Bump github.com/terraform-linters/tflint from 0.58.1 to 0.60.0 in /.ci/tools

[dependabot]

Bumps github.com/terraform-linters/tflint from 0.58.1 to 0.60.0.

Release notes

Sourced from github.com/terraform-linters/tflint's releases.

v0.60.0

What's Changed

This release introduces a new configuration file format: .tflint.json. This is useful for workflows such as automatically generating configuration files. Please note that in order to use the .tflint.json, enabled plugins must be built with SDK v0.23+.

From this release, Cosign signatures (checksums.txt.keyless.sig and checksums.txt.pem) are deprecated. They will not be included in future releases. If your installation scripts depend on them, please migrate to gh attestation verify.

Enhancements

• Add JSON configuration file support by @​rorychatterton in terraform-linters/tflint#2391
• Report structured errors in JUnit and CheckStyle XML formatters by @​bendrucker in terraform-linters/tflint#2407

Changes

• Alphabetize rulesets in version output by @​bendrucker in terraform-linters/tflint#2404
• release: Pin Cosign version and deprecate Cosign signatures by @​wata727 in terraform-linters/tflint#2405

Bug Fixes

• fix: only read TF_VAR for root module by @​bendrucker in terraform-linters/tflint#2413

Chores

• build(deps): Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by @​dependabot[bot] in terraform-linters/tflint#2376
• build(deps): Bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in terraform-linters/tflint#2377
• build(deps): Bump the go-x group with 3 updates by @​dependabot[bot] in terraform-linters/tflint#2378
• build(deps): Bump github.com/spf13/afero from 1.14.0 to 1.15.0 by @​dependabot[bot] in terraform-linters/tflint#2380
• build(deps): Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by @​dependabot[bot] in terraform-linters/tflint#2379
• build(deps): Bump golang.org/x/net from 0.43.0 to 0.44.0 in the go-x group by @​dependabot[bot] in terraform-linters/tflint#2381
• build(deps): Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @​dependabot[bot] in terraform-linters/tflint#2382
• build(deps): Bump github.com/sigstore/sigstore-go from 1.1.1 to 1.1.2 by @​dependabot[bot] in terraform-linters/tflint#2383
• build(deps): Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @​dependabot[bot] in terraform-linters/tflint#2384
• build(deps): Bump mislav/bump-homebrew-formula-action from 3.5 to 3.6 by @​dependabot[bot] in terraform-linters/tflint#2388
• fix(script): GitHub API rate limit by @​Sander0542 in terraform-linters/tflint#2390
• Bump tflint-plugin-sdk to v0.23.0 by @​wata727 in terraform-linters/tflint#2393
• build(deps): Bump github.com/sigstore/sigstore-go from 1.1.2 to 1.1.3 by @​dependabot[bot] in terraform-linters/tflint#2394
• build(deps): Bump docker/login-action from 3.5.0 to 3.6.0 by @​dependabot[bot] in terraform-linters/tflint#2395
• build(deps): Bump the go-x group with 4 updates by @​dependabot[bot] in terraform-linters/tflint#2397
• build(deps): Bump google.golang.org/grpc from 1.75.1 to 1.76.0 by @​dependabot[bot] in terraform-linters/tflint#2398
• build(deps): Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 by @​dependabot[bot] in terraform-linters/tflint#2399
• build(deps): Bump golang.org/x/net from 0.45.0 to 0.46.0 in the go-x group by @​dependabot[bot] in terraform-linters/tflint#2400
• build(deps): Bump github.com/terraform-linters/tflint-plugin-sdk from 0.23.0 to 0.23.1 by @​dependabot[bot] in terraform-linters/tflint#2402
• build(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 by @​dependabot[bot] in terraform-linters/tflint#2408
• build(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 by @​dependabot[bot] in terraform-linters/tflint#2409
• build(deps): Bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in the go-x group by @​dependabot[bot] in terraform-linters/tflint#2410

New Contributors

• @​Sander0542 made their first contribution in terraform-linters/tflint#2390
• @​rorychatterton made their first contribution in terraform-linters/tflint#2391

Full Changelog: terraform-linters/tflint@v0.59.1...v0.60.0

v0.59.1

... (truncated)

Commits

• c932c4d Bump up version to v0.60.0
• c132acc Bump Go patch version
• 26c49c4 fix: only read TF_VAR environment variables for root module (#2413)
• 09a61cf build(deps): Bump golang.org/x/oauth2 in the go-x group (#2410)
• 25059cf build(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 (#2409)
• 9da1a58 build(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 (#2408)
• 63d5d8a Report structured errors in JUnit and CheckStyle XML formatters (#2407)
• 38cab05 Add JSON configuration file support (#2391)
• 3bc0bfa Pin Cosign version and deprecate Cosign signatures (#2405)
• 56b6432 Alphabetize rulesets in version output (#2404)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

• Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
• Please see our prioritization guide for additional information on how the maintainers handle prioritization.
• Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

• Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
• Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.