build(deps): bump redhat-plumbers-in-action/differential-shellcheck from 4 to 5

[dependabot]

Bumps redhat-plumbers-in-action/differential-shellcheck from 4 to 5.

Release notes

Sourced from redhat-plumbers-in-action/differential-shellcheck's releases.

v5.0.0

What's Changed

Breaking

• drop: ignored-codes input 🚫 (#290) @​jamacku
• drop: shell-scripts input 🚫 (#288) @​jamacku

New

• Show more context for ShellCheck defects and fixes in console output 💾 (#300) @​jamacku
• Add support for subdirectory scanning 📁 (#294) @​jamacku
• Add Statistics of defect severities 📊 (#233) @​jamacku
• Show scanned files in console by default 📜 (#285) @​jamacku

Bug Fixes

• Fix autodetection of shell scripts in DEBUG mode 🥝 (#299) @​jamacku
• Always gather defect statistics 📉 (#298) @​jamacku
• Fix count of scanned files in job Summary when running on push event 🔢 (#297) @​jamacku
• Set correct version of ShellCheck in SARIF 🥥 (#296) @​jamacku
• fix: detection of changed files that might cause failure on some paths 🍭 (#286) @​jamacku

Maintenance

• Make the version of the used GHA more visible 👀 (#320) @​jamacku
• Update csutils (csdiff and csgrep) to 3.0.4 (#319) @​jamacku
• Update csutils (csdiff) to 3.0.3 (#293) @​jamacku

Documentation

• Improve documentation examples and update feature showcase 📷 (#301) @​jamacku
• Add section documenting VS Code integration 👩‍💻 (#311) @​jamacku
• doc: Explain format of path list options (#310) @​VladimirSlavik

Automation and CI changes

• Monthly dependabot updates 🤖 (#274) @​jamacku

Dependency Updates

• build(deps): bump fedora from 61f921e to 6fc00f8 (#312) @​dependabot
• build(deps): bump actions/checkout from 3.6.0 to 4.1.0 (#318) @​dependabot
• build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 (#317) @​dependabot
• build(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#316) @​dependabot
• build(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 (#315) @​dependabot
• build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#314) @​dependabot

... (truncated)

Changelog

Sourced from redhat-plumbers-in-action/differential-shellcheck's changelog.

Changelog

Next release

v5.0.0

• Added defect statistics based on severity levels. They are available in the console output and in the job Summary page.
• New option scan-directory. Allows to specify directories that will be scanned. By default Differential ShellCheck scans the whole repository.
• Show more context for ShellCheck defects and fixes in console output. The defect is now shown in the context of the surrounding code.
• Fix autodetection of shell scripts in DEBUG mode
• Fix detection of changed files that might cause failure on paths with special characters.
• Fix count of scanned files in job Summary when running on push event.
• Drop support for shell-scripts input
• Drop support for ignored-codes input
• Update csutils (csdiff) to 3.0.4

v4.2.2

• Container images now based on Fedora 38
  • ShellCheck - 0.8.0 -> 0.9.0
  • csutils - 3.0.0 -> 3.0.2

v4.2.1

• Handle multiple include/exclude paths with newlines

v4.2.0

• New option exclude-path. Allows to specify list of paths excluded from ShellCheck scanning. It supports globbing and brace expansion. e.g. test/{test1,test2}/**
• New option include-path. Similar to exclude-path, it allows specifying the list of paths that will be included into scanning. No further checks are performed. It supports globbing and brace expansion. e.g. fixture/**.fixture

v4.1.0

• grep - do not escape # and ! in patterns
• Utilize DEBUG to run grep without --silent option
• Update csutils (csdiff) to 3.0.0

v4.0.2

• Correctly handle character escaping in filenames (e.g. ␣ and &)
• Improve documentation and more tests

v4.0.0

• Tag latest is no longer available. Use major tags instead (e.g. v3 or v4).

• Action can be triggered using GitHub push event

  on:

... (truncated)

Commits

• 0b37fe0 v5.0.0
• b392c11 deps: use the correct version of super-linter
• 9988647 deps: add comment with pinned version
• a58af3b deps: update csutils (csdiff and csgrep) to 3.0.4
• dc2f863 doc: fix format of warning message
• e0416c5 doc: add example.sh for testing purposes
• 9806172 doc: update console output example
• 8563bd9 doc: add example of Job Summary
• f41ca47 doc: update checkout version in example
• 3f78952 doc: fix format of example
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)