build(deps): bump the github-action-updates group across 1 directory with 4 updates

[dependabot]

Bumps the github-action-updates group with 4 updates in the / directory: hendrikmuhs/ccache-action, oxsecurity/megalinter, github/codeql-action and actions/create-github-app-token.

Updates hendrikmuhs/ccache-action from 1.2.17 to 1.2.18

Release notes

Sourced from hendrikmuhs/ccache-action's releases.

v1.2.18

What's Changed

• Bump ts-jest from 29.2.5 to 29.2.6 by @​dependabot in hendrikmuhs/ccache-action#291
• Bump typescript from 5.7.3 to 5.8.2 by @​dependabot in hendrikmuhs/ccache-action#294
• Bump @​types/node from 22.13.0 to 22.13.9 by @​dependabot in hendrikmuhs/ccache-action#296
• set cache to readonly if skipping save by @​planetmarshall in hendrikmuhs/ccache-action#301
• Update sccache version to v0.10.0 by @​mhegazy in hendrikmuhs/ccache-action#315
• Bump @​types/node from 22.13.9 to 22.15.2 by @​dependabot in hendrikmuhs/ccache-action#316
• Bump ts-jest from 29.2.6 to 29.3.2 by @​dependabot in hendrikmuhs/ccache-action#312
• Bump typescript from 5.8.2 to 5.8.3 by @​dependabot in hendrikmuhs/ccache-action#311
• Bump @​actions/cache from 4.0.0 to 4.0.3 by @​dependabot in hendrikmuhs/ccache-action#299
• Don't append - when append-timestamp is disabled. by @​Naros in hendrikmuhs/ccache-action#306

New Contributors

• @​mhegazy made their first contribution in hendrikmuhs/ccache-action#315
• @​Naros made their first contribution in hendrikmuhs/ccache-action#306

Full Changelog: hendrikmuhs/ccache-action@v1...v1.2.18

Commits

• 63069e3 update code
• 15457da Don't append - when append-timestamp is disabled. (#306)
• 25d49ca update code
• 5107eae Bump @​actions/cache from 4.0.0 to 4.0.3 (#299)
• 0be57ad Bump typescript from 5.8.2 to 5.8.3 (#311)
• 82ea688 Bump ts-jest from 29.2.6 to 29.3.2 (#312)
• 1442e5b Bump ts-jest from 29.2.6 to 29.3.2 (#312)
• e3bfc65 Bump @​types/node from 22.13.9 to 22.15.2 (#316)
• fc91011 Update sccache version to v0.10.0 (#315)
• 15fe4dd set cache to readonly if skipping save (#301)
• Additional commits viewable in compare view

Updates oxsecurity/megalinter from 8.5.0 to 8.6.0

Release notes

Sourced from oxsecurity/megalinter's releases.

v8.6.0

What's Changed

• Core

  • New config property ENABLE_ERRORS_LINTERS. If set, only the listed linters will be considered as blocking

• New linters

  • Add cppcheck linter, by @​bdovaz in oxsecurity/megalinter#5224

• Media

  • Integrating MegaLinter to Automate Linting Across Multiple Codebases. A Technical Description, by Thorsten Foltz

• Linters enhancements

  • editorconfig_checker Changes default EditorConfig-Checker config filename by @​llaville in oxsecurity/megalinter#5061
  • TruffleHog: Ignore .git by default if not already done using --exclude-paths option

• Fixes

  • Sanitize all linter outputs by default, by @​nvuillam in oxsecurity/megalinter#5266

• Doc

  • Add j2lint to plugins, by @​wesley-dean in oxsecurity/megalinter#5151
  • Add fmlint (frontmatter linter) to plugins list by @​wesley-dean in oxsecurity/megalinter#5257
  • Remove trailing spaces by @​parkerbxyz in oxsecurity/megalinter#5185

• CI

  • Initial Renovate automerge configuration, by @​echoix in oxsecurity/megalinter#5057
  • Set update schedule for checkov updates, by @​echoix in oxsecurity/megalinter#5064
  • Always upgrade packages from base image for updated security fixes, by @​echoix in oxsecurity/megalinter#5152
  • build-command: Unshallow pull or full pull before committing changes, by @​echoix in oxsecurity/megalinter#5201

• Linter versions upgrades (50)

  • ansible-lint from 25.1.3 to 25.2.1
  • bicep_linter from 0.34.1 to 0.34.44
  • cfn-lint from 1.32.0 to 1.34.1
  • checkov from 3.2.390 to 3.2.404
  • checkstyle from 10.21.4 to 10.23.0
  • clippy from 0.1.85 to 0.1.86
  • clj-kondo from 2025.02.20 to 2025.04.07
  • cpplint from 2.0.0 to 2.0.2
  • cspell from 8.17.5 to 8.19.2
  • dartanalyzer from 3.7.2 to 3.7.3
  • devskim from 1.0.52 to 1.0.56
  • dotnet-format from 9.0.104 to 9.0.105
  • flake8 from 7.1.2 to 7.2.0
  • gitleaks from 8.24.2 to 8.24.3
  • grype from 0.90.0 to 0.91.2
  • kics from 2.1.6 to 2.1.7
  • kubescape from 3.0.32 to 3.0.34
  • lightning-flow-scanner from 3.2.0 to 3.4.0
  • ls-lint from 2.2.3 to 2.3.0

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Core

• New linters

• Disabled linters

• Media

• Linters enhancements

• Fixes

• Reporters

• Doc

• Flavors

• CI

• mega-linter-runner

• Linter versions upgrades (N)

  • checkstyle from 10.23.0 to 10.23.1 on 2025-04-29
  • v8r from 4.3.0 to 4.4.0 on 2025-04-29
  • cfn-lint from 1.34.1 to 1.34.2 on 2025-05-01
  • golangci-lint from 1.64.8 to 2.1.5 on 2025-05-01
  • pmd from 7.12.0 to 7.13.0 on 2025-05-01
  • phpstan from 2.1.12 to 2.1.13 on 2025-05-01
  • checkov from 3.2.404 to 3.2.413 on 2025-05-01
  • lightning-flow-scanner from 3.4.0 to 3.4.1 on 2025-05-01
  • cspell from 8.19.2 to 8.19.3 on 2025-05-01

[v8.6.0] - 2024-04-27

• Core

  • New config property ENABLE_ERRORS_LINTERS. If set, only the listed linters will be considered as blocking

• New linters

... (truncated)

Commits

• 04cf22b Release MegaLinter v8.6.0
• 08e1f53 [automation] Auto-update linters version, help and documentation (#5268)
• 75538ac Sanitize all linter outputs by default (#5266)
• e195f05 chore(deps): update dependency v8r to v4.3.0 (#5262)
• 7bcf821 [automation] Auto-update linters version, help and documentation (#5263)
• 389e87d Add fmlint (frontmatter linter) to plugins list (#5257)
• f72c1a8 [automation] Auto-update linters version, help and documentation (#5259)
• 05901b1 chore(deps): update dependency stylelint to v16.19.0 (#5261)
• c88bbe5 chore(deps): update dependency sfdx-hardis to v5.28.0 (#5260)
• 81f99d9 chore(deps): update dependency cfn-lint to v1.34.1 (#5258)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.28.16 to 3.28.17

Release notes

Sourced from github/codeql-action's releases.

v3.28.17

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772
• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated)

Commits

• 60168ef Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a
• 0d5a311 Update changelog for v3.28.17
• 97a2bfd Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2
• 9aba20e Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
• 81a9508 Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a...
• 1569f4c Disable diff-informed queries in code scanning config tests
• 62fbeb6 Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze
• f122d1d Address test failures from computing temporary directory too early
• 083772a Do not fail diff informed analyses when analyze is run twice in the same job
• 5db14d0 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
• Additional commits viewable in compare view

Updates actions/create-github-app-token from 2.0.2 to 2.0.3

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.3

2.0.3 (2025-05-01)

Bug Fixes

• README: use v2 in examples (#234) (9ba274d), closes #232
• use core.getBooleanInput() to retrieve boolean input values (#223) (c3c17c7)

Commits

• 30bf625 build(release): 2.0.3 [skip ci]
• c3c17c7 fix: use core.getBooleanInput() to retrieve boolean input values (#223)
• 9ba274d fix(README): use v2 in examples (#234)
• a3c826a docs: fix typo in CONTRIBUTING.md (#233)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Test Results

25 tests  ±0   25 ✅ ±0   3s ⏱️ ±0s
 1 suites ±0    0 💤 ±0 
 1 files   ±0    0 ❌ ±0 

Results for commit ab13864. ± Comparison against base commit 1c7fcde.

♻️ This comment has been updated with latest results.

[github-actions]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	6		0	0	0.22s
✅ CPP	clang-format	82	1	0	0	0.42s
❌ CPP	cppcheck	82		12	0	2.38s
✅ DOCKERFILE	hadolint	1		0	0	0.32s
✅ JSON	jsonlint	8		0	0	0.16s
✅ JSON	prettier	8	6	0	0	0.45s
⚠️ MARKDOWN	markdownlint	4	1	2	0	0.66s
⚠️ MARKDOWN	markdown-link-check	4		2	0	629.63s
✅ MARKDOWN	markdown-table-formatter	4	1	0	0	0.17s
✅ REPOSITORY	checkov	yes		no	no	13.55s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	20.86s
✅ REPOSITORY	ls-lint	yes		no	no	0.05s
✅ REPOSITORY	secretlint	yes		no	no	0.93s
✅ REPOSITORY	syft	yes		no	no	1.17s
✅ REPOSITORY	trivy	yes		no	no	4.49s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.07s
✅ REPOSITORY	trufflehog	yes		no	no	3.04s
⚠️ SPELL	lychee	50		35	0	8.72s
✅ YAML	prettier	10	0	0	0	0.47s
✅ YAML	v8r	10		0	0	6.53s
✅ YAML	yamllint	10		0	0	0.34s

See detailed report in MegaLinter reports

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.