chore(deps): update all non-major dependencies#247
Merged
Conversation
![renovate-approve-2[bot]](https://avatars.githubusercontent.com/in/62175?s=60&v=4){kind=small}
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
Contributor
✅MegaLinter analysis: Success
Notices📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining See detailed reports in MegaLinter artifacts Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining
|
renovate
Bot
force-pushed
the
renovate/all-minor-patch
branch
from
34fe1c5 to
5a8b0f0
Compare
Contributor
Trivy image scan report
|
Contributor
Trivy image scan report
|
Contributor
Trivy image scan report
|
Contributor
|
🎉 This PR is included in version 1.11.34 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v5.2.0→v5.3.00.70.0→0.71.0v4.0.0→v4.1.0Release Notes
actions/setup-dotnet (actions/setup-dotnet)
v5.3.0Compare Source
What's Changed
Enhancements
Dependency Updates
Bug Fixes
New Contributors
Full Changelog: actions/setup-dotnet@v5...v5.3.0
aquasecurity/trivy (aquasecurity/trivy)
v0.71.0Compare Source
Changelog
9b49920release: v0.71.0 [main] (#10638)35cefaeci: use only the first line of commit message in release-please workflow (#10766)f8a6ddbfeat: add WithDriver and WithProvider options to ospkg detector (#10740)3ea80c0chore(deps): bump github.com/google/go-containerregistry to v0.21.6 (#10741)203dd94refactor(secret): normalize configPath once in Init (#10702)9ad901dfeat(secret): add Maven rules to detect passwords and passphrases in settings.xml and settings-security.xml files (#10704)8f049dfchore(deps): bump the common group across 1 directory with 25 updates (#10758)900ffcbchore: migrate from gomodguard to gomodguard_v2 (#10739)3d5bc38chore(deps): bump the docker group across 1 directory with 2 updates (#10709)1c515dbchore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.302.0 to 1.303.0 in the aws group (#10752)984581fci: scope GitHub App tokens to minimum required permissions (#10755)b1626a3chore(deps): upgrade go-redis from v8 to v9 (#10736)9c1cf65fix(misconf): fix rendering of nested values in terraform plan lists (#10746)f099dc4fix(misconf): skip resources with no after changes (#10352)0bc5c6dfix(misconf): reject nil plays during playbook parsing (#10273)0e4dc66fix(nodejs): silently skip subdirectory package.json files with invalid names (#10609)f080e1efix(misconf): skip null cty values in AsMapValue to prevent panic (#10723)441251erefactor(misconf): replace custom Helm archive parsing with Helm SDK loaders (#10718)7d9d519chore(deps): bump github.com/containerd/containerd/v2 to v2.3.1 (#10738)cdfaf0bchore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 (#10686)69e78e2fix(report): don't produce trailing comma in gitlab.tpl links array (#10728)ac2f3d7fix(cloudformation): propagate AWS::EC2::Instance MetadataOptions (#10731)ac79fb9chore(deps): upgrade github.com/cenkalti/backoff dependency to v5 (#10705)8047ef3chore: bump golangci-lint to v2.12 (#10726)f2a1237feat(spdx): add SHA-512 hash algorithm support to SPDX serializer (#10719)04f739efeat(sbom): support for CycloneDX 1.7 (#10715)f9ed425chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.300.0 to 1.302.0 in the aws group (#10708)e169597chore: migrate from helm.sh/helm/v3 to helm.sh/helm/v4 (#10678)519eac9fix(image): correctly reconstruct RUN instructions built without BuildKit (#10714)c080ce3feat(java): support from settings.xml (#10692)f8fdb93fix(java): surface 429 from a remote Maven repository as a fatal error when scanning pom.xml files (#10693)f10fad5chore: bump go to 1.26.3 (#10683)451fd99fix(nodejs): handle legacy license formats in npm lockfile parser (#10684)fc1e46ffix(secret): correctly skip secret-scanner config file from scanning (#10666)a61feacfeat(ubuntu): detect Ubuntu 26.04 LTS (#10592)2f940f0refactor(nodejs): deduplicate license traversal across package managers (#10681)39a28edfix: overwrite OS packages PURLs after overwrite OS (#10298)69dcd18feat(secret): add Azure secret detection rules (#10562)9d91b88fix(misconf): prevent path traversal in Terraform filesystem functions (#10664)e4325b1feat(secret): add a way to customize skipped folders, files and exts (#10550)ea7e9adci: migrate PAT tokens to GitHub App (#10628)cb229e9chore(deps): bump the aws group across 1 directory with 6 updates (#10598)00cebebchore(deps): bump the docker group across 1 directory with 3 updates (#10596)8dff4b7chore(deps): bump the github-actions group across 2 directories with 9 updates (#10608)56b5471chore(deps): bump github.com/in-toto/in-toto-golang from 0.10.0 to 0.11.0 (#10641)10d64d2chore(deps): bump github.com/go-git/go-git/v5 from 5.18.0 to 5.19.0 (#10648)99c0659ci: migrate PAT tokens to GITHUB_TOKEN for reusable-release workflow (#10655)b08bf6afeat(seal): add vendor support for language file detection. (#10297)a75a468fix(misconf): make identifiers in ignore rules case-insensitive (#10375)3a2f7fbfix: pull instead of clone when test repo already exists (#10636)920fad2docs: document how to disable check.trivy.dev connections (#10623)d4ac98adocs(misconf): fix typo in misconfiguration config (#10619)85aa9b7ci: remove secrets from run block (#10590)72c2a23docs: fix typos (#10605)99eabdfrefactor(deps): replace archived go-homedir with os.UserHomeDir (#10484)28ed214chore(deps): Bumpgo-iniand fix the import path. (#10489)bb5a8cfchore(deps): bump the github-actions group across 2 directories with 9 updates (#10495)a0f71c8chore(deps): bump github.com/aquasecurity/testdocker (#10543)2095d49docs: convert README demonstration videos to mp4 (#10419)4aa938dchore(deps): upgrade vm scan dependency for bug fix (#10575)c72b416docs(nodejs): clarify package.json behavior in image scanning (#10572)8e23717chore(deps): replace xeipuuv/gojsonschema and invopop/jsonschema with google/jsonschema-go (#10528)cb4aa9cchore(deps): bump github.com/go-git/go-git/v5 from 5.17.2 to 5.18.0 (#10554)73809dbchore(deps): bump alpine to 3.23.4 (#10552)2459b1dci(helm): bump Trivy version to 0.70.0 for Trivy Helm Chart 0.22.0 (#10547)docker/setup-qemu-action (docker/setup-qemu-action)
v4.1.0Compare Source
resetinput to uninstall current emulators by @crazy-max in #21Full Changelog: docker/setup-qemu-action@v4.0.0...v4.1.0
Configuration
📅 Schedule: (UTC)
* 0-3 * * 1)🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.