Skip to content

Bump super-linter/super-linter/slim from 8.6.0 to 8.7.0#354

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/super-linter/super-linter/slim-8.7.0
Closed

Bump super-linter/super-linter/slim from 8.6.0 to 8.7.0#354
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/super-linter/super-linter/slim-8.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps super-linter/super-linter/slim from 8.6.0 to 8.7.0.

Release notes

Sourced from super-linter/super-linter/slim's releases.

v8.7.0

8.7.0 (2026-06-18)

🚀 Features

🐛 Bugfixes

⬆️ Dependency updates

  • bundler: bump rubocop (#7923) (0738987)
  • bundler: bump rubocop in /dependencies in the rubocop group (#7731) (bf2414c)
  • bundler: bump rubocop-capybara (#7781) (35ef3f6)
  • bundler: bump the rubocop group across 1 directory with 2 updates (#7816) (5a6de32)
  • bundler: bump the rubocop group across 1 directory with 3 updates (#7875) (4d01de2)
  • bundler: bump the rubocop group in /dependencies with 2 updates (#7890) (cd79eea)
  • docker: bump dart in the docker group (#7755) (86c9c54)
  • docker: bump goreleaser/goreleaser in the docker group (#7705) (487d0d8)
  • docker: bump mvdan/shfmt in the docker group (#7718) (a1fc30a)
  • docker: bump python (#7730) (c5fb918)
  • docker: bump the docker group across 1 directory with 10 updates (#7817) (5e3985b)
  • docker: bump the docker group across 1 directory with 11 updates (#7876) (9bc8ec9)
  • docker: bump the docker group across 1 directory with 3 updates (#7765) (d9f1398)
  • docker: bump the docker group across 1 directory with 5 updates (#7786) (b7ba6a5)
  • docker: bump the docker group across 1 directory with 6 updates (#7912) (7b70a50)
  • docker: bump the docker group across 1 directory with 8 updates (#7753) (3fec5a3)
  • java: bump com.puppycrawl.tools:checkstyle (#7788) (4a69c1a)
  • java: bump com.puppycrawl.tools:checkstyle (#7914) (65ad252)
  • npm: bump @​hono/node-server in /dependencies (#7720) (a8c6363)
  • npm: bump @​protobufjs/utf8 from 1.1.0 to 1.1.1 in /dependencies (#7812) (0651d17)
  • npm: bump @​stoplight/spectral-cli in /dependencies (#7743) (fd0d01c)
  • npm: bump @​stoplight/spectral-cli in /dependencies (#7814) (813e4fb)
  • npm: bump brace-expansion (#7840) (f6e64b5)
  • npm: bump fast-uri from 3.0.6 to 3.1.2 in /dependencies (#7803) (9253b88)
  • npm: bump fast-xml-builder from 1.1.4 to 1.2.0 in /dependencies (#7802) (5b044ae)
  • npm: bump hono from 4.12.14 to 4.12.18 in /dependencies (#7801) (b39c4bb)
  • npm: bump hono from 4.12.7 to 4.12.12 in /dependencies (#7721) (ab671c2)
  • npm: bump next from 16.2.2 to 16.2.3 in /dependencies (#7739) (223d8b2)

... (truncated)

Changelog

Sourced from super-linter/super-linter/slim's changelog.

Changelog

8.7.0 (2026-06-18)

🚀 Features

🐛 Bugfixes

⬆️ Dependency updates

  • bundler: bump rubocop (#7923) (0738987)
  • bundler: bump rubocop in /dependencies in the rubocop group (#7731) (bf2414c)
  • bundler: bump rubocop-capybara (#7781) (35ef3f6)
  • bundler: bump the rubocop group across 1 directory with 2 updates (#7816) (5a6de32)
  • bundler: bump the rubocop group across 1 directory with 3 updates (#7875) (4d01de2)
  • bundler: bump the rubocop group in /dependencies with 2 updates (#7890) (cd79eea)
  • docker: bump dart in the docker group (#7755) (86c9c54)
  • docker: bump goreleaser/goreleaser in the docker group (#7705) (487d0d8)
  • docker: bump mvdan/shfmt in the docker group (#7718) (a1fc30a)
  • docker: bump python (#7730) (c5fb918)
  • docker: bump the docker group across 1 directory with 10 updates (#7817) (5e3985b)
  • docker: bump the docker group across 1 directory with 11 updates (#7876) (9bc8ec9)
  • docker: bump the docker group across 1 directory with 3 updates (#7765) (d9f1398)
  • docker: bump the docker group across 1 directory with 5 updates (#7786) (b7ba6a5)
  • docker: bump the docker group across 1 directory with 6 updates (#7912) (7b70a50)
  • docker: bump the docker group across 1 directory with 8 updates (#7753) (3fec5a3)
  • java: bump com.puppycrawl.tools:checkstyle (#7788) (4a69c1a)
  • java: bump com.puppycrawl.tools:checkstyle (#7914) (65ad252)
  • npm: bump @​hono/node-server in /dependencies (#7720) (a8c6363)
  • npm: bump @​protobufjs/utf8 from 1.1.0 to 1.1.1 in /dependencies (#7812) (0651d17)
  • npm: bump @​stoplight/spectral-cli in /dependencies (#7743) (fd0d01c)
  • npm: bump @​stoplight/spectral-cli in /dependencies (#7814) (813e4fb)
  • npm: bump brace-expansion (#7840) (f6e64b5)
  • npm: bump fast-uri from 3.0.6 to 3.1.2 in /dependencies (#7803) (9253b88)
  • npm: bump fast-xml-builder from 1.1.4 to 1.2.0 in /dependencies (#7802) (5b044ae)
  • npm: bump hono from 4.12.14 to 4.12.18 in /dependencies (#7801) (b39c4bb)
  • npm: bump hono from 4.12.7 to 4.12.12 in /dependencies (#7721) (ab671c2)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [super-linter/super-linter/slim](https://github.com/super-linter/super-linter) from 8.6.0 to 8.7.0.
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](super-linter/super-linter@9e86335...4ce2083)

---
updated-dependencies:
- dependency-name: super-linter/super-linter/slim
  dependency-version: 8.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file Minor labels Jun 26, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 26, 2026 11:12
@dependabot dependabot Bot added Minor dependencies Pull requests that update a dependency file labels Jun 26, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

Copy link
Copy Markdown

Super-linter summary

Language Validation result
CHECKOV Pass ✅
GITLEAKS Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
MARKDOWN Pass ✅
NATURAL_LANGUAGE Pass ✅
POWERSHELL Pass ✅
PRE_COMMIT Pass ✅
SPELL_CODESPELL Pass ✅
TRIVY Pass ✅
YAML Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

Marius Storhaug (MariusStorhaug) added a commit that referenced this pull request Jul 7, 2026
…#358)

Consolidates the currently-passing Dependabot GitHub Actions updates
into one change, so the pipeline moves to the latest action versions in
a single release instead of separate bumps. It also configures
Dependabot to group future GitHub Actions updates into one pull request,
so this consolidated form happens automatically from now on.

**Superseded Dependabot PRs:** #351, #353, #354, #355 — Dependabot
closes these automatically once this merges.

> ⚠️ **Build-PSModule v5.0.0 (#350) is intentionally excluded.** v5
makes `moduleVersion` a required input, which the current
`Build-Module.yml` does not provide, so it fails CI (6 checks on #350's
own PR too). Adopting it needs the "decide version before build" work in
#342 and should ship with/after that PR. #350 stays open to track it.

## Updated GitHub Actions

| Action | From | To | Bump |
| --- | --- | --- | --- |
| actions/checkout | v6.0.2 | v7.0.0 | Major |
| PSModule/Publish-PSModule | v2.2.4 | v3.0.0 | Major |
| super-linter/super-linter | v8.6.0 | v8.7.0 | Minor |
| super-linter/super-linter/slim | v8.6.0 | v8.7.0 | Minor |

This bundle includes two major action upgrades, so it is labelled
`Major` and cuts a major release of Process-PSModule on merge.

## Changed: Dependabot groups GitHub Actions updates

`.github/dependabot.yml` now groups all `github-actions` updates into a
single grouped pull request via a `groups` block. The `github_actions`
label is also corrected — it was `github-actions`, which does not match
the repository label and was silently dropped by Dependabot.

## Technical Details

- Each bump is a cherry-pick of the original Dependabot commit,
preserving authorship and the `Bump X from A to B` messages for a clean
linear history.
- All bumps touch only `uses:` pins under `.github/workflows/`; no logic
changes.
- Dependabot grouping added:

  ```yaml
  groups:
    github-actions:
      patterns:
        - "*"
  ```

This groups every GitHub Actions ecosystem update (all semver levels)
into one PR. To keep major bumps as separate PRs for individual review,
add `update-types: ["minor", "patch"]` under the group — majors then
continue to open on their own.
- No linked issue: this is Dependabot-driven maintenance; the superseded
PRs above are the traceability.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Looks like super-linter/super-linter/slim is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 7, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/super-linter/super-linter/slim-8.7.0 branch July 7, 2026 22:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file Minor

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants