ci(deps): bump streetsidesoftware/cspell-action from 7.2.1 to 8.0.0

[dependabot]

Bumps streetsidesoftware/cspell-action from 7.2.1 to 8.0.0.

Release notes

Sourced from streetsidesoftware/cspell-action's releases.

v8.0.0

8.0.0 (2025-11-08)

⚠ BREAKING CHANGES

• Use node24 runner (#2494)

Features

• Update CSpell version (9.3.0) (#2487) (cfa07c9)
• Use node24 runner (#2494) (10ce4d6)

Updates and Bug Fixes

• Update Dictionaries and Dependencies (#2477) (fcec23c)

Changelog

Sourced from streetsidesoftware/cspell-action's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

8.0.0 (2025-11-08)

⚠ BREAKING CHANGES

• Use node24 runner (#2494)

Features

• Update CSpell version (9.3.0) (#2487) (cfa07c9)
• Use node24 runner (#2494) (10ce4d6)

Updates and Bug Fixes

• Update Dictionaries and Dependencies (#2477) (fcec23c)

7.2.1 (2025-10-26)

Updates and Bug Fixes

• empty report setting will use the value in a config file if it is defined, otherwise use all (374c805)
• Make sure the report default is undefined (#2475) (33d4ba9)
• Update CSpell version (9.2.1) (#2426) (c7313f0)
• Update CSpell version (9.2.2) (#2460) (f604f36)
• Update Dictionaries and Dependencies (#2404) (42b73be)
• Update Dictionaries and Dependencies (#2416) (b7f60aa)
• Update Dictionaries and Dependencies (#2419) (12aaed9)
• Update Dictionaries and Dependencies (#2433) (910b662)
• Update Dictionaries and Dependencies (#2435) (904b6fc)
• Workflow Bot -- Update ALL Dependencies (main) (#2403) (22b01fb)
• Workflow Bot -- Update ALL Dependencies (main) (#2417) (db2a037)
• Workflow Bot -- Update ALL Dependencies (main) (#2434) (cb25c56)
• Workflow Bot -- Update ALL Dependencies (main) (#2446) (b54e668)
• Workflow Bot -- Update ALL Dependencies (main) (#2448) (72ae91e)
• Workflow Bot -- Update ALL Dependencies (main) (#2451) (5ebb234)

7.2.0 (2025-07-26)

Features

• Update CSpell version (9.2.0) (#2391) (7b25076)

... (truncated)

Commits

• 3294df5 chore(main): release 8.0.0 (#2481)
• 27fc863 ci: Workflow Bot -- Update ALL Dependencies (main) (#2495)
• e59482d chore: Migrate from node 20 to 24 (#2496)
• 10ce4d6 feat!: Use node24 runner (#2494)
• 9989d81 ci: Workflow Bot -- Update ALL Dependencies (main) (#2486)
• 637be43 chore: Update PNPM (#2488)
• cfa07c9 feat: Update CSpell version (9.3.0) (#2487)
• cbc266a ci: Workflow Bot -- Update ALL Dependencies (main) (#2485)
• af51ed1 ci: Workflow Bot -- Update ALL Dependencies (main) (#2476)
• 3c5ebe2 chore: Update PNPM (#2478)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/streetsidesoftware/cspell-action	3294df585d3d639e30f3bc019cb11940b9866e95	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/4 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits

Scanned Files

• .github/workflows/docs.yml

[github-actions]

📦 Bundle Size Analysis

Main file (index.js): 27174 bytes

Dependencies size: 401M

Dependency count:

• Production: 8
• Development: 10

🚀 Performance Recommendations

✅ Main file size looks good.

📊 Large Files Report

Files larger than 10KB:

./coverage-report.json: 1.2M
./CHANGELOG.md: 52K
./docs-data/tools.json: 11K
./CONTRIBUTING.md: 12K
./scripts/docs/extract-docs.js: 12K
./scripts/pretty-logs.sh.backup: 13K
./scripts/show-logs.sh: 19K
./.github/workflows/security-triage.yml: 12K
./.github/workflows/release.yml: 19K
./.github/workflows/docs.yml: 20K
./.github/workflows/performance.yml: 15K
./WARP.md: 59K
./lib/utils/logger.js: 19K
./lib/utils/performance-monitor.js: 19K
./lib/utils/streaming-handler.js: 14K
./lib/tools/handlers/database-tools.js: 13K
./lib/security/query-validator.js: 12K
./lib/config/secret-manager.js: 12K
./lib/config/server-config.js: 29K
./lib/analysis/bottleneck-detector.js: 15K
./lib/analysis/query-optimizer.js: 25K
./package-lock.json: 279K
./README.md: 15K
./docs/ARCHITECTURE.md: 17K
./docs/PERFORMANCE.md: 14K
./docs/ENV-VARS.md: 16K
./docs/VSCODE-INTEGRATION-GUIDE.md: 29K
./docs/AZURE-SECRETS-GUIDE.md: 14K
./docs/tools.html: 37K
./docs/GIT-PUSH-CHECKLIST.md: 13K
./docs/AWS-SECRETS-GUIDE.md: 24K
./docs/SMOKE-TEST-GUIDE.md: 20K
./docs/SECURITY.md: 16K
./test/integration/manual/phase2-dml-operations.test.js: 15K
./test/integration/manual/phase1-readonly-security.test.js: 14K
./test/integration/manual/phase3-ddl-operations.test.js: 15K
./test/integration/error-scenarios-integration.test.js: 15K
./test/integration/test-aws-secrets.js: 16K
./test/manual/warp-mcp-performance-test.js: 13K
./test/manual/improved-performance-test.js: 18K
./test/docker/detect-platform.js: 14K
./test/docker/README.md: 12K
./test/docker/developer-stress-test.js: 11K
./test/docker/wait-for-db.js: 16K
./test/docker/init-db.sql: 39K
./test/README.md: 29K
./test/protocol/mcp-client-smoke-test.js: 23K
./test/unit/mcp-security.test.js: 15K
./test/unit/mcp-shared-fixtures.js: 26K
./test/unit/get-server-info.test.js: 15K
./test/unit/database-tools-handler.test.js: 23K
./test/unit/response-formatter.test.js: 17K
./test/unit/streaming-handler.test.js: 26K
./test/unit/server-config.test.js: 12K
./test/unit/connection-manager.test.js: 24K
./test/unit/query-optimizer.test.js: 17K
./test/unit/logger.test.js: 26K
./test/unit/mcp-shared-fixtures.js.backup: 12K
./test/unit/secret-manager.test.js: 28K
./test/unit/performance-monitor.test.js: 32K
./test/archived/sqlserver-mcp.test.js: 73K
./test/archived/mcp-data-tools.test.js: 22K
./test/archived/mcp-server-lifecycle.test.js: 15K
./test/archived/mcp-performance-tools.test.js: 15K
./test/archived/connection-manager.test.js: 11K
./test/archived/mcp-query-optimization-tools.test.js: 23K
./MANIFESTO.md: 16K
./index.js: 27K

🧠 Memory Usage Analysis

Memory Analysis Results:

Initial memory usage:
RSS: 41.47 MB
Heap Used: 4.31 MB
Heap Total: 4.85 MB
Module loaded successfully for memory analysis

Final memory usage:
RSS: 41.97 MB
Heap Used: 4.62 MB

⚡ Performance Benchmarks

Timing Results:

• Node.js startup overhead: ~10.613367ms
• Package.json parse time: ~2.825614ms

Analysis completed at: Mon Nov 10 13:42:57 UTC 2025

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🔍 Performance Regression Analysis

📦 Bundle Size Changes

File	Base	PR	Change	%
index.js	27174B	27174B	0B	0%

📊 Bundle size unchanged

📚 Dependency Changes

• Base: 8 dependencies
• PR: 8 dependencies
• ✅ No dependency changes

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!