chore(deps): update sonarsource/sonarqube-scan-action action to v5

.gitea/workflows/release.yml

@@ -7,26 +7,26 @@ on:
     - cron: "@weekly"
 
 jobs:
-  # sonar:
+  sonar:
-  #   runs-on: ubuntu-latest
+    runs-on: ubuntu-latest
-  #   steps:
+    steps:
-  #     - name: Check out repository code
+      - name: Check out repository code
-  #       uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4.2.2
-  #       with:
+        with:
-  #         fetch-depth: 0
+          fetch-depth: 0
 
-  #     - uses: hadolint/hadolint-action@v3.1.0
+      - uses: hadolint/hadolint-action@v3.1.0
-  #       with:
+        with:
-  #         dockerfile: Dockerfile
+          dockerfile: Dockerfile
-  #         output-file: hadolint.out
+          output-file: hadolint.out
-  #         format: sonarqube
+          format: sonarqube
-  #         no-fail: true
+          no-fail: true
 
-  #     - name: SonarQube Scan
+      - name: SonarQube Scan
-  #       uses: SonarSource/sonarqube-scan-action@v5.2.0
+        uses: SonarSource/sonarqube-scan-action@v5.0.0
-  #       env:
+        env:
-  #         SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-  #         SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
+          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
 
   release:
     runs-on: ubuntu-latest
@@ -42,7 +42,7 @@ jobs:
           echo "{\"insecure-registries\": [\"${{ vars.PACKAGES_REGISTRY_URL }}\"]}" > /etc/docker/daemon.json
 
       - name: Check out repository code
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v4.2.2
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

Dockerfile

@@ -1,18 +1,11 @@
-FROM gitea/runner-images:ubuntu-24.04
+FROM gitea/runner-images:ubuntu-latest
 
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
 
 ENV PIPX_BIN_DIR=/usr/local/bin
 
-RUN wget -q -O- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash && \
+RUN apt-get update && \
-    export NVM_DIR="$HOME/.nvm" && \
+    apt-get install -y pipx && \
-    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
-    [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" && \
-    nvm install 24 && \
-    add-apt-repository ppa:longsleep/golang-backports && \
-    add-apt-repository ppa:git-core/ppa && \
-    apt-get update && \
-    apt-get install -y golang-go pipx git && \
     apt-get clean && \
     pipx install poetry && \
     pipx install uv

renovate.json

@@ -7,13 +7,10 @@
   ],
   "platformCommit": "enabled",
   "dependencyDashboardAutoclose": true,
-  "assignAutomerge": false,
+  "assignAutomerge": true,
-  "assigneesFromCodeOwners": false,
+  "assigneesFromCodeOwners": true,
   "rebaseWhen": "behind-base-branch",
   "rollbackPrs": true,
-  "semanticCommits": "enabled",
-  "semanticCommitScope": "deps",
-  "semanticCommitType": "feat",
   "labels": [
     "type/dependencies"
   ],
@@ -25,15 +22,5 @@
     ],
     "commitMessagePrefix": "[SECURITY] ",
     "prCreation": "immediate"
-  },
+  }
-  "packageRules": [
-    {
-      "matchDepTypes": ["devDependencies"],
-      "automerge": true
-    },
-    {
-      "matchUpdateTypes": ["patch"],
-      "automerge": true
-    }
-  ]
 }