets remain properly referenced via ${{ secrets.SLACK_BOT_TOKEN }}

✅ Input validation implemented

• N/A - No new inputs to validate

✅ Proper error handling

• N/A - No error handling code modified

✅ No sensitive data in logs

• No logging changes that could expose sensitive data

✅ No license files checked in

• No .lic files or AQAAAD strings present in the diff

---

Summary & Recommendations

Issues Found

1. ❌ CHANGELOG.md Not Updated (/home/runner/work/mapper-npi/mapper-npi/CHANGELOG.md:9-12)
   • The CHANGELOG.md file exists and should be updated to document this dependency version bump
   • Add an entry under the [Unreleased] section

Overall Assessment

This is a clean, straightforward dependency version update with no code quality or security concerns. The only issue is the missing CHANGELOG entry.

Recommendation: Approve after adding a CHANGELOG.md entry documenting the workflow version update.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review: Workflow Version Bump (v3 → v4)

Summary

This PR updates the version reference of the build-failure-slack-notification.yaml workflow from @v3 to @v4 across 4 workflow files. This is a dependency update for a reusable GitHub Actions workflow.

---

✅ Code Quality

Style Guide Conformance

✅ PASS - The changes follow YAML style conventions. The modifications are minimal version bumps maintaining existing formatting.

No Commented-Out Code

✅ PASS - No commented-out code in the diff.

Meaningful Variable Names

✅ PASS - N/A for this change (version bump only).

DRY Principle

✅ PASS - The changes update 4 occurrences of the same pattern, which is appropriate since these are separate workflow files with different purposes. This is not a DRY violation.

Defects/Bugs/Security Vulnerabilities

✅ PASS - No defects identified. Version bumps are straightforward changes. The workflow references are consistent and properly structured.

Project Memory Configuration

✅ PASS - No .claude/CLAUDE.md file exists in the project (checked earlier), so this criterion is not applicable.

---

✅ Testing

Unit Tests for New Functions

✅ N/A - This is a workflow configuration change, not functional code. GitHub Actions workflows are tested through execution.

Integration Tests

✅ N/A - Not applicable for workflow configuration.

Edge Cases

✅ N/A - Not applicable for workflow configuration.

Test Coverage > 80%

✅ N/A - Not applicable for workflow configuration.

---

⚠️ Documentation

README Updated

✅ PASS - README.md:1-142 does not require updates. The README documents the NPI mapper tool, not the CI/CD workflows.

API Docs Updated

✅ N/A - No API documentation applicable for workflow changes.

Inline Comments for Complex Logic

✅ PASS - No complex logic added. Version bump is self-explanatory.

CHANGELOG.md Updated

❌ FAIL - CHANGELOG.md:9-12 has placeholders but was not updated with this change.

• Required Action: Add entry under [Unreleased] section describing the workflow version bump.
• Suggested entry: "Updated build-failure-slack-notification workflow from v3 to v4"

Markdown Formatting (CommonMark/Prettier)

✅ N/A - No markdown files were modified in this PR.

---

✅ Security

No Hardcoded Credentials

✅ PASS - No credentials in the diff. Secrets are properly referenced via ${{ secrets.SLACK_BOT_TOKEN }}.

Input Validation

✅ N/A - Not applicable for workflow configuration.

Proper Error Handling

✅ PASS - The workflows properly use conditional execution with if statements and job status checks.

No Sensitive Data in Logs

✅ PASS - No sensitive data exposed in the changes.

License Files / AQAAAD Strings

✅ PASS - No .lic files found in repository. The AQAAAD string occurrences found are in documentation files (prompt templates and config files), not actual license files.

---

Summary of Issues

Critical Issues

None.

Issues Requiring Attention

1. CHANGELOG.md not updated - Minor documentation issue

---

Recommendations

1. ✏️ Update CHANGELOG.md:9 to document this change:

   ## [Unreleased]
   
   - Updated build-failure-slack-notification workflow from v3 to v4
   - Thing 5
   - Thing 4

Overall Assessment

✅ APPROVED with minor documentation improvement suggested

This is a clean, straightforward dependency update. The only issue is the missing CHANGELOG entry, which should be added before merging to maintain proper project history documentation.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Report

Summary

This PR updates the version reference of the build-failure-slack-notification.yaml workflow from v3 to v4 across 4 GitHub Actions workflow files. This is a standard dependency version bump.

---

Review Checklist Results

Code Quality

• ✅ Code follows style guide: The changes maintain consistent YAML formatting and follow GitHub Actions conventions. The version bump is applied uniformly across all files.

• ✅ No commented-out code: No commented-out code present in the diff.

• ✅ Meaningful variable names: Not applicable - only version numbers changed.

• ✅ DRY principle followed: The change is consistently applied across all workflow files that use this notification workflow.

• ✅ Identify Defects: No bugs, logic errors, or security vulnerabilities introduced. The change is a straightforward version bump of a reusable workflow reference. All files correctly maintain the @v4 reference consistently with the main workflow file (line 18 in add-labels-standardized.yaml already uses v4 for the main workflow).

• ✅ Project memory configuration: No .claude/CLAUDE.md file exists in this project, so this criterion is not applicable.

Testing

• ⚠️ Unit tests for new functions: Not applicable - this is a workflow version bump, not new functionality.

• ⚠️ Integration tests for new endpoints: Not applicable - no new endpoints.

• ⚠️ Edge cases covered: Not applicable - this is a dependency version update.

• ⚠️ Test coverage > 80%: Not applicable - GitHub Actions workflows don't have traditional test coverage metrics.

Note: Testing criteria are not applicable to GitHub Actions workflow version bumps. The validation will occur when the workflows are triggered.

Documentation

• ❌ CHANGELOG.md updated: The CHANGELOG.md file (.github/workflows/add-labels-standardized.yaml:30) contains placeholder content ("Thing 1", "Thing 2", etc.) and has not been updated to reflect this dependency version bump. This change should be documented in the [Unreleased] section.

  Recommendation: Add an entry like:

  ### Changed
  - Updated build-failure-slack-notification workflow to v4

• ✅ README updated if needed: Not applicable - this internal workflow change doesn't affect user-facing functionality.

• ✅ API docs updated: Not applicable - no API changes.

• ✅ Inline comments for complex logic: Not applicable - the changes are self-explanatory version bumps.

• ✅ Markdown files formatted: The existing CHANGELOG.md follows the CommonMark specification.

Security

• ✅ No hardcoded credentials: Credentials are properly passed through GitHub secrets mechanism.

• ✅ Input validation implemented: Not applicable - only version reference changed.

• ✅ Proper error handling: The workflows maintain existing error handling through the needs dependency and conditional checks.

• ✅ No sensitive data in logs: No sensitive data exposure introduced.

• ✅ No license files checked in: No .lic files or AQAAAD strings present in the diff.

---

Overall Assessment

Status: ✅ Approve with minor suggestion

This is a clean, consistent dependency version bump from v3 to v4 for the build-failure-slack-notification workflow. The changes are applied uniformly across all 4 affected workflow files:

• .github/workflows/add-labels-standardized.yaml:25
• .github/workflows/add-to-project-senzing-dependabot.yaml:24
• .github/workflows/add-to-project-senzing.yaml:27
• .github/workflows/pylint.yaml:48

Only issue: The CHANGELOG.md should be updated to document this change.

Automated code review analyzing defects and coding standards

[kernelsam]

Resolved by: #61

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.