CHANGELOG.md

Change Log for spellcheck-github-actions

0.38.0, 2024-06-13, maintenance release, update not required

• Docker image updated to Python 3.12.4 slim via PR #202 from Dependabot. Release notes for Python 3.12.4

0.37.0, 2024-06-01, maintenance release, update not required

• Docker image updated to Python 3.12.3 slim via PR #199 from Dependabot. Release notes for Python 3.12.3

• Docker image updated to Python 3.12.2 slim via PR #197 from Dependabot. Release notes for Python 3.12.2

0.36.0, 2024-02-06, feature release, update not required

• With version 2.10 of PySpelling the action now supports the configuration of running jobs in parallel, see the documentation for PySpelling

• Docker image updated to Python 3.12.1 slim via PR #191 from Dependabot. Release notes for Python 3.12.1

0.35.0, 2023-11-16, maintenance release, update not required

• Docker image updated to Python 3.12.0 slim via PR #177 from Snyk. Release notes for Python 3.12.0

Bumping to Python 3.12.0 slim, introduced a number of dependency updates, not all were required, but I have decided to update quite a few, since the Docker image is rebuilt anyway.

• backrefs bumped from version 5.0.1 to 5.6.0, see release notes
• beautifulsoup4 bumped from version 4.9.3 to 4.12.2, see release notes
• lxml bumped from version 4.9.2 to 4.9.3, see release notes
• Markdown bumped from version 3.3.4 to 3.4.4, see release notes
• pymdown-extension bumped from version 10.0.1 to 10.4, see release notes
• PyYAML bumped from version 5.4.1 to 6.0.1, see release notes
• soupsieve bumped from version 2.2.1 to 2.5, see release notes

0.34.0, 2023-09-29, maintenance release, update not required

• Bumped the core component PySpelling to version 2.9, together with wcmatch, bumped to version 2.5, all via PR #174 bu @jonasbn

• Docker image updated to Python 3.11.5 slim via PR #170 from Snyk. Release notes for Python 3.11.5

• Added constraint for requirements.txt since one of the dependencies does not support Cython version 3.

I found two guides to fixing the problem:

• "Getting requirements to build wheel did not run successfully for sap aicore"
• "Getting requirements to build wheel did not run successfully exit code: 1"

They state somewhat the same and I have applied a fix via PR #172 now the Docker image can build again

0.33.1, 2023-07-13, bug fix release, update not required

• An update is recommended if you are using the output_file parameter, since the output file handling was shielding the propagation of the status of the actual spellcheck.

  The issue was observed in #166 reported by @nlhomme, where the action was reporting success, even though the spellcheck was failing.

  The bug information was lifted into a new issue #167 and was addressed in PR #168 by @jonasbn

0.33.0, 2023-06-16, maintenance release, update not required

• Docker image updated to Python 3.11.4 slim via PR #164 from Snyk. Release notes for Python 3.11.4

0.32.0, 2023-05-18, security patch release, update recommended

• @dependabot raised an alert for the used dependency: pymdown-extensions. The vulnerability is labelled as CVE-2023-32309. The issue has been present in pymdown-extensions since version 1.5.0 and is patched in version 10.0.

• Snyk has provided a patch via PR #158, which has been tested and no regressions has been observed, even with a version leap for pymdown-extensions. from version 8.2 to 10.0. The GitHub Action has been updated to use the patched version, even though there are no direct use of the vulnerable code in the action, but we do not want to be the source of a vulnerability.

• pymdown-extensions was increased to version 10.0.1, since a bug fix was released to follow up on the security patch.

0.31.0, 2023-05-16, maintenance release, update not required

• Docker image updated to Python 3.11.3 slim via PR #152 from @dependabot. Release notes for Python 3.11.3

0.30.0, 2023-02-20, maintenance release, update not required

• PySpelling updated from version 2.8.1 to 2.8.2, including several fixes

  • FIX: Ensure that Aspell actually uses the encoding passed to it for dictionaries.
  • FIX: Use a disallow list for problematic or unsupported arguments to the underlying spell checker instead of using a more restrictive allow list.
  • FIX: Fix logic bug in JavaScript filter.

• Lifted from the release notes for PySpelling

• Docker image updated to Python 3.11.2 slim via PR #142 from @dependabot. Release notes for Python 3.11.2

0.29.0, 2022-12-29, maintenance release, update not required

• Docker image updated to Python 3.11.1 slim via PR #139 from @dependabot. Release notes for Python 3.11.1

• lxml bumped to version 4.9.1 from 4.9.1 to get the build to work, without jumping through too many hoops. We prefer relying on wheel instead of building from source, since lxml can become quite a time sink

0.28.0, 2022-11-16, maintenance release, update not required

• Docker image updated to Python 3.10.8 slim via PR #129 from @snyk-bot. Release notes for Python 3.10.8

0.27.0, 2022-09-09, feature release, update not required

• Support for default PySpelling configuration files via PR #116 from @proffalken

• Docker image updated to Python 3.10.6 slim via PR #117 from @dependabot. Release notes for Python 3.10.6

0.26.0, 2022-08-04, maintenance release, update recommended

• The core component PySpelling has been updated from version 2.7.3 to version 2.8.1, see the release history for PySpelling

0.25.0, 2022-07-08, maintenance release, update recommended

• lxml requirement bumped from version 4.6.5 to 4.9.1 addressing a security issue SNYK-PYTHON-LXML-2940874 / CVE-2022-2309 / CWE-476 via PR #104 from @snyk-bot

• Docker image updated to Python 3.10.5 slim from 3.10.4 slim via PR #102 from @dependabot. Release notes for Python 3.10.5

0.24.0, 2022-05-17, feature release, update not required

• @riccardoporreca created issue #68 requested the ability to create an output artifact.

  With release 0.24.0 this is now available.

  The action configuration has to have the output_file parameter specified, which is a new optional parameter.

  name: Spellcheck Action
  
  on:
    workflow_dispatch:
    push:
  
  jobs:
    build:
      name: Spellcheck
      runs-on: ubuntu-latest
      steps:
  
      - uses: actions/checkout@v3
  
      - uses: rojopolis/spellcheck-github-actions@0.24.0
        name: Spellcheck (no output file)
        with:
          source_files: README.md CHANGELOG.md
  
      - uses: rojopolis/spellcheck-github-actions@0.24.0
        name: Spellcheck (with output file)
        with:
          source_files: README.md CHANGELOG.md
          task_name: Markdown
          output_file: spellcheck-output.txt
  
      - uses: actions/upload-artifact@v3
        name: Archive spellcheck output output
        with:
          name: Spellcheck artifact
          path: spellcheck-output.txt

  This introduces the use of the upload-artifact@v3 action.

  The generated artifact can be downloaded via GitHub UI/API, please consult the documentation for details and pointers.

  Thanks to @riccardoporreca for his suggestion.

0.23.2, 2022-05-05, bug fix release, update not required

• Minor issue in release 0.23.1, the action was not adjusted to the latest release

0.23.1, 2022-05-05, bug fix release, update not required

• Addressing issue #84 via PR #90 from @jonasbn. With the introduction of use of optional quotes, do note the limitations outlined in the documentation - thanks to @xsaero00 for the bug report

0.23.0, 2022-04-09, feature release, update not required

• Support for the French language. Support requested by @gcattan via issue #87

• Docker image updated to Python 3.10.4 slim via PR #86 from @dependabot. Release notes for Python 3.10.4

• Docker image updated to Python 3.10.3 slim via PR #85 from @dependabot. Release notes for Python 3.10.3

0.22.1, 2022-02-23, bug fix release, update recommended

• Testing the new Spanish support feature more thoroughly, demonstrated that the Docker build process was broken and only English worked

  • I addressed issue #57, which demonstrated an issue with the Docker build, the issue is no longer relevant with the simplification of the Docker build via PR: #82 by me (@jonasbn)

0.22.0, 2022-02-21, feature release, update not required

• Support for the Spanish language. Support requested and implemented by @electrocucaracha via PR #81

0.21.1, 2022-01-25, bug fix release, update required

• Release 0.21.0 was build and uploaded from the wrong architecture. This release addressed this issue (#79), thanks @chrispat for reporting

0.21.0, 2022-01-24, maintenance release, update not required

• Docker image updated to Python 3.10.2 slim via PR #78 from @dependabot

0.20.0, 2021-12-21, bug fix release, update recommended

• Made the version specified in the action.yml follow the version indicated in the repository. Apparently we where pointing to latest, which is good when and if we are backwards compatible and yes we are still in alpha expressed semantically by the version numbers starting with 0 as in 0.20.0. This would however allow for us to release breaking changes, without breaking a lot of workflows, which would fetch the latest Docker image, which can be either unstable or a major release

0.19.0, 2021-12-18, security release, update recommended

• Requirement lxml updated from 4.6.3 to 4.6.5 via PR #71 from @snyk-bot. This addresses a security, cross-site scripting vulnerability (XSS) in the lxml library, see SNYK-PYTHON-LXML-2316995

From the release notes for lxml 4.6.5:

A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script content through SVG images. A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script content through CSS imports and other crafted constructs.

• Docker image updated to Python 3.10.1 slim via PR #70 from @dependabot

0.18.0, 2021-10-31 feature release, update not required

• This release introduces an enhancement or new feature if your will, implemented by @riccardoporreca via PR #67. The enhancement takes advantage of the ability to make annotations on actions, so you can from the action overview see an annotation indicating the error by the emitted error message from the action

0.17.0, 2021-10-14 maintenance release, update not required

• Docker image updated to Python 3.9.7 slim via PR #62 and again to Python 3.10.0 slim via PR #64 both from dependabot

0.16.0 2021-08-15 bug fix release, update recommended

Experienced an issue with the new multi-stage Docker build, where aspell disappears.

This release implements a hack to make use that it is present, by reinstalling it :-/

REF: PR #56 addressing issue #55

The issue in the Docker build is patched, but is still present, see issue #57

0.15.0 2021-08-15 maintenance release, update not required

WARNING! This release is not working, please use release 0.16.0

Issue #53 describes an issue with ignoring Markdown regions with code fences. This was an issue in pyspelling, which is the core component in this action. Luckily @facelessuser, the maintainer of pyspelling was to fix it. So the requirement for pyspelling was bumped from 2.6.1 to 2.7.3

Thanks to @supernovae and @facelessuser

This however demonstrated that several of the dependencies was not up to date.

The following dependencies have been updated:

• backrefs updated from 4.5 to 5.0.1
• bracex updated from 2.0.1 to 2.1.1
• lxml updated from 4.6.0 to 4.6.3
• Markdown updated from 3.3.1 to 3.3.4
• pymdown-extensions updated from 8.1 to 8.2
• pyspelling updated from 2.6.1 to 2.7.3
• PyYAML updated from 5.3.1 to 5.4.1
• six updated from 1.15.0 to 1.16.0
• soupsieve updated from 2.0.1 to 2.2.1
• wcmatch updated from 7.1 to 8.2

Additionally some work has been done in regard to the Docker build, so it is possible to specify new languages, using multi-stage build, see PR #39 addressing issue: #13

Please see the Wiki for details.

Thanks to @aSemy and @edumco

• Thanks to @PeterPetrik for correction to command line example in README

• Docker image updated to Python 3.9.6 slim via PR #51 from @dependabot

0.14.0 2021-05-13 maintenance release, update not required

• Docker image updated to Python 3.9.5 slim via PR #48 from @dependabot

0.13.0 2021-04-14 maintenance release, update not required

• Docker image updated to Python 3.9.4 slim via PR #41 from @dependabot

0.12.0 2021-02-22 maintenance release, update not required

• Docker image updated to Python 3.9.2 slim via PR #38 from @dependabot

0.11.0 2021-02-19 feature release, update not required

• Added support for German spelling: lang: de, including: Swiss and Austrian dictionaries addressing issue #35 via PR #36. This is experimental and will need further investigation. Aspell support 53 different dictionaries and supporting them all increases the Docker image size significantly so dynamic loading of dictionaries has to be investigated further, without increasing build time to a point where a pre-built Docker image is not longer feasible

0.10.0 2021-02-06 feature release, update not required

• Added capability to specify a set of files in the action, bypassing the filename pattern specified in the configuration. Implementation from PR #34 from Matt Calvert, @miff2000

0.9.1 2021-01-12 bug fix release, update not required

• Minor correction to the documentation, a significant change did not make it into 0.9.0, , PR #32 from Pavel Skipenes, @pavelskipenes

0.9.0 2021-01-11 feature release, update not required

• Added new ability specify an alternative path to a configuration file, PR #31 from Pavel Skipenes, @pavelskipenes

0.8.0 2021-01-08 feature release, update not required

• Added support for extensions for Python's Markdown, namely the pymdown-extensions introducing the superfences extension, which can be used to address certain issue, which cannot be handled by handling of codefences by the Python Markdown implementation out of the box

0.7.0 2020-12-14 maintenance release, update not required

• Docker image updated to Python 3.9.1 slim via PR #27 from @dependabot

0.6.0 2020-10-18 feature release, update recommended

• Docker image updated to Python 3.9.0 slim

• Python requirement lxml updated to version 4.6.0, with wheel supporting Python 3.9.0

• Requirement pyspelling updated to version 2.6.1 from 2.6.0

• Python requirement backrefs updated to version 4.5

• Python requirement beautifulsoup4 updated to version 4.9.3

• Python requirement bracex updated to version 2.0.1

• Python requirement html5lib updated to version 1.1

• Python requirement Markdown updated to version 3.3.1

• Python requirement wcmatch updated to version 7.1

Contribution to documentation by Michael Flaxman, @mflaxman

0.5.0 2020-06-05 feature release, update recommended

• The action now uses a DockerHub served image, which mean that the Docker image does not have to be built at every invocation

• The documentation has been updated and the use of the wordlist.txt is no longer default. You have to introduce it yourself into your configuration, meaning that everything still works as expected for existing configurations

• A minor bug introduced in 0.4.0 in the handling of the wordlist.txt was addressed

0.4.0 2020-05-28 feature release, update recommended

• Introduced support for: yml extension in addition to yaml for YAML configuration files. Please refer to the documentation for details

• Introduced support for hidden configuration files, so prefixing the spellcheck configuration file to make it less intrusive in your repository is now supported patch from @sbates130272, PR: #7. Please refer to the documentation for details

• The default configuration has been limited to Markdown, please see additional examples in the examples/ directory

• Updates to documentation, still work in progress

• Improved support to local development using Docker

• Release 0.3.0 (below) never made it to the GitHub Marketplace, this might be due to a missing action.yml

0.3.0 2020-02-14 bug fix release, update recommended

• Addressing issue with wordlist.txt file handling

• This release never made it to the GitHub Marketplace, this might be due to changes in GitHub requirements, please see following release 0.4.0

0.2.0 2019-05-24 feature release, update recommended

• Introducing support for custom configurations and dictionaries

0.1.0 2019-05-23 feature release

• Initial release by @rojopolis