deps(deps): update ansible/ansible-lint action to v26

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
ansible/ansible-lint	action	major	v25.6.1 → v26.1.1

---

Release Notes

ansible/ansible-lint (ansible/ansible-lint)

v26.1.1

Compare Source

Features

• feat: added exit code 8 for successfully fixed violations (#​4674) (#​4899) @​Jkhall81

Fixes

• fix: resolve auto-fix failures and detection for short module names (… (#​4897) @​Jkhall81
• fix: ensure --no-offline overrides config file precedence (#​4845) (#​4903) @​Jkhall81
• fix: pre-commit cache missing cspell updates (#​4909) @​alisonlhart
• Set cryptography ceiling to match downstream requirement. (#​4904) @​cidrblock
• fix: almalinux missing reference in platforms array (#​4896) @​thelinuxracoon

Maintenance

• chore: Add renovate constraint for cryptography (#​4911) @​alisonlhart

v26.1.0

Compare Source

Fixes

• fix: implement precise filtering for bracketed sub-tags (#​4892) @​Jkhall81
• fix: avoid unnecessary creation of .ansible folders (#​4894) @​ssbarnea
• fix: refactor RulesCollection to always require app argument (#​4891) @​ssbarnea
• fix: anchor kind discovery to project root (#​4763) (#​4889) @​Jkhall81
• fix: avoid creating cache directory when listing version (#​4865) @​ssbarnea
• fix: ensure exclude_paths are honored for unparseable files (#​4886) @​Jkhall81
• fix: avoid use of pathspec 1.0.0 until yamllint is updated (#​4887) @​ssbarnea
• fix: allow valid tabs in lineinfile nested in blocks (#​4719) (#​4881) @​Jkhall81
• fix: update documentation to clarify requirement to run from project … (#​4885) @​Jkhall81
• fix: replace hardcoded /tmp path with secure temp directory (CWE… (#​4878) @​Jkhall81
• fix: handle missing keys in _parse_failed_msg to prevent KeyError (#​4879) @​Jkhall81
• fix: add argument_specs to meta schema (#​4762) (#​4880) @​Jkhall81
• fix: retire -p/--parseable option (#​4884) @​ssbarnea
• fix: correct partial-become rule documentation comments (#​4876) @​emmanuel-ferdman

Maintenance

• chore: add almalinux platform to meta schemas (#​4893) @​thelinuxracoon
• chore: refactor testing code to reduce use of get_app() (#​4890) @​ssbarnea
• chore(deps): update all dependencies (#​4877) @​renovate[bot]

v25.12.2

Compare Source

Fixes

• Update configuring.md to reflect correct precommit name (#​4872) @​AgustinRamiroDiaz
• fix: prevent trailing space on blank comment lines (#​4868) @​emmanuel-ferdman

Maintenance

• chore(deps): update dependencies [security] - abandoned (#​4874) @​renovate[bot]
• chore(deps): update all dependencies (#​4867) @​renovate[bot]
• chore(deps): update dependencies [security] (#​4873) @​renovate[bot]
• chore(deps): bump filelock from 3.20.0 to 3.20.1 in /.config (#​4869) @​dependabot[bot]
• chore(deps): update dependencies [security] (#​4870) @​renovate[bot]

v25.12.1

Compare Source

Features

• feat(action): Allow users to override python_version (#​4829) @​konstruktoid

Fixes

• fix: avoid stacktrace when ansible syntax check does not return filename (#​4864) @​ssbarnea
• fix: change setup-python action to specific commit (#​4856) @​arcanis
• fix: autofix comments missing space after hash (#​4855) @​emmanuel-ferdman

Maintenance

• chore(deps): update all dependencies (#​4863) @​renovate[bot]
• chore: pre-commit autoupdate (#​4859) @​pre-commit-ci[bot]
• chore: adopt pytest>=9.0.0 config (#​4861) @​Qalthos
• chore(deps): update all dependencies (#​4852) @​renovate[bot]

v25.12.0

Compare Source

Maintenance

• chore: Remove cffi, importlib-metadata, reduce core lower bound (#​4860) @​cidrblock

v25.11.1

Compare Source

Features

• feat: detect missing prefix in role's handlers vars (#​4826) @​cavcrosby

Fixes

• Migrate RTD URLs to docs.ansible.com (#​4842) @​gundalow
• fix: Pass module spec via stdin instead of command line args (#​4844) @​apollo13
• fix: Update mypy python version to 3.12 (#​4846) @​alisonlhart

Maintenance

• chore(deps): update all dependencies (#​4833) @​renovate[bot]
• chore(deps): bump js-yaml from 4.1.0 to 4.1.1 in /test/schemas (#​4849) @​dependabot[bot]
• chore(deps-dev): bump glob from 10.4.5 to 10.5.0 in /test/schemas (#​4847) @​dependabot[bot]
• Add support for Fedora 43 (#​4836) @​jsf9k

v25.11.0

Compare Source

Fixes

• fix: require ansible-core>=2.17.10 (#​4835) @​ssbarnea
• fix: ignore internal types false positives with jinja[invalid] (#​4823) @​anusshukla
• fix: make repository key optional in galaxy.yml (#​4798) @​rivv0
• fix: github action ref doesn't checkout that ref (#​4774) @​rohun-apex
• fix: add set-environment and unset-environment in executable_options for systemctl (#​4785) @​ziegenberg
• Fix typos (#​4814) @​jsf9k

Maintenance

• chore: pre-commit autoupdate (#​4834) @​pre-commit-ci[bot]
• chore: Test cspell configuration (#​4828) @​alisonlhart
• chore(deps): update all dependencies (#​4817) @​renovate[bot]
• Add finalize workflow for secure sonarcloud checks (#​4820) @​alisonlhart
• Update sonar-project.properties (#​4815) @​alisonlhart

v25.9.2

Compare Source

Fixes

• fix: avoid using unreleased dependency constraints (#​4802) @​ssbarnea

Maintenance

• chore: rename sonar config file (#​4810) @​ssbarnea
• chore: switch to reusable workflow (#​4809) @​ssbarnea
• chore(deps): update all dependencies (#​4808) @​renovate[bot]
• chore(deps): update all dependencies (#​4805) @​renovate[bot]
• chore(deps): update all dependencies (#​4787) @​renovate[bot]

v25.9.1

Compare Source

Fixes

• fix: pin to python3.13 for the pre-commit hook (#​4796) @​ssbarnea
• fix: add support for python 3.14 (#​4795) @​ssbarnea

Maintenance

• chore: remove renovate hook (#​4797) @​ssbarnea
• chore: replace toml-sort with tombi (#​4794) @​ssbarnea
• chore(deps): update all dependencies (#​4786) @​renovate[bot]
• chore(deps): update all dependencies (#​4783) @​renovate[bot]
• chore(deps): update all dependencies (#​4781) @​renovate[bot]
• chore(deps): update all dependencies (#​4780) @​renovate[bot]
• chore(deps): update all dependencies (#​4779) @​renovate[bot]
• chore(deps): update all dependencies (#​4778) @​renovate[bot]
• chore(deps): update all dependencies (#​4776) @​renovate[bot]

v25.9.0

Compare Source

Fixes

• Remove patterns validation checks (#​4772) @​alisonlhart
• Reapply "fix: adopt uv.lock and dependency-groups (#​4757)" (#​4761) @​Qalthos
• Revert "fix: adopt uv.lock and dependency-groups (#​4757)" (#​4760) @​Qalthos
• fix: adopt uv.lock and dependency-groups (#​4757) @​ssbarnea
• fix: avoid warnings about PATH with uv installations (#​4714) @​SecT0uch
• fix: clarify error message related to --fix arguments (#​4720) @​simonLeary42
• fix: change patterns schema location (#​4755) @​ssbarnea
• fix: recognize Debian 14 (Forky) as a platform (#​4726) @​mcdonnnj
• Prevent false positive pattern detection in filenames containing "pattern.json" (#​4743) @​shatakshiiii
• Require ansible-core 2.19 when used as a pre-commit hook (#​4744) @​ssbarnea
• Exclude non-linted files in summary (#​4725) @​simonLeary42
• Fix rule summary for error messages (#​4740) @​simonLeary42

Maintenance

• chore(deps): update all dependencies (#​4773) @​renovate[bot]
• chore(deps): update all dependencies (#​4771) @​renovate[bot]
• chore(deps): update all dependencies (#​4770) @​renovate[bot]
• chore(deps): update all dependencies (#​4769) @​renovate[bot]
• chore(deps): update all dependencies (#​4768) @​renovate[bot]
• chore(deps): update all dependencies (#​4766) @​renovate[bot]
• chore: replace prettier with biome (#​4765) @​ssbarnea
• chore: fix renovate config (#​4764) @​ssbarnea
• chore: configure renovate (#​4753) @​ssbarnea
• chore: update hook configs (#​4752) @​ssbarnea
• chore: pre-commit autoupdate (#​4708) @​pre-commit-ci[bot]
• Bump codecov/codecov-action from 5.4.3 to 5.5.0 (#​4738) @​dependabot[bot]
• Bump actions/checkout from 4 to 5 (#​4718) @​dependabot[bot]
• Bump actions/download-artifact from 4 to 5 (#​4711) @​dependabot[bot]
• Jinja test fixes (#​4742) @​anusshukla

v25.8.2

Compare Source

Bugfixes

• Make rule deprecated-local-action preserve module parameters (#​4733) @​koalajoe23
• Fix Jinja template rendering error when concatenating _AnsibleTaggedStr with list (#​4737) @​anusshukla
• Update supported Ubuntu platforms (#​4727) @​mcdonnnj
• Update deps (#​4734) @​cidrblock

v25.8.1

Compare Source

Bugfixes

• Fix first-run collection discovery by enabling plugin loader after prepare_environment (#​4722) @​cidrblock

Maintenance

• Fix mypy and pyright type checking errors (#​4724) @​cidrblock

v25.8.0

Compare Source

Bugfixes

• Lint failure in ansible.utils: src must be an absolute path fix (#​4712) @​anusshukla

v25.7.0

Compare Source

Enhancements

• Use 'x-ansible-lint' key for path patterns in schema tests (#​4690) @​alisonlhart
• Address disable_lookups deprecation with ansible-core 2.19 (#​4683) @​ssbarnea
• Add auto-fixing implementation for pattern rule (#​4679) @​shatakshiiii
• Remove patterns specific playbook meta folder (#​4669) @​alisonlhart
• Allow loading of yamllint config from a different location (#​4644) @​dbrennand
• Add new rule to validate pattern directory structure (#​4662) @​shatakshiiii
• Add play argspec schema validation to schema rule (#​4667) @​alisonlhart
• Add schema check for validating pattern specification file (#​4653) @​shatakshiiii
• Enable testing with python 3.14 (#​4637) @​ssbarnea

Bugfixes

• Check for gh_action_ref explicitly and document GHA inputs (#​4701) @​alisonlhart
• jinja spacing warning line-endings (#​4691) @​anusshukla
• Handle lookup templating checks with ASTs (#​4698) @​alisonlhart
• Fix var-naming[no-role-prefix] rule incorrectly applying to role variables (#​4677) @​vills
• schema: add missing subset 'systemd' to gather_subset (#​4664) @​eliba
• Fix typos in --list-tags help text (#​4661) @​correctmost
• Avoid import errors from filters when running in nodeps mode (#​4651) @​ssbarnea

Maintenance

• packit: reformat, remove deprecated syntax and try merge queue (#​4639) @​mfocko
• Remove patch report from codecov (#​4671) @​ssbarnea
• Improve cspell configuration (#​4668) @​ssbarnea
• Update test deps (#​4658) @​ssbarnea

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/nginx:latest

📦 Image Reference wayofdev/nginx:latest

digest	sha256:ea54c7394042514d194d2ca56b44b80b69bdea94280860e809412b78b5cd78ef
vulnerabilities
platform	linux/amd64
size	28 MB
packages	87

📦 Base Image nginx:1-alpine

also known as	1-alpine3.23 1.29-alpine 1.29-alpine3.23 1.29.4-alpine 1.29.4-alpine3.23 abf4f57e55e41960035b22577147e6fd08d1d0ef3aa5676905b4fb5b839d9e49 alpine alpine3.23 mainline-alpine mainline-alpine3.23
digest	sha256:dcfed685de6f232a6cefc043f92d8b0d64c8d1edf650a61805f2c7a3d745b749
vulnerabilities

[github-actions]

Outdated

Recommended fixes for image wayofdev/nginx:latest

Base image is nginx:1-alpine

Name	1.29.4-alpine
Digest	sha256:dcfed685de6f232a6cefc043f92d8b0d64c8d1edf650a61805f2c7a3d745b749
Vulnerabilities
Pushed	3 weeks ago
Size	23 MB
Packages	87
Flavor	alpine
Runtime	1.29.4

The base image is also available under the supported tag(s): 1-alpine3.23, 1.29-alpine, 1.29-alpine3.23, 1.29.4-alpine, 1.29.4-alpine3.23, alpine, alpine3.23, mainline-alpine, mainline-alpine3.23

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
1-alpine-slim Minor runtime version update Also known as: 1.29.4-alpine-slim 1.29-alpine-slim alpine-slim alpine3.23-slim 1-alpine3.23-slim 1.29-alpine3.23-slim mainline-alpine-slim 1.29.4-alpine3.23-slim mainline-alpine3.23-slim	Benefits: Same OS detected Minor runtime version update Image is smaller by 16 MB Image contains 61 fewer packages Image has same number of vulnerabilities Tag is using slim variant 1-alpine-slim was pulled 215K times last month Image details: Size: 5.7 MB Flavor: alpine Runtime: 1.29.4	3 weeks ago

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/nginx:latest

📦 Image Reference wayofdev/nginx:latest

digest	sha256:e00fa5504b3318c8f88d4502e06457795d31911183bba01ead120d4ad5ec941a
vulnerabilities
platform	linux/amd64
size	28 MB
packages	87

📦 Base Image nginx:1-alpine

also known as	1-alpine3.23 1.29-alpine 1.29-alpine3.23 1.29.4-alpine 1.29.4-alpine3.23 abf4f57e55e41960035b22577147e6fd08d1d0ef3aa5676905b4fb5b839d9e49 alpine alpine3.23 mainline-alpine mainline-alpine3.23
digest	sha256:dcfed685de6f232a6cefc043f92d8b0d64c8d1edf650a61805f2c7a3d745b749
vulnerabilities

[github-actions]

Outdated

Recommended fixes for image wayofdev/nginx:latest

Base image is nginx:1-alpine

Name	1.29.4-alpine
Digest	sha256:dcfed685de6f232a6cefc043f92d8b0d64c8d1edf650a61805f2c7a3d745b749
Vulnerabilities
Pushed	3 weeks ago
Size	23 MB
Packages	87
Flavor	alpine
Runtime	1.29.4

The base image is also available under the supported tag(s): 1-alpine3.23, 1.29-alpine, 1.29-alpine3.23, 1.29.4-alpine, 1.29.4-alpine3.23, alpine, alpine3.23, mainline-alpine, mainline-alpine3.23

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
1-alpine-slim Minor runtime version update Also known as: 1.29.4-alpine-slim 1.29-alpine-slim alpine-slim alpine3.23-slim 1-alpine3.23-slim 1.29-alpine3.23-slim mainline-alpine-slim 1.29.4-alpine3.23-slim mainline-alpine3.23-slim	Benefits: Same OS detected Minor runtime version update Image is smaller by 16 MB Image contains 61 fewer packages Image has same number of vulnerabilities Tag is using slim variant 1-alpine-slim was pulled 215K times last month Image details: Size: 5.7 MB Flavor: alpine Runtime: 1.29.4	3 weeks ago

[github-actions]

Outdated

🔍 Vulnerabilities of wayofdev/nginx:latest

📦 Image Reference wayofdev/nginx:latest

digest	sha256:88621a8ceb49361ca5566dd434d840a84acaab8c320d96e8266ea350561d0fad
vulnerabilities
platform	linux/amd64
size	32 MB
packages	88

📦 Base Image nginx:1-alpine

also known as	1-alpine3.23 1.29-alpine 1.29-alpine3.23 1.29.4-alpine 1.29.4-alpine3.23 29a30e3c0dd4df5c388b40cff9d145fa8040f440bb993c5eb1a02ef109a87193 alpine alpine3.23 mainline-alpine mainline-alpine3.23
digest	sha256:e7e5b7fa7a0b1ab2f59d6066092a6d35984864cc8baf2cff7c088ee409657e57
vulnerabilities

[github-actions]

Outdated

Recommended fixes for image wayofdev/nginx:latest

Base image is nginx:1-alpine

Name	1.29.4-alpine
Digest	sha256:e7e5b7fa7a0b1ab2f59d6066092a6d35984864cc8baf2cff7c088ee409657e57
Vulnerabilities
Pushed	2 days ago
Size	26 MB
Packages	88
Flavor	alpine
Runtime	1.29.4

The base image is also available under the supported tag(s): 1-alpine3.23, 1.29-alpine, 1.29-alpine3.23, 1.29.4-alpine, 1.29.4-alpine3.23, alpine, alpine3.23, mainline-alpine, mainline-alpine3.23

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
1-alpine-slim Minor runtime version update Also known as: 1.29.4-alpine-slim 1.29-alpine-slim alpine-slim alpine3.23-slim 1-alpine3.23-slim 1.29-alpine3.23-slim mainline-alpine-slim 1.29.4-alpine3.23-slim mainline-alpine3.23-slim	Benefits: Same OS detected Minor runtime version update Image is smaller by 19 MB Image contains 62 fewer packages Image introduces no new vulnerability but removes 4 Tag is using slim variant 1-alpine-slim was pulled 215K times last month Image details: Size: 5.7 MB Flavor: alpine Runtime: 1.29.4	4 weeks ago

[github-actions]

🔍 Vulnerabilities of wayofdev/nginx:latest

📦 Image Reference wayofdev/nginx:latest

digest	sha256:ba2f373590480910ef3065dfb84dda2e4a83621de223ea0d653913921c4e79db
vulnerabilities
platform	linux/amd64
size	32 MB
packages	88

📦 Base Image nginx:1-alpine

also known as	1-alpine3.23 1.29-alpine 1.29-alpine3.23 1.29.4-alpine 1.29.4-alpine3.23 29a30e3c0dd4df5c388b40cff9d145fa8040f440bb993c5eb1a02ef109a87193 alpine alpine3.23 mainline-alpine mainline-alpine3.23
digest	sha256:e7e5b7fa7a0b1ab2f59d6066092a6d35984864cc8baf2cff7c088ee409657e57
vulnerabilities

[github-actions]

Recommended fixes for image wayofdev/nginx:latest

Base image is nginx:1-alpine

Name	1.29.4-alpine
Digest	sha256:e7e5b7fa7a0b1ab2f59d6066092a6d35984864cc8baf2cff7c088ee409657e57
Vulnerabilities
Pushed	2 days ago
Size	26 MB
Packages	88
Flavor	alpine
Runtime	1.29.4

The base image is also available under the supported tag(s): 1-alpine3.23, 1.29-alpine, 1.29-alpine3.23, 1.29.4-alpine, 1.29.4-alpine3.23, alpine, alpine3.23, mainline-alpine, mainline-alpine3.23

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
1-alpine-slim Minor runtime version update Also known as: 1.29.4-alpine-slim 1.29-alpine-slim alpine-slim alpine3.23-slim 1-alpine3.23-slim 1.29-alpine3.23-slim mainline-alpine-slim 1.29.4-alpine3.23-slim mainline-alpine3.23-slim	Benefits: Same OS detected Minor runtime version update Image is smaller by 19 MB Image contains 62 fewer packages Image introduces no new vulnerability but removes 4 Tag is using slim variant 1-alpine-slim was pulled 215K times last month Image details: Size: 5.7 MB Flavor: alpine Runtime: 1.29.4	4 weeks ago