build(deps): bump redhat-plumbers-in-action/differential-shellcheck from 4 to 5

[dependabot]

Bumps redhat-plumbers-in-action/differential-shellcheck from 4 to 5.

Release notes

Sourced from redhat-plumbers-in-action/differential-shellcheck's releases.

v5.0.0

What's Changed

Breaking

• drop: ignored-codes input 🚫 (#290) @​jamacku
• drop: shell-scripts input 🚫 (#288) @​jamacku

New

• Show more context for ShellCheck defects and fixes in console output 💾 (#300) @​jamacku
• Add support for subdirectory scanning 📁 (#294) @​jamacku
• Add Statistics of defect severities 📊 (#233) @​jamacku
• Show scanned files in console by default 📜 (#285) @​jamacku

Bug Fixes

• Fix autodetection of shell scripts in DEBUG mode 🥝 (#299) @​jamacku
• Always gather defect statistics 📉 (#298) @​jamacku
• Fix count of scanned files in job Summary when running on push event 🔢 (#297) @​jamacku
• Set correct version of ShellCheck in SARIF 🥥 (#296) @​jamacku
• fix: detection of changed files that might cause failure on some paths 🍭 (#286) @​jamacku

Maintenance

• Make the version of the used GHA more visible 👀 (#320) @​jamacku
• Update csutils (csdiff and csgrep) to 3.0.4 (#319) @​jamacku
• Update csutils (csdiff) to 3.0.3 (#293) @​jamacku

Documentation

• Improve documentation examples and update feature showcase 📷 (#301) @​jamacku
• Add section documenting VS Code integration 👩‍💻 (#311) @​jamacku
• doc: Explain format of path list options (#310) @​VladimirSlavik

Automation and CI changes

• Monthly dependabot updates 🤖 (#274) @​jamacku

Dependency Updates

• build(deps): bump fedora from 61f921e to 6fc00f8 (#312) @​dependabot
• build(deps): bump actions/checkout from 3.6.0 to 4.1.0 (#318) @​dependabot
• build(deps): bump docker/build-push-action from 4.1.1 to 5.0.0 (#317) @​dependabot
• build(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#316) @​dependabot
• build(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 (#315) @​dependabot
• build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#314) @​dependabot

... (truncated)

Changelog

Sourced from redhat-plumbers-in-action/differential-shellcheck's changelog.

Changelog

Next release

v5.0.0

• Added defect statistics based on severity levels. They are available in the console output and in the job Summary page.
• New option scan-directory. Allows to specify directories that will be scanned. By default Differential ShellCheck scans the whole repository.
• Show more context for ShellCheck defects and fixes in console output. The defect is now shown in the context of the surrounding code.
• Fix autodetection of shell scripts in DEBUG mode
• Fix detection of changed files that might cause failure on paths with special characters.
• Fix count of scanned files in job Summary when running on push event.
• Drop support for shell-scripts input
• Drop support for ignored-codes input
• Update csutils (csdiff) to 3.0.4

v4.2.2

• Container images now based on Fedora 38
  • ShellCheck - 0.8.0 -> 0.9.0
  • csutils - 3.0.0 -> 3.0.2

v4.2.1

• Handle multiple include/exclude paths with newlines

v4.2.0

• New option exclude-path. Allows to specify list of paths excluded from ShellCheck scanning. It supports globbing and brace expansion. e.g. test/{test1,test2}/**
• New option include-path. Similar to exclude-path, it allows specifying the list of paths that will be included into scanning. No further checks are performed. It supports globbing and brace expansion. e.g. fixture/**.fixture

v4.1.0

• grep - do not escape # and ! in patterns
• Utilize DEBUG to run grep without --silent option
• Update csutils (csdiff) to 3.0.0

v4.0.2

• Correctly handle character escaping in filenames (e.g. ␣ and &)
• Improve documentation and more tests

v4.0.0

• Tag latest is no longer available. Use major tags instead (e.g. v3 or v4).

• Action can be triggered using GitHub push event

  on:

... (truncated)

Commits

• aa647ec v5.0.1
• 3dfdfcf fix: uninitialized variable RUNNER_DEBUG
• 98b3935 fix: drop support for DEBUG in grep
• c9cc531 fix: incorrect log about fixed issues
• 0b37fe0 v5.0.0
• b392c11 deps: use the correct version of super-linter
• 9988647 deps: add comment with pinned version
• a58af3b deps: update csutils (csdiff and csgrep) to 3.0.4
• dc2f863 doc: fix format of warning message
• e0416c5 doc: add example.sh for testing purposes
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.