Upgrade trunk

[github-actions]

9 linters were upgraded:

• actionlint 1.7.10 → 1.7.11
• bandit 1.9.2 → 1.9.3
• checkov 3.2.497 → 3.2.504
• renovate 42.78.2 → 43.25.8
• ruff 0.14.11 → 0.15.1
• trivy 0.68.2 → 0.69.1
• trufflehog 3.92.4 → 3.93.3
• trufflehog-git 3.92.4 → 3.93.3
• yamllint 1.37.1 → 1.38.0

1 tool was upgraded:

• uv 0.9.24 → 0.10.4

This PR was generated by the Trunk Action. For more info, see our docs or reach out on Slack.

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
.trunk/trunk.yaml	0% smaller

[gitnotebooks]

Review these changes at https://app.gitnotebooks.com/AlphaSphereDotAI/vocalizr/pull/1072

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[deepsource-io]

DeepSource Code Review

DeepSource reviewed changes in the commit range 006ce2f...3179294 on this pull request. Below is the summary for the review, and you can see the individual issues we found as review comments.

For detailed review results, please see the PR on DeepSource ↗

PR Report Card

Security	× 0 issues		Overall PR Quality
Reliability	× 0 issues
Complexity	× 0 issues
Hygiene	× 0 issues

Code Review Summary

Analyzer	Status	Summary	Details
Python		No new issues detected.	Review ↗
Docker		No new issues detected.	Review ↗
Secrets		No new issues detected.	Review ↗

How are these analyzer statuses calculated?

Administrators can configure which issue categories are reported and cause analysis to be marked as failed when detected. This helps prevent bad and insecure code from being introduced in the codebase. If you're an administrator, you can modify this in the repository's settings.

[mergify]

🧪 CI Insights

Here's what we observed from your CI run for 3179294.

🟢 All jobs passed!

But CI Insights is watching 👀

[MH0386]

🔍 Vulnerabilities of ghcr.io/alphaspheredotai/vocalizr:10f34f8-pr-1072

📦 Image Reference ghcr.io/alphaspheredotai/vocalizr:10f34f8-pr-1072

digest	sha256:49b6b0e5362ac9752ae17ac3aaa8538ea9fdb80d93ed618644d514a4dd7f5a9a
vulnerabilities
platform	linux/amd64
size	4.4 GB
packages	247

gradio 6.6.0 (pypi) pkg:pypi/gradio@6.6.0 # Dockerfile (28:28) COPY --from=builder --chown=nonroot:nonroot --chmod=755 /home/nonroot/.local/ /home/nonroot/.local/ OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities Affected range <2023-11-06 Fixed version Not Fixed CVSS Score 8.1 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N EPSS Score 1.662% EPSS Percentile 82nd percentile Description Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository gradio-app/gradio prior to main.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud