ci: use reuseable ci 2.6.0

Signed-off-by: Josef Andersson <josef.andersson@digg.se>

Author: janderssonse

.github/artifacts.yml

@@ -5,7 +5,6 @@
 # Artifacts Configuration for rest-api-profil-lint-processor
 # NPM CLI application with container
 # Package tarballs will be attached to GitHub Release as assets
-
 artifacts:
   - name: raplp
     project-type: npm
@@ -15,7 +14,6 @@ artifacts:
       - github-packages
     config:
       node-version: 24
-
 # Container builds from source (no artifact dependency)
 # Containerfile copies source code and runs npm install
 containers:

.github/workflows/openssf-scorecard.yml

@@ -1,8 +1,6 @@
 # SPDX-FileCopyrightText: 2025 Digg - Agency for Digital Government
 #
 # SPDX-License-Identifier: CC0-1.0
-
----
 name: OpenSSF Scorecard Analysis
 on:
   schedule:
@@ -11,10 +9,8 @@ on:
     # Wednesdays at 02:20 UTC
     - cron: "20 2 * * 3"
   workflow_dispatch:
-
 permissions:
   contents: read
-
 jobs:
   scorecard-analysis:
     permissions:

.github/workflows/pullrequest-workflow.yml

@@ -1,38 +1,32 @@
 # SPDX-FileCopyrightText: 2025 Digg - Agency for Digital Government
 #
 # SPDX-License-Identifier: CC0-1.0
-
----
 name: Pull Request Workflow
-
 on:
   pull_request:
     branches:
       - main
       - develop
       - 'release/**'
       - 'feature/**'
-
 permissions:
   contents: read # Best Security practice. Jobs only get read as base, and then permissions are added as needed
-
 jobs:
   pr-checks:
-    uses: diggsweden/reusable-ci/.github/workflows/pullrequest-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/pullrequest-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     secrets: inherit # Pass org-level secrets (NPM token if private packages)
     permissions:
       contents: read # Clone repository and read source code
       packages: read # Access private NPM packages from GitHub registry
       security-events: write # Upload ESLint/security findings to GitHub Security tab
     with:
       project-type: npm
-      # Use just+mise linting (replaces megalint, commitlint, licenselint)
-      linters.justmiselint: true
+      # Use devbase-check linting (replaces megalint, commitlint, licenselint)
+      linters.devbasecheck: true
       linters.megalint: false
       linters.commitlint: false
       linters.licenselint: false
       linters.publiccodelint: true
-
   test:
     needs: [pr-checks]
     if: always() # Run tests even if linting fails (get full CI feedback)

.github/workflows/release-dev-workflow.yml

@@ -17,21 +17,17 @@
 # - NPM package: @diggsweden/rest-api-profil-lint-processor@0.5.9-dev-feat-name-abc1234
 # - Container image: ghcr.io/diggsweden/rest-api-profil-lint-processor:0.5.9-dev-feat-name-abc1234
 # - Tagged with 'dev' (not 'latest')
-
 name: Release Workflow Dev
-
 on:
   workflow_dispatch:
-
 permissions:
   contents: read
-
 jobs:
   dev-release:
     permissions:
       contents: read
       packages: write
-    uses: diggsweden/reusable-ci/.github/workflows/release-dev-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/release-dev-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     with:
       project-type: npm
       package-scope: '@diggsweden'

.github/workflows/release-workflow.yml

@@ -4,27 +4,22 @@
 
 # Release Workflow for rest-api-profil-lint-processor
 # Uses the unified release orchestrator for NPM packages
----
 name: Release
-
 on:
   push:
     tags:
       - 'v[0-9]+.[0-9]+.[0-9]+' # Stable: v1.0.0
       - 'v[0-9]+.[0-9]+.[0-9]+-alpha*' # Alpha: v1.0.0-alpha.1
       - 'v[0-9]+.[0-9]+.[0-9]+-beta*' # Beta: v1.0.0-beta.1
       - 'v[0-9]+.[0-9]+.[0-9]+-rc*' # RC: v1.0.0-rc.1
-
 concurrency:
   group: release-${{ github.ref }}
   cancel-in-progress: false # Queue releases, don't cancel partial releases
-
 permissions:
   contents: read # Best Security practice. Jobs only get read as base, and then permissions are added as needed
-
 jobs:
   release:
-    uses: diggsweden/reusable-ci/.github/workflows/release-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/release-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     permissions:
       contents: write # Create GitHub releases, push changelog commits
       packages: write # Publish to GitHub Packages

.yamlfmt

@@ -0,0 +1,9 @@
+# SPDX-FileCopyrightText: 2025 Digg - Agency for Digital Government
+#
+# SPDX-License-Identifier: CC0-1.0
+
+exclude:
+  - apis/
+  - node_modules/
+  - dist/
+  - coverage/