Skip to content

build(deps): bump dorny/paths-filter from 3 to 4#314

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/dorny/paths-filter-4
Open

build(deps): bump dorny/paths-filter from 3 to 4#314
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/dorny/paths-filter-4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps dorny/paths-filter from 3 to 4.

Release notes

Sourced from dorny/paths-filter's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3.0.3...v4.0.0

v3.0.3

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3...v3.0.3

v3.0.2

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3...v3.0.2

v3.0.1

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3...v3.0.1

Changelog

Sourced from dorny/paths-filter's changelog.

Changelog

v4.0.0

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.1

v2.11.0

v2.10.2

v2.10.1

v2.10.0

v2.9.3

v2.9.2

v2.9.1

v2.9.0

... (truncated)

Commits
  • fbd0ab8 feat: add merge_group event support
  • efb1da7 feat: add dist/ freshness check to PR workflow
  • d8f7b06 Merge pull request #302 from dorny/issue-299
  • addbc14 Update README for v4
  • 9d7afb8 Update CHANGELOG for v4.0.0
  • 782470c Merge branch 'releases/v3'
  • ce10459 Merge pull request #294 from saschabratton/master
  • 5f40380 feat: update action runtime to node24
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026
@Dankoy
Copy link
Copy Markdown
Owner

Dankoy commented May 5, 2026

@dependabot rebase

@dependabot
build(deps): bump dorny/paths-filter from 3 to 4
c2a0cda 
Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter) from 3 to 4.
- [Release notes](https://github.com/dorny/paths-filter/releases)
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md)
- [Commits](dorny/paths-filter@v3...v4)

---
updated-dependencies:
- dependency-name: dorny/paths-filter
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/dorny/paths-filter-4 branch from 73202e8 to c2a0cda Compare May 5, 2026 13:17
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 5, 2026

Super-linter summary

Language Validation result
BIOME_LINT Pass ✅
GITHUB_ACTIONS Pass ✅
GITHUB_ACTIONS_ZIZMOR Fail ❌
GITLEAKS Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
PRE_COMMIT Pass ✅
SPELL_CODESPELL Pass ✅
YAML Pass ✅

Super-linter detected linting errors

For more information, see the GitHub Actions workflow run

Powered by Super-linter

GITHUB_ACTIONS_ZIZMOR 
�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:50:40
   �[1m�[94m|�[0m
�[1m�[94m50�[0m �[1m�[94m|�[0m       run: echo "individual=${{ toJson(steps.filter.outputs.changes) }}" >> $GITHUB_OUTPUT
   �[1m�[94m|�[0m       �[1m�[94m---�[0m �[1m�[94mthis run block�[0m               �[1m�[94m^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:73:22
   �[1m�[94m|�[0m
�[1m�[94m72�[0m �[1m�[94m|�[0m       run: |
   �[1m�[94m|�[0m       �[1m�[94m---�[0m �[1m�[94mthis run block�[0m
�[1m�[94m73�[0m �[1m�[94m|�[0m         if [ -n "${{ steps.individual.outputs.individual }}" ]; then
   �[1m�[94m|�[0m                      �[1m�[94m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:74:27
   �[1m�[94m|�[0m
�[1m�[94m72�[0m �[1m�[94m|�[0m       run: |
   �[1m�[94m|�[0m       �[1m�[94m---�[0m �[1m�[94mthis run block�[0m
�[1m�[94m73�[0m �[1m�[94m|�[0m         if [ -n "${{ steps.individual.outputs.individual }}" ]; then
�[1m�[94m74�[0m �[1m�[94m|�[0m           echo 'final=${{ steps.individual.outputs.individual }}' >> $GITHUB_OUTPUT;
   �[1m�[94m|�[0m                           �[1m�[94m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:75:24
   �[1m�[94m|�[0m
�[1m�[94m72�[0m �[1m�[94m|�[0m       run: |
   �[1m�[94m|�[0m       �[1m�[94m---�[0m �[1m�[94mthis run block�[0m
�[1m�[94m...�[0m
�[1m�[94m75�[0m �[1m�[94m|�[0m         elif [ -n "${{ steps.all.outputs.all }}" ]; then
   �[1m�[94m|�[0m                        �[1m�[94m^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:76:27
   �[1m�[94m|�[0m
�[1m�[94m72�[0m �[1m�[94m|�[0m       run: |
   �[1m�[94m|�[0m       �[1m�[94m---�[0m �[1m�[94mthis run block�[0m
�[1m�[94m...�[0m
�[1m�[94m76�[0m �[1m�[94m|�[0m           echo 'final=${{ steps.all.outputs.all }}' >> $GITHUB_OUTPUT;
   �[1m�[94m|�[0m                           �[1m�[94m^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[94minfo[template-injection]�[0m�[1m: code injection via template expansion�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:82:22
   �[1m�[94m|�[0m
�[1m�[94m82�[0m �[1m�[94m|�[0m       run: echo "${{ steps.final.outputs.final }}"
   �[1m�[94m|�[0m       �[1m�[94m---�[0m            �[1m�[94m^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[94mmay expand into attacker-controllable code�[0m
   �[1m�[94m|�[0m       �[1m�[94m|�[0m
   �[1m�[94m|�[0m       �[1m�[94mthis run block�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#template-injection�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/check-changes.yml:24:13
   �[1m�[94m|�[0m
�[1m�[94m24�[0m �[1m�[94m|�[0m     - uses: dorny/paths-filter@v4
   �[1m�[94m|�[0m             �[1m�[91m^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[32m10�[39m findings (�[1m�[93m3�[39m suppressed, �[92m6�[39m fixable�[0m): �[35m6�[39m informational, �[36m0�[39m low, �[33m0�[39m medium, �[31m1�[39m high🌈 zizmor v1.23.1
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/workflows/check-changes.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Dankoy