build(deps): bump the dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the dependencies group with 12 updates in the / directory:

Package	From	To
actions/checkout	4.2.2	5.0.0
actions/setup-node	4.4.0	6.0.0
docker/login-action	3.4.0	3.6.0
docker/metadata-action	5.7.0	5.8.0
peter-evans/dockerhub-description	4.0.2	5.0.0
github/codeql-action	3.29.2	4.31.0
actions/setup-java	4.7.1	5.0.0
actions/upload-artifact	4.6.2	5.0.0
checkmarx/kics-github-action	2.1.11	2.1.15
amannn/action-semantic-pull-request	5.5.3	6.1.1
aquasecurity/trivy-action	0.32.0	0.33.1
trufflesecurity/trufflehog	3.90.1	3.90.11

Updates actions/checkout from 4.2.2 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236
• Prepare release v4.3.0 by @​salmanmkc in actions/checkout#2237

New Contributors

• @​motss made their first contribution in actions/checkout#1971
• @​mouismail made their first contribution in actions/checkout#1977
• @​benwells made their first contribution in actions/checkout#2043
• @​nebuk89 made their first contribution in actions/checkout#2194
• @​salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

• 08c6903 Prepare v5.0.0 release (#2238)
• 9f26565 Update actions checkout to use node 24 (#2226)
• 08eba0b Prepare release v4.3.0 (#2237)
• 631c7dc Update package dependencies (#2236)
• 8edcb1b Update CODEOWNERS for actions (#2224)
• 09d2aca Update README.md (#2194)
• 85e6279 Adjust positioning of user email note and permissions heading (#2044)
• 009b9ae Documentation update - add recommended permissions to Readme (#2043)
• cbb7224 Update README.md (#1977)
• 3b9b8c8 docs: update README.md (#1971)
• See full diff in compare view

Updates actions/setup-node from 4.4.0 to 6.0.0

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

• Limit automatic caching to npm, update workflows and documentation by @​priyagupta108 in actions/setup-node#1374

Dependency Upgrades

• Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @​dependabot[bot] in #1336
• Upgrade prettier from 2.8.8 to 3.6.2 by @​dependabot[bot] in #1334
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @​dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in actions/setup-node#1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in actions/setup-node#1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-node#1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-node#1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-node#1345

New Contributors

• @​priya-kinthali made their first contribution in actions/setup-node#1348
• @​salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

Commits

• 2028fbc Limit automatic caching to npm, update workflows and documentation (#1374)
• 1342781 Bump actions/publish-action from 0.3.0 to 0.4.0 (#1362)
• 89d709d Bump prettier from 2.8.8 to 3.6.2 (#1334)
• cd2651c Bump ts-jest from 29.1.2 to 29.4.1 (#1336)
• a0853c2 Bump actions/checkout from 4 to 5 (#1345)
• b7234cc Upgrade action to use node24 (#1325)
• d7a1131 Enhance caching in setup-node with automatic package manager detection (#1348)
• 5e2628c Bumps form-data (#1332)
• 65becef Bump undici from 5.28.5 to 5.29.0 (#1295)
• 7e24a65 Bump uuid from 9.0.1 to 11.1.0 (#1273)
• Additional commits viewable in compare view

Updates docker/login-action from 3.4.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

• Add registry-auth input for raw authentication to registries by @​crazy-max in docker/login-action#887
• Bump @​aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883
• Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880
• Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879
• Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

• Support dual-stack endpoints for AWS ECR by @​Spacefish @​crazy-max in docker/login-action#874 docker/login-action#876
• Bump @​aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870
• Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

Commits

• 5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 97e3143 chore: update generated content
• 3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
• 5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• abc9fb3 chore: update generated content
• d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
• a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 0d7fae8 chore: update generated content
• 9832253 build(deps): bump @​docker/actions-toolkit from 0.62.1 to 0.63.0
• 09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
• Additional commits viewable in compare view

Updates docker/metadata-action from 5.7.0 to 5.8.0

Release notes

Sourced from docker/metadata-action's releases.

v5.8.0

• New is_not_default_branch global expression by @​crazy-max in docker/metadata-action#535
• Allow to match part of the git tag or value for semver/pep440 types by @​crazy-max in docker/metadata-action#536 docker/metadata-action#537
• Bump @​actions/github from 6.0.0 to 6.0.1 in docker/metadata-action#523
• Bump @​docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/metadata-action#526
• Bump form-data from 2.5.1 to 2.5.5 in docker/metadata-action#533
• Bump moment-timezone from 0.5.47 to 0.6.0 in docker/metadata-action#525
• Bump semver from 7.7.1 to 7.7.2 in docker/metadata-action#524

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

Commits

• c1e5197 Merge pull request #537 from crazy-max/pep440-match
• 89dd65a chore: update generated content
• 699ee45 allow to match part of the git tag or value for pep440 type
• e0542a6 Merge pull request #536 from crazy-max/semver-match
• b7facdf chore: update generated content
• 81c60df allow to match part of the git tag or value for semver type
• de11195 Merge pull request #535 from crazy-max/not_def_branch
• 2f9c64b Merge pull request #533 from docker/dependabot/npm_and_yarn/form-data-2.5.5
• 510f746 chore: update generated content
• 2bc3f4e is_not_default_branch global expression
• Additional commits viewable in compare view

Updates peter-evans/dockerhub-description from 4.0.2 to 5.0.0

Release notes

Sourced from peter-evans/dockerhub-description's releases.

Docker Hub Description v5.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

• build(deps-dev): bump eslint-plugin-prettier from 5.2.5 to 5.2.6 by @​dependabot[bot] in peter-evans/dockerhub-description#312
• build(deps-dev): bump eslint-plugin-prettier from 5.2.6 to 5.3.1 by @​dependabot[bot] in peter-evans/dockerhub-description#313
• build(deps-dev): bump eslint-plugin-prettier from 5.3.1 to 5.4.0 by @​dependabot[bot] in peter-evans/dockerhub-description#314
• build(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 by @​dependabot[bot] in peter-evans/dockerhub-description#315
• build(deps-dev): bump eslint-plugin-prettier from 5.4.1 to 5.5.0 by @​dependabot[bot] in peter-evans/dockerhub-description#316
• build(deps-dev): bump prettier from 3.5.3 to 3.6.2 by @​dependabot[bot] in peter-evans/dockerhub-description#317
• build(deps-dev): bump eslint-plugin-prettier from 5.5.0 to 5.5.1 by @​dependabot[bot] in peter-evans/dockerhub-description#318
• build(deps-dev): bump eslint-plugin-prettier from 5.5.1 to 5.5.3 by @​dependabot[bot] in peter-evans/dockerhub-description#320
• build(deps): bump form-data from 3.0.1 to 3.0.4 by @​dependabot[bot] in peter-evans/dockerhub-description#321
• build(deps): bump actions/download-artifact from 4 to 5 by @​dependabot[bot] in peter-evans/dockerhub-description#322
• build(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 by @​dependabot[bot] in peter-evans/dockerhub-description#323
• build(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in peter-evans/dockerhub-description#324
• build(deps): bump actions/setup-node from 4 to 5 by @​dependabot[bot] in peter-evans/dockerhub-description#325
• build(deps-dev): bump @​vercel/ncc from 0.38.3 to 0.38.4 by @​dependabot[bot] in peter-evans/dockerhub-description#326
• v5 by @​peter-evans in peter-evans/dockerhub-description#327

Full Changelog: peter-evans/dockerhub-description@v4.0.2...v5.0.0

Commits

• 1b9a80c feat: v5 (#327)
• ef9b19a build(deps-dev): bump @​vercel/ncc from 0.38.3 to 0.38.4 (#326)
• a48612b build(deps): bump actions/setup-node from 4 to 5 (#325)
• 08eafd1 build(deps): bump actions/checkout from 4 to 5 (#324)
• a0bee1b build(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (#323)
• 2877192 build(deps): bump actions/download-artifact from 4 to 5 (#322)
• 444ccd3 build(deps): bump form-data from 3.0.1 to 3.0.4 (#321)
• aca792b build(deps-dev): bump eslint-plugin-prettier from 5.5.1 to 5.5.3 (#320)
• 940963a build(deps-dev): bump eslint-plugin-prettier from 5.5.0 to 5.5.1 (#318)
• 0b249a1 build(deps-dev): bump prettier from 3.5.3 to 3.6.2 (#317)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.29.2 to 4.31.0

Release notes

Sourced from github/codeql-action's releases.

v4.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025

• Bump minimum CodeQL bundle version to 2.17.6. #3223
• When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

See the full CHANGELOG.md for more information.

v4.30.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025

• Update default CodeQL bundle version to 2.23.3. #3205
• Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

See the full CHANGELOG.md for more information.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.7 - 06 Oct 2025

• [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

See the full CHANGELOG.md for more information.

v3.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.0 - 24 Oct 2025

• Bump minimum CodeQL bundle version to 2.17.6. #3223
• When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

• Update default CodeQL bundle version to 2.23.3. #3205
• Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

• [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
• Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

• Fixed a bug which could cause language autodetection to fail. #3084
• Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

... (truncated)

Commits

• 4e94bd1 Merge pull request #3235 from github/update-v4.31.0-1d36546c1
• 8f11182 Update changelog for v4.31.0
• 1d36546 Merge pull request #3234 from github/mbg/changelog/post-processing
• 08ada26 Add changelog entry for post-processing change
• b843cbe Merge pull request #3233 from github/mbg/getOptionalEnvVar
• 1ecd563 Use getOptionalEnvVar in writePostProcessedFiles
• e576807 Merge pull request #3223 from github/henrymercer/bump-minimum
• ad35676 Add getOptionalEnvVar function
• d75645b Merge pull request #3222 from github/mbg/upload-lib/post-process
• 710606c Check that outputPath is non-empty
• Additional commits viewable in compare view

Updates actions/setup-java from 4.7.1 to 5.0.0

Release notes

Sourced from actions/setup-java's releases.

v5.0.0

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in actions/setup-java#888

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Upgrades

• Upgrade Publish Immutable Action by @​HarithaVattikuti in actions/setup-java#798
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot[bot] in actions/setup-java#730
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-java#833
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-java#887
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-java#896

Bug Fixes

• Prevent default installation of JetBrains pre-releases by @​priyagupta108 in actions/setup-java#859
• Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by @​gowridurgad in actions/setup-java#848

New Contributors

• @​gowridurgad made their first contribution in actions/setup-java#848
• @​salmanmkc made their first contribution in actions/setup-java#888

Full Changelog: actions/setup-java@v4...v5.0.0

Commits

• dded088 Bump actions/checkout from 4 to 5 (#896)
• 0913e9a Upgrade to node 24 (#888)
• e9343db Bumps form-data (#887)
• ae2b61d Bump undici from 5.28.5 to 5.29.0 (#833)
• c190c18 Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (#730)
• 67aec00 Fix: prevent default installation of JetBrains pre-releases (#859)
• ebb356c Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...
• f4f1212 Update publish-immutable-actions.yml (#798)
• See full diff in compare view

Updates actions/upload-artifact from 4.6.2 to 5.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README.md by @​GhadimiR in actions/upload-artifact#681
• Update README.md by @​nebuk89 in actions/upload-artifact#712
• Readme: spell out the first use of GHES by @​danwkennedy in actions/upload-artifact#727
• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/upload-artifact#725
• Bump @actions/artifact to v4.0.0
• Prepare v5.0.0 by @​danwkennedy in actions/upload-artifact#734

New Contributors

• @​GhadimiR made their first contribution in actions/upload-artifact#681
• @​nebuk89 made their first contribution in actions/upload-artifact#712
• @​danwkennedy made their first contribution in actions/upload-artifact#727
• @​patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

Commits

• 330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
• 03f2824 Update github.dep.yml
• 905a1ec Prepare v5.0.0
• 2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
• 9687587 Merge branch 'main' into patch-1
• 2848b2c Merge pull request #727 from danwkennedy/patch-1
• 9b51177 Spell out the first use of GHES
• cd231ca Update GHES guidance to include reference to Node 20 version
• de65e23 Merge pull request #712 from actions/nebuk89-patch-1
• 8747d8c Update README.md
• Additional commits viewable in compare view

Updates checkmarx/kics-github-action from 2.1.11 to 2.1.15

Release notes

Sourced from checkmarx/kics-github-action's releases.

v2.1.15

What's Changed

• Update kics to version 2.1.15 by @​cx-bruno-silva in Checkmarx/kics-github-action#143

Full Changelog: Checkmarx/kics-github-action@v2.1.14...v2.1.15

v2.1.14

What's Changed

• Update kics to version 2.1.14 by @​cx-bruno-silva in Checkmarx/kics-github-action#141

Full Changelog: Checkmarx/kics-github-action@v2.1.13...v2.1.14

v2.1.13

What's Changed

• bump kics version to 2-1-13 by @​cx-monica-casanova in Checkmarx/kics-github-action#139

Full Changelog: Checkmarx/kics-github-action@v2.1.12...v2.1.13

v2.1.12

What's Changed

• bumps kics version to 2.1.12 by @​cx-monica-casanova in Checkmarx/kics-github-action#136

Full Changelog: Checkmarx/kics-github-action@v2.1.11...v2.1.12

Commits

• 86775e4 Update kics to version 2.1.15 (#143)
• c11ca46 Update kics to version 2.1.14 (#141)
• 7145454 bump kics version to 2-1-13 (#139)
• cd1f377 bumps kics version to 2.1.12 (#136)
• See full diff in compare view

Updates amannn/action-semantic-pull-request from 5.5.3 to 6.1.1

Release notes

Sourced from amannn/action-semantic-pull-request's releases.

v6.1.1

6.1.1 (2025-08-22)

Bug Fixes

• Parse headerPatternCorrespondence properly (#295) (800da4c)

v6.1.0

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud