Merge pull request #464 from felddy/dependabot/github_actions/github-actions-all-e487a0a50c

felddy · web-flow · commit 94e8de6bea86 · 2025-12-10T17:00:05.000-05:00
Bump the github-actions-all group across 1 directory with 13 updates
diff --git a/.github/workflows/_config.yml b/.github/workflows/_config.yml
@@ -39,6 +39,6 @@ on:
 jobs:
   csv-to-json:
     name: "Convert CSV to JSON"
-    uses: felddy/reusable-workflows/.github/workflows/csv-to-json.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/csv-to-json.yml@v3
     with:
       csv: ${{ inputs.platforms }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,5 +1,4 @@
 ---
-
 name: Build
 
 on:
@@ -12,7 +11,7 @@ on:
   release:
     types: [edited, published]
   schedule:
-    - cron: '0 10 * * *'  # everyday at 10am
+    - cron: "0 10 * * *"  # everyday at 10am
   workflow_dispatch:
     inputs:
       dispatch-tag:
@@ -27,7 +26,7 @@ permissions:
 jobs:
   diagnostics:
     name: "Diagnostics"
-    uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v3
 
   config:
     name: "Config"
@@ -36,7 +35,7 @@ jobs:
   metadata:
     name: "Metadata"
     needs: [config]
-    uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-metadata.yml@v3
     with:
       image_name: ${{ needs.config.outputs.image_name }}
 
@@ -60,15 +59,15 @@ jobs:
   lint:
     name: "Lint"
     needs: [config]
-    uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v3
 
-  build-test-image:
-    name: "Build test image"
+  build-test-container:
+    name: "Build container for testing"
     needs:
       - config
       - lint
       - metadata
-    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-build.yml@v3
     with:
       artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }}
       build_arg_1_name: VERSION
@@ -80,32 +79,32 @@ jobs:
     secrets:
       build_arg_1_value: ${{ needs.metadata.outputs.source_version }}
 
-  test-normal-image:
+  test-normal-container:
     name: "Test image"
     needs:
-      - build-test-image
+      - build-test-container
       - config
-    uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-test.yml@v3
     with:
       data_artifact_name: ${{ needs.config.outputs.data_artifact_name }}
       data_artifact_path: ${{ needs.config.outputs.data_artifact_path }}
-      image_artifact_name: ${{ needs.build-test-image.outputs.artifact_name }}
-      image_archive_name: ${{ needs.build-test-image.outputs.image_archive_name }}
+      image_artifact_name: ${{ needs.build-test-container.outputs.artifact_name }}
+      image_archive_name: ${{ needs.build-test-container.outputs.image_archive_name }}
 
   build-each-platform:
-    name: "Build platform"
+    name: "Build container"
     needs:
       - config
       - lint
       - metadata
-      - test-normal-image
+      - test-normal-container
     if: github.event_name != 'pull_request'
     strategy:
       matrix:
         platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
         exclude:
           - platform: ${{ needs.config.outputs.test_platform }}
-    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-build.yml@v3
     with:
       artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
       build_arg_1_name: VERSION
@@ -127,13 +126,13 @@ jobs:
     strategy:
       matrix:
         platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
-    uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-sbom.yml@v3
     with:
       image_artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
       sbom_artifact_name: ${{ needs.config.outputs.sbom_artifact_name_stem }}-${{ matrix.platform }}
 
   build-multi-arch-image:
-    name: "Publish image"
+    name: "Publish container"
     needs:
       - build-each-platform
       - config
@@ -142,23 +141,40 @@ jobs:
     if: github.event_name != 'pull_request'
     permissions:
       packages: write
-    uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v2
+    uses: felddy/reusable-workflows/.github/workflows/container-publish-multiarch.yml@v3
     with:
       artifact_name_pattern: ${{ needs.config.outputs.image_artifact_name_stem }}-*
       image_tags: ${{ needs.metadata.outputs.image_tags }}
+
+  mirror-to-dockerhub:
+    name: Mirror images to DockerHub
+    needs:
+      - build-multi-arch-image
+      - config
+      - docker-secrets
+      - metadata
+    if: github.event_name == 'release' && !github.event.release.prerelease
+    permissions:
+      contents: read
+      packages: read
+    uses: felddy/reusable-workflows/.github/workflows/container-mirror.yml@v3
+    with:
+      image_name: ${{ needs.config.outputs.image_name }}
+      image_tag_names: ${{ needs.metadata.outputs.image_tag_names }}
+      target_registry: docker.io
     secrets:
-      docker_password: ${{ secrets.DOCKER_PASSWORD }}
-      docker_username: ${{ secrets.DOCKER_USERNAME }}
+      registry_password: ${{ secrets.DOCKER_PASSWORD }}
+      registry_username: ${{ secrets.DOCKER_USERNAME }}
 
   publish-readme:
-    name: "Publish docs"
+    name: Publish docs to DockerHub
     needs:
       - build-multi-arch-image
       - config
       - docker-secrets
       - metadata
-    if: needs.metadata.outputs.latest == 'true'
-    uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v2
+    if: github.event_name == 'release' && needs.metadata.outputs.latest == 'true'
+    uses: felddy/reusable-workflows/.github/workflows/dockerhub-description.yml@v3
     with:
       image_name: ${{ needs.config.outputs.image_name }}
     secrets:
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -45,17 +45,17 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2  # tag=v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # tag=v2.14.0
         with:
           # TODO: change to 'egress-policy: block' after couple of runs
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3  # tag=v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # tag=v6.0.1
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2  # tag=codeql-bundle-v4.31.6
+        uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412  # tag=codeql-bundle-v4.31.7
         with:
           languages: ${{ matrix.language }}
 
@@ -65,7 +65,7 @@ jobs:
       # manually (see below).
       # manually (see below).
       - name: Autobuild
-        uses: github/codeql-action/autobuild@fe4161a26a8629af62121b670040955b330f9af2  # tag=codeql-bundle-v4.31.6
+        uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412  # tag=codeql-bundle-v4.31.7
 
       # ℹ️ Command-line programs to run using the OS shell. 📚
       # https://git.io/JvXDl
@@ -83,4 +83,4 @@ jobs:
       #     make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2  # tag=codeql-bundle-v4.31.6
+        uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412  # tag=codeql-bundle-v4.31.7
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -12,10 +12,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2  # tag=v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # tag=v2.14.0
         with:  # TODO: change to 'egress-policy: block' after couple of runs
           egress-policy: audit
       - name: 'Checkout Repository'
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3  # tag=v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # tag=v6.0.1
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261  # tag=v4.8.2
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -28,7 +28,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3  # tag=v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # tag=v6.0.1
         with:
           persist-credentials: false
 
@@ -60,6 +60,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2  # tag=codeql-bundle-v4.31.6
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412  # tag=codeql-bundle-v4.31.7
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml
@@ -14,11 +14,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2  # tag=v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # tag=v2.14.0
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 
-      - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008  # tag=v10.1.0
+      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d  # tag=v10.1.1
         with:
           days-before-stale: 28
           days-before-close: 7
diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml
@@ -20,10 +20,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2  # tag=v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # tag=v2.14.0
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
-      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3  # tag=v6.0.0
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # tag=v6.0.1
       - name: Sync repository labels
         if: success()
         uses: crazy-max/ghaction-github-labeler@24d110aa46a59976b8a7f35518cb7f14f434c916  # tag=v5.3.0
diff --git a/.mdl_config.yaml b/.mdl_config.yaml
@@ -1,17 +1,16 @@
 ---
-
 # Default state for all rules
 default: true
 
 # MD003/heading-style/header-style - Heading style
 MD003:
   # Enforce the ATX-closed style of header
-  style: "atx_closed"
+  style: atx_closed
 
 # MD004/ul-style - Unordered list style
 MD004:
   # Enforce dashes for unordered lists
-  style: "dash"
+  style: dash
 
 # MD013/line-length - Line length
 MD013:
@@ -30,11 +29,11 @@ MD024:
 # MD029/ol-prefix - Ordered list item prefix
 MD029:
   # Enforce the `1.` style for ordered lists
-  style: "one"
+  style: one
 
 # MD033/no-inline-html - Inline HTML
 MD033:
-  # The h1 and img elements are allowed to permit header images
+  # The div, h1 and img elements are allowed to permit header images
   allowed_elements:
     - div
     - h1
@@ -43,19 +42,30 @@ MD033:
 # MD035/hr-style - Horizontal rule style
 MD035:
   # Enforce dashes for horizontal rules
-  style: "---"
+  style: ---
+
+# MD041/first-line-heading/first-line-h1 - First line in file should be a top
+# level heading
+MD041:
+  # Allow content before first heading
+  allow_preamble: true
 
 # MD046/code-block-style - Code block style
 MD046:
   # Enforce the fenced style for code blocks
-  style: "fenced"
+  style: fenced
 
 # MD049/emphasis-style - Emphasis style should be consistent
 MD049:
   # Enforce asterisks as the style to use for emphasis
-  style: "asterisk"
+  style: asterisk
 
 # MD050/strong-style - Strong style should be consistent
 MD050:
   # Enforce asterisks as the style to use for strong
-  style: "asterisk"
+  style: asterisk
+
+# MD060/table-column-style
+MD060:
+  # Allow tables to use different styles
+  style: any
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
diff --git a/README.md b/README.md
