From 407a900bbc18ea535dcced35277fabb774d91b00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Jun 2025 12:28:37 +0000 Subject: [PATCH 01/12] gh-actions: bump cycjimmy/semantic-release-action from 4.2.0 to 4.2.1 Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/cycjimmy/semantic-release-action/releases) - [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/cycjimmy/semantic-release-action/compare/0a51e81a6baff2acad3ee88f4121c589c73d0f0e...c4a2fa890676fc2db25ad0aacd8ab4a0f1f4c024) --- updated-dependencies: - dependency-name: cycjimmy/semantic-release-action dependency-version: 4.2.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 385b387..716bc60 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Release - uses: cycjimmy/semantic-release-action@0a51e81a6baff2acad3ee88f4121c589c73d0f0e # v4.2.0 + uses: cycjimmy/semantic-release-action@c4a2fa890676fc2db25ad0aacd8ab4a0f1f4c024 # v4.2.1 with: semantic_version: 18.0.0 extra_plugins: | From d94583baf874f48ce56fa3071c384801b46e64df Mon Sep 17 00:00:00 2001 From: Benjamin Richter Date: Wed, 18 Jun 2025 12:24:20 +0200 Subject: [PATCH 02/12] Update README.md fix tofu_fmt heading --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 73c4bb0..023ad0c 100644 --- a/README.md +++ b/README.md @@ -552,7 +552,7 @@ To replicate functionality in `tofu_docs` hook: - --args=--config=.terraform-docs.yml ``` -### terraftofu_fmtorm_fmt +### tofu_fmt 1. `tofu_fmt` supports custom arguments so you can pass [supported flags](https://www.terraform.io/docs/cli/commands/fmt.html#usage). Eg: From 977d08e2d1627a6f7cebe28b637b4bc4fae9eff3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Jul 2025 14:24:37 +0000 Subject: [PATCH 03/12] gh-actions: bump cycjimmy/semantic-release-action from 4.2.1 to 4.2.2 Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/cycjimmy/semantic-release-action/releases) - [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/cycjimmy/semantic-release-action/compare/c4a2fa890676fc2db25ad0aacd8ab4a0f1f4c024...16ca923e6ccbb50770c415a0ccd43709a8c5f7a4) --- updated-dependencies: - dependency-name: cycjimmy/semantic-release-action dependency-version: 4.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 716bc60..78d7954 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Release - uses: cycjimmy/semantic-release-action@c4a2fa890676fc2db25ad0aacd8ab4a0f1f4c024 # v4.2.1 + uses: cycjimmy/semantic-release-action@16ca923e6ccbb50770c415a0ccd43709a8c5f7a4 # v4.2.2 with: semantic_version: 18.0.0 extra_plugins: | From b2658a3f8e7a1f379343d9fbba4f9597d0ef1c9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 17:26:54 +0000 Subject: [PATCH 04/12] gh-actions: bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-image-test.yaml | 2 +- .github/workflows/build-image.yaml | 2 +- .github/workflows/pre-commit.yaml | 4 ++-- .github/workflows/release.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-image-test.yaml b/.github/workflows/build-image-test.yaml index 1003867..0abc018 100644 --- a/.github/workflows/build-image-test.yaml +++ b/.github/workflows/build-image-test.yaml @@ -9,7 +9,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index 2d0c497..68a054f 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up QEMU uses: docker/setup-qemu-action@v3 diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 3fab3c2..a8e86e6 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -6,7 +6,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - run: | git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/* @@ -31,7 +31,7 @@ jobs: curl -L "$(curl -s https://api.github.com/repos/hadolint/hadolint/releases/latest | grep -o -E -m 1 "https://.+?/hadolint-Linux-x86_64")" > hadolint \ && chmod +x hadolint && sudo mv hadolint /usr/bin/ # Need to success pre-commit fix push - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 78d7954..cf3441c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false fetch-depth: 0 From f81b28692c07dfd206871b74736a17d658b2d765 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 22 Aug 2025 11:43:05 +0000 Subject: [PATCH 05/12] gh-actions: bump amannn/action-semantic-pull-request from 5.5.3 to 6.1.1 Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.5.3 to 6.1.1. - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](https://github.com/amannn/action-semantic-pull-request/compare/0723387faaf9b38adef4775cd42cfd5155ed6017...48f256284bd46cdaab1048c3721360e808335d50) --- updated-dependencies: - dependency-name: amannn/action-semantic-pull-request dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 19e48a4..3d86d51 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -14,7 +14,7 @@ jobs: steps: # Please look up the latest version from # https://github.com/amannn/action-semantic-pull-request/releases - - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From a4ae94e826b69eb34265d7033a45c25d91a3cedd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Sep 2025 23:11:04 +0000 Subject: [PATCH 06/12] gh-actions: bump cycjimmy/semantic-release-action from 4.2.2 to 5.0.0 Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/cycjimmy/semantic-release-action/releases) - [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/cycjimmy/semantic-release-action/compare/16ca923e6ccbb50770c415a0ccd43709a8c5f7a4...9cc899c47e6841430bbaedb43de1560a568dfd16) --- updated-dependencies: - dependency-name: cycjimmy/semantic-release-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cf3441c..c1c049b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Release - uses: cycjimmy/semantic-release-action@16ca923e6ccbb50770c415a0ccd43709a8c5f7a4 # v4.2.2 + uses: cycjimmy/semantic-release-action@9cc899c47e6841430bbaedb43de1560a568dfd16 # v5.0.0 with: semantic_version: 18.0.0 extra_plugins: | From 84d857a5ae5e3758cf01b4443087966d4d88993c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Sep 2025 13:18:51 +0000 Subject: [PATCH 07/12] gh-actions: bump actions/setup-python from 5.6.0 to 6.0.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.6.0 to 6.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...e797f83bcb11b83ae66e0230d6156d7c80228e7c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index a8e86e6..96ca101 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -36,7 +36,7 @@ jobs: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} # Skip tofu_tflint which interferes to commit pre-commit auto-fixes - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: '3.9' - name: Execute pre-commit From f2b0eb603a22d4dd6b5d8d532dc7542cb22bf3f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Sep 2025 14:02:40 +0000 Subject: [PATCH 08/12] gh-actions: bump actions/stale from 9.1.0 to 10.0.0 Bumps [actions/stale](https://github.com/actions/stale) from 9.1.0 to 10.0.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5bef64f19d7facfb25b37b414482c7164d639639...3a9db7e6a41a89f618792c92c0e97cc736e1b13f) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/stale-actions.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale-actions.yaml b/.github/workflows/stale-actions.yaml index 802c138..d797c08 100644 --- a/.github/workflows/stale-actions.yaml +++ b/.github/workflows/stale-actions.yaml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 + - uses: actions/stale@3a9db7e6a41a89f618792c92c0e97cc736e1b13f # v10.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Staling issues and PR's From f9d6074ab09f09e5fe2ce8e619349b81aec9e403 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 12:30:24 +0000 Subject: [PATCH 09/12] gh-actions: bump tj-actions/changed-files from 46.0.5 to 47.0.0 Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 46.0.5 to 47.0.0. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/ed68ef82c095e0d48ec87eccea555d944a631a4c...24d32ffd492484c1d75e0c0b894501ddb9d30d62) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-version: 47.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-image-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-image-test.yaml b/.github/workflows/build-image-test.yaml index 0abc018..1a518e0 100644 --- a/.github/workflows/build-image-test.yaml +++ b/.github/workflows/build-image-test.yaml @@ -15,7 +15,7 @@ jobs: - name: Get changed Dockerfile id: changed-files-specific - uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5 + uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47.0.0 with: files: | Dockerfile From 211d65d43d91eb474c630a8dd82d205a2f889eee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Oct 2025 11:22:49 +0000 Subject: [PATCH 10/12] gh-actions: bump cycjimmy/semantic-release-action from 5.0.0 to 5.0.1 Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/cycjimmy/semantic-release-action/releases) - [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/cycjimmy/semantic-release-action/compare/9cc899c47e6841430bbaedb43de1560a568dfd16...ebcbc663748eae8da59a127a7d8b8e22f82514b2) --- updated-dependencies: - dependency-name: cycjimmy/semantic-release-action dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c1c049b..200ef37 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Release - uses: cycjimmy/semantic-release-action@9cc899c47e6841430bbaedb43de1560a568dfd16 # v5.0.0 + uses: cycjimmy/semantic-release-action@ebcbc663748eae8da59a127a7d8b8e22f82514b2 # v5.0.1 with: semantic_version: 18.0.0 extra_plugins: | From 430f50f0bd82b5ac7ac0cb132c05b609705e9308 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 11:22:34 +0000 Subject: [PATCH 11/12] gh-actions: bump cycjimmy/semantic-release-action from 5.0.1 to 5.0.2 Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 5.0.1 to 5.0.2. - [Release notes](https://github.com/cycjimmy/semantic-release-action/releases) - [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/cycjimmy/semantic-release-action/compare/ebcbc663748eae8da59a127a7d8b8e22f82514b2...ba330626c4750c19d8299de843f05c7aa5574f62) --- updated-dependencies: - dependency-name: cycjimmy/semantic-release-action dependency-version: 5.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 200ef37..d75e4e3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Release - uses: cycjimmy/semantic-release-action@ebcbc663748eae8da59a127a7d8b8e22f82514b2 # v5.0.1 + uses: cycjimmy/semantic-release-action@ba330626c4750c19d8299de843f05c7aa5574f62 # v5.0.2 with: semantic_version: 18.0.0 extra_plugins: | From a3716be334939ca767ac9113bcf8e78beaf1fce4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Oct 2025 12:21:03 +0000 Subject: [PATCH 12/12] gh-actions: bump MaxymVlasov/dive-action from 1.5.0 to 1.5.1 Bumps [MaxymVlasov/dive-action](https://github.com/maxymvlasov/dive-action) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/maxymvlasov/dive-action/releases) - [Commits](https://github.com/maxymvlasov/dive-action/compare/b08c8287e603d028c986d7044e83fa76bcca6a65...fafb796951b322cc4926b8a5eafda89ab9de8edf) --- updated-dependencies: - dependency-name: MaxymVlasov/dive-action dependency-version: 1.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-image-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-image-test.yaml b/.github/workflows/build-image-test.yaml index 1a518e0..0346a8f 100644 --- a/.github/workflows/build-image-test.yaml +++ b/.github/workflows/build-image-test.yaml @@ -52,7 +52,7 @@ jobs: - name: Dive - check image for waste files if: steps.changed-files-specific.outputs.any_changed == 'true' - uses: MaxymVlasov/dive-action@b08c8287e603d028c986d7044e83fa76bcca6a65 # v1.5.0 + uses: MaxymVlasov/dive-action@fafb796951b322cc4926b8a5eafda89ab9de8edf # v1.5.1 with: image: ghcr.io/${{ github.repository }}:${{ env.IMAGE_TAG }} config-file: ${{ github.workspace }}/.github/.dive-ci.yaml