ci: use reuseable ci 2.6.0

janderssonse · janderssonse · commit 06baf17b295d · 2025-12-18T03:30:08.000+01:00
Signed-off-by: Josef Andersson &lt;josef.andersson@digg.se&gt;
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
@@ -20,6 +20,6 @@ jobs:
       contents: read
       security-events: write
       id-token: write
-    uses: diggsweden/reusable-ci/.github/workflows/security-openssf-scorecard.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/security-openssf-scorecard.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     with:
       publish-results: true
diff --git a/.github/workflows/pullrequest-workflow.yml b/.github/workflows/pullrequest-workflow.yml
@@ -17,16 +17,16 @@ permissions:
 
 jobs:
   pr-checks:
-    uses: diggsweden/reusable-ci/.github/workflows/pullrequest-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/pullrequest-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     secrets: inherit # Pass org-level secrets (NPM token if private packages)
     permissions:
       contents: read # Clone repository and read source code
       packages: read # Access private NPM packages from GitHub registry
       security-events: write # Upload ESLint/security findings to GitHub Security tab
     with:
       project-type: npm
-      # Use just+mise linting (replaces megalint, commitlint, licenselint)
-      linters.justmiselint: true
+      # Use devbase-check linting (replaces megalint, commitlint, licenselint)
+      linters.devbasecheck: true
       linters.megalint: false
       linters.commitlint: false
       linters.licenselint: false
diff --git a/.github/workflows/release-dev-workflow.yml b/.github/workflows/release-dev-workflow.yml
@@ -24,7 +24,7 @@ jobs:
     permissions:
       contents: read # Read code for building
       packages: write # Push dev images to ghcr.io
-    uses: diggsweden/reusable-ci/.github/workflows/release-dev-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/release-dev-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     with:
       project-type: npm
     secrets: inherit
diff --git a/.github/workflows/release-workflow.yml b/.github/workflows/release-workflow.yml
@@ -34,7 +34,7 @@ jobs:
       security-events: write # Upload container vulnerability scan results
       attestations: write # Attach SBOM attestation to container images
       issues: write # Close issues and add release comments
-    uses: diggsweden/reusable-ci/.github/workflows/release-orchestrator.yml@e29145e720cef0b86ef147c72c2d001b5ac6c8b9 # v2.4.2
+    uses: diggsweden/reusable-ci/.github/workflows/release-orchestrator.yml@e1e1387d5b0399bb5edb00e40485746772344176 # v2.6.0
     with:
       artifacts-config: .github/artifacts.yml
       file-pattern: "CHANGELOG.md package.json package-lock.json"
