diff --git a/CHANGELOG.md b/CHANGELOG.md index b62c118d..2c8848d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Change Log for spellcheck-github-actions +## 0.33.0, 2023-06-16, maintenance release, update not required + +- Docker image updated to Python 3.11.4 slim via PR [#164](https://github.com/rojopolis/spellcheck-github-actions/pull/164) from Snyk. [Release notes for Python 3.11.4](https://docs.python.org/release/3.11.4/whatsnew/changelog.html) + ## 0.32.0, 2023-05-18, security patch release, update recommended - @dependabot raised [an alert](https://github.com/rojopolis/spellcheck-github-actions/security/dependabot/3) for the used dependency: [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions). The vulnerability is labelled as [CVE-2023-32309](https://nvd.nist.gov/vuln/detail/CVE-2023-32309). The issue has been present in [pymdown-extensions](https://github.com/facelessuser/pymdown-extensions) since version [1.5.0](https://github.com/facelessuser/pymdown-extensions/releases/tag/1.5.0) and is patched in version [10.0](https://github.com/facelessuser/pymdown-extensions/releases/tag/10.0). diff --git a/Dockerfile b/Dockerfile index ed16c562..5d56dbae 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # REF: https://hub.docker.com/_/python -FROM python:3.11.3-slim-bullseye +FROM python:3.11.4-slim-bullseye LABEL "com.github.actions.name"="Spellcheck Action" LABEL "com.github.actions.description"="Check spelling of files in repository" diff --git a/README.md b/README.md index 29a4b09c..b56ea51a 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ jobs: steps: # The checkout step - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck ``` @@ -66,7 +66,9 @@ This configuration file must be created in a the `.github/workflows/` directory. For example, it could be named `.github/workflows/spelling_action.yml` for easy identification, if other actions are present. -In the above example, the configuration is pointing to the exact version of `0.32.0`, this repository also offers the canonical version `v0`, so there is less hassle keeping the action up to date. +### Using a Canonical Version + +In the above example, the configuration is pointing to the exact version of `0.33.0`, this repository also offers the canonical version `v0`, so there is less hassle keeping the action up to date. ```yaml name: Spellcheck Action @@ -154,7 +156,7 @@ jobs: steps: # The checkout step - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck with: source_files: README.md CHANGELOG.md notes/Notes.md @@ -182,7 +184,7 @@ jobs: steps: # The checkout step - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck with: source_files: README.md CHANGELOG.md notes/Notes.md @@ -262,7 +264,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck with: config_path: config/.spellcheck.yml # put path to configuration file here @@ -428,7 +430,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck with: config_path: .github/spellcheck.yml # <--- put path to configuration file here @@ -643,7 +645,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: rojopolis/spellcheck-github-actions@0.32.0 + - uses: rojopolis/spellcheck-github-actions@0.33.0 name: Spellcheck ``` diff --git a/action.yml b/action.yml index bd91d026..57604f71 100644 --- a/action.yml +++ b/action.yml @@ -23,4 +23,4 @@ branding: icon: type runs: using: docker - image: 'docker://jonasbn/github-action-spellcheck:0.32.0' + image: 'docker://jonasbn/github-action-spellcheck:0.33.0'