build(deps): bump redhat-plumbers-in-action/differential-shellcheck from 3.2.1 to 3.3.1

[dependabot]

Bumps redhat-plumbers-in-action/differential-shellcheck from 3.2.1 to 3.3.1.

Release notes

Sourced from redhat-plumbers-in-action/differential-shellcheck's releases.

v3.3.1

What's Changed

Automation and CI changes

• Fix tagging of container image with major version 🐳 (#160) @​jamacku

Dependency Updates

• build(deps): bump github/codeql-action from 2.1.36 to 2.1.37 (#161) @​dependabot
• build(deps): bump actions/checkout from 3.1.0 to 3.2.0 (#162) @​dependabot
• build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler from 2.0.1 to 2.0.3 (#163) @​dependabot
• build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0 (#164) @​dependabot

Full Changelog: redhat-plumbers-in-action/differential-shellcheck@v3.3.0...v3.3.1

v3.3.0

What's Changed

New

• Show versions of important packages ❗ 📦 & Run unit tests with local changes 🧪 (#122) @​jamacku, @​kdudka

Maintenance

• Use csgrep --set-scan-prop to set scan tool as ShellCheck (#124) @​jamacku

Documentation

• Add SPDX License header to all source files 📝 (#154) @​jamacku, @​lzaoral
• Update README 📰 (#143) @​jamacku
• Create CODE_OF_CONDUCT.md 🤝 (#152) @​jamacku

Other changes

• Create SECURITY.md 🚔 (#149) @​jamacku
• Set strict permissions for GitHub Workflows 🔒 (#147) @​jamacku
• Pin dependencies to SHA 📌 (#146) @​jamacku
• Create CODEOWNERS 🦉 (#145) @​jamacku
• Pin GitHub Actions to SHA1 📌 (#144) @​jamacku

Automation and CI changes

• Fix deployment of test images - add missing permission 🚚 (#150) @​jamacku

Dependency Updates

• build(deps): bump github/codeql-action from 2.1.35 to 2.1.36 (#157) @​dependabot
• build(deps): bump Fedora from 36 to 37 and ShellCheck from 0.7.2 to 0.8.0 ⬆️ (#141) @​dependabot
• build(deps): bump stefanbuck/github-issue-parser from 2 to 3 (#142) @​dependabot

... (truncated)

Changelog

Sourced from redhat-plumbers-in-action/differential-shellcheck's changelog.

Changelog

v4.0.0

• Tag latest is no longer available. Use major tags instead (e.g. v3 or v4).

• Action can be triggered using GitHub push event

  on:
    push:
  jobs:
  lint:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
  
  uses: redhat-plumbers-in-action/differential-shellcheck@v4
  with:
  token: ${{ secrets.GITHUB_TOKEN }}

Note: When using --force action doesn't work properly when triggered on push events.

v3.3.0

• Container images now based on Fedora 37
• ShellCheck - 0.7.2 -> 0.8.0
• Show versions of ShellCheck and csutils in logs
• csutils - 2.7.0 -> 2.8.0
  • Added ability to overwrite scan tool properties - csgrep --set-scan-prop

v3.2.0

• csutils - 2.6.0 -> 2.7.0
  • Added support for SARIF severity levels

v3.1.1

• Documentation updates (.shellcheckrc, examples, etc.)
• Skip checking of symbolic links

v3.1.0

• Autodetection: add support for emacs and vi/vim file types specifications
  • emacs - # -*- sh -*-
  • vi - # vi: (set)? (ft|filetype)=sh

... (truncated)

Commits

• 11ffc83 v3.3.1
• 005b790 ci: Drop rebase_fallback Mergify option - deprecated
• 7d68b13 ci: Add merge-strategy: rebase label to every Dependabot PR
• 8b37955 ci: fix tagging of container image with major version
• cbc4b1c build(deps): bump github/codeql-action from 2.1.36 to 2.1.37
• f52e677 build(deps): bump actions/checkout from 3.1.0 to 3.2.0
• 8aabacc build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
• ca84590 build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0
• 1a85426 v3.3.0
• df26fb4 Add SPDX License header to all source files
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #12.