Bump the all group with 8 updates

[dependabot]

Bumps the all group with 8 updates:

Package	From	To
actions/checkout	4.1.7	5.0.0
github/codeql-action	3	4
actions/setup-go	5.0.2	6.0.0
golangci/golangci-lint-action	6.1.0	8.0.0
super-linter/super-linter	7.1.0	8.2.0
reviewdog/action-misspell	1.23.0	1.26.3
reviewdog/action-alex	1.13.0	1.16.0
actions/stale	9.0.0	10.1.0

Updates actions/checkout from 4.1.7 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236
• Prepare release v4.3.0 by @​salmanmkc in actions/checkout#2237

New Contributors

• @​motss made their first contribution in actions/checkout#1971
• @​mouismail made their first contribution in actions/checkout#1977
• @​benwells made their first contribution in actions/checkout#2043
• @​nebuk89 made their first contribution in actions/checkout#2194
• @​salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

New Contributors

• @​Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

• 08c6903 Prepare v5.0.0 release (#2238)
• 9f26565 Update actions checkout to use node 24 (#2226)
• 08eba0b Prepare release v4.3.0 (#2237)
• 631c7dc Update package dependencies (#2236)
• 8edcb1b Update CODEOWNERS for actions (#2224)
• 09d2aca Update README.md (#2194)
• 85e6279 Adjust positioning of user email note and permissions heading (#2044)
• 009b9ae Documentation update - add recommended permissions to Readme (#2043)
• cbb7224 Update README.md (#1977)
• 3b9b8c8 docs: update README.md (#1971)
• Additional commits viewable in compare view

Updates github/codeql-action from 3 to 4

Release notes

Sourced from github/codeql-action's releases.

v3.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.7 - 06 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

See the full CHANGELOG.md for more information.

v3.30.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

See the full CHANGELOG.md for more information.

v3.30.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.29.4 - 23 Jul 2025

No user facing changes.

3.29.3 - 21 Jul 2025

No user facing changes.

3.29.2 - 30 Jun 2025

• Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

3.29.1 - 27 Jun 2025

• Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938
• Update default CodeQL bundle version to 2.22.1. #2950

3.29.0 - 11 Jun 2025

• Update default CodeQL bundle version to 2.22.0. #2925
• Bump minimum CodeQL bundle version to 2.16.6. #2912

3.28.21 - 28 July 2025

No user facing changes.

3.28.20 - 21 July 2025

• Remove support for combining SARIF files from a single upload for GHES 3.18, see the changelog post. #2959

3.28.19 - 03 Jun 2025

• The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.
• Update default CodeQL bundle version to 2.21.4. #2910

3.28.18 - 16 May 2025

• Update default CodeQL bundle version to 2.21.3. #2893
• Skip validating SARIF produced by CodeQL for improved performance. #2894
• The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

... (truncated)

Commits

• a841c54 Scratch uploadSpecifiedFiles tests, make uploadPayload tests instead
• aeb12f6 Merge branch 'main' into redsun82/skip-sarif-upload-tests
• 6fd4ceb Merge pull request #3189 from github/henrymercer/download-codeql-rate-limit
• 196a3e5 Merge pull request #3188 from github/mbg/telemetry/partial-config
• 98abb87 Add configuration error for rate limited CodeQL download
• bdd2cdf Also include language in error status report for start-proxy, if available
• fb14878 Include languages in start-proxy telemetry
• 2ff418f Parse language before calling getCredentials
• See full diff in compare view

Updates actions/setup-go from 5.0.2 to 6.0.0

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

• Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @​matthewhughes934 in actions/setup-go#460
• Upgrade Nodejs runtime from node20 to node 24 by @​salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot[bot] in actions/setup-go#589
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-go#591
• Upgrade @​typescript-eslint/parser from 8.31.1 to 8.35.1 by @​dependabot[bot] in actions/setup-go#590
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-go#594
• Upgrade typescript from 5.4.2 to 5.8.3 by @​dependabot[bot] in actions/setup-go#538
• Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @​dependabot[bot] in actions/setup-go#603
• Upgrade form-data to bring in fix for critical vulnerability by @​matthewhughes934 in actions/setup-go#618
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-go#631

New Contributors

• @​matthewhughes934 made their first contribution in actions/setup-go#618
• @​salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

• Update self-hosted environment validation by @​priyagupta108 in actions/setup-go#556
• Add manifest validation and improve error handling by @​priyagupta108 in actions/setup-go#586
• Update template link by @​jsoref in actions/setup-go#527

Dependency updates:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in actions/setup-go#574
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in actions/setup-go#573
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-go#582
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot in actions/setup-go#537

New Contributors

• @​jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

What's Changed

Dependency updates :

• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in actions/setup-go#535
• Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by @​dependabot in actions/setup-go#536
• Upgrade @​action/cache from 4.0.0 to 4.0.2 by @​aparnajyothi-y in actions/setup-go#568
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-go#541

... (truncated)

Commits

• 4469467 Bump actions/checkout from 4 to 5 (#631)
• e093d1e Node 24 upgrade (#624)
• 1d76b95 Improve toolchain handling (#460)
• e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
• 8e57b58 Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603)
• 7c0b336 Bump typescript from 5.4.2 to 5.8.3 (#538)
• 6f26dcc Bump undici from 5.28.5 to 5.29.0 (#594)
• 8d4083a Bump @​typescript-eslint/parser from 5.62.0 to 8.32.0 (#590)
• fa96338 Bump @​actions/tool-cache from 2.0.1 to 2.0.2 (#591)
• 4de67c0 Bump @​types/jest from 29.5.12 to 29.5.14 (#589)
• Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 6.1.0 to 8.0.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v8.0.0

Requires golangci-lint version >= v2.1.0

What's Changed

Changes

• feat: use absolute paths by default when using working-directory option by @​ldez in golangci/golangci-lint-action#1231

Full Changelog: golangci/golangci-lint-action@v7...v8.0.0

v7.0.1

What's Changed

Documentation

• docs: add note about github.workspace by @​mattjohnsonpint in golangci/golangci-lint-action#1218
• docs: clarify that ’args: --path-mode=abs’ is needed for working-directory by @​HaraldNordgren in golangci/golangci-lint-action#1230

Dependencies

• build(deps): bump the dependencies group across 1 directory with 3 updates by @​dependabot in golangci/golangci-lint-action#1213
• build(deps-dev): bump the dev-dependencies group with 3 updates by @​dependabot in golangci/golangci-lint-action#1215
• build(deps-dev): bump the dev-dependencies group with 4 updates by @​dependabot in golangci/golangci-lint-action#1220
• build(deps): bump @​types/node from 22.13.14 to 22.14.0 in the dependencies group by @​dependabot in golangci/golangci-lint-action#1221
• build(deps-dev): bump the dev-dependencies group with 3 updates by @​dependabot in golangci/golangci-lint-action#1224
• build(deps): bump @​types/node from 22.14.0 to 22.14.1 in the dependencies group by @​dependabot in golangci/golangci-lint-action#1225
• build(deps-dev): bump the dev-dependencies group with 2 updates by @​dependabot in golangci/golangci-lint-action#1227

New Contributors

• @​mattjohnsonpint made their first contribution in golangci/golangci-lint-action#1218
• @​HaraldNordgren made their first contribution in golangci/golangci-lint-action#1230

Full Changelog: golangci/golangci-lint-action@v7.0.0...v7.0.1

v7.0.0

⚠️ The GitHub Action v7 supports golangci-lint v2 only. ⚠️

What's Changed

Changes

• feat: golangci-lint v2 support by @​ldez in golangci/golangci-lint-action#1198

Documentation

• docs: update annotation permissions by @​ldez in golangci/golangci-lint-action#1203
• docs: fix checks permissions for annotations by @​kema-dev in golangci/golangci-lint-action#1204

Dependencies

• build(deps-dev): bump the dev-dependencies group with 3 updates by @​dependabot in golangci/golangci-lint-action#1207

New Contributors

... (truncated)

Commits

• 4afd733 8.0.0
• 7774f98 feat: use absolute paths by default when using working-directory option (#1231)
• 9fae48a 7.0.1
• 16ece5e docs: clarify that ’args: --path-mode=abs’ is needed for working-directory (...
• a3942e2 build(deps-dev): bump the dev-dependencies group with 2 updates (#1227)
• 7ecb048 build(deps): bump @​types/node from 22.14.0 to 22.14.1 in the dependencies gro...
• 63a0d0e build(deps-dev): bump the dev-dependencies group with 3 updates (#1224)
• c2427fe docs: update problem matchers section
• 642f8ee build(deps): bump @​types/node from 22.13.14 to 22.14.0 in the dependencies gr...
• d84be92 build(deps-dev): bump the dev-dependencies group with 4 updates (#1220)
• Additional commits viewable in compare view

Updates super-linter/super-linter from 7.1.0 to 8.2.0

Release notes

Sourced from super-linter/super-linter's releases.

v8.2.0

8.2.0 (2025-09-30)

🚀 Features

• add kubeconform (#7011) (415cc32), closes #6967
• add pre-commit (#7064) (9106b37), closes #3683
• export GITHUB_TOKEN (#7054) (879aeb5), closes #6970
• run ruff as a formatter (#6981) (f9bdfcb), closes #5951
• set zizmor github token variable (#6971) (097f489)
• support biome (#7005) (fdf27fe), closes #6298
• support git worktrees (#6983) (deb9853), closes #6944

🐛 Bugfixes

• initialize GITHUB_BEFORE_SHA on merge commits (#7053) (4649231), closes #6873
• initialize GITHUB_SHA for both worktrees and regular repos (#7010) (8477b13)
• install r only when needed (#7029) (5114ec9), closes #7022
• set biome working directory (#7035) (d32a717)

⬆️ Dependency updates

• bundler: bump rubocop in /dependencies in the rubocop group (#6973) (1e6cd2f)
• bundler: bump rubocop in /dependencies in the rubocop group (#6999) (0c0b832)
• bundler: bump rubocop-performance (#7014) (1f7db0b)
• bundler: bump the rubocop group in /dependencies with 2 updates (#7071) (1680ba2)
• bundler: bump the rubocop group in /dependencies with 3 updates (#6989) (dee2e4e)
• docker: bump aquasecurity/trivy in the docker group (#7080) (41480db)
• docker: bump goreleaser/goreleaser in the docker group (#7070) (c2c988a)
• docker: bump the docker group across 1 directory with 4 updates (#7031) (a1aae7d)
• docker: bump the docker group with 3 updates (#6995) (54c24c1)
• docker: bump the docker group with 3 updates (#7000) (9df4ad9)
• docker: bump the docker group with 3 updates (#7043) (e2dbaa1)
• docker: bump the docker group with 5 updates (#6974) (8ea4f49)
• docker: bump the docker group with 8 updates (#7056) (ccb8ba0)
• java: bump com.puppycrawl.tools:checkstyle (#6991) (6fc26f0)
• java: bump com.puppycrawl.tools:checkstyle (#7072) (96c0ec9)
• npm: bump @​babel/eslint-parser in /dependencies (#7017) (c0393aa)
• npm: bump @​typescript-eslint/eslint-plugin (#6992) (d37840f)
• npm: bump @​typescript-eslint/eslint-plugin (#7003) (6d3fb85)
• npm: bump @​typescript-eslint/eslint-plugin (#7023) (a974afd)
• npm: bump @​typescript-eslint/eslint-plugin (#7059) (dc633f9)
• npm: bump @​typescript-eslint/eslint-plugin (#7074) (ecf5001)
• npm: bump @​typescript-eslint/eslint-plugin (#7081) (7412580)
• npm: bump axios (#7040) (407092f)
• npm: bump eslint from 9.33.0 to 9.34.0 in /dependencies (#6977) (0480c3e)
• npm: bump eslint from 9.34.0 to 9.35.0 in /dependencies (#7016) (aa8b43f)

... (truncated)

Changelog

Sourced from super-linter/super-linter's changelog.

Changelog

8.2.0 (2025-09-30)

🚀 Features

• add kubeconform (#7011) (415cc32), closes #6967
• add pre-commit (#7064) (9106b37), closes #3683
• export GITHUB_TOKEN (#7054) (879aeb5), closes #6970
• run ruff as a formatter (#6981) (f9bdfcb), closes #5951
• set zizmor github token variable (#6971) (097f489)
• support biome (#7005) (fdf27fe), closes #6298
• support git worktrees (#6983) (deb9853), closes #6944

🐛 Bugfixes

• initialize GITHUB_BEFORE_SHA on merge commits (#7053) (4649231), closes #6873
• initialize GITHUB_SHA for both worktrees and regular repos (#7010) (8477b13)
• install r only when needed (#7029) (5114ec9), closes #7022
• set biome working directory (#7035) (d32a717)

⬆️ Dependency updates

• bundler: bump rubocop in /dependencies in the rubocop group (#6973) (1e6cd2f)
• bundler: bump rubocop in /dependencies in the rubocop group (#6999) (0c0b832)
• bundler: bump rubocop-performance (#7014) (1f7db0b)
• bundler: bump the rubocop group in /dependencies with 2 updates (#7071) (1680ba2)
• bundler: bump the rubocop group in /dependencies with 3 updates (#6989) (dee2e4e)
• docker: bump aquasecurity/trivy in the docker group (#7080) (41480db)
• docker: bump goreleaser/goreleaser in the docker group (#7070) (c2c988a)
• docker: bump the docker group across 1 directory with 4 updates (#7031) (a1aae7d)
• docker: bump the docker group with 3 updates (#6995) (54c24c1)
• docker: bump the docker group with 3 updates (#7000) (9df4ad9)
• docker: bump the docker group with 3 updates (#7043) (e2dbaa1)
• docker: bump the docker group with 5 updates (#6974) (8ea4f49)
• docker: bump the docker group with 8 updates (#7056) (ccb8ba0)
• java: bump com.puppycrawl.tools:checkstyle (#6991) (6fc26f0)
• java: bump com.puppycrawl.tools:checkstyle (#7072) (96c0ec9)
• npm: bump @​babel/eslint-parser in /dependencies (#7017) (c0393aa)
• npm: bump @​typescript-eslint/eslint-plugin (#6992) (d37840f)
• npm: bump @​typescript-eslint/eslint-plugin (#7003) (6d3fb85)
• npm: bump @​typescript-eslint/eslint-plugin (#7023) (a974afd)
• npm: bump @​typescript-eslint/eslint-plugin (#7059) (dc633f9)
• npm: bump @​typescript-eslint/eslint-plugin (#7074) (ecf5001)
• npm: bump @​typescript-eslint/eslint-plugin (#7081) (7412580)
• npm: bump axios (#7040) (407092f)
• npm: bump eslint from 9.33.0 to 9.34.0 in /dependencies (#6977) (0480c3e)

... (truncated)

Commits

• 7bba2ee chore(main): release 8.2.0 (#6972)
• 8c221da deps(python): bump the pip group across 1 directory with 2 updates (#7079)
• 41480db deps(docker): bump aquasecurity/trivy in the docker group (#7080)
• 7412580 deps(npm): bump @​typescript-eslint/eslint-plugin (#7081)
• d42850b deps(npm): bump renovate from 41.131.12 to 41.132.2 in /dependencies (#7082)
• 9106b37 feat: add pre-commit (#7064)
• 9c98974 deps(npm): bump react-router-dom (#7069)
• 92f78b7 deps(python): bump the pip group across 1 directory with 3 updates (#7078)
• ecf5001 deps(npm): bump @​typescript-eslint/eslint-plugin (#7074)
• 98635c9 deps(npm): bump th...

  Description has been truncated