Releases: WorkOfStan/seablast-actions
Releases · WorkOfStan/seablast-actions
feat: prevent any composer.json file be used by super-linter
Changed
- linter.yml: temporary composer.json rename now covers every composer.json in the repository (even in subdirectories) and restores them after the run.
fix: bump super-linter to v8.5.0
Changed
- fix
FIX_BIOME_*entry toenv
Security
- bump super-linter to v8.5.0 due to High severity
CVE-2026-25761- Super-linter is vulnerable to command injection via crafted filenames in Super-linter Action
fix: fix scheduled GitHub Actions by bumping super-linter::v.8.2.0 to v.8.2.1
- fix: fix scheduled GitHub Actions by bumping super-linter::v.8.2.0 to v.8.2.1 (as super-linter::v8.2.0 failed on scheduled tasks with this error:
/action/lib/functions/validation.sh: line 387: GIT_BEFORE_SHA_HEAD: unbound variable)
chore(super-linter): Bumps super-linter/super-linter from 8.1.0 to 8.2.0.
Added
validate-biome: trueoptional parameter enable Biome validation added to super-linter v8.2.0
Changed
- Bumps super-linter/super-linter from 8.1.0 to 8.2.0.
feat: phinx migration verbose (in php-composer-dependencies-reusable.yml)
v0.2.5.2 feat: phinx migration verbose (in php-composer-dependencies-reusable.…
Auto-generated zizmor.yaml
Added
feat: If there's no .github/linters/zizmor.yaml present in the app repo, then this GitHub Action auto-generates zizmor.yaml to disable unpinned-uses check. (Not to force all apps to create a one purpose zizmor.yaml.)
feat: super-linter fixes can be downloaded as an artifact
Changed
- feat: super-linter slim version (linter.yml) moved from v7.2.1 to v8.1.0
- zizmor.yaml disables the unpinned-uses check - i.e. allows refering to version instead of an exact hash
- many FIXes are applied automatically and their result can be downloaded as an artifact and then use locally with
git apply lint-fixes.patch - removed:
JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.yml VALIDATE_JAVASCRIPT_ES: falselinter configuration because Prettier is applied anyway and I don't want to have.eslintrc.ymlconfiguredvalidate-css: falseoptional parameter disable CSS validationfilter-regex-exclude: ""optional parameter for regular expression to exclude certain files, e.g. third-party code, from being linted
- chore: bump actions/checkout@v4 to v5
- chore: Bash coding standard uses TAB and not SPACEs
Fixed
- linter.yml: Temporarily rename composer.json (and then back) to prevent invoking composer within super-linter, as the environment PHP version (which might not be app relevant) is used and various libraries would be expected that are not part of super-linter environment.
fix: `git pull origin` doesn't work with `refs/pull/*`
fix: git pull origin doesn't work with refs/pull/*
fix: uses super-linter:v7.2.1 which doesn't invoke composer
Added
- Dump GitHub Variables for debugging
Fixed
- linter.yml uses:
super-linter/super-linter/slim@v7.2.1(instead ofsuper-linter/super-linter@main) as v7.3.0 has a bug - composer expects PHP extensions that are not installed within super-linter environment
Note: It's not possible to select super-linter version through a parameter, as the uses field expects a static string, so at least super-linter/super-linter/slim@latest (instead of super-linter/super-linter@main)
is used for sake of efficiency as these linters are not used in PHP anyway: Rustfmt, Rust Clippy, Azure Resource Manager Template Toolkit (arm-ttk), PSScriptAnalyzer, dotnet (.NET) commands and subcommands.
The cache name starts with `phps-` prefix. PHPCS-fix instead of old phpcbf.
Added
- chain jobs example
Changed
- The cache name (key) is
phps-${{ runner.os }}-PHP${{ matrix.php-version }}-vendor-${{ hashFiles('**/composer.json') }}
Deprecated
- stop using phpcbf.yml and start using PHPCS-Fix
Fixed
shell: bashadded where missing