[action] bump crazy-max/ghaction-dump-context from 2.3.0 to 3.0.0

[dependabot]

Bumps crazy-max/ghaction-dump-context from 2.3.0 to 3.0.0.

Release notes

Sourced from crazy-max/ghaction-dump-context's releases.

v3.0.0

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in crazy-max/ghaction-dump-context#33

Full Changelog: crazy-max/ghaction-dump-context@v2.3.0...v3.0.0

Commits

• 5d2753e Merge pull request #34 from crazy-max/dependabot/github_actions/crazy-max/gha...
• d4cce0b Bump crazy-max/ghaction-github-labeler from 5 to 6
• 89e5e63 Merge pull request #31 from crazy-max/dependabot/github_actions/actions/githu...
• 5ffa7f0 Merge pull request #32 from crazy-max/dependabot/github_actions/actions/check...
• 4f0feff Merge pull request #33 from crazy-max/update-github-script
• acb7d55 update to actions/github-script@v8
• ec2fc8e new year
• 81ad0c2 Bump actions/checkout from 4 to 6
• 10e80f5 Bump actions/github-script from 7 to 8
• 391d493 Merge pull request #28 from crazy-max/fix-runner
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	3		0	0	0.28s
⚠️ COPYPASTE	jscpd	yes		2	no	2.24s
✅ EDITORCONFIG	editorconfig-checker	3		0	0	0.03s
✅ REPOSITORY	checkov	yes		no	no	26.14s
⚠️ REPOSITORY	devskim	yes		118	68	15.99s
✅ REPOSITORY	dustilock	yes		no	no	0.89s
✅ REPOSITORY	gitleaks	yes		no	no	1.39s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	49.8s
⚠️ REPOSITORY	kics	yes		20	no	29.46s
✅ REPOSITORY	kingfisher	yes		no	no	4.21s
✅ REPOSITORY	secretlint	yes		no	no	1.64s
✅ REPOSITORY	syft	yes		no	no	1.59s
✅ REPOSITORY	trivy	yes		no	no	14.97s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.27s
✅ REPOSITORY	trufflehog	yes		no	no	5.51s
✅ SPELL	cspell	4		0	0	3.93s
⚠️ SPELL	lychee	3		1	0	4.54s
✅ YAML	prettier	3	3	0	0	0.83s
✅ YAML	v8r	3		0	0	5.24s
✅ YAML	yamllint	3		0	0	0.73s

Detailed Issues

⚠️ REPOSITORY / devskim - 118 errors

099c285e7cf\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/outwit.json"},"region":{"startLine":10,"startColumn":12,"endLine":10,"endColumn":78,"charOffset":368,"charLength":66,"snippet":{"text":"\"677b142ee01d69d43b31a4dfff9e06465fd4d4545fb1441cf703171cb598dba7\"","rendered":{"text":"\"677b142ee01d69d43b31a4dfff9e06465fd4d4545fb1441cf703171cb598dba7\"","markdown":"`\"677b142ee01d69d43b31a4dfff9e06465fd4d4545fb1441cf703171cb598dba7\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/api-monitor.json"},"region":{"startLine":25,"startColumn":16,"endLine":25,"endColumn":38,"charOffset":741,"charLength":22,"snippet":{"text":"http://www.rohitab.com","rendered":{"text":"http://www.rohitab.com","markdown":"`http://www.rohitab.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/api-monitor.json"},"replacements":[{"deletedRegion":{"charOffset":741,"charLength":22},"insertedContent":{"text":"https://www.rohitab.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/api-monitor.json"},"region":{"startLine":7,"startColumn":12,"endLine":7,"endColumn":78,"charOffset":239,"charLength":66,"snippet":{"text":"\"d045e45f523a6c0c7a2a8e06831f4b2d705fb84f4995791b5a70b28424a49d2b\"","rendered":{"text":"\"d045e45f523a6c0c7a2a8e06831f4b2d705fb84f4995791b5a70b28424a49d2b\"","markdown":"`\"d045e45f523a6c0c7a2a8e06831f4b2d705fb84f4995791b5a70b28424a49d2b\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/api-monitor.json"},"region":{"startLine":6,"startColumn":12,"endLine":6,"endColumn":34,"charOffset":162,"charLength":22,"snippet":{"text":"http://www.rohitab.com","rendered":{"text":"http://www.rohitab.com","markdown":"`http://www.rohitab.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/api-monitor.json"},"replacements":[{"deletedRegion":{"charOffset":162,"charLength":22},"insertedContent":{"text":"https://www.rohitab.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/api-monitor.json"},"region":{"startLine":4,"startColumn":17,"endLine":4,"endColumn":39,"charOffset":85,"charLength":22,"snippet":{"text":"http://www.rohitab.com","rendered":{"text":"http://www.rohitab.com","markdown":"`http://www.rohitab.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/api-monitor.json"},"replacements":[{"deletedRegion":{"charOffset":85,"charLength":22},"insertedContent":{"text":"https://www.rohitab.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/exetype.json"},"region":{"startLine":7,"startColumn":12,"endLine":7,"endColumn":78,"charOffset":267,"charLength":66,"snippet":{"text":"\"ed08a70b96daa4cfa9521b94f260009e8183264b290b237c25ed0ebd68dcdfa8\"","rendered":{"text":"\"ed08a70b96daa4cfa9521b94f260009e8183264b290b237c25ed0ebd68dcdfa8\"","markdown":"`\"ed08a70b96daa4cfa9521b94f260009e8183264b290b237c25ed0ebd68dcdfa8\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diffpdf.json"},"region":{"startLine":14,"startColumn":16,"endLine":14,"endColumn":39,"charOffset":564,"charLength":23,"snippet":{"text":"http://soft.rubypdf.com","rendered":{"text":"http://soft.rubypdf.com","markdown":"`http://soft.rubypdf.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/diffpdf.json"},"replacements":[{"deletedRegion":{"charOffset":564,"charLength":23},"insertedContent":{"text":"https://soft.rubypdf.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diffpdf.json"},"region":{"startLine":10,"startColumn":16,"endLine":10,"endColumn":39,"charOffset":406,"charLength":23,"snippet":{"text":"http://soft.rubypdf.com","rendered":{"text":"http://soft.rubypdf.com","markdown":"`http://soft.rubypdf.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/diffpdf.json"},"replacements":[{"deletedRegion":{"charOffset":406,"charLength":23},"insertedContent":{"text":"https://soft.rubypdf.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diffpdf.json"},"region":{"startLine":7,"startColumn":12,"endLine":7,"endColumn":78,"charOffset":275,"charLength":66,"snippet":{"text":"\"b698b9c3c3c0582c2b5ea474d4df0c5f864b649774e857fdc423b4949ef79b6d\"","rendered":{"text":"\"b698b9c3c3c0582c2b5ea474d4df0c5f864b649774e857fdc423b4949ef79b6d\"","markdown":"`\"b698b9c3c3c0582c2b5ea474d4df0c5f864b649774e857fdc423b4949ef79b6d\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diffpdf.json"},"region":{"startLine":6,"startColumn":12,"endLine":6,"endColumn":35,"charOffset":178,"charLength":23,"snippet":{"text":"http://soft.rubypdf.com","rendered":{"text":"http://soft.rubypdf.com","markdown":"`http://soft.rubypdf.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/diffpdf.json"},"replacements":[{"deletedRegion":{"charOffset":178,"charLength":23},"insertedContent":{"text":"https://soft.rubypdf.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS137138","message":{"text":"Insecure URL"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diffpdf.json"},"region":{"startLine":4,"startColumn":17,"endLine":4,"endColumn":40,"charOffset":90,"charLength":23,"snippet":{"text":"http://soft.rubypdf.com","rendered":{"text":"http://soft.rubypdf.com","markdown":"`http://soft.rubypdf.com`"}},"sourceLanguage":"json"}}}],"fixes":[{"description":{"text":"An HTTP-based URL without TLS was detected."},"artifactChanges":[{"artifactLocation":{"uri":"bucket/diffpdf.json"},"replacements":[{"deletedRegion":{"charOffset":90,"charLength":23},"insertedContent":{"text":"https://soft.rubypdf.com"}}]}]}],"properties":{"tags":["ThreatModel.Integration.HTTP"],"DevSkimSeverity":"Moderate","DevSkimConfidence":"High"},"level":"warning"},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/diskspd.json"},"region":{"startLine":15,"startColumn":12,"endLine":15,"endColumn":78,"charOffset":430,"charLength":66,"snippet":{"text":"\"4cc4ff00e76b8f476cf183fc1e4ef2a45fdad563bdd11879607ba5ad52dab6ec\"","rendered":{"text":"\"4cc4ff00e76b8f476cf183fc1e4ef2a45fdad563bdd11879607ba5ad52dab6ec\"","markdown":"`\"4cc4ff00e76b8f476cf183fc1e4ef2a45fdad563bdd11879607ba5ad52dab6ec\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}},{"ruleId":"DS173237","level":"error","message":{"text":"Do not store tokens or keys in source code."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"bucket/res-set.json"},"region":{"startLine":7,"startColumn":12,"endLine":7,"endColumn":78,"charOffset":299,"charLength":66,"snippet":{"text":"\"5fff2f32683a8801935350c7f527faab444c47add9fc6b3cc9a48e0f1a7e42e9\"","rendered":{"text":"\"5fff2f32683a8801935350c7f527faab444c47add9fc6b3cc9a48e0f1a7e42e9\"","markdown":"`\"5fff2f32683a8801935350c7f527faab444c47add9fc6b3cc9a48e0f1a7e42e9\"`"}},"sourceLanguage":"json"}}}],"properties":{"tags":["Implementation.Privacy.Token"],"DevSkimSeverity":"Important","DevSkimConfidence":"Medium"}}],"columnKind":"utf16CodeUnits"}]}

(Truncated to last 10000 characters out of 155173)

⚠️ COPYPASTE / jscpd - 2 errors

Clone found (powershell):
 - bin/describe.ps1 [11:1 - 24:36] (13 lines, 122 tokens)
   bin/formatjson.ps1 [10:1 - 23:38]

Clone found (powershell):
 - bin/checkhashes.ps1 [58:1 - 68:2] (10 lines, 114 tokens)
   bin/checkver.ps1 [72:1 - 82:2]

┌────────────┬────────────────┬─────────────┬──────────────┬──────────────┬──────────────────┬───────────────────┐
│ Format     │ Files analyzed │ Total lines │ Total tokens │ Clones found │ Duplicated lines │ Duplicated tokens │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ powershell │ 12             │ 467         │ 2681         │ 2            │ 23 (4.93%)       │ 236 (8.8%)        │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ bash       │ 2              │ 9           │ 25           │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ python     │ 9              │ 1918        │ 15335        │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ ini        │ 2              │ 58          │ 220          │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ markdown   │ 5              │ 85          │ 1255         │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total:     │ 30             │ 2537        │ 19516        │ 2            │ 23 (0.91%)       │ 236 (1.21%)       │
└────────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 2 clones.
HTML report saved to megalinter-reports/copy-paste/html/
ERROR: jscpd found too many duplicates (0.91%) over threshold (0.5%)
Error: ERROR: jscpd found too many duplicates (0.91%) over threshold (0.5%)
    at ThresholdReporter.report (/node-deps/node_modules/@jscpd/finder/dist/index.js:615:13)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:109:18
    at Array.forEach (<anonymous>)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:108:22
    at async /node-deps/node_modules/jscpd/dist/bin/jscpd.js:9:5

⚠️ REPOSITORY / kics - 20 errors

MLLLLLM             MLLLLLLLLL   LLLLLLL             KLLLLLLLLLLLLLLLL       LLLLLLLLLLLLLLLLLLLLLLL 
   MMMMMMM           MMMMMMMMMML    MMMMMMMK       LMMMMMMMMMMMMMMMMMMMML   KLMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM         MMMMMMMMML       MMMMMMMK     LMMMMMMMMMMMMMMMMMMMMMML  LMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM      MMMMMMMMMML         MMMMMMMK   LMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM    LMMMMMMMMML           MMMMMMMK  LMMMMMMMMMLLMLLLLLLLLLLLLLL LMMMMMMMLLLLLLLLLLLLLLLLLLLLM 
   MMMMMMM  MMMMMMMMMLM             MMMMMMMK LMMMMMMMM                    LMMMMMML                      
   MMMMMMMLMMMMMMMML                MMMMMMMK MMMMMMML                     LMMMMMMMMLLLLLLLLLLLLLMLL     
   MMMMMMMMMMMMMMMM                 MMMMMMMK MMMMMML                       LMMMMMMMMMMMMMMMMMMMMMMMMML  
   MMMMMMMMMMMMMMMMMM               MMMMMMMK MMMMMMM                         LMMMMMMMMMMMMMMMMMMMMMMMML 
   MMMMMMM KLMMMMMMMMML             MMMMMMMK LMMMMMMM                                          MMMMMMMML
   MMMMMMM    LMMMMMMMMMM           MMMMMMMK LMMMMMMMMLL                                        MMMMMMML
   MMMMMMM      LMMMMMMMMMLL        MMMMMMMK  LMMMMMMMMMMMMMMMMMMMMMMMMML LLLLLLLLLLLLLLLLLLLLMMMMMMMMMM
   MMMMMMM        MMMMMMMMMMML      MMMMMMMK   MMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM          LLMMMMMMMMML    MMMMMMMK     LLMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMML  
   MMMMMMM             MMMMMMMMMML  MMMMMMMK         KLMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMLK    
                                                                                                            
                                                                                                                                                                                                                                                                                                                        


Scanning with Keeping Infrastructure as Code Secure v2.1.19





Unpinned Actions Full Length Commit SHA, Severity: LOW, Results: 20
Description: Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.
Platform: CICD
CWE: 829
Risk Score: 4.1
Learn more about this vulnerability: https://docs.kics.io/latest/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9

	[1]: .github/workflows/codeql.yml:37

		036:       # Initializes the CodeQL tools for scanning.
		037:       - uses: github/codeql-action/init@v4
		038:         # Override language selection by uncommenting this and choosing your languages


	[2]: .github/workflows/debug-rasa.yml:61

		060: 
		061:       - uses: crazy-max/ghaction-dump-context@v3.0.0
		062: 


	[3]: .github/workflows/debug-matrix.yml:78

		077:     steps:
		078:       - uses: crazy-max/ghaction-dump-context@v3.0.0
		079: 


	[4]: .github/workflows/issue_comment.yml:12

		011:     - name: Pull Request Validation
		012:       uses: Ash258/Scoop-GithubActions@stable
		013:       if: startsWith(github.event.comment.body, '/verify')


	[5]: .github/workflows/codeql.yml:44

		043:       # If this step fails, then you should remove it and run the build manually (see below).
		044:       - uses: github/codeql-action/autobuild@v4
		045: 


	[6]: .github/workflows/dependabot.yml:36

		035:     steps:
		036:       - uses: dependabot/fetch-metadata@v2.4.0
		037:         id: dependabot-metadata


	[7]: .github/workflows/excavator.yml:14

		013:     - name: Excavate
		014:       uses: ScoopInstaller/GithubActions@main
		015:       env:


	[8]: .github/workflows/mega-linter.yml:119

		118:         # More info at https://megalinter.io/flavors/
		119:         uses: oxsecurity/megalinter@v9 # changed from v7 by @rasa
		120: 


	[9]: .github/workflows/mega-linter.yml:234

		233:       - name: Commit and push applied linter fixes
		234:         uses: stefanzweifel/git-auto-commit-action@v7.1.0 # changed from v4 by @rasa
		235:         if: env.APPLY_FIXES_IF_COMMIT == 'true'


	[10]: .github/workflows/pull_request.yml:12

		011:     - name: Pull Request Validation
		012:       uses: Ash258/Scoop-GithubActions@stable
		013:       env:


	[11]: .github/workflows/debug-matrix.yml:107

		106:         continue-on-error: true
		107:         uses: MinoruSekine/setup-scoop@main
		108:         with:


	[12]: .github/workflows/mega-linter.yml:212

		211:       - name: Create Pull Request with applied fixes
		212:         uses: peter-evans/create-pull-request@v8.1.0 # changed from v5 by @rasa
		213:         id: cpr


	[13]: .github/workflows/black.yml:51

		050:       if: steps.black.outputs.changes == 'true'
		051:       uses: ad-m/github-push-action@master
		052:       with:


	[14]: .github/workflows/update-readme.yml:27

		026: 
		027:     - uses: EndBug/add-and-commit@v9
		028:       with:


	[15]: .github/workflows/toc.yml:57

		056: 
		057:       - uses: stefanzweifel/git-auto-commit-action@v7.1.0
		058:         with:


	[16]: .github/workflows/clean-logs.yml:141

		140:       #   uses: rasa/ghaction-dump-context@master
		141:       - uses: crazy-max/ghaction-dump-context@v3.0.0
		142: 


	[17]: .github/workflows/clean-logs.yml:145

		144:         if: github.event_name == 'schedule'
		145:         uses: rasa/delete-workflow-runs@main
		146:         # was Mattraks/delete-workflow-runs@main


	[18]: .github/workflows/clean-logs.yml:157

		156:         if: github.event_name != 'schedule'
		157:         uses: rasa/delete-workflow-runs@main
		158:         # was Mattraks/delete-workflow-runs@main


	[19]: .github/workflows/issue.yml:12

		011:       - name: Verify Issue
		012:         uses: Ash258/Scoop-GithubActions@stable
		013:         if: github.event.action == 'opened' || (github.event.action == 'labeled' && contains(github.event.issue.labels.*.name, 'verify'))


	[20]: .github/workflows/codeql.yml:58

		057:       # Perform CodeQL Analysis
		058:       - uses: github/codeql-action/analyze@v4
		059: 



Results Summary:
CRITICAL: 0
HIGH: 0
MEDIUM: 0
LOW: 20
INFO: 0
TOTAL: 20

A new version 'v2.1.20' of KICS is available, please consider updating

⚠️ SPELL / lychee - 1 error

[404] https://github.com/microsoft/winget-cli/releases/download/latest/Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle | Network error: Not Found
📝 Summary
---------------------
🔍 Total...........19
✅ Successful......18
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/workflows/debug-matrix.yml
[404] https://github.com/microsoft/winget-cli/releases/download/latest/Microsoft.DesktopAppInstaller_8wekyb3d8bbwe.msixbundle | Network error: Not Found

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

Show us your support by starring ⭐ the repository