ci(deps): bump the github-actions group with 5 updates

[dependabot]

Bumps the github-actions group with 5 updates:

Package	From	To
actions/stale	10.0.0	10.1.0
github/codeql-action	3.30.5	3.30.6
ossf/scorecard-action	2.4.2	2.4.3
actions/first-interaction	3.0.0	3.1.0
docker/login-action	3.5.0	3.6.0

Updates actions/stale from 10.0.0 to 10.1.0

Release notes

Sourced from actions/stale's releases.

v10.1.0

What's Changed

• Add only-issue-types option to filter issues by type by @​Bibo-Joshi in actions/stale#1255

New Contributors

• @​Bibo-Joshi made their first contribution in actions/stale#1255

Full Changelog: actions/stale@v10...v10.1.0

Commits

• 5f858e3 Add only-issue-types option to filter issues by type (#1255)
• See full diff in compare view

Updates github/codeql-action from 3.30.5 to 3.30.6

Release notes

Sourced from github/codeql-action's releases.

v3.30.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
• Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

• Fixed a bug which could cause language autodetection to fail. #3084
• Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

3.30.1 - 05 Sep 2025

• Update default CodeQL bundle version to 2.23.0. #3077

3.30.0 - 01 Sep 2025

• Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #3054

3.29.11 - 21 Aug 2025

• Update default CodeQL bundle version to 2.22.4. #3044

3.29.10 - 18 Aug 2025

No user facing changes.

3.29.9 - 12 Aug 2025

... (truncated)

Commits

• 64d10c1 Merge pull request #3172 from github/update-v3.30.6-10feb5d2a
• 909610e Update changelog for v3.30.6
• 10feb5d Merge pull request #3167 from github/mbg/upload-sarif/find-then-filter
• 4182ea3 Merge pull request #3168 from github/update-bundle/codeql-bundle-v2.23.2
• 34afe5b Merge pull request #3171 from github/mbg/start-proxy/telemetry
• 096fe67 Merge branch 'main' into update-bundle/codeql-bundle-v2.23.2
• b496401 Merge pull request #3170 from github/mbg/start-proxy/remove-update-workflow
• d573787 Report registry types that are configured for CodeQL in start-proxy telemetry
• 1591680 Send a basic status report in start-proxy Action if it succeeds
• cb5a284 Send status report when start-proxy fails
• Additional commits viewable in compare view

Updates ossf/scorecard-action from 2.4.2 to 2.4.3

Release notes

Sourced from ossf/scorecard-action's releases.

v2.4.3

What's Changed

This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.

Documentation

• docs: clarify GITHUB_TOKEN permissions needed for private repos by @​pankajtaneja5 in ossf/scorecard-action#1574
• 📖 Fix recommended command to test the image in development by @​deivid-rodriguez in ossf/scorecard-action#1583

Other

• add missing top-level token permissions to workflows by @​timothyklee in ossf/scorecard-action#1566
• setup codeowners for requesting reviews by @​spencerschrock in ossf/scorecard-action#1576
• 🌱 Improve printing options by @​deivid-rodriguez in ossf/scorecard-action#1584

New Contributors

• @​timothyklee made their first contribution in ossf/scorecard-action#1566
• @​pankajtaneja5 made their first contribution in ossf/scorecard-action#1574
• @​deivid-rodriguez made their first contribution in ossf/scorecard-action#1584

Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3

Commits

• 4eaacf0 bump docker to ghcr v2.4.3 (#1587)
• 42e3a01 🌱 Bump the github-actions group with 3 updates (#1585)
• 88c07ac 🌱 Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.6.0 (#1579)
• 6c690f2 Bump github.com/ossf/scorecard/v5 from v5.2.1 to v5.3.0 (#1586)
• 92083b5 📖 Fix recommended command to test the image in development (#1583)
• 7975ea6 🌱 Bump the docker-images group across 1 directory with 2 updates (#1...
• 0d1a743 🌱 Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1575)
• 46e6e0c 🌱 Bump the github-actions group with 2 updates (#1580)
• c3f1350 🌱 Improve printing options (#1584)
• 43e475b 🌱 Bump golang.org/x/net from 0.42.0 to 0.44.0 (#1578)
• Additional commits viewable in compare view

Updates actions/first-interaction from 3.0.0 to 3.1.0

Release notes

Sourced from actions/first-interaction's releases.

v3.1.0

What's Changed

• Bump the npm-development group across 1 directory with 7 updates by @​dependabot[bot] in actions/first-interaction#339
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in actions/first-interaction#336
• Bump jest and @​types/jest by @​dependabot[bot] in actions/first-interaction#338
• Bump the npm-development group with 4 updates by @​dependabot[bot] in actions/first-interaction#341
• Fix workflow inputs by @​ncalteen in actions/first-interaction#344
• Bump actions/setup-node from 4 to 5 by @​dependabot[bot] in actions/first-interaction#348
• Bump @​rollup/rollup-linux-x64-gnu from 4.48.1 to 4.50.1 by @​dependabot[bot] in actions/first-interaction#347
• Bump the npm-development group with 8 updates by @​dependabot[bot] in actions/first-interaction#346
• Expand supported event types by @​ncalteen in actions/first-interaction#349
• Bump the npm-development group with 6 updates by @​dependabot[bot] in actions/first-interaction#353
• Bump @​github/local-action from 5.2.0 to 6.0.0 by @​dependabot[bot] in actions/first-interaction#351
• Fix event action check by @​ncalteen in actions/first-interaction#354
• Bump @​octokit/types from 14.1.0 to 15.0.0 by @​dependabot[bot] in actions/first-interaction#357
• Bump @​rollup/rollup-linux-x64-gnu from 4.50.2 to 4.52.3 by @​dependabot[bot] in actions/first-interaction#361
• Bump the npm-development group across 1 directory with 10 updates by @​dependabot[bot] in actions/first-interaction#363

Full Changelog: actions/first-interaction@v3.0...v3.1.0

Commits

• 1c46889 Merge pull request #363 from actions/dependabot/npm_and_yarn/npm-development-...
• 76a99dd Disable checks for dist
• 2ead13c Bump the npm-development group across 1 directory with 10 updates
• 2e8e200 Merge pull request #361 from actions/dependabot/npm_and_yarn/rollup/rollup-li...
• df55979 Merge pull request #357 from actions/dependabot/npm_and_yarn/octokit/types-15...
• c056c18 Bump @​rollup/rollup-linux-x64-gnu from 4.50.2 to 4.52.3
• dac371d Bump @​octokit/types from 14.1.0 to 15.0.0
• 33689d3 Merge pull request #354 from actions/ncalteen/event
• 8e69b57 Merge branch 'main' into ncalteen/event
• 69c5373 Merge pull request #351 from actions/dependabot/npm_and_yarn/github/local-act...
• Additional commits viewable in compare view

Updates docker/login-action from 3.5.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

• Add registry-auth input for raw authentication to registries by @​crazy-max in docker/login-action#887
• Bump @​aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883
• Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880
• Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879
• Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

Commits

• 5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 97e3143 chore: update generated content
• 3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
• 5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• abc9fb3 chore: update generated content
• d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
• a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 0d7fae8 chore: update generated content
• 9832253 build(deps): bump @​docker/actions-toolkit from 0.62.1 to 0.63.0
• 09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

✅MegaLinter analysis: Success

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	20		0	0	0.6s
✅ DOCKERFILE	hadolint	2		0	0	0.69s
✅ GHERKIN	gherkin-lint	6		0	0	2.34s
✅ JSON	npm-package-json-lint	yes		no	no	0.49s
✅ JSON	prettier	15	2	0	0	0.51s
✅ JSON	v8r	15		0	0	7.0s
✅ MARKDOWN	markdownlint	10	0	0	0	0.88s
✅ MARKDOWN	markdown-table-formatter	10	0	0	0	0.27s
✅ REPOSITORY	gitleaks	yes		no	no	0.82s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	27.7s
✅ REPOSITORY	secretlint	yes		no	no	1.0s
✅ REPOSITORY	syft	yes		no	no	1.98s
✅ REPOSITORY	trivy	yes		no	no	4.9s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.25s
✅ REPOSITORY	trufflehog	yes		no	no	2.54s
✅ SPELL	lychee	70		0	0	11.73s
✅ YAML	prettier	26	0	0	0	1.01s
✅ YAML	v8r	26		0	0	7.44s
✅ YAML	yamllint	26		0	0	0.96s

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx [email protected] --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,GHERKIN_GHERKIN_LINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edge ➔ ghcr.io/philips-software/amp-devcontainer-rust:pr-961

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	544.75 MB	544.75 MB	+93 B (+0%)	🔼
linux/arm64	501 MB	501 MB	+916 B (+0%)	🔼

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:edge ➔ ghcr.io/philips-software/amp-devcontainer-cpp:pr-961

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	698.92 MB	698.92 MB	756 B (0%)	🔽
linux/arm64	681.73 MB	681.73 MB	437 B (0%)	🔽

[github-actions]

Test Results

 5 files  ±0   5 suites  ±0   3m 27s ⏱️ -10s
31 tests ±0  31 ✅ ±0  0 💤 ±0  0 ❌ ±0 
65 runs  ±0  65 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit c7ba72a. ± Comparison against base commit ab0940b.

[github-actions]

Pull Request Report (#961)

Static measures

Description	Value
Number of added lines	8
Number of deleted lines	8
Number of changed files	6
Number of commits	1
Number of reviews	1
Number of comments (w/o review comments)	5
Number of reviews that contains a comment to resolve	0
Number of reviews that requested a change from the author	0
Number of reviews that approved the Pull Request	1
Get the total number of participants of a Pull Request	4

Time related measures

Description	Value
PR lead time (from creation to close of PR)	2.5 Hours
Time that was spend on the branch before the PR was created	1 Sec
Time that was spend on the branch before the PR was merged	2.5 Hours
Time to merge after last review	6.4 Min

Status check related measures

Description	Value
Total runtime for last status check run (Workflow for PR)	41.9 Min
Total time spend in last status check run on PR	18 Min

[github-actions]

🎉 Hooray! The changes in this pull request went live with the release of v6.5.1 🎉