Skip to content

[pull] main from GitTools:main#281

Open
pull[bot] wants to merge 644 commits into
Familyfirst4:mainfrom
GitTools:main
Open

[pull] main from GitTools:main#281
pull[bot] wants to merge 644 commits into
Familyfirst4:mainfrom
GitTools:main

Conversation

@pull

@pull pull Bot commented Nov 2, 2025

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

@pull pull Bot locked and limited conversation to collaborators Nov 2, 2025
@pull pull Bot added ⤵️ pull merge-conflict Resolve conflicts manually labels Nov 2, 2025
@arturcic arturcic force-pushed the main branch 2 times, most recently from a6d0c32 to 5e7846e Compare December 14, 2025 14:54
@arturcic arturcic force-pushed the main branch 2 times, most recently from 1b17f42 to b3c6a61 Compare January 14, 2026 08:27
@arturcic arturcic force-pushed the main branch 2 times, most recently from 39298a9 to c1b5f1a Compare January 30, 2026 15:22
@arturcic arturcic force-pushed the main branch 19 times, most recently from 860c000 to 143e2a8 Compare March 18, 2026 00:18
mergify Bot and others added 3 commits July 2, 2026 13:47
fix: sanitize labels correctly when using enviornment variables
…ature updates (#5015)

* chore(deps): merge docker configs, add devcontainers ecosystem, group actions

- Merge the two docker ecosystem entries into one via directories list
- Add devcontainers ecosystem to update features in devcontainer.json
- Group additional github-actions vendors (docker, codeql, reviewdog, gittools)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* chore(devcontainer): add lock file so Dependabot can track features

Unpin feature tags and add devcontainer-lock.json with resolved
versions and digests, required for the devcontainers Dependabot ecosystem.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
…#5016)

Bumps the codeql group with 3 updates in the /.github/workflows directory: [github/codeql-action/init](https://github.com/github/codeql-action), [github/codeql-action/analyze](https://github.com/github/codeql-action) and [github/codeql-action/upload-sarif](https://github.com/github/codeql-action).


Updates `github/codeql-action/init` from 4.36.2 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@8aad20d...54f647b)

Updates `github/codeql-action/analyze` from 4.36.2 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@8aad20d...54f647b)

Updates `github/codeql-action/upload-sarif` from 4.36.2 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@8aad20d...54f647b)

---
updated-dependencies:
- dependency-name: github/codeql-action/init
  dependency-version: 4.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: codeql
- dependency-name: github/codeql-action/analyze
  dependency-version: 4.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: codeql
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: codeql
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot Bot and others added 5 commits July 3, 2026 14:36
Bumps Microsoft.CodeAnalysis.Analyzers from 5.3.0 to 5.6.0
Bumps Microsoft.CodeAnalysis.CSharp from 5.3.0 to 5.6.0
Bumps Microsoft.CodeAnalysis.PublicApiAnalyzers from 5.0.0-1.25277.114 to 5.6.0

---
updated-dependencies:
- dependency-name: Microsoft.CodeAnalysis.Analyzers
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.CodeAnalysis.CSharp
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.CodeAnalysis.CSharp
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.CodeAnalysis.PublicApiAnalyzers
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
...

Signed-off-by: dependabot[bot] <support@github.com>
…d version property

Dependabot's partial bump of Microsoft.CodeAnalysis.CSharp to 5.6.0 left
Microsoft.CodeAnalysis.Common/VisualBasic (src) and
Microsoft.CodeAnalysis.CSharp.Workspaces (new-cli) pinned at 5.3.0,
causing NU1605 downgrade errors during restore. Introduce a single
MicrosoftCodeAnalysisVersion MSBuild property so these tightly-coupled
packages always move together, and fix the dependabot.yml group
ordering so the CodeAnalysis-specific group isn't shadowed by the
broader Microsoft.* group.
…soft-1c1da6d8a1

(deps): Bump the microsoft group with 3 updates
---
updated-dependencies:
- dependency-name: SharpYaml
  dependency-version: 3.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Add a missing backslash to correctly continue the multi-line command in the Homebrew workflow.
mergify Bot and others added 20 commits July 3, 2026 15:03
…-3.12.0

(deps): Bump SharpYaml from 3.11.0 to 3.12.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.4 to 2.20.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@9af89fc...bf7454d)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/step-security/harden-runner-2.20.0

(build deps): bump step-security/harden-runner from 2.19.4 to 2.20.0 in /.github/workflows
…t-throwing

fix: allow incorrect labels if placeholders are missing
Remove the git feature from the devcontainer configuration as it is already provided by the base image.
Bumps the codeql group with 3 updates in the /.github/workflows directory: [github/codeql-action/init](https://github.com/github/codeql-action), [github/codeql-action/analyze](https://github.com/github/codeql-action) and [github/codeql-action/upload-sarif](https://github.com/github/codeql-action).


Updates `github/codeql-action/init` from 4.36.3 to 4.37.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@54f647b...99df26d)

Updates `github/codeql-action/analyze` from 4.36.3 to 4.37.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@54f647b...99df26d)

Updates `github/codeql-action/upload-sarif` from 4.36.3 to 4.37.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@54f647b...99df26d)

---
updated-dependencies:
- dependency-name: github/codeql-action/init
  dependency-version: 4.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: codeql
- dependency-name: github/codeql-action/analyze
  dependency-version: 4.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: codeql
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: codeql
...

Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/codeql-7512263334

(build deps): bump the codeql group across 1 directory with 3 updates
Add local branch validation, consolidate readiness checks into a single confirmation step, and handle downstream no-op signals. Remove redundant SHA256 sections from release notes.
Bumps the actions group with 1 update in the /.github/workflows directory: [actions/stale](https://github.com/actions/stale).


Updates `actions/stale` from 10.3.0 to 10.4.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@eb5cf3a...1e223db)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/actions-38afab4f4d

(build deps): bump actions/stale from 10.3.0 to 10.4.0 in /.github/workflows in the actions group across 1 directory
---
updated-dependencies:
- dependency-name: SharpYaml
  dependency-version: 3.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…-3.13.0

(deps): Bump SharpYaml from 3.12.0 to 3.13.0
---
updated-dependencies:
- dependency-name: NSubstitute
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
…te-6.0.0

(deps): Bump NSubstitute from 5.3.0 to 6.0.0
Bumps System.IO.Abstractions from 22.1.1 to 22.2.0

---
updated-dependencies:
- dependency-name: System.IO.Abstractions
  dependency-version: 22.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: System.IO.Abstractions
  dependency-version: 22.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
...

Signed-off-by: dependabot[bot] <support@github.com>
…soft-5c87809d62

(deps): Bump the microsoft group with 1 update
Bumps Microsoft.NET.Test.Sdk from 18.7.0 to 18.8.0

---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
...

Signed-off-by: dependabot[bot] <support@github.com>
…soft-ad96945197

(deps): Bump the microsoft group with 1 update
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

⤵️ pull merge-conflict Resolve conflicts manually

Projects

None yet

Development

Successfully merging this pull request may close these issues.

7 participants