From 0164e9cc847fcf84505ddf6a5adc49012f86fed2 Mon Sep 17 00:00:00 2001
From: Robin Tuszik <mail@robin.gg>
Date: Thu, 19 Sep 2024 15:10:06 +0200
Subject: [PATCH 1/8] ci(dependabot): add configuration for automated
 dependency updates (#20)

Add dependabot.yml to automate updates for Python packages, GitHub Actions,
and Docker base images on a weekly schedule. This ensures dependencies
remain up-to-date and secure.
---
 .github/dependabot.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..501343b
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,22 @@
+version: 2
+updates:
+  # Update Python packages
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+
+  # Update GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+
+  # Update Docker base images
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10

From d72a430d38d0ed025919f1c47f418bf41f61192e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:11:30 +0200
Subject: [PATCH 2/8] build(deps): bump actions/checkout from 3 to 4 (#27)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/docker-build-push.yml | 2 +-
 .github/workflows/super-linter.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index 866f437..4d096e7 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: Log in to the Container registry
       uses: docker/login-action@v2
diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml
index 5cef31c..01ba464 100644
--- a/.github/workflows/super-linter.yml
+++ b/.github/workflows/super-linter.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
 
       - name: Checkout Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 

From b9cb4cf88c18aaf7bb3eb5b3e44d906751d594ba Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:15:02 +0200
Subject: [PATCH 3/8] build(deps): bump docker/metadata-action from 4 to 5
 (#23)

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/docker-build-push.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index 4d096e7..b4d4eb1 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -30,7 +30,7 @@ jobs:
 
     - name: Extract metadata (tags, labels) for Docker
       id: meta
-      uses: docker/metadata-action@v4
+      uses: docker/metadata-action@v5
       with:
         images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
         tags: |

From 3e161a8e505279b67c6060d0182f6a5a935b0ac2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:15:25 +0200
Subject: [PATCH 4/8] build(deps): bump docker/build-push-action from 4 to 6
 (#22)

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4...v6)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/docker-build-push.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index b4d4eb1..9985d17 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -39,7 +39,7 @@ jobs:
           type=ref,event=branch,pattern={{branch}},prefix=branch-,sanitize=true
 
     - name: Build and push Docker image
-      uses: docker/build-push-action@v4
+      uses: docker/build-push-action@v6
       with:
         context: .
         push: true

From e10f224597a096ef701a3464f6d662a48b95ef7e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:20:01 +0200
Subject: [PATCH 5/8] build(deps): bump replicate from 0.32.1 to 0.33.0 (#24)

Bumps [replicate](https://github.com/replicate/replicate-python) from 0.32.1 to 0.33.0.
- [Release notes](https://github.com/replicate/replicate-python/releases)
- [Commits](https://github.com/replicate/replicate-python/compare/0.32.1...0.33.0)

---
updated-dependencies:
- dependency-name: replicate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 20fe698..b93730e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-replicate==0.32.1
+replicate==0.33.0
 python-dotenv==1.0.1
 token_count==0.2.1
 loguru==0.7.2

From b3c59ec27a0cdde3c02ad8261a73976157895c9d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:21:04 +0200
Subject: [PATCH 6/8] build(deps): bump docker/login-action from 2 to 3 (#21)

Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/docker-build-push.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index 9985d17..fc9f3cd 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -22,7 +22,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Log in to the Container registry
-      uses: docker/login-action@v2
+      uses: docker/login-action@v3
       with:
         registry: ${{ env.REGISTRY }}
         username: ${{ github.actor }}

From 2f8221f6e03e14736eecbd86d81edd8d775a370c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:23:10 +0200
Subject: [PATCH 7/8] build(deps): bump python from 3.11-slim to 3.12-slim
 (#25)

Bumps python from 3.11-slim to 3.12-slim.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index d099381..437181a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.11-slim
+FROM python:3.12-slim
 
 # Environment variables to optimize Python behavior
 ENV PYTHONDONTWRITEBYTECODE=1

From c5ebf11626918429cb696aa12864b926b5b11e54 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 19 Sep 2024 15:40:11 +0200
Subject: [PATCH 8/8] build(deps): bump github/super-linter from 4 to 7 (#26)

* build(deps): bump github/super-linter from 4 to 7

Bumps [github/super-linter](https://github.com/github/super-linter) from 4 to 7.
- [Release notes](https://github.com/github/super-linter/releases)
- [Changelog](https://github.com/github/super-linter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/super-linter/compare/v4...v7)

---
updated-dependencies:
- dependency-name: github/super-linter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* ci(super-linter.yml): update workflow triggers to ignore push to main and run on pull request to main
ci(super-linter.yml): add workflow_dispatch trigger for manual runs
ci(super-linter.yml): add permissions block for enhanced security
ci(super-linter.yml): update actions/checkout to version 4 for latest features and fixes
ci(super-linter.yml): fix indentation and spacing issues for better readability

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Robin Tuszik <mail@robin.gg>
---
 .github/workflows/super-linter.yml | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml
index 01ba464..fdb41ea 100644
--- a/.github/workflows/super-linter.yml
+++ b/.github/workflows/super-linter.yml
@@ -1,24 +1,36 @@
 name: Lint
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore: ["main"]
+  pull_request:
+    branches: ["main"]
+  workflow_dispatch:
+
+permissions: {}
+
 jobs:
   lint:
     runs-on: ubuntu-latest
 
-    steps:
+    permissions:
+      contents: read
+      packages: read
+      statuses: write
 
+    steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Lint Code Base
-        uses: github/super-linter@v4
+        uses: github/super-linter@v7
         env:
           VALIDATE_ALL_CODEBASE: true
           VALIDATE_HTML: true
           FIX_PYTHON_RUFF: true
           VALIDATE_PYTHON_RUFF: true
-          VALIDATE_MARKDOWN_PRETTIER	: true
+          VALIDATE_MARKDOWN_PRETTIER: true
           VALIDATE_GITLEAKS: true
           VALIDATE_GITHUB_ACTIONS: true
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}