Bump stefanzweifel/git-auto-commit-action from 5 to 6

[dependabot]

Bumps stefanzweifel/git-auto-commit-action from 5 to 6.

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v6.0.0

Added

• Throw error early if repository is in a detached state (#357)

Fixed

• Fix PAT instructions with Dependabot (#376) @​Dreamsorcerer

Removed

• Remove support for create_branch, skip_checkout, skip_Fetch (#314)

v5.2.0

Added

• Add create_git_tag_only option to skip commiting and always create a git-tag. (#364) @​zMynxx
• Add Test for create_git_tag_only feature (#367) @​stefanzweifel

Fixed

• docs: Update README.md per #354 (#361) @​rasa

v5.1.0

Changed

• Include github.actor_id in default commit_author (#354) @​parkerbxyz

Fixed

• docs(README): fix broken protected branch docs link (#346) @​scarf005
• Update README.md (#343) @​Kludex

Dependency Updates

• Bump bats from 1.11.0 to 1.11.1 (#353) @​dependabot
• Bump github/super-linter from 6 to 7 (#342) @​dependabot
• Bump github/super-linter from 5 to 6 (#335) @​dependabot

v5.0.1

Fixed

• Fail if attempting to execute git commands in a directory that is not a git-repo. (#326) @​ccomendant

Dependency Updates

• Bump bats from 1.10.0 to 1.11.0 (#325) @​dependabot
• Bump release-drafter/release-drafter from 5 to 6 (#319) @​dependabot

Misc

... (truncated)

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

v5.0.0 - 2023-10-06

New major release that bumps the default runtime to Node 20. There are no other breaking changes.

Changed

• Update node version to node20 (#300) @​ryudaitakai
• Add _log and _set_github_output functions (#273) @​stefanzweifel

Fixed

• Seems like there is an extra space (#288) @​pedroamador
• Fix git-auto-commit.yml (#277) @​zcong1993

Dependency Updates

• Bump actions/checkout from 3 to 4 (#302) @​dependabot
• Bump bats from 1.9.0 to 1.10.0 (#293) @​dependabot
• Bump github/super-linter from 4 to 5 (#289) @​dependabot
• Bump bats from 1.8.2 to 1.9.0 (#282) @​dependabot

v4.16.0 - 2022-12-02

Changed

• Don't commit files when only LF/CRLF changes (#265) @​ZeroRin
• Update default email address of github-actions[bot] (#264) @​Teko012

Fixed

• Fix link and text for workflow limitation (#263) @​Teko012

Commits

• 778341a Merge pull request #379 from stefanzweifel/disable-detached-state-check
• 33b203d Disable Check if Repo is in Detached State
• a82d80a Update CHANGELOG
• 3cc016c Merge pull request #375 from stefanzweifel/v6-next
• ddb7ae4 Merge pull request #376 from Dreamsorcerer/patch-1
• b001e5f Apply suggestions from code review
• 6494dc6 Fix PAT instructions with Dependabot
• 7618051 Add deprecated inputs to fix unbound variable issue
• ae11462 Merge pull request #371 from stefanzweifel/dependabot/npm_and_yarn/bats-1.12.0
• 3058f91 Bump bats from 1.11.1 to 1.12.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: pr: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
⚠️ ACTION	actionlint	1		1	0	0.29s
✅ COPYPASTE	jscpd	yes		no	no	1.42s
⚠️ JSON	jsonlint	4		1	0	0.35s
✅ JSON	prettier	4	0	0	0	0.39s
⚠️ JSON	v8r	4		1	0	3.19s
⚠️ MARKDOWN	markdownlint	2	0	4	0	0.65s
✅ MARKDOWN	markdown-link-check	2		0	0	0.78s
✅ MARKDOWN	markdown-table-formatter	2	0	0	0	0.26s
⚠️ REPOSITORY	checkov	yes		1	no	10.26s
✅ REPOSITORY	devskim	yes		no	no	0.84s
✅ REPOSITORY	dustilock	yes		no	no	0.0s
✅ REPOSITORY	gitleaks	yes		no	no	0.05s
✅ REPOSITORY	git_diff	yes		no	no	0.0s
✅ REPOSITORY	grype	yes		no	no	22.15s
⚠️ REPOSITORY	kics	yes		3	no	1.12s
✅ REPOSITORY	secretlint	yes		no	no	0.41s
✅ REPOSITORY	syft	yes		no	no	1.03s
✅ REPOSITORY	trivy	yes		no	no	4.74s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.08s
✅ REPOSITORY	trufflehog	yes		no	no	2.2s
⚠️ SPELL	cspell	12		51	0	5.29s
⚠️ SPELL	lychee	9		2	0	0.55s
✅ YAML	prettier	3	0	0	0	0.43s
✅ YAML	v8r	3		0	0	3.4s
✅ YAML	yamllint	3		0	0	0.41s

See detailed report in MegaLinter reports

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/terraform@beta (55 linters)
• oxsecurity/megalinter/flavors/cupcake@beta (88 linters)