build(deps): bump dagger.io/dagger from 0.20.3 to 0.20.5 in /cmd/firmware-action

[dependabot]

Bumps dagger.io/dagger from 0.20.3 to 0.20.5.

Changelog

Sourced from dagger.io/dagger's changelog.

sdk/go/v0.20.5 - 2026-04-09

This SDK uses 🚙 Engine + 🚗 CLI version v0.20.5. See what changed in that release.

🐹 https://pkg.go.dev/dagger.io/dagger@v0.20.5

Dependencies

• Bump Engine to v0.20.5 by @​tiborvass in dagger/dagger#12946

What to do next

• Read the documentation
• Join our Discord server
• Follow us on Twitter

sdk/go/v0.20.4 - 2026-04-08

This SDK uses 🚙 Engine + 🚗 CLI version v0.20.4. See what changed in that release.

🐹 https://pkg.go.dev/dagger.io/dagger@v0.20.4

Dependencies

• Bump Engine to v0.20.4 by @​tiborvass in dagger/dagger#12930

What to do next

• Read the documentation
• Join our Discord server
• Follow us on Twitter

Commits

• 9758bd4 chore: prep for v0.20.5 (#12946)
• 6e4822e sdk/go: add workspace connect option (#12945)
• cc0a6cf sdk/go: skip workspace modules for provision_test (#12932)
• d5ff99f chore: prep for v0.20.4 (#12930)
• 2a26072 core(changeset): use structured diff stats instead of client-side patch parsi...
• 3ef6be5 chore: bump the engine group across 2 directories with 66 updates (#12894)
• 82d3549 add --failfast flag for dagger check and WithFailFast in util/parallel (#11...
• 3bd30b6 feat: dagger up to start services (#11959)
• 7117faa workspace: plumbing & compat (#11995)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	15		0	0	0.46s
✅ BASH	bash-exec	10		0	0	0.06s
✅ BASH	shellcheck	9		0	0	0.12s
✅ BASH	shfmt	9		0	0	0.01s
✅ DOCKERFILE	hadolint	5		0	0	0.32s
✅ EDITORCONFIG	editorconfig-checker	227		0	0	0.29s
✅ GO	revive	31		0	0	32.0s
✅ JSON	jsonlint	14		0	0	0.1s
✅ JSON	prettier	14		0	0	0.77s
✅ JSON	v8r	14		0	0	5.3s
✅ MARKDOWN	markdownlint	32		0	0	1.06s
⚠️ PYTHON	black	20		1	0	1.77s
✅ PYTHON	flake8	20		0	0	0.88s
✅ PYTHON	isort	20		0	0	0.97s
✅ PYTHON	mypy	20		0	0	7.36s
✅ PYTHON	pylint	20		0	0	10.21s
✅ PYTHON	pyright	20		0	0	0.87s
✅ PYTHON	ruff	20		0	0	0.21s
✅ REPOSITORY	checkov	yes		no	no	25.74s
✅ REPOSITORY	gitleaks	yes		no	no	5.0s
✅ REPOSITORY	git_diff	yes		no	no	0.07s
✅ REPOSITORY	grype	yes		no	no	77.99s
✅ REPOSITORY	secretlint	yes		no	no	1.34s
✅ REPOSITORY	syft	yes		no	no	17.25s
✅ REPOSITORY	trivy	yes		no	no	15.25s
✅ REPOSITORY	trivy-sbom	yes		no	no	3.61s
✅ REPOSITORY	trufflehog	yes		no	no	7.92s
✅ SPELL	cspell	227		0	0	4.37s
⚠️ YAML	prettier	35		1	2	3.1s
✅ YAML	v8r	35		0	0	13.67s
✅ YAML	yamllint	35		0	0	10.84s

Detailed Issues

⚠️ PYTHON / black - 1 error

--- .dagger-ci/daggerci/lib/cli.py	2026-04-10 00:12:56.041319+00:00
+++ .dagger-ci/daggerci/lib/cli.py	2026-04-10 00:13:37.372288+00:00
@@ -32,17 +32,15 @@
         action="store_true",
     )
     parser.add_argument(
         "-d",
         "--dockerfile",
-        help=textwrap.dedent(
-            """\
+        help=textwrap.dedent("""\
                 select which dockerfile to build
                 - enter name from docker-compose
                 - multiple entries are possible
-                - by default tries to build all"""
-        ),
+                - by default tries to build all"""),
         nargs="+",
     )
     parser.add_argument(
         "-p",
         "--publish",
would reformat .dagger-ci/daggerci/lib/cli.py
--- .dagger-ci/daggerci/main.py	2026-04-10 00:12:56.041407+00:00
+++ .dagger-ci/daggerci/main.py	2026-04-10 00:13:37.406184+00:00
@@ -1,9 +1,10 @@
 #!/usr/bin/python
 """
 Python script to build and test Docker containers for coreboot and EDK2 compilation
 """
+
 # mypy: disable-error-code="import"
 
 # Logging
 # https://docs.python.org/3/howto/logging.html
 # DEBUG, INFO, WARNING, ERROR, CRITICAL
would reformat .dagger-ci/daggerci/main.py
--- .dagger-ci/daggerci/tests/conftest.py	2026-04-10 00:12:56.041407+00:00
+++ .dagger-ci/daggerci/tests/conftest.py	2026-04-10 00:13:37.808551+00:00
@@ -88,63 +88,55 @@
 @pytest.fixture(name="dockerfile")
 def fixture_dockerfile():
     """
     Generic Dockerfile content
     """
-    return textwrap.dedent(
-        """\
+    return textwrap.dedent("""\
         FROM ubuntu:22.04 AS base
         ARG TARGETARCH=amd64\
-        """
-    )
+        """)
 
 
 @pytest.fixture
 def dockerfile_dummy_tests_success():
     """
     Dockerfile content specifically for executing tests inside docker
     """
-    return textwrap.dedent(
-        """\
+    return textwrap.dedent("""\
         FROM ubuntu:22.04 AS base
         ARG TARGETARCH=amd64
         ARG CONTEXT=dummy
         ARG VARIANT=success
         ENV VERIFICATION_TEST=./tests/test_${CONTEXT}_${VARIANT}.sh
         RUN echo 'hello world'\
-        """
-    )
+        """)
 
 
 @pytest.fixture
 def dockerfile_dummy_tests_fail():
     """
     Dockerfile content specifically for executing tests inside docker
     """
-    return textwrap.dedent(
-        """\
+    return textwrap.dedent("""\
         FROM ubuntu:22.04 AS base
         ARG TARGETARCH=amd64
         ARG CONTEXT=dummy
         ARG VARIANT=fail
         ENV VERIFICATION_TEST=./tests/test_${CONTEXT}_${VARIANT}.sh
         RUN echo 'hello world'\
-        """
-    )
+        """)
 
 
 @pytest.fixture
 def dockerfile_broken():
     """
     Dockerfile content which should fail to build
     """
-    return textwrap.dedent(
-        """\
+    return textwrap.dedent("""\
         FROM ubuntu:22.04 AS base
         RUN false\
-        """
-    )
+        """)
 
 
 # ===========================
 #
 #  Docker Compose fixtures
would reformat .dagger-ci/daggerci/tests/conftest.py

Oh no! 💥 💔 💥
3 files would be reformatted, 17 files would be left unchanged.

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/go-test.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters PYTHON_PYLINT,PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_MYPY,PYTHON_PYRIGHT,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,GO_REVIVE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 53.22%. Comparing base (5bfd000) to head (ee3dcff).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #873   +/-   ##
=======================================
  Coverage   53.22%   53.22%           
=======================================
  Files          17       17           
  Lines        1997     1997           
=======================================
  Hits         1063     1063           
  Misses        841      841           
  Partials       93       93           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.