v4.2.2

What's Changed

Bug Fixes

• Fix grep warning warning: stray \ before / 🐛 (#247) @jamacku

Dependency Updates

8 changes

• build(deps): bump fedora from 37 to 38 🤠 (#243) @dependabot
• build(deps): bump github/codeql-action from 2.3.0 to 2.3.2 (#246) @dependabot
• build(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 (#245) @dependabot
• build(deps): bump github/codeql-action from 2.2.12 to 2.3.0 (#244) @dependabot
• build(deps): bump github/super-linter from 4.10.1 to 5.0.0 (#242) @dependabot
• build(deps): bump github/codeql-action from 2.2.11 to 2.2.12 (#241) @dependabot
• build(deps): bump codecov/codecov-action from 3.1.1 to 3.1.2 (#240) @dependabot
• build(deps): bump actions/checkout from 3.5.0 to 3.5.2 (#239) @dependabot

Full Changelog: v4.2.1...v4.2.2

v4.2.1

What's Changed

Bug Fixes

• Handle multiple include/exclude paths with newlines 🌍 (#236) @jamacku

Dependency Updates

• build(deps): bump github/codeql-action from 2.2.7 to 2.2.11 (#235) @dependabot

Full Changelog: v4.2.0...v4.2.1

v4.2.0

What's Changed

New

• Add an option to exclude and include specific paths before scanning 🦝 (#232) @jamacku @kdudka

Dependency Updates

• build(deps): bump actions/checkout from 3.4.0 to 3.5.0 (#227) @dependabot
• build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#228) @dependabot
• build(deps): bump test/test_helper/bats-file from cc3fb8c to 805ffb7 (#229) @dependabot

Full Changelog: v4.1.1...v4.2.0

v4.1.1

What's Changed

• Version Bump 🐤

Full Changelog: v4.1.0...v4.1.1

v4.1.0

What's Changed

New

• Utilize DEBUG to run grep without --silent option 🙊 (#221) @jamacku

Bug Fixes

• grep: do not escape # and ! in patterns 🍏 (#220) @jamacku

Maintenance

• Update csutils (csdiff) to 3.0.0 💠 (#223) @jamacku

Documentation

• Use github/codeql-action/upload-sarif (#225) @jamacku
• Suggest running action only for default branch 🔧 (#224) @jamacku

Dependency Updates

19 changes

• build(deps): bump test/test_helper/bats-file from bba751f to cc3fb8c (#218) @dependabot
• build(deps): bump test/bats from a710639 to 4417a96 (#219) @dependabot
• build(deps): bump actions/checkout from 3.3.0 to 3.4.0 (#217) @dependabot
• build(deps): bump github/codeql-action from 2.2.6 to 2.2.7 (#216) @dependabot
• build(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#213) @dependabot
• build(deps): bump github/codeql-action from 2.2.5 to 2.2.6 (#214) @dependabot
• build(deps): bump test/bats from 6636e2c to a710639 (#212) @dependabot
• build(deps): bump test/test_helper/bats-assert from db015db to 44913ff (#209) @dependabot
• build(deps): bump release-drafter/release-drafter from 5.22.0 to 5.23.0 (#208) @dependabot
• build(deps): bump github/codeql-action from 2.2.4 to 2.2.5 (#207) @dependabot
• build(deps): bump test/bats from fe7df4f to 6636e2c (#206) @dependabot
• build(deps): bump github/codeql-action from 2.2.1 to 2.2.4 (#205) @dependabot
• build(deps): bump test/bats from 5a47c79 to fe7df4f (#203) @dependabot
• build(deps): bump test/test_helper/bats-file from af444a7 to bba751f (#202) @dependabot
• build(deps): bump docker/build-push-action from 3.3.0 to 4.0.0 (#201) @dependabot
• build(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#200) @dependabot
• build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0 (#197) @dependabot
• build(deps): bump github/codeql-action from 2.1.39 to 2.2.1 (#198) @dependabot
• build(deps): bump test/test_helper/bats-file from 8ee7bb9 to af444a7 (#199) @dependabot

Full Changelog: v4.0.2...v4.1.0

v4.0.2

What's Changed

Bug Fixes

• Correctly handle character escaping in file names (e.g. ␣ and &) 🪂 (#190) @jamacku

Documentation

• Improve permission documentation 📖 (#192) @jamacku @james-callahan
• Return permissions into example of use 🔐 (#186) @jamacku
• Code documentation 📚 (#170) @jamacku

Automation and CI changes

• More tests 🧪 (#191) @jamacku

Dependency Updates

7 changes

• build(deps): bump github/codeql-action from 2.1.38 to 2.1.39 (#195) @dependabot
• build(deps): bump github/super-linter from 4.10.0 to 4.10.1 (#194) @dependabot
• build(deps): bump bobheadxi/deployments from 1.3.0 to 1.4.0 (#193) @dependabot
• build(deps): bump test/bats from 56507db to 5a47c79 (#183) @dependabot
• build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler from 2.0.3 to 2.0.4 (#182) @dependabot
• build(deps): bump github/codeql-action from 2.1.37 to 2.1.38 (#181) @dependabot
• build(deps): bump test/test_helper/bats-file from b45ed3d to 8ee7bb9 (#184) @dependabot

Full Changelog: v4.0.1...v4.0.2

v4.0.1

What's Changed

• Version Bump 🐤

Full Changelog: v4.0.0...v4.0.1

v4.0.0

What's Changed

• Tag latest is no longer available. Use major tags instead (e.g. v4).

• Action can be triggered using the GitHub push event

  on:
    push:
  
  jobs:
    lint:
      runs-on: ubuntu-latest
  
      steps:
        - uses: actions/checkout@v3
          with:
            fetch-depth: 0
  
        - uses: redhat-plumbers-in-action/differential-shellcheck@v4
          with:
            token: ${{ secrets.GITHUB_TOKEN }}

• Action now performs full scans on the push event by default and on the manual trigger when requested

• SARIF file is now exposed under output sarif for further use.

    - if: ${{ always() }}
      name: Upload artifact with defects in SARIF format
      uses: actions/upload-artifact@v3
      with:
        name: Differential ShellCheck SARIF
        path: ${{ steps.ShellCheck.outputs.sarif }}
        retention-days: 7

• Removal of unused output - ENV.LIST_OF_SCRIPTS

• Increased code coverage

• Some minor bugfixes, ShellCheck fixes, and CI updates

Breaking

• Don't update the latest tag, to avoid breakage 🛑 (#156) @jamacku

New

• Expose SARIF results as output for further use 📦 (#110) @jamacku, @kdudka
• Support full ShellCheck scans 🕵️ (#167) @jamacku, @siteshwar
• Add support for running Action on GitHub push event 🎄 (#165) @jamacku, @lzaoral, @kdudka

Bug Fixes

• Use GITHUB_EVENT_NAME only when var is undefined (#178) @jamacku

Maintenance

• Don't update the latest tag, to avoid breakage 🛑 (#156) @jamacku

Dependency Updates

9 changes

• build(deps): bump test/test_helper/bats-assert from 78fa631 to db015db (#175) @dependabot
• build(deps): bump test/bats from e6db0b8 to 56507db (#177) @dependabot
• build(deps): bump test/test_helper/bats-file from f9154f4 to b45ed3d (#176) @dependabot
• build(deps): bump release-drafter/release-drafter from 5.21.1 to 5.22.0 (#174) @dependabot
• build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2 (#173) @dependabot
• build(deps): bump actions/checkout from 3.2.0 to 3.3.0 (#172) @dependabot
• build(deps): bump github/super-linter from 4.9.7 to 4.10.0 (#171) @dependabot
• build(deps): bump test/bats from dc31213 to e6db0b8 (#169) @dependabot
• build(deps): bump ossf/scorecard-action from 2.1.0 to 2.1.2 (#168) @dependabot

Full Changelog: v3.3.1...v4.0.0

v3.3.1

What's Changed

Automation and CI changes

• Fix tagging of container image with major version 🐳 (#160) @jamacku

Dependency Updates

• build(deps): bump github/codeql-action from 2.1.36 to 2.1.37 (#161) @dependabot
• build(deps): bump actions/checkout from 3.1.0 to 3.2.0 (#162) @dependabot
• build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler from 2.0.1 to 2.0.3 (#163) @dependabot
• build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0 (#164) @dependabot

Full Changelog: v3.3.0...v3.3.1

v3.3.0

What's Changed

New

• Show versions of important packages ❗ 📦 & Run unit tests with local changes 🧪 (#122) @jamacku, @kdudka

Maintenance

• Use csgrep --set-scan-prop to set scan tool as ShellCheck (#124) @jamacku

Documentation

• Add SPDX License header to all source files 📝 (#154) @jamacku, @lzaoral
• Update README 📰 (#143) @jamacku
• Create CODE_OF_CONDUCT.md 🤝 (#152) @jamacku

Other changes

• Create SECURITY.md 🚔 (#149) @jamacku
• Set strict permissions for GitHub Workflows 🔒 (#147) @jamacku
• Pin dependencies to SHA 📌 (#146) @jamacku
• Create CODEOWNERS 🦉 (#145) @jamacku
• Pin GitHub Actions to SHA1 📌 (#144) @jamacku

Automation and CI changes

• Fix deployment of test images - add missing permission 🚚 (#150) @jamacku

Dependency Updates

• build(deps): bump github/codeql-action from 2.1.35 to 2.1.36 (#157) @dependabot
• build(deps): bump Fedora from 36 to 37 and ShellCheck from 0.7.2 to 0.8.0 ⬆️ (#141) @dependabot
• build(deps): bump stefanbuck/github-issue-parser from 2 to 3 (#142) @dependabot

Full Changelog: v3.2.1...v3.3.0