carverauto/serviceradar

Fork 0

Bump golangci/golangci-lint-action from 8 to 9 #2408

Merged

dependabot[bot] merged 1 commit from refs/pull/2408/head into main

2025-11-20 04:04:04 +00:00

dependabot[bot] commented

2025-11-10 02:16:52 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1932
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1932
Original created: 2025-11-10T02:16:52Z
Original updated: 2025-11-20T04:04:19Z
Original head: carverauto/serviceradar:dependabot/github_actions/golangci/golangci-lint-action-9
Original base: main
Original merged: 2025-11-20T04:04:04Z by @mfreeman451

Bumps golangci/golangci-lint-action from 8 to 9.

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.0.0

In the scope of this release, we change Nodejs runtime from node20 to node24 (https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/).

What's Changed

Changes

feat: add install-only option by @ldez in golangci/golangci-lint-action#1305

feat: support Module Plugin System by @ldez in golangci/golangci-lint-action#1306

Full Changelog: https://github.com/golangci/golangci-lint-action/compare/v8.0.0...v9.0.0

Commits

0a35821 docs: update readme
043b1b8 feat: support Module Plugin System (#1306)
a66d26a feat: add install-only option (#1305)
7fe1b22 build(deps): bump the dependencies group with 2 updates (#1303)
14973f1 build(deps-dev): bump the dev-dependencies group with 2 updates (#1299)
8c2d575 build(deps): bump @types/node from 24.8.1 to 24.9.1 in the dependencies group...
b002b6e build(deps): bump actions/setup-node from 5 to 6 (#1296)
c13f4ed build(deps): bump @types/node from 24.7.2 to 24.8.1 in the dependencies group...
b68d21b docs: improve readme
06188a2 build(deps): bump github/codeql-action from 3 to 4 (#1293)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Imported from GitHub pull request. Original GitHub pull request: #1932 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1932 Original created: 2025-11-10T02:16:52Z Original updated: 2025-11-20T04:04:19Z Original head: carverauto/serviceradar:dependabot/github_actions/golangci/golangci-lint-action-9 Original base: main Original merged: 2025-11-20T04:04:04Z by @mfreeman451 --- Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8 to 9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/golangci/golangci-lint-action/releases">golangci/golangci-lint-action's releases</a>.</em></p> <blockquote> <h2>v9.0.0</h2> <p>In the scope of this release, we change Nodejs runtime from node20 to node24 (<a href="https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/">https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/</a>).</p> <h2>What's Changed</h2> <h3>Changes</h3> <ul> <li>feat: add install-only option by <a href="https://github.com/ldez"><code>@ldez</code></a> in <a href="https://redirect.github.com/golangci/golangci-lint-action/pull/1305">golangci/golangci-lint-action#1305</a></li> <li>feat: support Module Plugin System by <a href="https://github.com/ldez"><code>@ldez</code></a> in <a href="https://redirect.github.com/golangci/golangci-lint-action/pull/1306">golangci/golangci-lint-action#1306</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/golangci/golangci-lint-action/compare/v8.0.0...v9.0.0">https://github.com/golangci/golangci-lint-action/compare/v8.0.0...v9.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golangci/golangci-lint-action/commit/0a35821d5c230e903fcfe077583637dea1b27b47"><code>0a35821</code></a> docs: update readme</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/043b1b8d1c47e4591c1719682a050a7a0a82e19c"><code>043b1b8</code></a> feat: support Module Plugin System (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1306">#1306</a>)</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/a66d26a4652b1a0b28a56b7c8b194c20f7c0b7f6"><code>a66d26a</code></a> feat: add install-only option (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1305">#1305</a>)</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/7fe1b22e0c4632d6260fedfafd4b6025ac7418c3"><code>7fe1b22</code></a> build(deps): bump the dependencies group with 2 updates (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1303">#1303</a>)</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/14973f18c82b6d66679563f71666ccee11907cb2"><code>14973f1</code></a> build(deps-dev): bump the dev-dependencies group with 2 updates (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1299">#1299</a>)</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/8c2d575d9b37153325eebc4bb3a94cd09e1fae5d"><code>8c2d575</code></a> build(deps): bump <code>@types/node</code> from 24.8.1 to 24.9.1 in the dependencies group...</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/b002b6ecfcabe6ac0e2c6cba1bcc779eb34ac51f"><code>b002b6e</code></a> build(deps): bump actions/setup-node from 5 to 6 (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1296">#1296</a>)</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/c13f4ed1a9a677a28be0df3e11c34a78db85c77c"><code>c13f4ed</code></a> build(deps): bump <code>@types/node</code> from 24.7.2 to 24.8.1 in the dependencies group...</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/b68d21b131098f33ec55c11c242113b4a10dc30a"><code>b68d21b</code></a> docs: improve readme</li> <li><a href="https://github.com/golangci/golangci-lint-action/commit/06188a2a4a13a4786b4584e086b2040214cd4ca5"><code>06188a2</code></a> build(deps): bump github/codeql-action from 3 to 4 (<a href="https://redirect.github.com/golangci/golangci-lint-action/issues/1293">#1293</a>)</li> <li>Additional commits viewable in <a href="https://github.com/golangci/golangci-lint-action/compare/v8...v9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golangci/golangci-lint-action&package-manager=github_actions&previous-version=8&new-version=9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

qodo-code-review[bot] commented

2025-11-20 04:04:19 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1932#issuecomment-3555668349
Original created: 2025-11-20T04:04:19Z

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance

🟢

No security concerns identified

No security vulnerabilities detected by AI analysis. Human verification advised for critical code.

Ticket Compliance

🟡

🎫 #1306

🔴	Update the core service to ingest and store sysmon PID/process metrics.
	Update the database schema and migrations to persist PID metrics.
	Extend SRQL to query/filter/aggregate the new PID metrics.
	Update the UI to display process metrics surfaced from sysmon.

Codebase Duplication Compliance

⚪

Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance

🟢

Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1932#issuecomment-3555668349 Original created: 2025-11-20T04:04:19Z --- ## PR Compliance Guide 🔍  Below is a summary of compliance checks for this PR:<br> <table><tbody><tr><td colspan='2'><strong>Security Compliance</strong></td></tr> <tr><td>🟢</td><td><details><summary><strong>No security concerns identified</strong></summary> No security vulnerabilities detected by AI analysis. Human verification advised for critical code. </details></td></tr> <tr><td colspan='2'><strong>Ticket Compliance</strong></td></tr> <tr><td>🟡</td> <td> <details> <summary>🎫 <a href=https://github.com/carverauto/serviceradar/issues/1306>#1306</a></summary> <table width='100%'><tbody> <tr><td rowspan=4>🔴</td> <td>Update the core service to ingest and store sysmon PID/process metrics.</td></tr> <tr><td>Update the database schema and migrations to persist PID metrics.</td></tr> <tr><td>Extend SRQL to query/filter/aggregate the new PID metrics.</td></tr> <tr><td>Update the UI to display process metrics surfaced from sysmon.</td></tr> </tbody></table> </details> </td></tr> <tr><td colspan='2'><strong>Codebase Duplication Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary><strong>Codebase context is not defined </strong></summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/core-abilities/rag_context_enrichment/'>guide</a> to enable codebase context checks. </details></td></tr> <tr><td colspan='2'><strong>Custom Compliance</strong></td></tr> <tr><td rowspan=6>🟢</td><td> <details><summary><strong>Generic: Comprehensive Audit Trails</strong></summary><br> **Objective:** To create a detailed and reliable record of critical system actions for security analysis <br>and compliance.<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary><strong>Generic: Meaningful Naming and Self-Documenting Code</strong></summary><br> **Objective:** Ensure all identifiers clearly express their purpose and intent, making code <br>self-documenting<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary><strong>Generic: Robust Error Handling and Edge Case Management</strong></summary><br> **Objective:** Ensure comprehensive error handling that provides meaningful context and graceful <br>degradation<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary><strong>Generic: Secure Error Handling</strong></summary><br> **Objective:** To prevent the leakage of sensitive system information through error messages while <br>providing sufficient detail for internal debugging.<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary><strong>Generic: Secure Logging Practices</strong></summary><br> **Objective:** To ensure logs are useful for debugging and auditing without exposing sensitive <br>information like PII, PHI, or cardholder data.<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td> <details><summary><strong>Generic: Security-First Input Validation and Data Handling</strong></summary><br> **Objective:** Ensure all data inputs are validated, sanitized, and handled securely to prevent <br>vulnerabilities<br> **Status:** Passed<br> > Learn more about managing compliance <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#configuration-options'>generic rules</a> or creating your own <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/#custom-compliance'>custom rules</a> </details></td></tr> <tr><td align="center" colspan="2">   </td></tr></tbody></table> <details><summary>Compliance status legend</summary> 🟢 - Fully Compliant<br> 🟡 - Partial Compliant<br> 🔴 - Not Compliant<br> ⚪ - Requires Further Human Verification<br> 🏷️ - Compliance label<br> </details>