chore(deps): bump github/codeql-action from 27fcff4ecb39e96348e7ceddcc2d9ef42308b6fc to 5d4e8d1aca955e8d8589aabd499c5cae939e33c7#5
Closed
dependabot[bot] wants to merge 27 commits intomainfrom
Conversation
Kubernetes cluster deployment for Rockchip RK3588-based SBCs (Turing RK1). Features: - Talos Linux configuration for RK1 compute modules - RKNN SDK integration for NPU inference - Longhorn storage, MetalLB, and monitoring stack - Comprehensive documentation Security: All cluster credentials are placeholder values. Generate fresh credentials with: talosctl gen config
Exclude AI assistant local settings directory from version control to prevent accidental commit of user-specific AI assistant configuration.
Add status badges for release version, license, Talos, and Kubernetes.
- Add GitHub Actions workflow for yamllint and markdownlint on push/PR - Add yamllint config (excludes repo/, .github/, cluster-config/) - Add markdownlint config with relaxed rules for existing docs - Add CI badge to README
Configure automated dependency updates for: - Git submodules (weekly on Monday) - GitHub Actions (weekly on Monday)
- Scan Python code for security vulnerabilities - Run on push/PR to main and weekly schedule - Use security-extended query suite - Add CodeQL badge to README
No Python source in main repo (only in submodules). Changed to scan GitHub Actions workflows for security issues.
Address deprecation warning - v3 will be deprecated in December 2026.
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 19 to 22. - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](DavidAnson/markdownlint-cli2-action@v19...v22) --- updated-dependencies: - dependency-name: DavidAnson/markdownlint-cli2-action dependency-version: '22' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Automatically approve and enable auto-merge for Dependabot PRs. PRs will merge after all required status checks pass.
SVG source for repository social preview image. Convert to PNG (1280x640) and upload via GitHub Settings.
Test PR to verify CI workflows are functioning correctly.
Keep local file but exclude from public repo. Already in .gitignore for future protection.
Add explicit permissions block (contents: read) to address missing-workflow-permissions security alerts.
Address CodeQL unpinned-tag security alert by pinning all actions to specific commit SHAs instead of version tags. Pinned versions: - actions/checkout: v4, v6 - actions/setup-python: v6 - github/codeql-action: v4 - DavidAnson/markdownlint-cli2-action: v22
Converted from SVG source (1280x640, 63KB). Upload to GitHub Settings > Social preview.
- Add BMC requirements section with authentication and SD card info - Fix tpi flash commands to use -l flag and /mnt/sdcard/ path - Update Portainer agent URL to Community Edition ce2-22 - Add flashing time estimates and USB cable method reference - Fix troubleshooting section with correct flash command syntax
Document cluster architecture including hardware layout, Kubernetes components, storage replication, network traffic flow, monitoring stack, and deployment dependencies. Add references in documentation index files.
Subgraph IDs containing hyphens cause parsing issues in Mermaid. Changed IDs to use concatenated names while keeping display labels: - kube-system → kubesystem - metallb-system → metallbsystem - ingress-nginx → ingressnginx - longhorn-system → longhornsystem - default → defaultns
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 27fcff4ecb39e96348e7ceddcc2d9ef42308b6fc to 5d4e8d1aca955e8d8589aabd499c5cae939e33c7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@27fcff4...5d4e8d1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 5d4e8d1aca955e8d8589aabd499c5cae939e33c7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/github_actions/github/codeql-action-5d4e8d1aca955e8d8589aabd499c5cae939e33c7
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github/codeql-action from 27fcff4ecb39e96348e7ceddcc2d9ef42308b6fc to 5d4e8d1aca955e8d8589aabd499c5cae939e33c7.
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)