Skip to content

chore(deps): bump dieghernan/cff-validator from 4 to 5#234

Merged
mgovers merged 1 commit into
mainfrom
dependabot/github_actions/dieghernan/cff-validator-5
Apr 21, 2026
Merged

chore(deps): bump dieghernan/cff-validator from 4 to 5#234
mgovers merged 1 commit into
mainfrom
dependabot/github_actions/dieghernan/cff-validator-5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026
edited
Loading

Bumps dieghernan/cff-validator from 4 to 5.

Release notes

Sourced from dieghernan/cff-validator's releases.

v5

Note that v5 is a sliding tag, and we introduce non-breaking changes to it.

  • Docker action is pinned to the same commit SHA as the parent workflow to avoid security issues thanks to @​mgovers (#26)

v5.0.1 (2026-04-21)

  • Move to full SHA reference on Docker instead to relative path.

What's Changed

New Contributors

Full Changelog: dieghernan/cff-validator@v4...v5

Changelog

Sourced from dieghernan/cff-validator's changelog.

v5

Note that v5 is a sliding tag, and we introduce non-breaking changes to it.

  • Docker action is pinned to the same commit SHA as the parent workflow to avoid security issues thanks to @​mgovers (#26)

v5.0.1 (2026-04-21)

  • Move to full SHA reference on Docker instead to relative path.

v4

Note that v4 is a sliding tag, and we introduce non-breaking changes to it.

Breaking change: The action now uses a Docker container, and would require to be run on a Linux virtual machine (os: ubuntu-*). MacOS and Windows actions would need to switch to ubuntu-*.

v3

Note that v3 is a sliding tag, and we introduce non-breaking changes to it.

  • Improve underlying code.
  • Using a copy of schema.json shipped with {cffr} to avoid SSL/SSH issues #10.
  • Update versions of depencies (#13, #14)

v3.0.1 (2023-07-21)

  • Improve underlying code.
  • Using a copy of schema.json shipped with {cffr} to avoid SSL/SSH issues #10

v3.0.2 (2024-02-08)

v3.0.3 (2025-01-17)

  • Always install R (#16) hence (soft) deprecation of install-r parameter.
  • Update versions of dependencies.

v2.3

  • Fix #8, error on non-Git repos.

v2.2

  • New install-r parameter.
  • Improvements on performance.

v2.1

... (truncated)

Commits
  • 54c8e73 Prepare sliding tag
  • 41f92d7 Update action.yml
  • 7ed7b84 Update action.yml
  • fc44839 Prepare release
  • 93d990c Merge pull request #25 from dieghernan/dependabot/docker/docker/rocker/tidyve...
  • 2142b7c Bump rocker/tidyverse from 4.5.2 to 4.5.3 in /docker
  • 79e387d Merge pull request #27 from mgovers/patch-1
  • 22cecb1 Use local docker action in composite action
  • a55dbe1 Merge pull request #24 from dieghernan/dependabot/docker/docker/rocker/tidyve...
  • 50dd776 Bump rocker/tidyverse from 4.4.2 to 4.5.2 in /docker
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 21, 2026
@mgovers
Copy link
Copy Markdown
Member

mgovers commented Apr 21, 2026

https://github.com/dependabot recreate

@dependabot
chore(deps): bump dieghernan/cff-validator from 4 to 5
5132967 
Bumps [dieghernan/cff-validator](https://github.com/dieghernan/cff-validator) from 4 to 5.
- [Release notes](https://github.com/dieghernan/cff-validator/releases)
- [Changelog](https://github.com/dieghernan/cff-validator/blob/main/CHANGELOG.md)
- [Commits](dieghernan/cff-validator@114aae5...fc44839)

---
updated-dependencies:
- dependency-name: dieghernan/cff-validator
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/dieghernan/cff-validator-5 branch from 6278faf to 5132967 Compare April 21, 2026 10:41
@mgovers mgovers closed this Apr 21, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 21, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@mgovers mgovers reopened this Apr 21, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 21, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mgovers mgovers enabled auto-merge (squash) April 21, 2026 10:47
@mgovers mgovers merged commit 98d6833 into main Apr 21, 2026
26 of 27 checks passed
@mgovers mgovers deleted the dependabot/github_actions/dieghernan/cff-validator-5 branch April 21, 2026 10:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mgovers mgovers mgovers approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mgovers