chore(deps): bump qltysh/qlty-action from 7d2645a1a6c539dfe84d3f57640a4f53593cf74c to 141b881236146435192435eb7b0e06ea0b70b4d9

[dependabot]

Bumps qltysh/qlty-action from 7d2645a1a6c539dfe84d3f57640a4f53593cf74c to 141b881236146435192435eb7b0e06ea0b70b4d9.

Changelog

Sourced from qltysh/qlty-action's changelog.

Changelog

v2.2.0 (2025-08-11)

• Testing release process (no changes)

v2.1.0 (2025-08-08)

New

• support "dry-run" option for command complete

Improved

• Use log level "error" instead of "warning" when a catastrophic error occurs but "skip-errors" is true

Fixed

• Ignore "validate" option when command is "complete" (otherwise errors with invalid option)

v2.0.0 (2025-08-05)

This release mirrors the breaking change we introduced in the qlty CLI proper: we now validate coverage data by default instead of uploading coverage data to qlty that qlty cannot use. Now you must opt out of this behavior whereas previously opt in.

What This Means for You:

• If coverage reporting is working as expected, you'll experience no impact. If you're uploading valid reports and seeing directory and file-level coverage metrics in Qlty, you don't need to do anything. (If your reports include mismatched paths, you'll see specific path errors listed within your CI output)
• Potential CI Build Failures: Once this change is implemented, if your current CI/CD pipeline uploads a report with mismatched paths, your builds will begin to fail when executing qlty coverage publish.
• Quick Fix for Build Failures: If your builds start failing and you need to get them passing immediately, you can temporarily add validate: false to the GitHub Action configuration. This will disable validation and allow your CI build to pass (though your coverage data will remain broken until you've uploaded a valid report).

We believe this change will significantly improve the accuracy and usability of your coverage data within Qlty. If you have any questions or require assistance, please don't hesitate to contact our support team.

v1.2.0 (2025-08-04)

Fixed

• Ensure correct commit sha provided from PRs for 'complete' action (#125)
• More robust error output in face of unknown errors (#121)
• Set output directory to RUNNER_TEMP (#110)

Thank you, @​enell for your contribution!

v1.1.1 (2025-06-25)

Improved

• Make files arg optional for complete (#112)

v1.1.0 (2025-05-15)

... (truncated)

Commits

• 141b881 Fix Dependabot alerts: minimatch (#172)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated CI workflow action dependency version.

[dependabot]

Labels

The following labels could not be found: skip news. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[tkislan]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 65eccdca-5787-4bca-8749-119b60959f3b

📥 Commits

Reviewing files that changed from the base of the PR and between e9f9996 and 4c29a68.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

---

📝 Walkthrough

Walkthrough

Updates the qlty-action/install action commit reference in the CI workflow from 7d2645a to 141b881. No changes to workflow logic, error handling, or functionality—purely a dependency version bump.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore(deps): bump qltysh/qlty-action from 0814173ae3b13074fc896ca0e8e6d631c8352509 to 7d2645a1a6c539dfe84d3f57640a4f53593cf74c #356: Bumps the same qlty-action commit hash to 7d2645a—this PR advances it further.
• chore(deps): bump qltysh/qlty-action from 92420f3093ba65970fed22ce5f162ecb8a5c1700 to c1d9ae56aba737dfb3c83921007a2610f1dad51c #226: Updates the qlty-action/install reference in the same workflow file.
• chore(deps): bump qltysh/qlty-action from c1d9ae56aba737dfb3c83921007a2610f1dad51c to ea1f343351856554424688e75be09f7fd59936a6 #258: Modifies the same workflow file's qlty-action install commit reference.

Suggested reviewers

• Artmann

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	Title accurately describes the main change: bumping qltysh/qlty-action to a newer commit to fix a Dependabot alert (minimatch vulnerability).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Updates Docs	✅ Passed	PR updates qltysh/qlty-action dependency only; no feature implementation, so documentation update requirement does not apply.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0%. Comparing base (e9f9996) to head (4c29a68).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@     Coverage Diff     @@
##   main   #360   +/-   ##
===========================
===========================

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.