{"id":8631,"name":"alpine/helm","ecosystem":"docker","repository_url":null,"issues_count":81,"created_at":"2025-06-06T22:25:02.222Z","updated_at":"2025-06-06T22:25:02.222Z","purl":"pkg:docker/alpine/helm","metadata":{"id":5509833,"name":"alpine/helm","ecosystem":"docker","description":"Auto-trigger docker build for kubernetes helm when new release is announced","homepage":null,"licenses":null,"normalized_licenses":[],"repository_url":null,"keywords_array":[],"namespace":"alpine","versions_count":185,"first_release_published_at":"2020-04-24T01:14:40.013Z","latest_release_published_at":"2024-09-15T03:08:07.063Z","latest_release_number":"3.16.1","last_synced_at":"2024-10-09T04:06:41.848Z","created_at":"2022-11-27T11:22:04.668Z","updated_at":"2024-11-21T15:27:05.372Z","registry_url":"https://hub.docker.com/r/alpine/helm","install_command":"docker pull alpine/helm","documentation_url":null,"metadata":{},"repo_metadata":null,"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":51976331,"downloads_period":"total","dependent_repos_count":90,"rankings":{"downloads":0.06191300317892496,"dependent_repos_count":0.051292449027374475,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":0.03773515073543315},"purl":"pkg:docker/alpine%2Fhelm","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/docker/alpine/helm","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/docker/alpine/helm","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/docker/alpine/helm/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/alpine%2Fhelm/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/alpine%2Fhelm/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/alpine%2Fhelm/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages/alpine%2Fhelm/related_packages","maintainers":[],"registry":{"name":"hub.docker.com","url":"https://hub.docker.com","ecosystem":"docker","default":true,"packages_count":1002007,"maintainers_count":0,"namespaces_count":411568,"keywords_count":1704,"github":"docker","metadata":{"api_url":"https://registry-1.docker.io","funded_packages_count":257},"icon_url":"https://github.com/docker.png","created_at":"2022-11-24T17:07:36.388Z","updated_at":"2025-06-07T05:40:29.049Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/hub.docker.com/namespaces"}},"unique_repositories_count":13,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"4446321513","node_id":"PR_kwDODOjFv87biUiB","number":7817,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T13:34:44.000Z","updated_at":"2026-05-16T17:16:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":10,"packages":[{"name":"alpine/terragrunt","old_version":"1.14.9","new_version":"1.15.2"},{"name":"terraform-linters/tflint","old_version":"v0.62.0","new_version":"v0.62.1","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"4.1.4","new_version":"4.2.0"},{"name":"golang","old_version":"1.26.2-alpine","new_version":"1.26.3-alpine"},{"name":"golangci/golangci-lint","old_version":"v2.12.0","new_version":"v2.12.2"},{"name":"hashicorp/terraform","old_version":"1.15.0","new_version":"1.15.3"},{"name":"scalameta/scalafmt","old_version":"v3.11.0","new_version":"v3.11.1"},{"name":"dart","old_version":"3.11.5-sdk","new_version":"3.11.6-sdk"},{"name":"dotnet/sdk","old_version":"10.0.203-alpine3.23","new_version":"10.0.300-alpine3.23"},{"name":"composer/composer","old_version":"2.9.7","new_version":"2.9.8"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/terragrunt | `1.14.9` | `1.15.2` |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.62.0` | `v0.62.1` |\n| alpine/helm | `4.1.4` | `4.2.0` |\n| golang | `1.26.2-alpine` | `1.26.3-alpine` |\n| golangci/golangci-lint | `v2.12.0` | `v2.12.2` |\n| hashicorp/terraform | `1.15.0` | `1.15.3` |\n| scalameta/scalafmt | `v3.11.0` | `v3.11.1` |\n| dart | `3.11.5-sdk` | `3.11.6-sdk` |\n| dotnet/sdk | `10.0.203-alpine3.23` | `10.0.300-alpine3.23` |\n| composer/composer | `2.9.7` | `2.9.8` |\n\n\nUpdates `alpine/terragrunt` from 1.14.9 to 1.15.2\n\nUpdates `terraform-linters/tflint` from v0.62.0 to v0.62.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.62.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin: Skip fetching artifact attestations in GHES by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2527\"\u003eterraform-linters/tflint#2527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty from 1.18.0 to 1.18.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2511\"\u003eterraform-linters/tflint#2511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2512\"\u003eterraform-linters/tflint#2512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: deprecate curl pipe bash installation by \u003ca href=\"https://github.com/dbuaon\"\u003e\u003ccode\u003e@​dbuaon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2514\"\u003eterraform-linters/tflint#2514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2516\"\u003eterraform-linters/tflint#2516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/apparentlymart/go-cidr from 1.1.0 to 1.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2517\"\u003eterraform-linters/tflint#2517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2518\"\u003eterraform-linters/tflint#2518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.80.0 to 1.81.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2519\"\u003eterraform-linters/tflint#2519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/hashicorp/go-plugin from 1.7.0 to 1.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2520\"\u003eterraform-linters/tflint#2520\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbuaon\"\u003e\u003ccode\u003e@​dbuaon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2514\"\u003eterraform-linters/tflint#2514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/6a8757f2ce307aed9f786dd4474464c9831bd561\"\u003e\u003ccode\u003e6a8757f\u003c/code\u003e\u003c/a\u003e Bump up version to v0.62.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/714def17e6b8d871397838b6821fc7e1a1ec45fc\"\u003e\u003ccode\u003e714def1\u003c/code\u003e\u003c/a\u003e Bump Go version to 1.26.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/15ffea19b2f8a43f8a14429099b0f3b330f9aed3\"\u003e\u003ccode\u003e15ffea1\u003c/code\u003e\u003c/a\u003e plugin: Skip fetching artifact attestations in GHES (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2527\"\u003e#2527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/4bea52e02e2a78d4e2db4fac8115a98d5d2cb8e6\"\u003e\u003ccode\u003e4bea52e\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/hashicorp/go-plugin from 1.7.0 to 1.8.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2520\"\u003e#2520\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ec9cc04a191bb2721c40247633d5291243bf4327\"\u003e\u003ccode\u003eec9cc04\u003c/code\u003e\u003c/a\u003e build(deps): Bump google.golang.org/grpc from 1.80.0 to 1.81.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/2b779941c6cc0b1048a2a7b57a5ed20f4736a8a5\"\u003e\u003ccode\u003e2b77994\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2518\"\u003e#2518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/bdc9746ab7f6d50b08d372afafcf6aab5bc31bc1\"\u003e\u003ccode\u003ebdc9746\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/apparentlymart/go-cidr from 1.1.0 to 1.1.1 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/2f8ceaa9ef60e497e961ab833506070992248be3\"\u003e\u003ccode\u003e2f8ceaa\u003c/code\u003e\u003c/a\u003e build(deps): Bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2516\"\u003e#2516\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/198db78a0b3f407fd0ce3b8bdd3f4c097e463aa7\"\u003e\u003ccode\u003e198db78\u003c/code\u003e\u003c/a\u003e docs: deprecate curl pipe bash installation (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2514\"\u003e#2514\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ee955afb843a3eea7b463f9f09ce73407465c497\"\u003e\u003ccode\u003eee955af\u003c/code\u003e\u003c/a\u003e build(deps): Bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2512\"\u003e#2512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 4.1.4 to 4.2.0\n\nUpdates `golang` from 1.26.2-alpine to 1.26.3-alpine\n\nUpdates `golangci/golangci-lint` from v2.12.0 to v2.12.2\n\nUpdates `hashicorp/terraform` from 1.15.0 to 1.15.3\n\nUpdates `scalameta/scalafmt` from v3.11.0 to v3.11.1\n\nUpdates `dart` from 3.11.5-sdk to 3.11.6-sdk\n\nUpdates `dotnet/sdk` from 10.0.203-alpine3.23 to 10.0.300-alpine3.23\n\nUpdates `composer/composer` from 2.9.7 to 2.9.8\n","html_url":"https://github.com/super-linter/super-linter/pull/7817","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7817","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7817/packages"},{"uuid":"4230444420","node_id":"PR_kwDODOjFv87RDYrS","number":7728,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-09T07:45:26.000Z","updated_at":"2026-04-09T07:57:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":2,"packages":[{"name":"alpine/helm","old_version":"4.1.3","new_version":"4.1.4"},{"name":"golang","old_version":"1.26.1-alpine","new_version":"1.26.2-alpine"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 2 updates in the / directory: alpine/helm and golang.\n\nUpdates `alpine/helm` from 4.1.3 to 4.1.4\n\nUpdates `golang` from 1.26.1-alpine to 1.26.2-alpine\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7728","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7728","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7728/packages"},{"uuid":"4068691575","node_id":"PR_kwDOF62svs7KPb01","number":1074,"state":"closed","title":"Bump alpine/helm from 3.19.0 to 4.1.3 in /tools/dplsh","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-10T04:03:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-13T04:03:48.000Z","updated_at":"2026-04-10T04:03:58.000Z","time_to_close":2419208,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.1.3","repository_url":null}],"path":"/tools/dplsh","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.19.0 to 4.1.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.19.0\u0026new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/danskernesdigitalebibliotek/dpl-platform/pull/1074","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danskernesdigitalebibliotek%2Fdpl-platform/issues/1074","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1074/packages"},{"uuid":"4067056145","node_id":"PR_kwDOQ_LuD87KKNY5","number":67,"state":"closed","title":"chore(deps): bump alpine/helm from 3.14.0 to 4.1.3 in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-09T20:25:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-12T20:25:50.000Z","updated_at":"2026-04-09T20:25:53.000Z","time_to_close":2419202,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"alpine/helm","old_version":"3.14.0","new_version":"4.1.3","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.14.0 to 4.1.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.14.0\u0026new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/bmartensNL/Kubarr/pull/67","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmartensNL%2FKubarr/issues/67","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/67/packages"},{"uuid":"3926598550","node_id":"PR_kwDODOjFv87DAeN0","number":7508,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-11T13:34:25.000Z","updated_at":"2026-02-12T09:01:08.959Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":8,"packages":[{"name":"terraform-linters/tflint","old_version":"v0.60.0","new_version":"v0.61.0","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"4.1.0","new_version":"4.1.1"},{"name":"golang","old_version":"1.25.6-alpine","new_version":"1.26.0-alpine"},{"name":"golangci/golangci-lint","old_version":"v2.8.0","new_version":"v2.9.0"},{"name":"kustomize/kustomize","old_version":"v5.8.0","new_version":"v5.8.1"},{"name":"scalameta/scalafmt","old_version":"v3.10.6","new_version":"v3.10.7"},{"name":"dart","old_version":"3.10.9-sdk","new_version":"3.11.0-sdk"},{"name":"dotnet/sdk","old_version":"10.0.102-alpine3.23","new_version":"10.0.103-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.60.0` | `v0.61.0` |\n| alpine/helm | `4.1.0` | `4.1.1` |\n| golang | `1.25.6-alpine` | `1.26.0-alpine` |\n| golangci/golangci-lint | `v2.8.0` | `v2.9.0` |\n| kustomize/kustomize | `v5.8.0` | `v5.8.1` |\n| scalameta/scalafmt | `v3.10.6` | `v3.10.7` |\n| dart | `3.10.9-sdk` | `3.11.0-sdk` |\n| dotnet/sdk | `10.0.102-alpine3.23` | `10.0.103-alpine3.23` |\n\n\nUpdates `terraform-linters/tflint` from v0.60.0 to v0.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.61.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eversion\u003c/code\u003e: add update notifications, json output by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2421\"\u003eterraform-linters/tflint#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/terraform-linters/tflint-ruleset-terraform from 0.13.0 to 0.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2445\"\u003eterraform-linters/tflint#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugin: Enable plugin keyless verification by default by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2453\"\u003eterraform-linters/tflint#2453\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 5.0.0 to 5.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2414\"\u003eterraform-linters/tflint#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2415\"\u003eterraform-linters/tflint#2415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/crypto from 0.44.0 to 0.45.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2416\"\u003eterraform-linters/tflint#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.76.0 to 1.77.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2417\"\u003eterraform-linters/tflint#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2418\"\u003eterraform-linters/tflint#2418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 5.0.1 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2420\"\u003eterraform-linters/tflint#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 6.0.0 to 6.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2419\"\u003eterraform-linters/tflint#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/metadata-action from 5.9.0 to 5.10.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2422\"\u003eterraform-linters/tflint#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/hashicorp/go-version from 1.7.0 to 1.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2423\"\u003eterraform-linters/tflint#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 6.0.0 to 6.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2425\"\u003eterraform-linters/tflint#2425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/oauth2 from 0.33.0 to 0.34.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2428\"\u003eterraform-linters/tflint#2428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2426\"\u003eterraform-linters/tflint#2426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2432\"\u003eterraform-linters/tflint#2432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2433\"\u003eterraform-linters/tflint#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for Terraform v1.14 by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2424\"\u003eterraform-linters/tflint#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump alpine from 3.22 to 3.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2427\"\u003eterraform-linters/tflint#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2437\"\u003eterraform-linters/tflint#2437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2438\"\u003eterraform-linters/tflint#2438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty-yaml from 1.1.0 to 1.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2439\"\u003eterraform-linters/tflint#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an integration test for root only traversal by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2436\"\u003eterraform-linters/tflint#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.77.0 to 1.78.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2441\"\u003eterraform-linters/tflint#2441\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2444\"\u003eterraform-linters/tflint#2444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2446\"\u003eterraform-linters/tflint#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: windows plugin development by \u003ca href=\"https://github.com/Netkracker\"\u003e\u003ccode\u003e@​Netkracker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2334\"\u003eterraform-linters/tflint#2334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2450\"\u003eterraform-linters/tflint#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2451\"\u003eterraform-linters/tflint#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2452\"\u003eterraform-linters/tflint#2452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 6.0.1 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2454\"\u003eterraform-linters/tflint#2454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2455\"\u003eterraform-linters/tflint#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2456\"\u003eterraform-linters/tflint#2456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/login-action from 3.6.0 to 3.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2458\"\u003eterraform-linters/tflint#2458\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Netkracker\"\u003e\u003ccode\u003e@​Netkracker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2334\"\u003eterraform-linters/tflint#2334\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c604bd634554b29602eae507e5a75baebb6365bf\"\u003e\u003ccode\u003ec604bd6\u003c/code\u003e\u003c/a\u003e Bump up version to v0.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c02554689f372d8d168dca3d7ba00f3de4f88ee9\"\u003e\u003ccode\u003ec025546\u003c/code\u003e\u003c/a\u003e plugin: Enable plugin keyless verification by default (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2453\"\u003e#2453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/26e8e15da0cbd8103f29a6490e63fb8b946b164c\"\u003e\u003ccode\u003e26e8e15\u003c/code\u003e\u003c/a\u003e build(deps): Bump docker/login-action from 3.6.0 to 3.7.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2458\"\u003e#2458\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/faa8d1c9baa5e3cad207387225c867b95edbe766\"\u003e\u003ccode\u003efaa8d1c\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/theupdateframework/go-tuf/v2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/013df8b451a0f25dd83e7e7af0dbaa8377770d9e\"\u003e\u003ccode\u003e013df8b\u003c/code\u003e\u003c/a\u003e build(deps): Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2455\"\u003e#2455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/cb7befaf7db2d99be3dee17eca295508d785bd5c\"\u003e\u003ccode\u003ecb7befa\u003c/code\u003e\u003c/a\u003e build(deps): Bump actions/checkout from 6.0.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2454\"\u003e#2454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/e4d1818d700fb2b79df0ae82bd7ec566d5aee5aa\"\u003e\u003ccode\u003ee4d1818\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2452\"\u003e#2452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ddc122378ad7169e74396ad71a29f5d9cd505469\"\u003e\u003ccode\u003eddc1223\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2451\"\u003e#2451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/e2cb3f91ea19cd345661383b815dcb0e197f41b5\"\u003e\u003ccode\u003ee2cb3f9\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/theupdateframework/go-tuf/v2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2450\"\u003e#2450\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/7c172c26dcfa15b93a147bd621084539e4d83021\"\u003e\u003ccode\u003e7c172c2\u003c/code\u003e\u003c/a\u003e docs: windows plugin development (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2334\"\u003e#2334\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 4.1.0 to 4.1.1\n\nUpdates `golang` from 1.25.6-alpine to 1.26.0-alpine\n\nUpdates `golangci/golangci-lint` from v2.8.0 to v2.9.0\n\nUpdates `kustomize/kustomize` from v5.8.0 to v5.8.1\n\nUpdates `scalameta/scalafmt` from v3.10.6 to v3.10.7\n\nUpdates `dart` from 3.10.9-sdk to 3.11.0-sdk\n\nUpdates `dotnet/sdk` from 10.0.102-alpine3.23 to 10.0.103-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7508","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7508","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7508/packages"},{"uuid":"3831470411","node_id":"PR_kwDOIiGuK86-GW0H","number":360,"state":"closed","title":"deps(docker): bump alpine/helm from 3.15.4 to 4.0.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-26T23:42:59.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-19T23:18:42.000Z","updated_at":"2026-01-26T23:43:00.000Z","time_to_close":606257,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.15.4","new_version":"4.0.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.15.4 to 4.0.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.15.4\u0026new-version=4.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/github_super-linter/pull/360","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Fgithub_super-linter/issues/360","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/360/packages"},{"uuid":"3821730271","node_id":"PR_kwDODOjFv869mlDO","number":7388,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-16T11:56:35.000Z","updated_at":"2026-01-16T12:06:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":5,"packages":[{"name":"alpine/helm","old_version":"4.0.4","new_version":"4.0.5"},{"name":"golang","old_version":"1.25.5-alpine","new_version":"1.26rc2-alpine"},{"name":"goreleaser/goreleaser","old_version":"v2.13.2","new_version":"v2.13.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.12.23-alpine","new_version":"2026.01.12-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dotnet/sdk","old_version":"10.0.101-alpine3.23","new_version":"10.0.102-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/helm | `4.0.4` | `4.0.5` |\n| golang | `1.25.5-alpine` | `1.26rc2-alpine` |\n| goreleaser/goreleaser | `v2.13.2` | `v2.13.3` |\n| [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) | `2025.12.23-alpine` | `2026.01.12-alpine` |\n| dotnet/sdk | `10.0.101-alpine3.23` | `10.0.102-alpine3.23` |\n\n\nUpdates `alpine/helm` from 4.0.4 to 4.0.5\n\nUpdates `golang` from 1.25.5-alpine to 1.26rc2-alpine\n\nUpdates `goreleaser/goreleaser` from v2.13.2 to v2.13.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.12.23-alpine to 2026.01.12-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2026.01.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd type checking for sorted-map-by, sorted-set, and sorted-set-by by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2694\"\u003eclj-kondo/clj-kondo#2694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure array functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2697\"\u003eclj-kondo/clj-kondo#2697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2695\"\u003e#2695\u003c/a\u003e: false positive in leiningen project.clj with unquote by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2698\"\u003eclj-kondo/clj-kondo#2698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2700\"\u003eclj-kondo/clj-kondo#2700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd new linter for eager :or expressions in mapping in destructuring by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2702\"\u003eclj-kondo/clj-kondo#2702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Detect unused :excluded vars (\u003ccode\u003e:unused-excluded-var\u003c/code\u003e) by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2679\"\u003eclj-kondo/clj-kondo#2679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRename linter for unresolved excluded vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2705\"\u003eclj-kondo/clj-kondo#2705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add linter for superfluous primitive coercion calls by \u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2710\"\u003eclj-kondo/clj-kondo#2710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix unused value linter for defmethod bodies by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2714\"\u003eclj-kondo/clj-kondo#2714\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix regression for unused binding warnings by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2715\"\u003eclj-kondo/clj-kondo#2715\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e handling for ignored vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2717\"\u003eclj-kondo/clj-kondo#2717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister list in call position as not a function by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2718\"\u003eclj-kondo/clj-kondo#2718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant format linter and tests by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2716\"\u003eclj-kondo/clj-kondo#2716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix arities for comp so type mismatches are found by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2720\"\u003eclj-kondo/clj-kondo#2720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure test functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2706\"\u003eclj-kondo/clj-kondo#2706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify code by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2721\"\u003eclj-kondo/clj-kondo#2721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd clojure.test/is for condition always true linter by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2722\"\u003eclj-kondo/clj-kondo#2722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt excluded msg by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2724\"\u003eclj-kondo/clj-kondo#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTighten up type checking for second arg of -in fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2726\"\u003eclj-kondo/clj-kondo#2726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd class type and type checking support by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2725\"\u003eclj-kondo/clj-kondo#2725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function by \u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump to GraalVM 25 by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2728\"\u003eclj-kondo/clj-kondo#2728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2739\"\u003e#2739\u003c/a\u003e: Extend \u003ccode\u003e:equals-expected-position\u003c/code\u003e linter to also warn for \u003ccode\u003enot=\u003c/code\u003e when expected value is not first (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2734\"\u003e#2734\u003c/a\u003e: NEW linter: \u003ccode\u003e:aliased-referred-var\u003c/code\u003e, which warns when a var is both referred and accessed via an alias in the same namespace. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2732\"\u003e#2732\u003c/a\u003e: \u003ccode\u003eunreachable-code\u003c/code\u003e: warn when \u003ccode\u003e:default\u003c/code\u003e does not come last in reader conditionals (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2735\"\u003e#2735\u003c/a\u003e: NEW linter: \u003ccode\u003e:duplicate-refer\u003c/code\u003e which warns on duplicate entries in \u003ccode\u003e:refer\u003c/code\u003e of \u003ccode\u003e:require\u003c/code\u003e. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estr/replace\u003c/code\u003e false positive and tighten comp ret type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2729\"\u003e#2729\u003c/a\u003e: Check for arity mismatch for bound vectors, sets \u0026amp; maps, not just literals (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003einst\u003c/code\u003e and type checking support for \u003ccode\u003einst-ms\u003c/code\u003e and \u003ccode\u003einst-ms*\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2026.01.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2712\"\u003e#2712\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-format\u003c/code\u003e to warn when format strings contain no format specifiers (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2709\"\u003e#2709\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-primitive-coercion\u003c/code\u003e to warn when primitive coercion functions are applied to expressions already of that type (\u003ca href=\"https://github.com/hugod\"\u003e\u003ccode\u003e@​hugod\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2600\"\u003e#2600\u003c/a\u003e: NEW linter: \u003ccode\u003eunused-excluded-var\u003c/code\u003e to warn on unused vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2459\"\u003e#2459\u003c/a\u003e: NEW linter: \u003ccode\u003e:destructured-or-always-evaluates\u003c/code\u003e to warn on s-expressions in \u003ccode\u003e:or\u003c/code\u003e defaults in map destructuring (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChange second arg for assoc-in, get-in and update-in to be sequential, not just seqable (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e:condition-always-true\u003c/code\u003e finding was adding full context into findigns (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2340\"\u003e#2340\u003c/a\u003e: Extend \u003ccode\u003e:condition-always-true\u003c/code\u003e linter to check first argument of \u003ccode\u003eclojure.test/is\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2719\"\u003e#2719\u003c/a\u003e: Fix: \u003ccode\u003ecomp\u003c/code\u003e args are now properly type checked (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2692\"\u003e#2692\u003c/a\u003e: Lint quoted forms which are not functions (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2691\"\u003e#2691\u003c/a\u003e: Fix: \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e now properly ignores elements with \u003ccode\u003e#_\u003c/code\u003e (e.g. \u003ccode\u003e#_:clj-kondo/ignore comp2\u003c/code\u003e) \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2713\"\u003e#2713\u003c/a\u003e: Fix regression: getting unused binding warning in \u003ccode\u003e~'~\u003c/code\u003e unquote expressions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2711\"\u003e#2711\u003c/a\u003e: Unused value inside \u003ccode\u003edefmethod\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for \u003ccode\u003esorted-map-by\u003c/code\u003e, \u003ccode\u003esorted-set\u003c/code\u003e, and \u003ccode\u003esorted-set-by\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003earray\u003c/code\u003e and type checking support for the next functions: \u003ccode\u003eto-array\u003c/code\u003e, \u003ccode\u003ealength\u003c/code\u003e, \u003ccode\u003eaget\u003c/code\u003e, \u003ccode\u003easet\u003c/code\u003e and \u003ccode\u003eaclone\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003eclass\u003c/code\u003e and type checking support for class-related functions: \u003ccode\u003einstance?\u003c/code\u003e, \u003ccode\u003ecast\u003c/code\u003e, \u003ccode\u003eclass\u003c/code\u003e, \u003ccode\u003emake-array\u003c/code\u003e, \u003ccode\u003ebases\u003c/code\u003e and \u003ccode\u003esupers\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for clojure.test functions and macros (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2696\"\u003e#2695\u003c/a\u003e: false positive \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e in leiningen's \u003ccode\u003edefproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLeiningen's \u003ccode\u003edefproject\u003c/code\u003e behavior can now be configured using \u003ccode\u003eleiningen.core.project/defproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a50babed55077b31ec3e77bc4448f42e9e4c4f6d\"\u003e\u003ccode\u003ea50babe\u003c/code\u003e\u003c/a\u003e v2026.01.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d2b7ffbe283c556605a7f62d3c1a7008c52e6113\"\u003e\u003ccode\u003ed2b7ffb\u003c/code\u003e\u003c/a\u003e Bump to GraalVM 25 (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2728\"\u003e#2728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a5c40dc40cdf3df180f37a9b7e45fc085dadc2ad\"\u003e\u003ccode\u003ea5c40dc\u003c/code\u003e\u003c/a\u003e Update documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2727\"\u003e#2727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca640af7714d75a108b38d7a5078482b81758c6b\"\u003e\u003ccode\u003eca640af\u003c/code\u003e\u003c/a\u003e Add class type and type checking support (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2725\"\u003e#2725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/2bfb137b9de9122186461bd66fe5f0b8417281fa\"\u003e\u003ccode\u003e2bfb137\u003c/code\u003e\u003c/a\u003e Tighten up type checking for second arg of -in fns (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2726\"\u003e#2726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/b4d542eaf9f6a30269a6f81423a222a9e6398e57\"\u003e\u003ccode\u003eb4d542e\u003c/code\u003e\u003c/a\u003e Adapt excluded msg (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2724\"\u003e#2724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a70eb61c7f36217b3db8b45dcd0085f364a370b8\"\u003e\u003ccode\u003ea70eb61\u003c/code\u003e\u003c/a\u003e Add clojure.test/is for condition always true linter (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2722\"\u003e#2722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/3ae3cd0b8ff82c3b489fc78a4305720491e06c88\"\u003e\u003ccode\u003e3ae3cd0\u003c/code\u003e\u003c/a\u003e Simplify code (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2721\"\u003e#2721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/699ed8c1b4f9cf840d6c381d43a38d7de38da94b\"\u003e\u003ccode\u003e699ed8c\u003c/code\u003e\u003c/a\u003e Temp findings update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/86df5800f173056a8d233fadfcb76f41757d2cbf\"\u003e\u003ccode\u003e86df580\u003c/code\u003e\u003c/a\u003e Add type checking for Clojure test functions (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotnet/sdk` from 10.0.101-alpine3.23 to 10.0.102-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7388","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7388","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7388/packages"},{"uuid":"3817598887","node_id":"PR_kwDODOjFv869Yu9e","number":7384,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-01-16T11:56:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-15T13:34:14.000Z","updated_at":"2026-01-16T11:56:31.000Z","time_to_close":80535,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":4,"packages":[{"name":"alpine/helm","old_version":"4.0.4","new_version":"4.0.5"},{"name":"goreleaser/goreleaser","old_version":"v2.13.2","new_version":"v2.13.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.12.23-alpine","new_version":"2026.01.12-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dotnet/sdk","old_version":"10.0.101-alpine3.23","new_version":"10.0.102-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 4 updates in the / directory: alpine/helm, goreleaser/goreleaser, [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) and dotnet/sdk.\n\nUpdates `alpine/helm` from 4.0.4 to 4.0.5\n\nUpdates `goreleaser/goreleaser` from v2.13.2 to v2.13.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.12.23-alpine to 2026.01.12-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2026.01.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd type checking for sorted-map-by, sorted-set, and sorted-set-by by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2694\"\u003eclj-kondo/clj-kondo#2694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure array functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2697\"\u003eclj-kondo/clj-kondo#2697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2695\"\u003e#2695\u003c/a\u003e: false positive in leiningen project.clj with unquote by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2698\"\u003eclj-kondo/clj-kondo#2698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2700\"\u003eclj-kondo/clj-kondo#2700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd new linter for eager :or expressions in mapping in destructuring by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2702\"\u003eclj-kondo/clj-kondo#2702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Detect unused :excluded vars (\u003ccode\u003e:unused-excluded-var\u003c/code\u003e) by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2679\"\u003eclj-kondo/clj-kondo#2679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRename linter for unresolved excluded vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2705\"\u003eclj-kondo/clj-kondo#2705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add linter for superfluous primitive coercion calls by \u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2710\"\u003eclj-kondo/clj-kondo#2710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix unused value linter for defmethod bodies by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2714\"\u003eclj-kondo/clj-kondo#2714\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix regression for unused binding warnings by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2715\"\u003eclj-kondo/clj-kondo#2715\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e handling for ignored vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2717\"\u003eclj-kondo/clj-kondo#2717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister list in call position as not a function by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2718\"\u003eclj-kondo/clj-kondo#2718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant format linter and tests by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2716\"\u003eclj-kondo/clj-kondo#2716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix arities for comp so type mismatches are found by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2720\"\u003eclj-kondo/clj-kondo#2720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure test functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2706\"\u003eclj-kondo/clj-kondo#2706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify code by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2721\"\u003eclj-kondo/clj-kondo#2721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd clojure.test/is for condition always true linter by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2722\"\u003eclj-kondo/clj-kondo#2722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt excluded msg by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2724\"\u003eclj-kondo/clj-kondo#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTighten up type checking for second arg of -in fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2726\"\u003eclj-kondo/clj-kondo#2726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd class type and type checking support by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2725\"\u003eclj-kondo/clj-kondo#2725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function by \u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump to GraalVM 25 by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2728\"\u003eclj-kondo/clj-kondo#2728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2739\"\u003e#2739\u003c/a\u003e: Extend \u003ccode\u003e:equals-expected-position\u003c/code\u003e linter to also warn for \u003ccode\u003enot=\u003c/code\u003e when expected value is not first (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2734\"\u003e#2734\u003c/a\u003e: NEW linter: \u003ccode\u003e:aliased-referred-var\u003c/code\u003e, which warns when a var is both referred and accessed via an alias in the same namespace. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2732\"\u003e#2732\u003c/a\u003e: \u003ccode\u003eunreachable-code\u003c/code\u003e: warn when \u003ccode\u003e:default\u003c/code\u003e does not come last in reader conditionals (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2735\"\u003e#2735\u003c/a\u003e: NEW linter: \u003ccode\u003e:duplicate-refer\u003c/code\u003e which warns on duplicate entries in \u003ccode\u003e:refer\u003c/code\u003e of \u003ccode\u003e:require\u003c/code\u003e. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estr/replace\u003c/code\u003e false positive and tighten comp ret type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2729\"\u003e#2729\u003c/a\u003e: Check for arity mismatch for bound vectors, sets \u0026amp; maps, not just literals (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003einst\u003c/code\u003e and type checking support for \u003ccode\u003einst-ms\u003c/code\u003e and \u003ccode\u003einst-ms*\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2026.01.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2712\"\u003e#2712\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-format\u003c/code\u003e to warn when format strings contain no format specifiers (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2709\"\u003e#2709\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-primitive-coercion\u003c/code\u003e to warn when primitive coercion functions are applied to expressions already of that type (\u003ca href=\"https://github.com/hugod\"\u003e\u003ccode\u003e@​hugod\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2600\"\u003e#2600\u003c/a\u003e: NEW linter: \u003ccode\u003eunused-excluded-var\u003c/code\u003e to warn on unused vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2459\"\u003e#2459\u003c/a\u003e: NEW linter: \u003ccode\u003e:destructured-or-always-evaluates\u003c/code\u003e to warn on s-expressions in \u003ccode\u003e:or\u003c/code\u003e defaults in map destructuring (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChange second arg for assoc-in, get-in and update-in to be sequential, not just seqable (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e:condition-always-true\u003c/code\u003e finding was adding full context into findigns (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2340\"\u003e#2340\u003c/a\u003e: Extend \u003ccode\u003e:condition-always-true\u003c/code\u003e linter to check first argument of \u003ccode\u003eclojure.test/is\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2719\"\u003e#2719\u003c/a\u003e: Fix: \u003ccode\u003ecomp\u003c/code\u003e args are now properly type checked (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2692\"\u003e#2692\u003c/a\u003e: Lint quoted forms which are not functions (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2691\"\u003e#2691\u003c/a\u003e: Fix: \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e now properly ignores elements with \u003ccode\u003e#_\u003c/code\u003e (e.g. \u003ccode\u003e#_:clj-kondo/ignore comp2\u003c/code\u003e) \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2713\"\u003e#2713\u003c/a\u003e: Fix regression: getting unused binding warning in \u003ccode\u003e~'~\u003c/code\u003e unquote expressions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2711\"\u003e#2711\u003c/a\u003e: Unused value inside \u003ccode\u003edefmethod\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for \u003ccode\u003esorted-map-by\u003c/code\u003e, \u003ccode\u003esorted-set\u003c/code\u003e, and \u003ccode\u003esorted-set-by\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003earray\u003c/code\u003e and type checking support for the next functions: \u003ccode\u003eto-array\u003c/code\u003e, \u003ccode\u003ealength\u003c/code\u003e, \u003ccode\u003eaget\u003c/code\u003e, \u003ccode\u003easet\u003c/code\u003e and \u003ccode\u003eaclone\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003eclass\u003c/code\u003e and type checking support for class-related functions: \u003ccode\u003einstance?\u003c/code\u003e, \u003ccode\u003ecast\u003c/code\u003e, \u003ccode\u003eclass\u003c/code\u003e, \u003ccode\u003emake-array\u003c/code\u003e, \u003ccode\u003ebases\u003c/code\u003e and \u003ccode\u003esupers\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for clojure.test functions and macros (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2696\"\u003e#2695\u003c/a\u003e: false positive \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e in leiningen's \u003ccode\u003edefproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLeiningen's \u003ccode\u003edefproject\u003c/code\u003e behavior can now be configured using \u003ccode\u003eleiningen.core.project/defproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a50babed55077b31ec3e77bc4448f42e9e4c4f6d\"\u003e\u003ccode\u003ea50babe\u003c/code\u003e\u003c/a\u003e v2026.01.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d2b7ffbe283c556605a7f62d3c1a7008c52e6113\"\u003e\u003ccode\u003ed2b7ffb\u003c/code\u003e\u003c/a\u003e Bump to GraalVM 25 (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2728\"\u003e#2728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a5c40dc40cdf3df180f37a9b7e45fc085dadc2ad\"\u003e\u003ccode\u003ea5c40dc\u003c/code\u003e\u003c/a\u003e Update documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2727\"\u003e#2727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca640af7714d75a108b38d7a5078482b81758c6b\"\u003e\u003ccode\u003eca640af\u003c/code\u003e\u003c/a\u003e Add class type and type checking support (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2725\"\u003e#2725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/2bfb137b9de9122186461bd66fe5f0b8417281fa\"\u003e\u003ccode\u003e2bfb137\u003c/code\u003e\u003c/a\u003e Tighten up type checking for second arg of -in fns (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2726\"\u003e#2726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/b4d542eaf9f6a30269a6f81423a222a9e6398e57\"\u003e\u003ccode\u003eb4d542e\u003c/code\u003e\u003c/a\u003e Adapt excluded msg (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2724\"\u003e#2724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a70eb61c7f36217b3db8b45dcd0085f364a370b8\"\u003e\u003ccode\u003ea70eb61\u003c/code\u003e\u003c/a\u003e Add clojure.test/is for condition always true linter (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2722\"\u003e#2722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/3ae3cd0b8ff82c3b489fc78a4305720491e06c88\"\u003e\u003ccode\u003e3ae3cd0\u003c/code\u003e\u003c/a\u003e Simplify code (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2721\"\u003e#2721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/699ed8c1b4f9cf840d6c381d43a38d7de38da94b\"\u003e\u003ccode\u003e699ed8c\u003c/code\u003e\u003c/a\u003e Temp findings update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/86df5800f173056a8d233fadfcb76f41757d2cbf\"\u003e\u003ccode\u003e86df580\u003c/code\u003e\u003c/a\u003e Add type checking for Clojure test functions (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotnet/sdk` from 10.0.101-alpine3.23 to 10.0.102-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7384","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7384","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7384/packages"},{"uuid":"3757500742","node_id":"PR_kwDOJbs5-s66Vg3s","number":168,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-23T16:58:43.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-23T14:07:39.000Z","updated_at":"2025-12-23T16:58:45.000Z","time_to_close":10264,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":5,"packages":[{"name":"alpine/helm","old_version":"4.0.0","new_version":"4.0.4"},{"name":"hashicorp/terraform","old_version":"1.14.2","new_version":"1.14.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.10.23-alpine","new_version":"2025.12.23-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dart","old_version":"3.10.4-sdk","new_version":"3.10.6-sdk"},{"name":"aquasecurity/trivy","old_version":"0.68.1","new_version":"0.68.2","repository_url":"https://github.com/aquasecurity/trivy"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/helm | `4.0.0` | `4.0.4` |\n| hashicorp/terraform | `1.14.2` | `1.14.3` |\n| [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) | `2025.10.23-alpine` | `2025.12.23-alpine` |\n| dart | `3.10.4-sdk` | `3.10.6-sdk` |\n| [aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.68.1` | `0.68.2` |\n\n\nUpdates `alpine/helm` from 4.0.0 to 4.0.4\n\nUpdates `hashicorp/terraform` from 1.14.2 to 1.14.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.10.23-alpine to 2025.12.23-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2025.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2651\"\u003e#2651\u003c/a\u003e: resume linting after paren mismatches by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2652\"\u003eclj-kondo/clj-kondo#2652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDuplicate key args for associative fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2650\"\u003eclj-kondo/clj-kondo#2650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inner class normalization by \u003ca href=\"https://github.com/ericdallo\"\u003e\u003ccode\u003e@​ericdallo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2657\"\u003eclj-kondo/clj-kondo#2657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude inner classes by \u003ca href=\"https://github.com/ericdallo\"\u003e\u003ccode\u003e@​ericdallo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2658\"\u003eclj-kondo/clj-kondo#2658\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade fs by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2659\"\u003eclj-kondo/clj-kondo#2659\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCircle config by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2662\"\u003eclj-kondo/clj-kondo#2662\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2532\"\u003e#2532\u003c/a\u003e: ignore duplicate require icm :reload/:reload-all by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2663\"\u003eclj-kondo/clj-kondo#2663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2432\"\u003e#2432\u003c/a\u003e: don't warn for redundant-fn-wrapper in case of inlined fun… by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2664\"\u003eclj-kondo/clj-kondo#2664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant-let-binding linter by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2655\"\u003eclj-kondo/clj-kondo#2655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2599\"\u003e#2599\u003c/a\u003e: Detect wrong no. of arguments passed to coll by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2665\"\u003eclj-kondo/clj-kondo#2665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix linter.md entry for redundant-let-binding by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2667\"\u003eclj-kondo/clj-kondo#2667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: redundant-call's level check didn't work by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2670\"\u003eclj-kondo/clj-kondo#2670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2661\"\u003e#2661\u003c/a\u003e: recur in tail position in core.match by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2672\"\u003eclj-kondo/clj-kondo#2672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2617\"\u003e#2617\u003c/a\u003e - Add types for \u003ccode\u003erepeatedly\u003c/code\u003e function by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2674\"\u003eclj-kondo/clj-kondo#2674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2653\"\u003e#2653\u003c/a\u003e: detect unquote that isn't syntax-quoted by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2681\"\u003eclj-kondo/clj-kondo#2681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLint trailing varargs syntax errs, lint varargs errs in let bindings by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2669\"\u003eclj-kondo/clj-kondo#2669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake all :keys bindings symbols, not keywords by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2682\"\u003eclj-kondo/clj-kondo#2682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2683\"\u003e#2683\u003c/a\u003e: ex-info data may be nil by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2685\"\u003eclj-kondo/clj-kondo#2685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Add handling for unresolved namespaces in maps by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2686\"\u003eclj-kondo/clj-kondo#2686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ratio type support for numerator and denominator by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2684\"\u003eclj-kondo/clj-kondo#2684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e - Add linter for non-existing vars in refer-clojure by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2675\"\u003eclj-kondo/clj-kondo#2675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump clojurescript by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2688\"\u003eclj-kondo/clj-kondo#2688\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: :refer-global and :require-global by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2689\"\u003eclj-kondo/clj-kondo#2689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e: support inline configs in .cljc files by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2690\"\u003eclj-kondo/clj-kondo#2690\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2674\"\u003eclj-kondo/clj-kondo#2674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e2025.12.23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2654\"\u003e#2654\u003c/a\u003e: NEW linter: \u003ccode\u003eredundant-let-binding\u003c/code\u003e, defaults to \u003ccode\u003e:off\u003c/code\u003e (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2653\"\u003e#2653\u003c/a\u003e: NEW linter: \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e to warn on \u003ccode\u003e~\u003c/code\u003e and \u003ccode\u003e~@\u003c/code\u003e usage outside syntax-quote (\u003ccode\u003e`\u003c/code\u003e) (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e: NEW linter: \u003ccode\u003e:refer-clojure-exclude-unresolved-var\u003c/code\u003e to warn on non-existing vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2668\"\u003e#2668\u003c/a\u003e: Lint \u003ccode\u003e\u0026amp;\u003c/code\u003e syntax errors in let bindings and lint for trailing \u003ccode\u003e\u0026amp;\u003c/code\u003e (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2590\"\u003e#2590\u003c/a\u003e: \u003ccode\u003eduplicate-key-in-assoc\u003c/code\u003e changed to \u003ccode\u003eduplicate-key-args\u003c/code\u003e, and now lints \u003ccode\u003edissoc\u003c/code\u003e, \u003ccode\u003eassoc!\u003c/code\u003e and \u003ccode\u003edissoc!\u003c/code\u003e too (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2651\"\u003e#2651\u003c/a\u003e: resume linting after paren mismatches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clojure-lsp/clojure-lsp/issues/2157\"\u003eclojure-lsp#2651\u003c/a\u003e: Fix inner class name for java-class-definitions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clojure-lsp/clojure-lsp/issues/2157\"\u003eclojure-lsp#2651\u003c/a\u003e: Include inner class java-class-definition analysis.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003ebabashka/fs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2532\"\u003e#2532\u003c/a\u003e: Disable \u003ccode\u003e:duplicate-require\u003c/code\u003e in \u003ccode\u003erequire\u003c/code\u003e + \u003ccode\u003e:reload\u003c/code\u003e / \u003ccode\u003e:reload-all\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2432\"\u003e#2432\u003c/a\u003e: Don't warn for \u003ccode\u003e:redundant-fn-wrapper\u003c/code\u003e in case of inlined function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2599\"\u003e#2599\u003c/a\u003e: detect invalid arity for invoking collection as higher order function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2661\"\u003e#2661\u003c/a\u003e: Fix false positive \u003ccode\u003e:unexpected-recur\u003c/code\u003e when \u003ccode\u003erecur\u003c/code\u003e is used inside \u003ccode\u003eclojure.core.match/match\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2617\"\u003e#2617\u003c/a\u003e: Add types for \u003ccode\u003erepeatedly\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e:ratio\u003c/code\u003e type support for \u003ccode\u003enumerator\u003c/code\u003e and \u003ccode\u003edenominator\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Report unresolved namespace for namespaced maps with unknown aliases (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2683\"\u003e#2683\u003c/a\u003e: data argument of \u003ccode\u003eex-info\u003c/code\u003e may be nil since clojure 1.12\u003c/li\u003e\n\u003cli\u003eBump built-in ClojureScript analysis info\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: support new \u003ccode\u003e:refer-global\u003c/code\u003e and \u003ccode\u003e:require-global\u003c/code\u003e ns options in CLJS\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2554\u003c/a\u003e: support inline configs in \u003ccode\u003e.cljc\u003c/code\u003e files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2025.10.23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2590\"\u003e#2590\u003c/a\u003e: NEW linter: \u003ccode\u003eduplicate-key-in-assoc\u003c/code\u003e, defaults to \u003ccode\u003e:warning\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2639\"\u003e#2639\u003c/a\u003e: NEW \u003ccode\u003e:equals-nil\u003c/code\u003e linter to detect \u003ccode\u003e(= nil x)\u003c/code\u003e or \u003ccode\u003e(= x nil)\u003c/code\u003e patterns and suggest \u003ccode\u003e(nil? x)\u003c/code\u003e instead (\u003ca href=\"https://github.com/conao3\"\u003e\u003ccode\u003e@​conao3\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2633\"\u003e#2633\u003c/a\u003e: support new \u003ccode\u003edefparkingop\u003c/code\u003e macro in core.async alpha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2635\"\u003e#2635\u003c/a\u003e: Add \u003ccode\u003e:interface\u003c/code\u003e flag to \u003ccode\u003e:flags\u003c/code\u003e set in \u003ccode\u003e:java-class-definitions\u003c/code\u003e analysis output to distinguish Java interfaces from classes (\u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2636\"\u003e#2636\u003c/a\u003e: set global SCI context so hooks can use \u003ccode\u003erequiring-resolve\u003c/code\u003e etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2641\"\u003e#2641\u003c/a\u003e: fix linting of \u003ccode\u003edef\u003c/code\u003e body, no results due to laziness bug\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca54a322fc860b85cc17f029910a4ec8ad3a8060\"\u003e\u003ccode\u003eca54a32\u003c/code\u003e\u003c/a\u003e v2025.12.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/e18de6534a65a078c43cc87e4e4ad4f66b06f3e0\"\u003e\u003ccode\u003ee18de65\u003c/code\u003e\u003c/a\u003e Minor tweak\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/1c599194c7a5995b369d312e0d5f5f538fef70d0\"\u003e\u003ccode\u003e1c59919\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2554\"\u003e#2554\u003c/a\u003e: wrong issue number mentioned in previous commit, \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/8d9d24f1043eab2878770c271e36d22d3f7e3e94\"\u003e\u003ccode\u003e8d9d24f\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e: support inline configs in .cljc files (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2690\"\u003e#2690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d002f6af84fccd427786568d4821b4225013ff16\"\u003e\u003ccode\u003ed002f6a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: addendum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/f73abcaeed22288c8103ac5074646558b2dd9075\"\u003e\u003ccode\u003ef73abca\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: :refer-global and :require-global (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2689\"\u003e#2689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/c802e14ec8c5a1bebb3929068f4ada61f7b1b484\"\u003e\u003ccode\u003ec802e14\u003c/code\u003e\u003c/a\u003e Bump clojurescript (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2688\"\u003e#2688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/53cba064390edc1e8e3910ec8cce13bf003ba61f\"\u003e\u003ccode\u003e53cba06\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e - Add linter for non-existing vars in refer-clojure (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2675\"\u003e#2675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/29709fd0cb2b7d29055aff55ea9782decb58c153\"\u003e\u003ccode\u003e29709fd\u003c/code\u003e\u003c/a\u003e Add ratio type support for numerator and denominator (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2684\"\u003e#2684\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ac3d2121dfc774289b6385be78e86cb31ec32172\"\u003e\u003ccode\u003eac3d212\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Add handling for unresolved namespaces in maps (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2686\"\u003e#2686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dart` from 3.10.4-sdk to 3.10.6-sdk\n\nUpdates `aquasecurity/trivy` from 0.68.1 to 0.68.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003eaquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.68.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e0c40a8d4b9b943f1b679a20f8ba3cb61c94831de release: v0.68.2 [release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9950\"\u003e#9950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb2894561daa20301eb144cad467d75d8a3d2647 fix(deps): bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9949\"\u003e#9949\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/v0.68.2/CHANGELOG.md\"\u003eaquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.68.1...v0.68.2\"\u003e0.68.2\u003c/a\u003e (2025-12-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9949\"\u003e#9949\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/db2894561daa20301eb144cad467d75d8a3d2647\"\u003edb28945\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/0c40a8d4b9b943f1b679a20f8ba3cb61c94831de\"\u003e\u003ccode\u003e0c40a8d\u003c/code\u003e\u003c/a\u003e release: v0.68.2 [release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9950\"\u003e#9950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/db2894561daa20301eb144cad467d75d8a3d2647\"\u003e\u003ccode\u003edb28945\u003c/code\u003e\u003c/a\u003e fix(deps): bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/dc28f242809c076e63527866f44ad3d6b5229e80\"\u003e\u003ccode\u003edc28f24\u003c/code\u003e\u003c/a\u003e ci: enable \u003ccode\u003echeck-latest\u003c/code\u003e for \u003ccode\u003esetup-go\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9946\"\u003e#9946\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.68.1...v0.68.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/super-linter_super-linter/pull/168","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Fsuper-linter_super-linter/issues/168","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/168/packages"},{"uuid":"3660575085","node_id":"PR_kwDOMe3dxs61Sc4l","number":1216,"state":"open","title":"deps(docker): bump alpine/helm from 3.19.0 to 4.0.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-24T21:22:14.000Z","updated_at":"2025-12-01T23:53:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.0.0","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.19.0 to 4.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.19.0\u0026new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Vimlendu27/super-linter/pull/1216","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vimlendu27%2Fsuper-linter/issues/1216","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1216/packages"},{"uuid":"3659121906","node_id":"PR_kwDODOjFv861Nge4","number":7235,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-11-28T07:29:46.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-24T14:18:18.000Z","updated_at":"2025-11-28T07:29:48.000Z","time_to_close":321088,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":12,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.4","new_version":"1.14.0"},{"name":"terraform-linters/tflint","old_version":"v0.59.1","new_version":"v0.60.0","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.0.0"},{"name":"golangci/golangci-lint","old_version":"v2.6.1","new_version":"v2.6.2"},{"name":"kustomize/kustomize","old_version":"v5.7.1","new_version":"v5.8.0"},{"name":"hashicorp/terraform","old_version":"1.13.5","new_version":"1.14.0"},{"name":"mstruebing/editorconfig-checker","old_version":"v3.4.1","new_version":"v3.5.0"},{"name":"rhysd/actionlint","old_version":"1.7.8","new_version":"1.7.9"},{"name":"zricethezav/gitleaks","old_version":"v8.29.0","new_version":"v8.29.1"},{"name":"dart","old_version":"3.9.4-sdk","new_version":"3.10.1-sdk"},{"name":"dotnet/sdk","old_version":"9.0.306-alpine3.22","new_version":"10.0.100-alpine3.22"},{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.2"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/terragrunt | `1.13.4` | `1.14.0` |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.59.1` | `v0.60.0` |\n| alpine/helm | `3.19.0` | `4.0.0` |\n| golangci/golangci-lint | `v2.6.1` | `v2.6.2` |\n| kustomize/kustomize | `v5.7.1` | `v5.8.0` |\n| hashicorp/terraform | `1.13.5` | `1.14.0` |\n| mstruebing/editorconfig-checker | `v3.4.1` | `v3.5.0` |\n| rhysd/actionlint | `1.7.8` | `1.7.9` |\n| zricethezav/gitleaks | `v8.29.0` | `v8.29.1` |\n| dart | `3.9.4-sdk` | `3.10.1-sdk` |\n| dotnet/sdk | `9.0.306-alpine3.22` | `10.0.100-alpine3.22` |\n| composer/composer | `2.8.12` | `2.9.2` |\n\n\nUpdates `alpine/terragrunt` from 1.13.4 to 1.14.0\n\nUpdates `terraform-linters/tflint` from v0.59.1 to v0.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.60.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release introduces a new configuration file format: \u003ccode\u003e.tflint.json\u003c/code\u003e. This is useful for workflows such as automatically generating configuration files.\nPlease note that in order to use the \u003ccode\u003e.tflint.json\u003c/code\u003e, enabled plugins must be built with SDK v0.23+.\u003c/p\u003e\n\u003cp\u003eFrom this release, Cosign signatures (\u003ccode\u003echecksums.txt.keyless.sig\u003c/code\u003e and \u003ccode\u003echecksums.txt.pem\u003c/code\u003e) are deprecated. They will not be included in future releases. If your installation scripts depend on them, please migrate to \u003ccode\u003egh attestation verify\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON configuration file support by \u003ca href=\"https://github.com/rorychatterton\"\u003e\u003ccode\u003e@​rorychatterton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2391\"\u003eterraform-linters/tflint#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReport structured errors in JUnit and CheckStyle XML formatters by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2407\"\u003eterraform-linters/tflint#2407\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlphabetize rulesets in version output by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2404\"\u003eterraform-linters/tflint#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease: Pin Cosign version and deprecate Cosign signatures by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2405\"\u003eterraform-linters/tflint#2405\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: only read TF_VAR for root module by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2413\"\u003eterraform-linters/tflint#2413\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2376\"\u003eterraform-linters/tflint#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 5.5.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2377\"\u003eterraform-linters/tflint#2377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2378\"\u003eterraform-linters/tflint#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/spf13/afero from 1.14.0 to 1.15.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2380\"\u003eterraform-linters/tflint#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2379\"\u003eterraform-linters/tflint#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/net from 0.43.0 to 0.44.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2381\"\u003eterraform-linters/tflint#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2382\"\u003eterraform-linters/tflint#2382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.1 to 1.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2383\"\u003eterraform-linters/tflint#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2384\"\u003eterraform-linters/tflint#2384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump mislav/bump-homebrew-formula-action from 3.5 to 3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2388\"\u003eterraform-linters/tflint#2388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(script): GitHub API rate limit by \u003ca href=\"https://github.com/Sander0542\"\u003e\u003ccode\u003e@​Sander0542\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2390\"\u003eterraform-linters/tflint#2390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tflint-plugin-sdk to v0.23.0 by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2393\"\u003eterraform-linters/tflint#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.2 to 1.1.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2394\"\u003eterraform-linters/tflint#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/login-action from 3.5.0 to 3.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2395\"\u003eterraform-linters/tflint#2395\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2397\"\u003eterraform-linters/tflint#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.75.1 to 1.76.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2398\"\u003eterraform-linters/tflint#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2399\"\u003eterraform-linters/tflint#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/net from 0.45.0 to 0.46.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2400\"\u003eterraform-linters/tflint#2400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/terraform-linters/tflint-plugin-sdk from 0.23.0 to 0.23.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2402\"\u003eterraform-linters/tflint#2402\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2408\"\u003eterraform-linters/tflint#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2409\"\u003eterraform-linters/tflint#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2410\"\u003eterraform-linters/tflint#2410\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Sander0542\"\u003e\u003ccode\u003e@​Sander0542\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2390\"\u003eterraform-linters/tflint#2390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rorychatterton\"\u003e\u003ccode\u003e@​rorychatterton\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2391\"\u003eterraform-linters/tflint#2391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c932c4d51c367257ba67d7a57abe1b319dab437f\"\u003e\u003ccode\u003ec932c4d\u003c/code\u003e\u003c/a\u003e Bump up version to v0.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c132acc7329c8f3c154874fb21e99a1527520400\"\u003e\u003ccode\u003ec132acc\u003c/code\u003e\u003c/a\u003e Bump Go patch version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/26c49c415b90b222051d7117e42718ff7157d423\"\u003e\u003ccode\u003e26c49c4\u003c/code\u003e\u003c/a\u003e fix: only read TF_VAR environment variables for root module (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2413\"\u003e#2413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/09a61cf8bc6193f321b7cb162783c0b2e26b084a\"\u003e\u003ccode\u003e09a61cf\u003c/code\u003e\u003c/a\u003e build(deps): Bump golang.org/x/oauth2 in the go-x group (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2410\"\u003e#2410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/25059cf529eb9c97559ad8cdd8081d71279a61fa\"\u003e\u003ccode\u003e25059cf\u003c/code\u003e\u003c/a\u003e build(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2409\"\u003e#2409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/9da1a586203ec3bbdce0a0d7b84d9b4e737f1674\"\u003e\u003ccode\u003e9da1a58\u003c/code\u003e\u003c/a\u003e build(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/63d5d8ab3bf2deb841d7f07381ea1b548d6cc938\"\u003e\u003ccode\u003e63d5d8a\u003c/code\u003e\u003c/a\u003e Report structured errors in JUnit and CheckStyle XML formatters (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2407\"\u003e#2407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/38cab0564d1cd2b13b550cc37fe64f7efc4c8579\"\u003e\u003ccode\u003e38cab05\u003c/code\u003e\u003c/a\u003e Add JSON configuration file support (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/3bc0bfa3b49cbe3ed6d597cf1e59c2c9383414aa\"\u003e\u003ccode\u003e3bc0bfa\u003c/code\u003e\u003c/a\u003e Pin Cosign version and deprecate Cosign signatures (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2405\"\u003e#2405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/56b6432c25f577a1ab155b2125f57a3ef941ac5f\"\u003e\u003ccode\u003e56b6432\u003c/code\u003e\u003c/a\u003e Alphabetize rulesets in version output (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2404\"\u003e#2404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.19.0 to 4.0.0\n\nUpdates `golangci/golangci-lint` from v2.6.1 to v2.6.2\n\nUpdates `kustomize/kustomize` from v5.7.1 to v5.8.0\n\nUpdates `hashicorp/terraform` from 1.13.5 to 1.14.0\n\nUpdates `mstruebing/editorconfig-checker` from v3.4.1 to v3.5.0\n\nUpdates `rhysd/actionlint` from 1.7.8 to 1.7.9\n\nUpdates `zricethezav/gitleaks` from v8.29.0 to v8.29.1\n\nUpdates `dart` from 3.9.4-sdk to 3.10.1-sdk\n\nUpdates `dotnet/sdk` from 9.0.306-alpine3.22 to 10.0.100-alpine3.22\n\nUpdates `composer/composer` from 2.8.12 to 2.9.2\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7235","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7235","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7235/packages"},{"uuid":"3634259976","node_id":"PR_kwDOHWg4tc6z586w","number":173,"state":"closed","title":"Bump the helm group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-11-30T19:17:49.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-17T17:17:24.000Z","updated_at":"2025-11-30T19:17:50.000Z","time_to_close":1130425,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":4,"packages":[{"name":"sigstore/cosign/cosign","old_version":"v2.6.1","new_version":"v3.0.2"},{"name":"regclient/regctl","old_version":"v0.9.2","new_version":"v0.10.0","repository_url":"https://github.com/regclient/regclient"},{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":null,"ecosystem":"docker"},"body":"Bumps the helm group with 4 updates in the /helm directory: sigstore/cosign/cosign, [regclient/regctl](https://github.com/regclient/regclient), alpine/helm and oras-project/oras.\n\nUpdates `sigstore/cosign/cosign` from v2.6.1 to v3.0.2\n\nUpdates `regclient/regctl` from v0.9.2 to v0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/releases\"\u003eregclient/regctl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0\u003c/h2\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/blob/v0.10.0/release.md\"\u003eregclient/regctl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/c3de9bb7b04ad3cd96bb73bc0c72986b83572d12\"\u003e\u003ccode\u003ec3de9bb\u003c/code\u003e\u003c/a\u003e Release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/76bfe7d9bcbd88f1483bb4f920b32b3e00d7fd98\"\u003e\u003ccode\u003e76bfe7d\u003c/code\u003e\u003c/a\u003e Merge for release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/2a0496d240396e626d9c30aab63064a812735ca7\"\u003e\u003ccode\u003e2a0496d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1009\"\u003e#1009\u003c/a\u003e from sudo-bmitch/pr-update-20251109\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/a0d4757e4e8bc46d942f51abdf48be503a8c8351\"\u003e\u003ccode\u003ea0d4757\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/0ee858b78ed3059b03974093aecd47642e9ec6f6\"\u003e\u003ccode\u003e0ee858b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1008\"\u003e#1008\u003c/a\u003e from sudo-bmitch/pr-regsync-tagsets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/4467caf8b1394a82e947010e154620e60b9c8e32\"\u003e\u003ccode\u003e4467caf\u003c/code\u003e\u003c/a\u003e Feat: Add tagSets to regsync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/9542f8e31e18f98a4a8fb603da9603957d340059\"\u003e\u003ccode\u003e9542f8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1007\"\u003e#1007\u003c/a\u003e from sudo-bmitch/pr-semver-numeric-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/34ca4476bdb8e9bc8102ea44f1a8a1af099bdac6\"\u003e\u003ccode\u003e34ca447\u003c/code\u003e\u003c/a\u003e Fix: Handle semver compare of numeric prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/8699d5ac97f3705e3e1353db94cf08b88aa9fff7\"\u003e\u003ccode\u003e8699d5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1006\"\u003e#1006\u003c/a\u003e from sudo-bmitch/pr-update-20251102\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/64f9773214dad7316917f69b7418aa25f5bbe580\"\u003e\u003ccode\u003e64f9773\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/regclient/regclient/compare/v0.9.2...v0.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/173","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/173","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/173/packages"},{"uuid":"3631278306","node_id":"PR_kwDOHWg4tc6zwEYj","number":170,"state":"open","title":"Bump the helm group in /helm with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-16T23:39:32.000Z","updated_at":"2025-11-17T16:43:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":4,"packages":[{"name":"sigstore/cosign/cosign","old_version":"v3.0.0","new_version":"v3.0.2"},{"name":"regclient/regctl","old_version":"v0.9.2","new_version":"v0.10.0","repository_url":"https://github.com/regclient/regclient"},{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":"/helm","ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the helm group in /helm with 4 updates: sigstore/cosign/cosign, [regclient/regctl](https://github.com/regclient/regclient), alpine/helm and oras-project/oras.\n\nUpdates `sigstore/cosign/cosign` from v3.0.0 to v3.0.2\n\nUpdates `regclient/regctl` from v0.9.2 to v0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/releases\"\u003eregclient/regctl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0\u003c/h2\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/blob/v0.10.0/release.md\"\u003eregclient/regctl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/c3de9bb7b04ad3cd96bb73bc0c72986b83572d12\"\u003e\u003ccode\u003ec3de9bb\u003c/code\u003e\u003c/a\u003e Release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/76bfe7d9bcbd88f1483bb4f920b32b3e00d7fd98\"\u003e\u003ccode\u003e76bfe7d\u003c/code\u003e\u003c/a\u003e Merge for release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/2a0496d240396e626d9c30aab63064a812735ca7\"\u003e\u003ccode\u003e2a0496d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1009\"\u003e#1009\u003c/a\u003e from sudo-bmitch/pr-update-20251109\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/a0d4757e4e8bc46d942f51abdf48be503a8c8351\"\u003e\u003ccode\u003ea0d4757\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/0ee858b78ed3059b03974093aecd47642e9ec6f6\"\u003e\u003ccode\u003e0ee858b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1008\"\u003e#1008\u003c/a\u003e from sudo-bmitch/pr-regsync-tagsets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/4467caf8b1394a82e947010e154620e60b9c8e32\"\u003e\u003ccode\u003e4467caf\u003c/code\u003e\u003c/a\u003e Feat: Add tagSets to regsync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/9542f8e31e18f98a4a8fb603da9603957d340059\"\u003e\u003ccode\u003e9542f8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1007\"\u003e#1007\u003c/a\u003e from sudo-bmitch/pr-semver-numeric-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/34ca4476bdb8e9bc8102ea44f1a8a1af099bdac6\"\u003e\u003ccode\u003e34ca447\u003c/code\u003e\u003c/a\u003e Fix: Handle semver compare of numeric prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/8699d5ac97f3705e3e1353db94cf08b88aa9fff7\"\u003e\u003ccode\u003e8699d5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1006\"\u003e#1006\u003c/a\u003e from sudo-bmitch/pr-update-20251102\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/64f9773214dad7316917f69b7418aa25f5bbe580\"\u003e\u003ccode\u003e64f9773\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/regclient/regclient/compare/v0.9.2...v0.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/170","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/170","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/170/packages"},{"uuid":"3631165341","node_id":"PR_kwDOHWg4tc6zvtkf","number":169,"state":"open","title":"Bump the helm group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-16T21:37:28.000Z","updated_at":"2025-11-16T23:31:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":2,"packages":[{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":null,"ecosystem":"docker"},"body":"Bumps the helm group with 2 updates in the /helm directory: alpine/helm and oras-project/oras.\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/169","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/169","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/169/packages"},{"uuid":"3471448171","node_id":"PR_kwDOFIiuxs6rcaVL","number":1102,"state":"open","title":"build(deps): bump alpine/helm from 3.18.6 to 3.19.0 in /build/package","user":"dependabot[bot]","labels":["dependencies","dockerfile"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T00:01:37.000Z","updated_at":"2025-10-01T00:01:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":"/build/package","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/freight-hub/helm-rollback-web/pull/1102","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/freight-hub%2Fhelm-rollback-web/issues/1102","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1102/packages"},{"uuid":"2830132881","node_id":"PR_kwDOIEhyvc6osGaR","number":291,"state":"closed","title":"build(deps): bump alpine/helm from 3.18.6 to 3.19.0 in /code-server","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-20T07:32:11.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T17:54:22.000Z","updated_at":"2025-09-20T07:32:11.000Z","time_to_close":394669,"merged_at":"2025-09-20T07:32:11.000Z","merged_by":"josephpage","closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":"/code-server","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/octo-technology/docker-images/pull/291","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/octo-technology%2Fdocker-images/issues/291","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/291/packages"},{"uuid":"2829586108","node_id":"PR_kwDOKxsIhc6oqA68","number":981,"state":"open","title":"deps(docker): bump the docker group with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T14:50:09.000Z","updated_at":"2025-09-15T14:50:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":4,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.1","new_version":"1.13.2"},{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0"},{"name":"hashicorp/terraform","old_version":"1.13.1","new_version":"1.13.2"},{"name":"dart","old_version":"3.9.2-sdk","new_version":"3.9.3-sdk"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 4 updates: alpine/terragrunt, alpine/helm, hashicorp/terraform and dart.\n\nUpdates `alpine/terragrunt` from 1.13.1 to 1.13.2\n\nUpdates `alpine/helm` from 3.18.6 to 3.19.0\n\nUpdates `hashicorp/terraform` from 1.13.1 to 1.13.2\n\nUpdates `dart` from 3.9.2-sdk to 3.9.3-sdk\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/khulnasoft-lab/awesome-linter/pull/981","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/khulnasoft-lab%2Fawesome-linter/issues/981","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/981/packages"},{"uuid":"2829446782","node_id":"PR_kwDODOjFv86ope5-","number":7043,"state":"closed","title":"deps(docker): bump the docker group with 3 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-15T18:23:01.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T14:13:12.000Z","updated_at":"2025-09-15T18:23:02.000Z","time_to_close":14989,"merged_at":"2025-09-15T18:23:01.000Z","merged_by":"github-actions[bot]","closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":3,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.1","new_version":"1.13.2"},{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0"},{"name":"dart","old_version":"3.9.2-sdk","new_version":"3.9.3-sdk"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 3 updates: alpine/terragrunt, alpine/helm and dart.\n\nUpdates `alpine/terragrunt` from 1.13.1 to 1.13.2\n\nUpdates `alpine/helm` from 3.18.6 to 3.19.0\n\nUpdates `dart` from 3.9.2-sdk to 3.9.3-sdk\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7043","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7043","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7043/packages"},{"uuid":"3417177381","node_id":"PR_kwDOEE58u86omG3v","number":2469,"state":"open","title":"deps(docker): bump alpine/helm from 3.18.6 to 3.19.0","user":"dependabot[bot]","labels":["dependencies","docker","O: stale 🤖"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-09-15T09:50:43.000Z","updated_at":"2025-10-16T00:03:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/darwinz/super-linter/pull/2469","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/darwinz%2Fsuper-linter/issues/2469","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2469/packages"},{"uuid":"2827700002","node_id":"PR_kwDOF62svs6oi0ci","number":869,"state":"open","title":"Bump alpine/helm from 3.18.4 to 3.19.0 in /tools/dplsh","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T04:03:42.000Z","updated_at":"2025-09-15T04:03:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"alpine/helm","old_version":"3.18.4","new_version":"3.19.0","repository_url":null}],"path":"/tools/dplsh","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.4 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.4\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/danskernesdigitalebibliotek/dpl-platform/pull/869","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danskernesdigitalebibliotek%2Fdpl-platform/issues/869","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/869/packages"}],"issue_packages":[{"old_version":"4.1.4","new_version":"4.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-14T13:34:44.000Z","version_change":"4.1.4 → 4.2.0","issue":{"uuid":"4446321513","node_id":"PR_kwDODOjFv87biUiB","number":7817,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T13:34:44.000Z","updated_at":"2026-05-16T17:16:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":10,"packages":[{"name":"alpine/terragrunt","old_version":"1.14.9","new_version":"1.15.2"},{"name":"terraform-linters/tflint","old_version":"v0.62.0","new_version":"v0.62.1","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"4.1.4","new_version":"4.2.0"},{"name":"golang","old_version":"1.26.2-alpine","new_version":"1.26.3-alpine"},{"name":"golangci/golangci-lint","old_version":"v2.12.0","new_version":"v2.12.2"},{"name":"hashicorp/terraform","old_version":"1.15.0","new_version":"1.15.3"},{"name":"scalameta/scalafmt","old_version":"v3.11.0","new_version":"v3.11.1"},{"name":"dart","old_version":"3.11.5-sdk","new_version":"3.11.6-sdk"},{"name":"dotnet/sdk","old_version":"10.0.203-alpine3.23","new_version":"10.0.300-alpine3.23"},{"name":"composer/composer","old_version":"2.9.7","new_version":"2.9.8"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/terragrunt | `1.14.9` | `1.15.2` |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.62.0` | `v0.62.1` |\n| alpine/helm | `4.1.4` | `4.2.0` |\n| golang | `1.26.2-alpine` | `1.26.3-alpine` |\n| golangci/golangci-lint | `v2.12.0` | `v2.12.2` |\n| hashicorp/terraform | `1.15.0` | `1.15.3` |\n| scalameta/scalafmt | `v3.11.0` | `v3.11.1` |\n| dart | `3.11.5-sdk` | `3.11.6-sdk` |\n| dotnet/sdk | `10.0.203-alpine3.23` | `10.0.300-alpine3.23` |\n| composer/composer | `2.9.7` | `2.9.8` |\n\n\nUpdates `alpine/terragrunt` from 1.14.9 to 1.15.2\n\nUpdates `terraform-linters/tflint` from v0.62.0 to v0.62.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.62.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin: Skip fetching artifact attestations in GHES by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2527\"\u003eterraform-linters/tflint#2527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty from 1.18.0 to 1.18.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2511\"\u003eterraform-linters/tflint#2511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2512\"\u003eterraform-linters/tflint#2512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: deprecate curl pipe bash installation by \u003ca href=\"https://github.com/dbuaon\"\u003e\u003ccode\u003e@​dbuaon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2514\"\u003eterraform-linters/tflint#2514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2516\"\u003eterraform-linters/tflint#2516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/apparentlymart/go-cidr from 1.1.0 to 1.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2517\"\u003eterraform-linters/tflint#2517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2518\"\u003eterraform-linters/tflint#2518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.80.0 to 1.81.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2519\"\u003eterraform-linters/tflint#2519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/hashicorp/go-plugin from 1.7.0 to 1.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2520\"\u003eterraform-linters/tflint#2520\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbuaon\"\u003e\u003ccode\u003e@​dbuaon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2514\"\u003eterraform-linters/tflint#2514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/6a8757f2ce307aed9f786dd4474464c9831bd561\"\u003e\u003ccode\u003e6a8757f\u003c/code\u003e\u003c/a\u003e Bump up version to v0.62.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/714def17e6b8d871397838b6821fc7e1a1ec45fc\"\u003e\u003ccode\u003e714def1\u003c/code\u003e\u003c/a\u003e Bump Go version to 1.26.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/15ffea19b2f8a43f8a14429099b0f3b330f9aed3\"\u003e\u003ccode\u003e15ffea1\u003c/code\u003e\u003c/a\u003e plugin: Skip fetching artifact attestations in GHES (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2527\"\u003e#2527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/4bea52e02e2a78d4e2db4fac8115a98d5d2cb8e6\"\u003e\u003ccode\u003e4bea52e\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/hashicorp/go-plugin from 1.7.0 to 1.8.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2520\"\u003e#2520\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ec9cc04a191bb2721c40247633d5291243bf4327\"\u003e\u003ccode\u003eec9cc04\u003c/code\u003e\u003c/a\u003e build(deps): Bump google.golang.org/grpc from 1.80.0 to 1.81.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2519\"\u003e#2519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/2b779941c6cc0b1048a2a7b57a5ed20f4736a8a5\"\u003e\u003ccode\u003e2b77994\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2518\"\u003e#2518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/bdc9746ab7f6d50b08d372afafcf6aab5bc31bc1\"\u003e\u003ccode\u003ebdc9746\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/apparentlymart/go-cidr from 1.1.0 to 1.1.1 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/2f8ceaa9ef60e497e961ab833506070992248be3\"\u003e\u003ccode\u003e2f8ceaa\u003c/code\u003e\u003c/a\u003e build(deps): Bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2516\"\u003e#2516\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/198db78a0b3f407fd0ce3b8bdd3f4c097e463aa7\"\u003e\u003ccode\u003e198db78\u003c/code\u003e\u003c/a\u003e docs: deprecate curl pipe bash installation (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2514\"\u003e#2514\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ee955afb843a3eea7b463f9f09ce73407465c497\"\u003e\u003ccode\u003eee955af\u003c/code\u003e\u003c/a\u003e build(deps): Bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2512\"\u003e#2512\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.62.0...v0.62.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 4.1.4 to 4.2.0\n\nUpdates `golang` from 1.26.2-alpine to 1.26.3-alpine\n\nUpdates `golangci/golangci-lint` from v2.12.0 to v2.12.2\n\nUpdates `hashicorp/terraform` from 1.15.0 to 1.15.3\n\nUpdates `scalameta/scalafmt` from v3.11.0 to v3.11.1\n\nUpdates `dart` from 3.11.5-sdk to 3.11.6-sdk\n\nUpdates `dotnet/sdk` from 10.0.203-alpine3.23 to 10.0.300-alpine3.23\n\nUpdates `composer/composer` from 2.9.7 to 2.9.8\n","html_url":"https://github.com/super-linter/super-linter/pull/7817","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7817","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7817/packages"}},{"old_version":"4.1.3","new_version":"4.1.4","update_type":"patch","path":null,"pr_created_at":"2026-04-09T07:45:26.000Z","version_change":"4.1.3 → 4.1.4","issue":{"uuid":"4230444420","node_id":"PR_kwDODOjFv87RDYrS","number":7728,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-09T07:45:26.000Z","updated_at":"2026-04-09T07:57:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":2,"packages":[{"name":"alpine/helm","old_version":"4.1.3","new_version":"4.1.4"},{"name":"golang","old_version":"1.26.1-alpine","new_version":"1.26.2-alpine"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 2 updates in the / directory: alpine/helm and golang.\n\nUpdates `alpine/helm` from 4.1.3 to 4.1.4\n\nUpdates `golang` from 1.26.1-alpine to 1.26.2-alpine\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7728","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7728","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7728/packages"}},{"old_version":"3.19.0","new_version":"4.1.3","update_type":"major","path":"/tools/dplsh","pr_created_at":"2026-03-13T04:03:48.000Z","version_change":"3.19.0 → 4.1.3","issue":{"uuid":"4068691575","node_id":"PR_kwDOF62svs7KPb01","number":1074,"state":"closed","title":"Bump alpine/helm from 3.19.0 to 4.1.3 in /tools/dplsh","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-10T04:03:56.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-13T04:03:48.000Z","updated_at":"2026-04-10T04:03:58.000Z","time_to_close":2419208,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.1.3","repository_url":null}],"path":"/tools/dplsh","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.19.0 to 4.1.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.19.0\u0026new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/danskernesdigitalebibliotek/dpl-platform/pull/1074","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danskernesdigitalebibliotek%2Fdpl-platform/issues/1074","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1074/packages"}},{"old_version":"3.14.0","new_version":"4.1.3","update_type":"major","path":"/docker","pr_created_at":"2026-03-12T20:25:50.000Z","version_change":"3.14.0 → 4.1.3","issue":{"uuid":"4067056145","node_id":"PR_kwDOQ_LuD87KKNY5","number":67,"state":"closed","title":"chore(deps): bump alpine/helm from 3.14.0 to 4.1.3 in /docker","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-09T20:25:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-12T20:25:50.000Z","updated_at":"2026-04-09T20:25:53.000Z","time_to_close":2419202,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"alpine/helm","old_version":"3.14.0","new_version":"4.1.3","repository_url":null}],"path":"/docker","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.14.0 to 4.1.3.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.14.0\u0026new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/bmartensNL/Kubarr/pull/67","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bmartensNL%2FKubarr/issues/67","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/67/packages"}},{"old_version":"4.1.0","new_version":"4.1.1","update_type":"patch","path":null,"pr_created_at":"2026-02-11T13:34:25.000Z","version_change":"4.1.0 → 4.1.1","issue":{"uuid":"3926598550","node_id":"PR_kwDODOjFv87DAeN0","number":7508,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-11T13:34:25.000Z","updated_at":"2026-02-12T09:01:08.959Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":8,"packages":[{"name":"terraform-linters/tflint","old_version":"v0.60.0","new_version":"v0.61.0","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"4.1.0","new_version":"4.1.1"},{"name":"golang","old_version":"1.25.6-alpine","new_version":"1.26.0-alpine"},{"name":"golangci/golangci-lint","old_version":"v2.8.0","new_version":"v2.9.0"},{"name":"kustomize/kustomize","old_version":"v5.8.0","new_version":"v5.8.1"},{"name":"scalameta/scalafmt","old_version":"v3.10.6","new_version":"v3.10.7"},{"name":"dart","old_version":"3.10.9-sdk","new_version":"3.11.0-sdk"},{"name":"dotnet/sdk","old_version":"10.0.102-alpine3.23","new_version":"10.0.103-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.60.0` | `v0.61.0` |\n| alpine/helm | `4.1.0` | `4.1.1` |\n| golang | `1.25.6-alpine` | `1.26.0-alpine` |\n| golangci/golangci-lint | `v2.8.0` | `v2.9.0` |\n| kustomize/kustomize | `v5.8.0` | `v5.8.1` |\n| scalameta/scalafmt | `v3.10.6` | `v3.10.7` |\n| dart | `3.10.9-sdk` | `3.11.0-sdk` |\n| dotnet/sdk | `10.0.102-alpine3.23` | `10.0.103-alpine3.23` |\n\n\nUpdates `terraform-linters/tflint` from v0.60.0 to v0.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.61.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eversion\u003c/code\u003e: add update notifications, json output by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2421\"\u003eterraform-linters/tflint#2421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/terraform-linters/tflint-ruleset-terraform from 0.13.0 to 0.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2445\"\u003eterraform-linters/tflint#2445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugin: Enable plugin keyless verification by default by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2453\"\u003eterraform-linters/tflint#2453\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 5.0.0 to 5.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2414\"\u003eterraform-linters/tflint#2414\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2415\"\u003eterraform-linters/tflint#2415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/crypto from 0.44.0 to 0.45.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2416\"\u003eterraform-linters/tflint#2416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.76.0 to 1.77.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2417\"\u003eterraform-linters/tflint#2417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2418\"\u003eterraform-linters/tflint#2418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 5.0.1 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2420\"\u003eterraform-linters/tflint#2420\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 6.0.0 to 6.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2419\"\u003eterraform-linters/tflint#2419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/metadata-action from 5.9.0 to 5.10.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2422\"\u003eterraform-linters/tflint#2422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/hashicorp/go-version from 1.7.0 to 1.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2423\"\u003eterraform-linters/tflint#2423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 6.0.0 to 6.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2425\"\u003eterraform-linters/tflint#2425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/oauth2 from 0.33.0 to 0.34.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2428\"\u003eterraform-linters/tflint#2428\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2426\"\u003eterraform-linters/tflint#2426\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2432\"\u003eterraform-linters/tflint#2432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2433\"\u003eterraform-linters/tflint#2433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for Terraform v1.14 by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2424\"\u003eterraform-linters/tflint#2424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump alpine from 3.22 to 3.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2427\"\u003eterraform-linters/tflint#2427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 3.0.0 to 3.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2437\"\u003eterraform-linters/tflint#2437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2438\"\u003eterraform-linters/tflint#2438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty-yaml from 1.1.0 to 1.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2439\"\u003eterraform-linters/tflint#2439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an integration test for root only traversal by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2436\"\u003eterraform-linters/tflint#2436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.77.0 to 1.78.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2441\"\u003eterraform-linters/tflint#2441\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2444\"\u003eterraform-linters/tflint#2444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 6.1.0 to 6.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2446\"\u003eterraform-linters/tflint#2446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: windows plugin development by \u003ca href=\"https://github.com/Netkracker\"\u003e\u003ccode\u003e@​Netkracker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2334\"\u003eterraform-linters/tflint#2334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2450\"\u003eterraform-linters/tflint#2450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2451\"\u003eterraform-linters/tflint#2451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2452\"\u003eterraform-linters/tflint#2452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/checkout from 6.0.1 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2454\"\u003eterraform-linters/tflint#2454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2455\"\u003eterraform-linters/tflint#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2456\"\u003eterraform-linters/tflint#2456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/login-action from 3.6.0 to 3.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2458\"\u003eterraform-linters/tflint#2458\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Netkracker\"\u003e\u003ccode\u003e@​Netkracker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2334\"\u003eterraform-linters/tflint#2334\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c604bd634554b29602eae507e5a75baebb6365bf\"\u003e\u003ccode\u003ec604bd6\u003c/code\u003e\u003c/a\u003e Bump up version to v0.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c02554689f372d8d168dca3d7ba00f3de4f88ee9\"\u003e\u003ccode\u003ec025546\u003c/code\u003e\u003c/a\u003e plugin: Enable plugin keyless verification by default (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2453\"\u003e#2453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/26e8e15da0cbd8103f29a6490e63fb8b946b164c\"\u003e\u003ccode\u003e26e8e15\u003c/code\u003e\u003c/a\u003e build(deps): Bump docker/login-action from 3.6.0 to 3.7.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2458\"\u003e#2458\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/faa8d1c9baa5e3cad207387225c867b95edbe766\"\u003e\u003ccode\u003efaa8d1c\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/theupdateframework/go-tuf/v2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2456\"\u003e#2456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/013df8b451a0f25dd83e7e7af0dbaa8377770d9e\"\u003e\u003ccode\u003e013df8b\u003c/code\u003e\u003c/a\u003e build(deps): Bump actions/attest-build-provenance from 3.1.0 to 3.2.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2455\"\u003e#2455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/cb7befaf7db2d99be3dee17eca295508d785bd5c\"\u003e\u003ccode\u003ecb7befa\u003c/code\u003e\u003c/a\u003e build(deps): Bump actions/checkout from 6.0.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2454\"\u003e#2454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/e4d1818d700fb2b79df0ae82bd7ec566d5aee5aa\"\u003e\u003ccode\u003ee4d1818\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2452\"\u003e#2452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/ddc122378ad7169e74396ad71a29f5d9cd505469\"\u003e\u003ccode\u003eddc1223\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2451\"\u003e#2451\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/e2cb3f91ea19cd345661383b815dcb0e197f41b5\"\u003e\u003ccode\u003ee2cb3f9\u003c/code\u003e\u003c/a\u003e build(deps): Bump github.com/theupdateframework/go-tuf/v2 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2450\"\u003e#2450\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/7c172c26dcfa15b93a147bd621084539e4d83021\"\u003e\u003ccode\u003e7c172c2\u003c/code\u003e\u003c/a\u003e docs: windows plugin development (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2334\"\u003e#2334\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.60.0...v0.61.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 4.1.0 to 4.1.1\n\nUpdates `golang` from 1.25.6-alpine to 1.26.0-alpine\n\nUpdates `golangci/golangci-lint` from v2.8.0 to v2.9.0\n\nUpdates `kustomize/kustomize` from v5.8.0 to v5.8.1\n\nUpdates `scalameta/scalafmt` from v3.10.6 to v3.10.7\n\nUpdates `dart` from 3.10.9-sdk to 3.11.0-sdk\n\nUpdates `dotnet/sdk` from 10.0.102-alpine3.23 to 10.0.103-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7508","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7508","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7508/packages"}},{"old_version":"3.15.4","new_version":"4.0.5","update_type":"major","path":null,"pr_created_at":"2026-01-19T23:18:42.000Z","version_change":"3.15.4 → 4.0.5","issue":{"uuid":"3831470411","node_id":"PR_kwDOIiGuK86-GW0H","number":360,"state":"closed","title":"deps(docker): bump alpine/helm from 3.15.4 to 4.0.5","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-26T23:42:59.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-19T23:18:42.000Z","updated_at":"2026-01-26T23:43:00.000Z","time_to_close":606257,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.15.4","new_version":"4.0.5","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.15.4 to 4.0.5.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.15.4\u0026new-version=4.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/github_super-linter/pull/360","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Fgithub_super-linter/issues/360","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/360/packages"}},{"old_version":"4.0.4","new_version":"4.0.5","update_type":"patch","path":null,"pr_created_at":"2026-01-16T11:56:35.000Z","version_change":"4.0.4 → 4.0.5","issue":{"uuid":"3821730271","node_id":"PR_kwDODOjFv869mlDO","number":7388,"state":"open","title":"deps(docker): bump the docker group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-01-16T11:56:35.000Z","updated_at":"2026-01-16T12:06:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":5,"packages":[{"name":"alpine/helm","old_version":"4.0.4","new_version":"4.0.5"},{"name":"golang","old_version":"1.25.5-alpine","new_version":"1.26rc2-alpine"},{"name":"goreleaser/goreleaser","old_version":"v2.13.2","new_version":"v2.13.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.12.23-alpine","new_version":"2026.01.12-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dotnet/sdk","old_version":"10.0.101-alpine3.23","new_version":"10.0.102-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/helm | `4.0.4` | `4.0.5` |\n| golang | `1.25.5-alpine` | `1.26rc2-alpine` |\n| goreleaser/goreleaser | `v2.13.2` | `v2.13.3` |\n| [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) | `2025.12.23-alpine` | `2026.01.12-alpine` |\n| dotnet/sdk | `10.0.101-alpine3.23` | `10.0.102-alpine3.23` |\n\n\nUpdates `alpine/helm` from 4.0.4 to 4.0.5\n\nUpdates `golang` from 1.25.5-alpine to 1.26rc2-alpine\n\nUpdates `goreleaser/goreleaser` from v2.13.2 to v2.13.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.12.23-alpine to 2026.01.12-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2026.01.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd type checking for sorted-map-by, sorted-set, and sorted-set-by by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2694\"\u003eclj-kondo/clj-kondo#2694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure array functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2697\"\u003eclj-kondo/clj-kondo#2697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2695\"\u003e#2695\u003c/a\u003e: false positive in leiningen project.clj with unquote by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2698\"\u003eclj-kondo/clj-kondo#2698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2700\"\u003eclj-kondo/clj-kondo#2700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd new linter for eager :or expressions in mapping in destructuring by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2702\"\u003eclj-kondo/clj-kondo#2702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Detect unused :excluded vars (\u003ccode\u003e:unused-excluded-var\u003c/code\u003e) by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2679\"\u003eclj-kondo/clj-kondo#2679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRename linter for unresolved excluded vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2705\"\u003eclj-kondo/clj-kondo#2705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add linter for superfluous primitive coercion calls by \u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2710\"\u003eclj-kondo/clj-kondo#2710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix unused value linter for defmethod bodies by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2714\"\u003eclj-kondo/clj-kondo#2714\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix regression for unused binding warnings by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2715\"\u003eclj-kondo/clj-kondo#2715\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e handling for ignored vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2717\"\u003eclj-kondo/clj-kondo#2717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister list in call position as not a function by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2718\"\u003eclj-kondo/clj-kondo#2718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant format linter and tests by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2716\"\u003eclj-kondo/clj-kondo#2716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix arities for comp so type mismatches are found by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2720\"\u003eclj-kondo/clj-kondo#2720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure test functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2706\"\u003eclj-kondo/clj-kondo#2706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify code by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2721\"\u003eclj-kondo/clj-kondo#2721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd clojure.test/is for condition always true linter by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2722\"\u003eclj-kondo/clj-kondo#2722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt excluded msg by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2724\"\u003eclj-kondo/clj-kondo#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTighten up type checking for second arg of -in fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2726\"\u003eclj-kondo/clj-kondo#2726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd class type and type checking support by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2725\"\u003eclj-kondo/clj-kondo#2725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function by \u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump to GraalVM 25 by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2728\"\u003eclj-kondo/clj-kondo#2728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2739\"\u003e#2739\u003c/a\u003e: Extend \u003ccode\u003e:equals-expected-position\u003c/code\u003e linter to also warn for \u003ccode\u003enot=\u003c/code\u003e when expected value is not first (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2734\"\u003e#2734\u003c/a\u003e: NEW linter: \u003ccode\u003e:aliased-referred-var\u003c/code\u003e, which warns when a var is both referred and accessed via an alias in the same namespace. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2732\"\u003e#2732\u003c/a\u003e: \u003ccode\u003eunreachable-code\u003c/code\u003e: warn when \u003ccode\u003e:default\u003c/code\u003e does not come last in reader conditionals (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2735\"\u003e#2735\u003c/a\u003e: NEW linter: \u003ccode\u003e:duplicate-refer\u003c/code\u003e which warns on duplicate entries in \u003ccode\u003e:refer\u003c/code\u003e of \u003ccode\u003e:require\u003c/code\u003e. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estr/replace\u003c/code\u003e false positive and tighten comp ret type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2729\"\u003e#2729\u003c/a\u003e: Check for arity mismatch for bound vectors, sets \u0026amp; maps, not just literals (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003einst\u003c/code\u003e and type checking support for \u003ccode\u003einst-ms\u003c/code\u003e and \u003ccode\u003einst-ms*\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2026.01.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2712\"\u003e#2712\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-format\u003c/code\u003e to warn when format strings contain no format specifiers (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2709\"\u003e#2709\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-primitive-coercion\u003c/code\u003e to warn when primitive coercion functions are applied to expressions already of that type (\u003ca href=\"https://github.com/hugod\"\u003e\u003ccode\u003e@​hugod\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2600\"\u003e#2600\u003c/a\u003e: NEW linter: \u003ccode\u003eunused-excluded-var\u003c/code\u003e to warn on unused vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2459\"\u003e#2459\u003c/a\u003e: NEW linter: \u003ccode\u003e:destructured-or-always-evaluates\u003c/code\u003e to warn on s-expressions in \u003ccode\u003e:or\u003c/code\u003e defaults in map destructuring (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChange second arg for assoc-in, get-in and update-in to be sequential, not just seqable (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e:condition-always-true\u003c/code\u003e finding was adding full context into findigns (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2340\"\u003e#2340\u003c/a\u003e: Extend \u003ccode\u003e:condition-always-true\u003c/code\u003e linter to check first argument of \u003ccode\u003eclojure.test/is\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2719\"\u003e#2719\u003c/a\u003e: Fix: \u003ccode\u003ecomp\u003c/code\u003e args are now properly type checked (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2692\"\u003e#2692\u003c/a\u003e: Lint quoted forms which are not functions (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2691\"\u003e#2691\u003c/a\u003e: Fix: \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e now properly ignores elements with \u003ccode\u003e#_\u003c/code\u003e (e.g. \u003ccode\u003e#_:clj-kondo/ignore comp2\u003c/code\u003e) \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2713\"\u003e#2713\u003c/a\u003e: Fix regression: getting unused binding warning in \u003ccode\u003e~'~\u003c/code\u003e unquote expressions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2711\"\u003e#2711\u003c/a\u003e: Unused value inside \u003ccode\u003edefmethod\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for \u003ccode\u003esorted-map-by\u003c/code\u003e, \u003ccode\u003esorted-set\u003c/code\u003e, and \u003ccode\u003esorted-set-by\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003earray\u003c/code\u003e and type checking support for the next functions: \u003ccode\u003eto-array\u003c/code\u003e, \u003ccode\u003ealength\u003c/code\u003e, \u003ccode\u003eaget\u003c/code\u003e, \u003ccode\u003easet\u003c/code\u003e and \u003ccode\u003eaclone\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003eclass\u003c/code\u003e and type checking support for class-related functions: \u003ccode\u003einstance?\u003c/code\u003e, \u003ccode\u003ecast\u003c/code\u003e, \u003ccode\u003eclass\u003c/code\u003e, \u003ccode\u003emake-array\u003c/code\u003e, \u003ccode\u003ebases\u003c/code\u003e and \u003ccode\u003esupers\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for clojure.test functions and macros (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2696\"\u003e#2695\u003c/a\u003e: false positive \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e in leiningen's \u003ccode\u003edefproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLeiningen's \u003ccode\u003edefproject\u003c/code\u003e behavior can now be configured using \u003ccode\u003eleiningen.core.project/defproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a50babed55077b31ec3e77bc4448f42e9e4c4f6d\"\u003e\u003ccode\u003ea50babe\u003c/code\u003e\u003c/a\u003e v2026.01.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d2b7ffbe283c556605a7f62d3c1a7008c52e6113\"\u003e\u003ccode\u003ed2b7ffb\u003c/code\u003e\u003c/a\u003e Bump to GraalVM 25 (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2728\"\u003e#2728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a5c40dc40cdf3df180f37a9b7e45fc085dadc2ad\"\u003e\u003ccode\u003ea5c40dc\u003c/code\u003e\u003c/a\u003e Update documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2727\"\u003e#2727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca640af7714d75a108b38d7a5078482b81758c6b\"\u003e\u003ccode\u003eca640af\u003c/code\u003e\u003c/a\u003e Add class type and type checking support (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2725\"\u003e#2725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/2bfb137b9de9122186461bd66fe5f0b8417281fa\"\u003e\u003ccode\u003e2bfb137\u003c/code\u003e\u003c/a\u003e Tighten up type checking for second arg of -in fns (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2726\"\u003e#2726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/b4d542eaf9f6a30269a6f81423a222a9e6398e57\"\u003e\u003ccode\u003eb4d542e\u003c/code\u003e\u003c/a\u003e Adapt excluded msg (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2724\"\u003e#2724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a70eb61c7f36217b3db8b45dcd0085f364a370b8\"\u003e\u003ccode\u003ea70eb61\u003c/code\u003e\u003c/a\u003e Add clojure.test/is for condition always true linter (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2722\"\u003e#2722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/3ae3cd0b8ff82c3b489fc78a4305720491e06c88\"\u003e\u003ccode\u003e3ae3cd0\u003c/code\u003e\u003c/a\u003e Simplify code (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2721\"\u003e#2721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/699ed8c1b4f9cf840d6c381d43a38d7de38da94b\"\u003e\u003ccode\u003e699ed8c\u003c/code\u003e\u003c/a\u003e Temp findings update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/86df5800f173056a8d233fadfcb76f41757d2cbf\"\u003e\u003ccode\u003e86df580\u003c/code\u003e\u003c/a\u003e Add type checking for Clojure test functions (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotnet/sdk` from 10.0.101-alpine3.23 to 10.0.102-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7388","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7388","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7388/packages"}},{"old_version":"4.0.4","new_version":"4.0.5","update_type":"patch","path":null,"pr_created_at":"2026-01-15T13:34:14.000Z","version_change":"4.0.4 → 4.0.5","issue":{"uuid":"3817598887","node_id":"PR_kwDODOjFv869Yu9e","number":7384,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-01-16T11:56:29.000Z","author_association":null,"state_reason":null,"created_at":"2026-01-15T13:34:14.000Z","updated_at":"2026-01-16T11:56:31.000Z","time_to_close":80535,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":4,"packages":[{"name":"alpine/helm","old_version":"4.0.4","new_version":"4.0.5"},{"name":"goreleaser/goreleaser","old_version":"v2.13.2","new_version":"v2.13.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.12.23-alpine","new_version":"2026.01.12-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dotnet/sdk","old_version":"10.0.101-alpine3.23","new_version":"10.0.102-alpine3.23"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 4 updates in the / directory: alpine/helm, goreleaser/goreleaser, [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) and dotnet/sdk.\n\nUpdates `alpine/helm` from 4.0.4 to 4.0.5\n\nUpdates `goreleaser/goreleaser` from v2.13.2 to v2.13.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.12.23-alpine to 2026.01.12-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2026.01.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd type checking for sorted-map-by, sorted-set, and sorted-set-by by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2694\"\u003eclj-kondo/clj-kondo#2694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure array functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2697\"\u003eclj-kondo/clj-kondo#2697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2695\"\u003e#2695\u003c/a\u003e: false positive in leiningen project.clj with unquote by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2698\"\u003eclj-kondo/clj-kondo#2698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2700\"\u003eclj-kondo/clj-kondo#2700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd new linter for eager :or expressions in mapping in destructuring by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2702\"\u003eclj-kondo/clj-kondo#2702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Detect unused :excluded vars (\u003ccode\u003e:unused-excluded-var\u003c/code\u003e) by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2679\"\u003eclj-kondo/clj-kondo#2679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRename linter for unresolved excluded vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2705\"\u003eclj-kondo/clj-kondo#2705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add linter for superfluous primitive coercion calls by \u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2710\"\u003eclj-kondo/clj-kondo#2710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix unused value linter for defmethod bodies by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2714\"\u003eclj-kondo/clj-kondo#2714\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix regression for unused binding warnings by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2715\"\u003eclj-kondo/clj-kondo#2715\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e handling for ignored vars by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2717\"\u003eclj-kondo/clj-kondo#2717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRegister list in call position as not a function by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2718\"\u003eclj-kondo/clj-kondo#2718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant format linter and tests by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2716\"\u003eclj-kondo/clj-kondo#2716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix arities for comp so type mismatches are found by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2720\"\u003eclj-kondo/clj-kondo#2720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd type checking for Clojure test functions by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2706\"\u003eclj-kondo/clj-kondo#2706\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify code by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2721\"\u003eclj-kondo/clj-kondo#2721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd clojure.test/is for condition always true linter by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2722\"\u003eclj-kondo/clj-kondo#2722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdapt excluded msg by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2724\"\u003eclj-kondo/clj-kondo#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTighten up type checking for second arg of -in fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2726\"\u003eclj-kondo/clj-kondo#2726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd class type and type checking support by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2725\"\u003eclj-kondo/clj-kondo#2725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function by \u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump to GraalVM 25 by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2728\"\u003eclj-kondo/clj-kondo#2728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidyang\"\u003e\u003ccode\u003e@​davidyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2727\"\u003eclj-kondo/clj-kondo#2727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2739\"\u003e#2739\u003c/a\u003e: Extend \u003ccode\u003e:equals-expected-position\u003c/code\u003e linter to also warn for \u003ccode\u003enot=\u003c/code\u003e when expected value is not first (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2734\"\u003e#2734\u003c/a\u003e: NEW linter: \u003ccode\u003e:aliased-referred-var\u003c/code\u003e, which warns when a var is both referred and accessed via an alias in the same namespace. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2732\"\u003e#2732\u003c/a\u003e: \u003ccode\u003eunreachable-code\u003c/code\u003e: warn when \u003ccode\u003e:default\u003c/code\u003e does not come last in reader conditionals (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2735\"\u003e#2735\u003c/a\u003e: NEW linter: \u003ccode\u003e:duplicate-refer\u003c/code\u003e which warns on duplicate entries in \u003ccode\u003e:refer\u003c/code\u003e of \u003ccode\u003e:require\u003c/code\u003e. (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estr/replace\u003c/code\u003e false positive and tighten comp ret type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2729\"\u003e#2729\u003c/a\u003e: Check for arity mismatch for bound vectors, sets \u0026amp; maps, not just literals (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003einst\u003c/code\u003e and type checking support for \u003ccode\u003einst-ms\u003c/code\u003e and \u003ccode\u003einst-ms*\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2026.01.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2712\"\u003e#2712\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-format\u003c/code\u003e to warn when format strings contain no format specifiers (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2709\"\u003e#2709\u003c/a\u003e: NEW linter: \u003ccode\u003e:redundant-primitive-coercion\u003c/code\u003e to warn when primitive coercion functions are applied to expressions already of that type (\u003ca href=\"https://github.com/hugod\"\u003e\u003ccode\u003e@​hugod\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2600\"\u003e#2600\u003c/a\u003e: NEW linter: \u003ccode\u003eunused-excluded-var\u003c/code\u003e to warn on unused vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2459\"\u003e#2459\u003c/a\u003e: NEW linter: \u003ccode\u003e:destructured-or-always-evaluates\u003c/code\u003e to warn on s-expressions in \u003ccode\u003e:or\u003c/code\u003e defaults in map destructuring (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChange second arg for assoc-in, get-in and update-in to be sequential, not just seqable (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e:condition-always-true\u003c/code\u003e finding was adding full context into findigns (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2340\"\u003e#2340\u003c/a\u003e: Extend \u003ccode\u003e:condition-always-true\u003c/code\u003e linter to check first argument of \u003ccode\u003eclojure.test/is\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2719\"\u003e#2719\u003c/a\u003e: Fix: \u003ccode\u003ecomp\u003c/code\u003e args are now properly type checked (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2692\"\u003e#2692\u003c/a\u003e: Lint quoted forms which are not functions (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2691\"\u003e#2691\u003c/a\u003e: Fix: \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e now properly ignores elements with \u003ccode\u003e#_\u003c/code\u003e (e.g. \u003ccode\u003e#_:clj-kondo/ignore comp2\u003c/code\u003e) \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2713\"\u003e#2713\u003c/a\u003e: Fix regression: getting unused binding warning in \u003ccode\u003e~'~\u003c/code\u003e unquote expressions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2711\"\u003e#2711\u003c/a\u003e: Unused value inside \u003ccode\u003edefmethod\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for \u003ccode\u003esorted-map-by\u003c/code\u003e, \u003ccode\u003esorted-set\u003c/code\u003e, and \u003ccode\u003esorted-set-by\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003earray\u003c/code\u003e and type checking support for the next functions: \u003ccode\u003eto-array\u003c/code\u003e, \u003ccode\u003ealength\u003c/code\u003e, \u003ccode\u003eaget\u003c/code\u003e, \u003ccode\u003easet\u003c/code\u003e and \u003ccode\u003eaclone\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd new type \u003ccode\u003eclass\u003c/code\u003e and type checking support for class-related functions: \u003ccode\u003einstance?\u003c/code\u003e, \u003ccode\u003ecast\u003c/code\u003e, \u003ccode\u003eclass\u003c/code\u003e, \u003ccode\u003emake-array\u003c/code\u003e, \u003ccode\u003ebases\u003c/code\u003e and \u003ccode\u003esupers\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd type checking support for clojure.test functions and macros (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2696\"\u003e#2695\u003c/a\u003e: false positive \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e in leiningen's \u003ccode\u003edefproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLeiningen's \u003ccode\u003edefproject\u003c/code\u003e behavior can now be configured using \u003ccode\u003eleiningen.core.project/defproject\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2699\"\u003e#2699\u003c/a\u003e: fix false positive unresolved string var with extend-type on CLJS\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a50babed55077b31ec3e77bc4448f42e9e4c4f6d\"\u003e\u003ccode\u003ea50babe\u003c/code\u003e\u003c/a\u003e v2026.01.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d2b7ffbe283c556605a7f62d3c1a7008c52e6113\"\u003e\u003ccode\u003ed2b7ffb\u003c/code\u003e\u003c/a\u003e Bump to GraalVM 25 (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2728\"\u003e#2728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a5c40dc40cdf3df180f37a9b7e45fc085dadc2ad\"\u003e\u003ccode\u003ea5c40dc\u003c/code\u003e\u003c/a\u003e Update documentation for \u003ccode\u003ereg-keyword!\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2727\"\u003e#2727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca640af7714d75a108b38d7a5078482b81758c6b\"\u003e\u003ccode\u003eca640af\u003c/code\u003e\u003c/a\u003e Add class type and type checking support (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2725\"\u003e#2725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/2bfb137b9de9122186461bd66fe5f0b8417281fa\"\u003e\u003ccode\u003e2bfb137\u003c/code\u003e\u003c/a\u003e Tighten up type checking for second arg of -in fns (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2726\"\u003e#2726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/b4d542eaf9f6a30269a6f81423a222a9e6398e57\"\u003e\u003ccode\u003eb4d542e\u003c/code\u003e\u003c/a\u003e Adapt excluded msg (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2724\"\u003e#2724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/a70eb61c7f36217b3db8b45dcd0085f364a370b8\"\u003e\u003ccode\u003ea70eb61\u003c/code\u003e\u003c/a\u003e Add clojure.test/is for condition always true linter (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2722\"\u003e#2722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/3ae3cd0b8ff82c3b489fc78a4305720491e06c88\"\u003e\u003ccode\u003e3ae3cd0\u003c/code\u003e\u003c/a\u003e Simplify code (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2721\"\u003e#2721\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/699ed8c1b4f9cf840d6c381d43a38d7de38da94b\"\u003e\u003ccode\u003e699ed8c\u003c/code\u003e\u003c/a\u003e Temp findings update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/86df5800f173056a8d233fadfcb76f41757d2cbf\"\u003e\u003ccode\u003e86df580\u003c/code\u003e\u003c/a\u003e Add type checking for Clojure test functions (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.12.23...v2026.01.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotnet/sdk` from 10.0.101-alpine3.23 to 10.0.102-alpine3.23\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7384","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7384","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7384/packages"}},{"old_version":"4.0.0","new_version":"4.0.4","update_type":"patch","path":null,"pr_created_at":"2025-12-23T14:07:39.000Z","version_change":"4.0.0 → 4.0.4","issue":{"uuid":"3757500742","node_id":"PR_kwDOJbs5-s66Vg3s","number":168,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-23T16:58:43.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-23T14:07:39.000Z","updated_at":"2025-12-23T16:58:45.000Z","time_to_close":10264,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":5,"packages":[{"name":"alpine/helm","old_version":"4.0.0","new_version":"4.0.4"},{"name":"hashicorp/terraform","old_version":"1.14.2","new_version":"1.14.3"},{"name":"clj-kondo/clj-kondo","old_version":"2025.10.23-alpine","new_version":"2025.12.23-alpine","repository_url":"https://github.com/clj-kondo/clj-kondo"},{"name":"dart","old_version":"3.10.4-sdk","new_version":"3.10.6-sdk"},{"name":"aquasecurity/trivy","old_version":"0.68.1","new_version":"0.68.2","repository_url":"https://github.com/aquasecurity/trivy"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/helm | `4.0.0` | `4.0.4` |\n| hashicorp/terraform | `1.14.2` | `1.14.3` |\n| [clj-kondo/clj-kondo](https://github.com/clj-kondo/clj-kondo) | `2025.10.23-alpine` | `2025.12.23-alpine` |\n| dart | `3.10.4-sdk` | `3.10.6-sdk` |\n| [aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.68.1` | `0.68.2` |\n\n\nUpdates `alpine/helm` from 4.0.0 to 4.0.4\n\nUpdates `hashicorp/terraform` from 1.14.2 to 1.14.3\n\nUpdates `clj-kondo/clj-kondo` from 2025.10.23-alpine to 2025.12.23-alpine\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/releases\"\u003eclj-kondo/clj-kondo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2025.12.23\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2651\"\u003e#2651\u003c/a\u003e: resume linting after paren mismatches by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2652\"\u003eclj-kondo/clj-kondo#2652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDuplicate key args for associative fns by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2650\"\u003eclj-kondo/clj-kondo#2650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix inner class normalization by \u003ca href=\"https://github.com/ericdallo\"\u003e\u003ccode\u003e@​ericdallo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2657\"\u003eclj-kondo/clj-kondo#2657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude inner classes by \u003ca href=\"https://github.com/ericdallo\"\u003e\u003ccode\u003e@​ericdallo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2658\"\u003eclj-kondo/clj-kondo#2658\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade fs by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2659\"\u003eclj-kondo/clj-kondo#2659\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCircle config by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2662\"\u003eclj-kondo/clj-kondo#2662\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2532\"\u003e#2532\u003c/a\u003e: ignore duplicate require icm :reload/:reload-all by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2663\"\u003eclj-kondo/clj-kondo#2663\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2432\"\u003e#2432\u003c/a\u003e: don't warn for redundant-fn-wrapper in case of inlined fun… by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2664\"\u003eclj-kondo/clj-kondo#2664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd redundant-let-binding linter by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2655\"\u003eclj-kondo/clj-kondo#2655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2599\"\u003e#2599\u003c/a\u003e: Detect wrong no. of arguments passed to coll by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2665\"\u003eclj-kondo/clj-kondo#2665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix linter.md entry for redundant-let-binding by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2667\"\u003eclj-kondo/clj-kondo#2667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: redundant-call's level check didn't work by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2670\"\u003eclj-kondo/clj-kondo#2670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2661\"\u003e#2661\u003c/a\u003e: recur in tail position in core.match by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2672\"\u003eclj-kondo/clj-kondo#2672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2617\"\u003e#2617\u003c/a\u003e - Add types for \u003ccode\u003erepeatedly\u003c/code\u003e function by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2674\"\u003eclj-kondo/clj-kondo#2674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2653\"\u003e#2653\u003c/a\u003e: detect unquote that isn't syntax-quoted by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2681\"\u003eclj-kondo/clj-kondo#2681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLint trailing varargs syntax errs, lint varargs errs in let bindings by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2669\"\u003eclj-kondo/clj-kondo#2669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake all :keys bindings symbols, not keywords by \u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2682\"\u003eclj-kondo/clj-kondo#2682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2683\"\u003e#2683\u003c/a\u003e: ex-info data may be nil by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2685\"\u003eclj-kondo/clj-kondo#2685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Add handling for unresolved namespaces in maps by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2686\"\u003eclj-kondo/clj-kondo#2686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ratio type support for numerator and denominator by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2684\"\u003eclj-kondo/clj-kondo#2684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e - Add linter for non-existing vars in refer-clojure by \u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2675\"\u003eclj-kondo/clj-kondo#2675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump clojurescript by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2688\"\u003eclj-kondo/clj-kondo#2688\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: :refer-global and :require-global by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2689\"\u003eclj-kondo/clj-kondo#2689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e: support inline configs in .cljc files by \u003ca href=\"https://github.com/borkdude\"\u003e\u003ccode\u003e@​borkdude\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2690\"\u003eclj-kondo/clj-kondo#2690\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2674\"\u003eclj-kondo/clj-kondo#2674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\"\u003ehttps://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/CHANGELOG.md\"\u003eclj-kondo/clj-kondo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eFor a list of breaking changes, check \u003ca href=\"https://github.com/clj-kondo/clj-kondo/blob/master/#breaking-changes\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo\"\u003eClj-kondo\u003c/a\u003e: static analyzer and linter for Clojure code that sparks joy ✨\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e2025.12.23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2654\"\u003e#2654\u003c/a\u003e: NEW linter: \u003ccode\u003eredundant-let-binding\u003c/code\u003e, defaults to \u003ccode\u003e:off\u003c/code\u003e (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2653\"\u003e#2653\u003c/a\u003e: NEW linter: \u003ccode\u003e:unquote-not-syntax-quoted\u003c/code\u003e to warn on \u003ccode\u003e~\u003c/code\u003e and \u003ccode\u003e~@\u003c/code\u003e usage outside syntax-quote (\u003ccode\u003e`\u003c/code\u003e) (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e: NEW linter: \u003ccode\u003e:refer-clojure-exclude-unresolved-var\u003c/code\u003e to warn on non-existing vars in \u003ccode\u003e:refer-clojure :exclude\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2668\"\u003e#2668\u003c/a\u003e: Lint \u003ccode\u003e\u0026amp;\u003c/code\u003e syntax errors in let bindings and lint for trailing \u003ccode\u003e\u0026amp;\u003c/code\u003e (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2590\"\u003e#2590\u003c/a\u003e: \u003ccode\u003eduplicate-key-in-assoc\u003c/code\u003e changed to \u003ccode\u003eduplicate-key-args\u003c/code\u003e, and now lints \u003ccode\u003edissoc\u003c/code\u003e, \u003ccode\u003eassoc!\u003c/code\u003e and \u003ccode\u003edissoc!\u003c/code\u003e too (\u003ca href=\"https://github.com/tomdl89\"\u003e\u003ccode\u003e@​tomdl89\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2651\"\u003e#2651\u003c/a\u003e: resume linting after paren mismatches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clojure-lsp/clojure-lsp/issues/2157\"\u003eclojure-lsp#2651\u003c/a\u003e: Fix inner class name for java-class-definitions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clojure-lsp/clojure-lsp/issues/2157\"\u003eclojure-lsp#2651\u003c/a\u003e: Include inner class java-class-definition analysis.\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003ebabashka/fs\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2532\"\u003e#2532\u003c/a\u003e: Disable \u003ccode\u003e:duplicate-require\u003c/code\u003e in \u003ccode\u003erequire\u003c/code\u003e + \u003ccode\u003e:reload\u003c/code\u003e / \u003ccode\u003e:reload-all\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2432\"\u003e#2432\u003c/a\u003e: Don't warn for \u003ccode\u003e:redundant-fn-wrapper\u003c/code\u003e in case of inlined function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2599\"\u003e#2599\u003c/a\u003e: detect invalid arity for invoking collection as higher order function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2661\"\u003e#2661\u003c/a\u003e: Fix false positive \u003ccode\u003e:unexpected-recur\u003c/code\u003e when \u003ccode\u003erecur\u003c/code\u003e is used inside \u003ccode\u003eclojure.core.match/match\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2617\"\u003e#2617\u003c/a\u003e: Add types for \u003ccode\u003erepeatedly\u003c/code\u003e (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e:ratio\u003c/code\u003e type support for \u003ccode\u003enumerator\u003c/code\u003e and \u003ccode\u003edenominator\u003c/code\u003e functions (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Report unresolved namespace for namespaced maps with unknown aliases (\u003ca href=\"https://github.com/jramosg\"\u003e\u003ccode\u003e@​jramosg\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2683\"\u003e#2683\u003c/a\u003e: data argument of \u003ccode\u003eex-info\u003c/code\u003e may be nil since clojure 1.12\u003c/li\u003e\n\u003cli\u003eBump built-in ClojureScript analysis info\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: support new \u003ccode\u003e:refer-global\u003c/code\u003e and \u003ccode\u003e:require-global\u003c/code\u003e ns options in CLJS\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2554\u003c/a\u003e: support inline configs in \u003ccode\u003e.cljc\u003c/code\u003e files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2025.10.23\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2590\"\u003e#2590\u003c/a\u003e: NEW linter: \u003ccode\u003eduplicate-key-in-assoc\u003c/code\u003e, defaults to \u003ccode\u003e:warning\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2639\"\u003e#2639\u003c/a\u003e: NEW \u003ccode\u003e:equals-nil\u003c/code\u003e linter to detect \u003ccode\u003e(= nil x)\u003c/code\u003e or \u003ccode\u003e(= x nil)\u003c/code\u003e patterns and suggest \u003ccode\u003e(nil? x)\u003c/code\u003e instead (\u003ca href=\"https://github.com/conao3\"\u003e\u003ccode\u003e@​conao3\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2633\"\u003e#2633\u003c/a\u003e: support new \u003ccode\u003edefparkingop\u003c/code\u003e macro in core.async alpha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/pull/2635\"\u003e#2635\u003c/a\u003e: Add \u003ccode\u003e:interface\u003c/code\u003e flag to \u003ccode\u003e:flags\u003c/code\u003e set in \u003ccode\u003e:java-class-definitions\u003c/code\u003e analysis output to distinguish Java interfaces from classes (\u003ca href=\"https://github.com/hugoduncan\"\u003e\u003ccode\u003e@​hugoduncan\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2636\"\u003e#2636\u003c/a\u003e: set global SCI context so hooks can use \u003ccode\u003erequiring-resolve\u003c/code\u003e etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2641\"\u003e#2641\u003c/a\u003e: fix linting of \u003ccode\u003edef\u003c/code\u003e body, no results due to laziness bug\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ca54a322fc860b85cc17f029910a4ec8ad3a8060\"\u003e\u003ccode\u003eca54a32\u003c/code\u003e\u003c/a\u003e v2025.12.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/e18de6534a65a078c43cc87e4e4ad4f66b06f3e0\"\u003e\u003ccode\u003ee18de65\u003c/code\u003e\u003c/a\u003e Minor tweak\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/1c599194c7a5995b369d312e0d5f5f538fef70d0\"\u003e\u003ccode\u003e1c59919\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2554\"\u003e#2554\u003c/a\u003e: wrong issue number mentioned in previous commit, \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/8d9d24f1043eab2878770c271e36d22d3f7e3e94\"\u003e\u003ccode\u003e8d9d24f\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2544\"\u003e#2544\u003c/a\u003e: support inline configs in .cljc files (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2690\"\u003e#2690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/d002f6af84fccd427786568d4821b4225013ff16\"\u003e\u003ccode\u003ed002f6a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: addendum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/f73abcaeed22288c8103ac5074646558b2dd9075\"\u003e\u003ccode\u003ef73abca\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2687\"\u003e#2687\u003c/a\u003e: :refer-global and :require-global (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2689\"\u003e#2689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/c802e14ec8c5a1bebb3929068f4ada61f7b1b484\"\u003e\u003ccode\u003ec802e14\u003c/code\u003e\u003c/a\u003e Bump clojurescript (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2688\"\u003e#2688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/53cba064390edc1e8e3910ec8cce13bf003ba61f\"\u003e\u003ccode\u003e53cba06\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2613\"\u003e#2613\u003c/a\u003e - Add linter for non-existing vars in refer-clojure (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2675\"\u003e#2675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/29709fd0cb2b7d29055aff55ea9782decb58c153\"\u003e\u003ccode\u003e29709fd\u003c/code\u003e\u003c/a\u003e Add ratio type support for numerator and denominator (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2684\"\u003e#2684\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/clj-kondo/clj-kondo/commit/ac3d2121dfc774289b6385be78e86cb31ec32172\"\u003e\u003ccode\u003eac3d212\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2676\"\u003e#2676\u003c/a\u003e: Add handling for unresolved namespaces in maps (\u003ca href=\"https://redirect.github.com/clj-kondo/clj-kondo/issues/2686\"\u003e#2686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/clj-kondo/clj-kondo/compare/v2025.10.23...v2025.12.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dart` from 3.10.4-sdk to 3.10.6-sdk\n\nUpdates `aquasecurity/trivy` from 0.68.1 to 0.68.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003eaquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.68.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e0c40a8d4b9b943f1b679a20f8ba3cb61c94831de release: v0.68.2 [release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9950\"\u003e#9950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edb2894561daa20301eb144cad467d75d8a3d2647 fix(deps): bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9949\"\u003e#9949\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/v0.68.2/CHANGELOG.md\"\u003eaquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.68.1...v0.68.2\"\u003e0.68.2\u003c/a\u003e (2025-12-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9949\"\u003e#9949\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/db2894561daa20301eb144cad467d75d8a3d2647\"\u003edb28945\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/0c40a8d4b9b943f1b679a20f8ba3cb61c94831de\"\u003e\u003ccode\u003e0c40a8d\u003c/code\u003e\u003c/a\u003e release: v0.68.2 [release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9950\"\u003e#9950\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/db2894561daa20301eb144cad467d75d8a3d2647\"\u003e\u003ccode\u003edb28945\u003c/code\u003e\u003c/a\u003e fix(deps): bump alpine from \u003ccode\u003e3.22.1\u003c/code\u003e to \u003ccode\u003e3.23.0\u003c/code\u003e [backport: release/v0.68] (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/dc28f242809c076e63527866f44ad3d6b5229e80\"\u003e\u003ccode\u003edc28f24\u003c/code\u003e\u003c/a\u003e ci: enable \u003ccode\u003echeck-latest\u003c/code\u003e for \u003ccode\u003esetup-go\u003c/code\u003e [backport: release/v0.68] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9946\"\u003e#9946\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.68.1...v0.68.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/actions-marketplace-validations/super-linter_super-linter/pull/168","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions-marketplace-validations%2Fsuper-linter_super-linter/issues/168","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/168/packages"}},{"old_version":"3.19.0","new_version":"4.0.0","update_type":"major","path":null,"pr_created_at":"2025-11-24T21:22:14.000Z","version_change":"3.19.0 → 4.0.0","issue":{"uuid":"3660575085","node_id":"PR_kwDOMe3dxs61Sc4l","number":1216,"state":"open","title":"deps(docker): bump alpine/helm from 3.19.0 to 4.0.0","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-24T21:22:14.000Z","updated_at":"2025-12-01T23:53:53.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.0.0","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.19.0 to 4.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.19.0\u0026new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Vimlendu27/super-linter/pull/1216","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vimlendu27%2Fsuper-linter/issues/1216","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1216/packages"}},{"old_version":"3.19.0","new_version":"4.0.0","update_type":"major","path":null,"pr_created_at":"2025-11-24T14:18:18.000Z","version_change":"3.19.0 → 4.0.0","issue":{"uuid":"3659121906","node_id":"PR_kwDODOjFv861Nge4","number":7235,"state":"closed","title":"deps(docker): bump the docker group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-11-28T07:29:46.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-24T14:18:18.000Z","updated_at":"2025-11-28T07:29:48.000Z","time_to_close":321088,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":12,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.4","new_version":"1.14.0"},{"name":"terraform-linters/tflint","old_version":"v0.59.1","new_version":"v0.60.0","repository_url":"https://github.com/terraform-linters/tflint"},{"name":"alpine/helm","old_version":"3.19.0","new_version":"4.0.0"},{"name":"golangci/golangci-lint","old_version":"v2.6.1","new_version":"v2.6.2"},{"name":"kustomize/kustomize","old_version":"v5.7.1","new_version":"v5.8.0"},{"name":"hashicorp/terraform","old_version":"1.13.5","new_version":"1.14.0"},{"name":"mstruebing/editorconfig-checker","old_version":"v3.4.1","new_version":"v3.5.0"},{"name":"rhysd/actionlint","old_version":"1.7.8","new_version":"1.7.9"},{"name":"zricethezav/gitleaks","old_version":"v8.29.0","new_version":"v8.29.1"},{"name":"dart","old_version":"3.9.4-sdk","new_version":"3.10.1-sdk"},{"name":"dotnet/sdk","old_version":"9.0.306-alpine3.22","new_version":"10.0.100-alpine3.22"},{"name":"composer/composer","old_version":"2.8.12","new_version":"2.9.2"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| alpine/terragrunt | `1.13.4` | `1.14.0` |\n| [terraform-linters/tflint](https://github.com/terraform-linters/tflint) | `v0.59.1` | `v0.60.0` |\n| alpine/helm | `3.19.0` | `4.0.0` |\n| golangci/golangci-lint | `v2.6.1` | `v2.6.2` |\n| kustomize/kustomize | `v5.7.1` | `v5.8.0` |\n| hashicorp/terraform | `1.13.5` | `1.14.0` |\n| mstruebing/editorconfig-checker | `v3.4.1` | `v3.5.0` |\n| rhysd/actionlint | `1.7.8` | `1.7.9` |\n| zricethezav/gitleaks | `v8.29.0` | `v8.29.1` |\n| dart | `3.9.4-sdk` | `3.10.1-sdk` |\n| dotnet/sdk | `9.0.306-alpine3.22` | `10.0.100-alpine3.22` |\n| composer/composer | `2.8.12` | `2.9.2` |\n\n\nUpdates `alpine/terragrunt` from 1.13.4 to 1.14.0\n\nUpdates `terraform-linters/tflint` from v0.59.1 to v0.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/terraform-linters/tflint/releases\"\u003eterraform-linters/tflint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.60.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis release introduces a new configuration file format: \u003ccode\u003e.tflint.json\u003c/code\u003e. This is useful for workflows such as automatically generating configuration files.\nPlease note that in order to use the \u003ccode\u003e.tflint.json\u003c/code\u003e, enabled plugins must be built with SDK v0.23+.\u003c/p\u003e\n\u003cp\u003eFrom this release, Cosign signatures (\u003ccode\u003echecksums.txt.keyless.sig\u003c/code\u003e and \u003ccode\u003echecksums.txt.pem\u003c/code\u003e) are deprecated. They will not be included in future releases. If your installation scripts depend on them, please migrate to \u003ccode\u003egh attestation verify\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd JSON configuration file support by \u003ca href=\"https://github.com/rorychatterton\"\u003e\u003ccode\u003e@​rorychatterton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2391\"\u003eterraform-linters/tflint#2391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReport structured errors in JUnit and CheckStyle XML formatters by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2407\"\u003eterraform-linters/tflint#2407\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlphabetize rulesets in version output by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2404\"\u003eterraform-linters/tflint#2404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erelease: Pin Cosign version and deprecate Cosign signatures by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2405\"\u003eterraform-linters/tflint#2405\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: only read TF_VAR for root module by \u003ca href=\"https://github.com/bendrucker\"\u003e\u003ccode\u003e@​bendrucker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2413\"\u003eterraform-linters/tflint#2413\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): Bump actions/attest-build-provenance from 2.4.0 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2376\"\u003eterraform-linters/tflint#2376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump actions/setup-go from 5.5.0 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2377\"\u003eterraform-linters/tflint#2377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2378\"\u003eterraform-linters/tflint#2378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/spf13/afero from 1.14.0 to 1.15.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2380\"\u003eterraform-linters/tflint#2380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2379\"\u003eterraform-linters/tflint#2379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/net from 0.43.0 to 0.44.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2381\"\u003eterraform-linters/tflint#2381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2382\"\u003eterraform-linters/tflint#2382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.1 to 1.1.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2383\"\u003eterraform-linters/tflint#2383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2384\"\u003eterraform-linters/tflint#2384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump mislav/bump-homebrew-formula-action from 3.5 to 3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2388\"\u003eterraform-linters/tflint#2388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(script): GitHub API rate limit by \u003ca href=\"https://github.com/Sander0542\"\u003e\u003ccode\u003e@​Sander0542\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2390\"\u003eterraform-linters/tflint#2390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tflint-plugin-sdk to v0.23.0 by \u003ca href=\"https://github.com/wata727\"\u003e\u003ccode\u003e@​wata727\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2393\"\u003eterraform-linters/tflint#2393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/sigstore/sigstore-go from 1.1.2 to 1.1.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2394\"\u003eterraform-linters/tflint#2394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/login-action from 3.5.0 to 3.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2395\"\u003eterraform-linters/tflint#2395\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump the go-x group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2397\"\u003eterraform-linters/tflint#2397\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump google.golang.org/grpc from 1.75.1 to 1.76.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2398\"\u003eterraform-linters/tflint#2398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2399\"\u003eterraform-linters/tflint#2399\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/net from 0.45.0 to 0.46.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2400\"\u003eterraform-linters/tflint#2400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump github.com/terraform-linters/tflint-plugin-sdk from 0.23.0 to 0.23.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2402\"\u003eterraform-linters/tflint#2402\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2408\"\u003eterraform-linters/tflint#2408\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2409\"\u003eterraform-linters/tflint#2409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): Bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in the go-x group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2410\"\u003eterraform-linters/tflint#2410\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Sander0542\"\u003e\u003ccode\u003e@​Sander0542\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2390\"\u003eterraform-linters/tflint#2390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rorychatterton\"\u003e\u003ccode\u003e@​rorychatterton\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/terraform-linters/tflint/pull/2391\"\u003eterraform-linters/tflint#2391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\"\u003ehttps://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c932c4d51c367257ba67d7a57abe1b319dab437f\"\u003e\u003ccode\u003ec932c4d\u003c/code\u003e\u003c/a\u003e Bump up version to v0.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/c132acc7329c8f3c154874fb21e99a1527520400\"\u003e\u003ccode\u003ec132acc\u003c/code\u003e\u003c/a\u003e Bump Go patch version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/26c49c415b90b222051d7117e42718ff7157d423\"\u003e\u003ccode\u003e26c49c4\u003c/code\u003e\u003c/a\u003e fix: only read TF_VAR environment variables for root module (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2413\"\u003e#2413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/09a61cf8bc6193f321b7cb162783c0b2e26b084a\"\u003e\u003ccode\u003e09a61cf\u003c/code\u003e\u003c/a\u003e build(deps): Bump golang.org/x/oauth2 in the go-x group (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2410\"\u003e#2410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/25059cf529eb9c97559ad8cdd8081d71279a61fa\"\u003e\u003ccode\u003e25059cf\u003c/code\u003e\u003c/a\u003e build(deps): Bump docker/metadata-action from 5.8.0 to 5.9.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2409\"\u003e#2409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/9da1a586203ec3bbdce0a0d7b84d9b4e737f1674\"\u003e\u003ccode\u003e9da1a58\u003c/code\u003e\u003c/a\u003e build(deps): Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/63d5d8ab3bf2deb841d7f07381ea1b548d6cc938\"\u003e\u003ccode\u003e63d5d8a\u003c/code\u003e\u003c/a\u003e Report structured errors in JUnit and CheckStyle XML formatters (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2407\"\u003e#2407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/38cab0564d1cd2b13b550cc37fe64f7efc4c8579\"\u003e\u003ccode\u003e38cab05\u003c/code\u003e\u003c/a\u003e Add JSON configuration file support (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/3bc0bfa3b49cbe3ed6d597cf1e59c2c9383414aa\"\u003e\u003ccode\u003e3bc0bfa\u003c/code\u003e\u003c/a\u003e Pin Cosign version and deprecate Cosign signatures (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2405\"\u003e#2405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/terraform-linters/tflint/commit/56b6432c25f577a1ab155b2125f57a3ef941ac5f\"\u003e\u003ccode\u003e56b6432\u003c/code\u003e\u003c/a\u003e Alphabetize rulesets in version output (\u003ca href=\"https://redirect.github.com/terraform-linters/tflint/issues/2404\"\u003e#2404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/terraform-linters/tflint/compare/v0.59.1...v0.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.19.0 to 4.0.0\n\nUpdates `golangci/golangci-lint` from v2.6.1 to v2.6.2\n\nUpdates `kustomize/kustomize` from v5.7.1 to v5.8.0\n\nUpdates `hashicorp/terraform` from 1.13.5 to 1.14.0\n\nUpdates `mstruebing/editorconfig-checker` from v3.4.1 to v3.5.0\n\nUpdates `rhysd/actionlint` from 1.7.8 to 1.7.9\n\nUpdates `zricethezav/gitleaks` from v8.29.0 to v8.29.1\n\nUpdates `dart` from 3.9.4-sdk to 3.10.1-sdk\n\nUpdates `dotnet/sdk` from 9.0.306-alpine3.22 to 10.0.100-alpine3.22\n\nUpdates `composer/composer` from 2.8.12 to 2.9.2\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7235","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7235","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7235/packages"}},{"old_version":"3.17.2","new_version":"3.19.0","update_type":"minor","path":null,"pr_created_at":"2025-11-17T17:17:24.000Z","version_change":"3.17.2 → 3.19.0","issue":{"uuid":"3634259976","node_id":"PR_kwDOHWg4tc6z586w","number":173,"state":"closed","title":"Bump the helm group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-11-30T19:17:49.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-17T17:17:24.000Z","updated_at":"2025-11-30T19:17:50.000Z","time_to_close":1130425,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":4,"packages":[{"name":"sigstore/cosign/cosign","old_version":"v2.6.1","new_version":"v3.0.2"},{"name":"regclient/regctl","old_version":"v0.9.2","new_version":"v0.10.0","repository_url":"https://github.com/regclient/regclient"},{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":null,"ecosystem":"docker"},"body":"Bumps the helm group with 4 updates in the /helm directory: sigstore/cosign/cosign, [regclient/regctl](https://github.com/regclient/regclient), alpine/helm and oras-project/oras.\n\nUpdates `sigstore/cosign/cosign` from v2.6.1 to v3.0.2\n\nUpdates `regclient/regctl` from v0.9.2 to v0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/releases\"\u003eregclient/regctl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0\u003c/h2\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/blob/v0.10.0/release.md\"\u003eregclient/regctl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/c3de9bb7b04ad3cd96bb73bc0c72986b83572d12\"\u003e\u003ccode\u003ec3de9bb\u003c/code\u003e\u003c/a\u003e Release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/76bfe7d9bcbd88f1483bb4f920b32b3e00d7fd98\"\u003e\u003ccode\u003e76bfe7d\u003c/code\u003e\u003c/a\u003e Merge for release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/2a0496d240396e626d9c30aab63064a812735ca7\"\u003e\u003ccode\u003e2a0496d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1009\"\u003e#1009\u003c/a\u003e from sudo-bmitch/pr-update-20251109\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/a0d4757e4e8bc46d942f51abdf48be503a8c8351\"\u003e\u003ccode\u003ea0d4757\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/0ee858b78ed3059b03974093aecd47642e9ec6f6\"\u003e\u003ccode\u003e0ee858b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1008\"\u003e#1008\u003c/a\u003e from sudo-bmitch/pr-regsync-tagsets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/4467caf8b1394a82e947010e154620e60b9c8e32\"\u003e\u003ccode\u003e4467caf\u003c/code\u003e\u003c/a\u003e Feat: Add tagSets to regsync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/9542f8e31e18f98a4a8fb603da9603957d340059\"\u003e\u003ccode\u003e9542f8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1007\"\u003e#1007\u003c/a\u003e from sudo-bmitch/pr-semver-numeric-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/34ca4476bdb8e9bc8102ea44f1a8a1af099bdac6\"\u003e\u003ccode\u003e34ca447\u003c/code\u003e\u003c/a\u003e Fix: Handle semver compare of numeric prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/8699d5ac97f3705e3e1353db94cf08b88aa9fff7\"\u003e\u003ccode\u003e8699d5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1006\"\u003e#1006\u003c/a\u003e from sudo-bmitch/pr-update-20251102\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/64f9773214dad7316917f69b7418aa25f5bbe580\"\u003e\u003ccode\u003e64f9773\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/regclient/regclient/compare/v0.9.2...v0.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/173","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/173","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/173/packages"}},{"old_version":"3.17.2","new_version":"3.19.0","update_type":"minor","path":"/helm","pr_created_at":"2025-11-16T23:39:32.000Z","version_change":"3.17.2 → 3.19.0","issue":{"uuid":"3631278306","node_id":"PR_kwDOHWg4tc6zwEYj","number":170,"state":"open","title":"Bump the helm group in /helm with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-16T23:39:32.000Z","updated_at":"2025-11-17T16:43:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":4,"packages":[{"name":"sigstore/cosign/cosign","old_version":"v3.0.0","new_version":"v3.0.2"},{"name":"regclient/regctl","old_version":"v0.9.2","new_version":"v0.10.0","repository_url":"https://github.com/regclient/regclient"},{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":"/helm","ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the helm group in /helm with 4 updates: sigstore/cosign/cosign, [regclient/regctl](https://github.com/regclient/regclient), alpine/helm and oras-project/oras.\n\nUpdates `sigstore/cosign/cosign` from v3.0.0 to v3.0.2\n\nUpdates `regclient/regctl` from v0.9.2 to v0.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/releases\"\u003eregclient/regctl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.10.0\u003c/h2\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/regclient/regclient/blob/v0.10.0/release.md\"\u003eregclient/regctl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease v0.10.0\u003c/h1\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFeat: Support DOCKER_AUTH_CONFIG variable. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/996\"\u003ePR 996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add regctl repo copy. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/997\"\u003ePR 997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: regsync support for semantic versioning(semver) for matching tags (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1005\"\u003ePR 1005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003etagSets\u003c/code\u003e to regsync. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1008\"\u003ePR 1008\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChore: Add go:fix lines to deprecated code. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/994\"\u003ePR 994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Add gofumpt to the build. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/995\"\u003ePR 995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore: Remove the unused bps field. (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/998\"\u003ePR 998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Handle semver compare of numeric prerelease (\u003ca href=\"https://redirect.github.com/regclient/regclient/pull/1007\"\u003ePR 1007\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSecurity:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-58187: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4007\"\u003ehttps://osv.dev/GO-2025-4007\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58189: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4008\"\u003ehttps://osv.dev/GO-2025-4008\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-61723: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4009\"\u003ehttps://osv.dev/GO-2025-4009\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-47912: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4010\"\u003ehttps://osv.dev/GO-2025-4010\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58185: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4011\"\u003ehttps://osv.dev/GO-2025-4011\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58186: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4012\"\u003ehttps://osv.dev/GO-2025-4012\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58188: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4013\"\u003ehttps://osv.dev/GO-2025-4013\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-58183: Fixed with Go upgrade (\u003ca href=\"https://osv.dev/GO-2025-4014\"\u003ehttps://osv.dev/GO-2025-4014\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9230: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9232: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003cli\u003eCVE-2025-9231: Fixed with Alpine image upgrade.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eContributors:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/daimoniac\"\u003e\u003ccode\u003e@​daimoniac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sudo-bmitch\"\u003e\u003ccode\u003e@​sudo-bmitch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/c3de9bb7b04ad3cd96bb73bc0c72986b83572d12\"\u003e\u003ccode\u003ec3de9bb\u003c/code\u003e\u003c/a\u003e Release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/76bfe7d9bcbd88f1483bb4f920b32b3e00d7fd98\"\u003e\u003ccode\u003e76bfe7d\u003c/code\u003e\u003c/a\u003e Merge for release v0.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/2a0496d240396e626d9c30aab63064a812735ca7\"\u003e\u003ccode\u003e2a0496d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1009\"\u003e#1009\u003c/a\u003e from sudo-bmitch/pr-update-20251109\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/a0d4757e4e8bc46d942f51abdf48be503a8c8351\"\u003e\u003ccode\u003ea0d4757\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/0ee858b78ed3059b03974093aecd47642e9ec6f6\"\u003e\u003ccode\u003e0ee858b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1008\"\u003e#1008\u003c/a\u003e from sudo-bmitch/pr-regsync-tagsets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/4467caf8b1394a82e947010e154620e60b9c8e32\"\u003e\u003ccode\u003e4467caf\u003c/code\u003e\u003c/a\u003e Feat: Add tagSets to regsync\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/9542f8e31e18f98a4a8fb603da9603957d340059\"\u003e\u003ccode\u003e9542f8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1007\"\u003e#1007\u003c/a\u003e from sudo-bmitch/pr-semver-numeric-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/34ca4476bdb8e9bc8102ea44f1a8a1af099bdac6\"\u003e\u003ccode\u003e34ca447\u003c/code\u003e\u003c/a\u003e Fix: Handle semver compare of numeric prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/8699d5ac97f3705e3e1353db94cf08b88aa9fff7\"\u003e\u003ccode\u003e8699d5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/regclient/regclient/issues/1006\"\u003e#1006\u003c/a\u003e from sudo-bmitch/pr-update-20251102\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient/commit/64f9773214dad7316917f69b7418aa25f5bbe580\"\u003e\u003ccode\u003e64f9773\u003c/code\u003e\u003c/a\u003e Version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/regclient/regclient/compare/v0.9.2...v0.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/170","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/170","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/170/packages"}},{"old_version":"3.17.2","new_version":"3.19.0","update_type":"minor","path":null,"pr_created_at":"2025-11-16T21:37:28.000Z","version_change":"3.17.2 → 3.19.0","issue":{"uuid":"3631165341","node_id":"PR_kwDOHWg4tc6zvtkf","number":169,"state":"open","title":"Bump the helm group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","docker","L: helm"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-11-16T21:37:28.000Z","updated_at":"2025-11-16T23:31:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"helm","update_count":2,"packages":[{"name":"alpine/helm","old_version":"3.17.2","new_version":"3.19.0"},{"name":"oras-project/oras","old_version":"v1.2.2","new_version":"v1.3.0"}],"path":null,"ecosystem":"docker"},"body":"Bumps the helm group with 2 updates in the /helm directory: alpine/helm and oras-project/oras.\n\nUpdates `alpine/helm` from 3.17.2 to 3.19.0\n\nUpdates `oras-project/oras` from v1.2.2 to v1.3.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/yeikel/dependabot-core/pull/169","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeikel%2Fdependabot-core/issues/169","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/169/packages"}},{"old_version":"3.18.6","new_version":"3.19.0","update_type":"minor","path":"/build/package","pr_created_at":"2025-10-01T00:01:37.000Z","version_change":"3.18.6 → 3.19.0","issue":{"uuid":"3471448171","node_id":"PR_kwDOFIiuxs6rcaVL","number":1102,"state":"open","title":"build(deps): bump alpine/helm from 3.18.6 to 3.19.0 in /build/package","user":"dependabot[bot]","labels":["dependencies","dockerfile"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-10-01T00:01:37.000Z","updated_at":"2025-10-01T00:01:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":"/build/package","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/freight-hub/helm-rollback-web/pull/1102","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/freight-hub%2Fhelm-rollback-web/issues/1102","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1102/packages"}},{"old_version":"3.18.6","new_version":"3.19.0","update_type":"minor","path":"/code-server","pr_created_at":"2025-09-15T17:54:22.000Z","version_change":"3.18.6 → 3.19.0","issue":{"uuid":"2830132881","node_id":"PR_kwDOIEhyvc6osGaR","number":291,"state":"closed","title":"build(deps): bump alpine/helm from 3.18.6 to 3.19.0 in /code-server","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-20T07:32:11.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T17:54:22.000Z","updated_at":"2025-09-20T07:32:11.000Z","time_to_close":394669,"merged_at":"2025-09-20T07:32:11.000Z","merged_by":"josephpage","closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":"/code-server","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/octo-technology/docker-images/pull/291","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/octo-technology%2Fdocker-images/issues/291","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/291/packages"}},{"old_version":"3.18.6","new_version":"3.19.0","update_type":"minor","path":null,"pr_created_at":"2025-09-15T14:50:09.000Z","version_change":"3.18.6 → 3.19.0","issue":{"uuid":"2829586108","node_id":"PR_kwDOKxsIhc6oqA68","number":981,"state":"open","title":"deps(docker): bump the docker group with 4 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T14:50:09.000Z","updated_at":"2025-09-15T14:50:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":4,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.1","new_version":"1.13.2"},{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0"},{"name":"hashicorp/terraform","old_version":"1.13.1","new_version":"1.13.2"},{"name":"dart","old_version":"3.9.2-sdk","new_version":"3.9.3-sdk"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 4 updates: alpine/terragrunt, alpine/helm, hashicorp/terraform and dart.\n\nUpdates `alpine/terragrunt` from 1.13.1 to 1.13.2\n\nUpdates `alpine/helm` from 3.18.6 to 3.19.0\n\nUpdates `hashicorp/terraform` from 1.13.1 to 1.13.2\n\nUpdates `dart` from 3.9.2-sdk to 3.9.3-sdk\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/khulnasoft-lab/awesome-linter/pull/981","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/khulnasoft-lab%2Fawesome-linter/issues/981","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/981/packages"}},{"old_version":"3.18.6","new_version":"3.19.0","update_type":"minor","path":null,"pr_created_at":"2025-09-15T14:13:12.000Z","version_change":"3.18.6 → 3.19.0","issue":{"uuid":"2829446782","node_id":"PR_kwDODOjFv86ope5-","number":7043,"state":"closed","title":"deps(docker): bump the docker group with 3 updates","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-15T18:23:01.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T14:13:12.000Z","updated_at":"2025-09-15T18:23:02.000Z","time_to_close":14989,"merged_at":"2025-09-15T18:23:01.000Z","merged_by":"github-actions[bot]","closed_by":null,"dependency_metadata":{"prefix":"deps(docker): bump","group_name":"docker","update_count":3,"packages":[{"name":"alpine/terragrunt","old_version":"1.13.1","new_version":"1.13.2"},{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0"},{"name":"dart","old_version":"3.9.2-sdk","new_version":"3.9.3-sdk"}],"path":null,"ecosystem":"docker"},"body":"Bumps the docker group with 3 updates: alpine/terragrunt, alpine/helm and dart.\n\nUpdates `alpine/terragrunt` from 1.13.1 to 1.13.2\n\nUpdates `alpine/helm` from 3.18.6 to 3.19.0\n\nUpdates `dart` from 3.9.2-sdk to 3.9.3-sdk\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/super-linter/super-linter/pull/7043","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/super-linter%2Fsuper-linter/issues/7043","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7043/packages"}},{"old_version":"3.18.6","new_version":"3.19.0","update_type":"minor","path":null,"pr_created_at":"2025-09-15T09:50:43.000Z","version_change":"3.18.6 → 3.19.0","issue":{"uuid":"3417177381","node_id":"PR_kwDOEE58u86omG3v","number":2469,"state":"open","title":"deps(docker): bump alpine/helm from 3.18.6 to 3.19.0","user":"dependabot[bot]","labels":["dependencies","docker","O: stale 🤖"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-09-15T09:50:43.000Z","updated_at":"2025-10-16T00:03:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(docker)","packages":[{"name":"alpine/helm","old_version":"3.18.6","new_version":"3.19.0","repository_url":null}],"path":null,"ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.6 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.6\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/darwinz/super-linter/pull/2469","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/darwinz%2Fsuper-linter/issues/2469","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2469/packages"}},{"old_version":"3.18.4","new_version":"3.19.0","update_type":"minor","path":"/tools/dplsh","pr_created_at":"2025-09-15T04:03:42.000Z","version_change":"3.18.4 → 3.19.0","issue":{"uuid":"2827700002","node_id":"PR_kwDOF62svs6oi0ci","number":869,"state":"open","title":"Bump alpine/helm from 3.18.4 to 3.19.0 in /tools/dplsh","user":"dependabot[bot]","labels":["dependencies","docker"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-15T04:03:42.000Z","updated_at":"2025-09-15T04:03:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"alpine/helm","old_version":"3.18.4","new_version":"3.19.0","repository_url":null}],"path":"/tools/dplsh","ecosystem":"docker"},"body":"Bumps alpine/helm from 3.18.4 to 3.19.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=alpine/helm\u0026package-manager=docker\u0026previous-version=3.18.4\u0026new-version=3.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/danskernesdigitalebibliotek/dpl-platform/pull/869","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/danskernesdigitalebibliotek%2Fdpl-platform/issues/869","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/869/packages"}}]}