Bump codacy/codacy-analysis-cli-action from 1.1.0 to 4.4.7

[dependabot]

Bumps codacy/codacy-analysis-cli-action from 1.1.0 to 4.4.7.

Release notes

Sourced from codacy/codacy-analysis-cli-action's releases.

Bump CLI version to 7.9.25

No release notes provided.

Adds support for High severity

This release adds support for the newly added High severity

v4.4.5

What's Changed

• Fix export REGISTRY_ADDRESS env variable by @​heliocodacy in codacy/codacy-analysis-cli-action#133

v4.4.4

What's Changed

• update cli version to 7.9.11 by @​hjrocha in codacy/codacy-analysis-cli-action#132

v4.4.3

What's Changed

• fix registry-address default value by @​hjrocha in codacy/codacy-analysis-cli-action#131

v4.4.2

What's Changed

• Fixed some broken links by @​mushlih-almubarak in codacy/codacy-analysis-cli-action#77
• bump: Bump codacy-analysis-cli to 7.6.4 CY-6112 by @​lolgab in codacy/codacy-analysis-cli-action#80
• feature: Introduce new versioning scheme vX.X.X by @​lolgab in codacy/codacy-analysis-cli-action#81
• doc: Mention setting up the Go environment DOCS-380 by @​prcr in codacy/codacy-analysis-cli-action#83
• [SE-140] Add max-tool-memory flag by @​heliocodacy in codacy/codacy-analysis-cli-action#86
• Bump gosec to v2.13.1 CY-6239 by @​stefanvacareanu7 in codacy/codacy-analysis-cli-action#87
• Fix typo by @​pSub in codacy/codacy-analysis-cli-action#82
• doc: Bump supported Go version to 1.19.1 CY-6239 by @​prcr in codacy/codacy-analysis-cli-action#88
• Update supported languages count by @​nicklem in codacy/codacy-analysis-cli-action#91
• doc: Improve CLI parameters DOCS-180 by @​nicklem in codacy/codacy-analysis-cli-action#92
• doc: Flag @​codacy/techwriters as owners of README.md DOCS-483 by @​nicklem in codacy/codacy-analysis-cli-action#93
• added github_token in all requests to github api in action.yml by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#96
• removed github-token from action.yaml file by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#100
• changed staticcheck URL using github api to artifact TS-214 by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#102
• updated Clang-Tidy URL to artifact by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#103
• doc: Mention turning on and configuring the client-side tool by @​prcr in codacy/codacy-analysis-cli-action#106
• moved gosec and fauxpas to artifact by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#107
• fix installation staticcheck using official binary by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#108
• feature: allow skipping container engine check IO-423 by @​pedrocodacy in codacy/codacy-analysis-cli-action#110
• close if statement properly by @​bjarkebm in codacy/codacy-analysis-cli-action#114
• bump cli version by @​pedrocodacy in codacy/codacy-analysis-cli-action#116
• doc: Update Codacy logo DOCS-594 by @​nicklem in codacy/codacy-analysis-cli-action#119
• action: prevent globbing with double quotes by @​ljmf00 in codacy/codacy-analysis-cli-action#68
• Bump cli, staticheck, gosec versions TCE-614 by @​stefanvacareanu7 in codacy/codacy-analysis-cli-action#124
• TCE-937 add condition to setup go only if the user wants to run staticcheck by @​DMarinhoCodacy in codacy/codacy-analysis-cli-action#126
• feat: [TCE-1039] Add parameter 'registry-address' in order to support alternative registry addresses by @​heliocodacy in codacy/codacy-analysis-cli-action#129

New Contributors

• @​mushlih-almubarak made their first contribution in codacy/codacy-analysis-cli-action#77
• @​stefanvacareanu7 made their first contribution in codacy/codacy-analysis-cli-action#87

... (truncated)

Commits

• 562ee3e feat: build for release
• eb58a98 feat: build for release
• 97bf5df feat: build for release
• 3ad04f4 feat: build for release
• 3987b1d feat: build for release
• 55bddef feat: build for release
• 3ff8e64 feat: build for release
• 275a790 feat: build for release
• 33d4559 feat: build for release
• 43db50b feat: build for release
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 2dfefa0.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
actions/codacy/codacy-analysis-cli-action	562ee3e92b8e92df8b67e0a5ff8aa8e261919c08	🟢 4.9	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• .github/workflows/codacy.yml