Skip to content

Bump dieghernan/cff-validator from 05739cf16bedafd7a4d6e770286be38947f38117 to 8398af2d8cc54104c7c69af839bc1fc59c92a761#31

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/dieghernan/cff-validator-8398af2d8cc54104c7c69af839bc1fc59c92a761
Open

Bump dieghernan/cff-validator from 05739cf16bedafd7a4d6e770286be38947f38117 to 8398af2d8cc54104c7c69af839bc1fc59c92a761#31
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/dieghernan/cff-validator-8398af2d8cc54104c7c69af839bc1fc59c92a761

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 21, 2026

Bumps dieghernan/cff-validator from 05739cf to 8398af2.

Changelog

Sourced from dieghernan/cff-validator's changelog.

v5

Note that v5 is a sliding tag, and we introduce non-breaking changes to it.

  • Docker action is pinned to the same commit SHA as the parent workflow to avoid security issues thanks to @​mgovers (#26)
  • Change the validation engine to ajv, in line with cffr 1.4.0.

v5.0.1 (2026-04-21)

  • Move to full SHA reference on Docker instead to relative path.

v4

Note that v4 is a sliding tag, and we introduce non-breaking changes to it.

Breaking change: The action now uses a Docker container, and would require to be run on a Linux virtual machine (os: ubuntu-*). MacOS and Windows actions would need to switch to ubuntu-*.

v3

Note that v3 is a sliding tag, and we introduce non-breaking changes to it.

  • Improve underlying code.
  • Using a copy of schema.json shipped with {cffr} to avoid SSL/SSH issues #10.
  • Update versions of depencies (#13, #14)

v3.0.1 (2023-07-21)

  • Improve underlying code.
  • Using a copy of schema.json shipped with {cffr} to avoid SSL/SSH issues #10

v3.0.2 (2024-02-08)

v3.0.3 (2025-01-17)

  • Always install R (#16) hence (soft) deprecation of install-r parameter.
  • Update versions of dependencies.

v2.3

  • Fix #8, error on non-Git repos.

v2.2

  • New install-r parameter.
  • Improvements on performance.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump dieghernan/cff-validator
f597261 
Bumps [dieghernan/cff-validator](https://github.com/dieghernan/cff-validator) from 05739cf to 8398af2.
- [Release notes](https://github.com/dieghernan/cff-validator/releases)
- [Changelog](https://github.com/dieghernan/cff-validator/blob/main/CHANGELOG.md)
- [Commits](05739cf...8398af2)

---
updated-dependencies:
- dependency-name: dieghernan/cff-validator
  dependency-version: 8398af2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 21, 2026
@dependabot dependabot Bot mentioned this pull request May 21, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants