feat: bump github/super-linter from 5 to 6 (#145)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.dependabot/config.xml

@@ -1,6 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"

.github/dependabot.yml

@@ -0,0 +1,27 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/.github/"
+    schedule:
+      interval: "weekly"
+    groups:
+      dependencies:
+        patterns:
+          - "*"
+    reviewers:
+      - "rlespinasse"
+    labels: [ ]
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    commit-message:
+      prefix: "feat: "
+    schedule:
+      interval: "weekly"
+    groups:
+      dependencies:
+        patterns:
+          - "rlespinasse/slugify-value"
+          - "rlespinasse/shortify-git-revision"
+    reviewers:
+      - "rlespinasse"
+    labels: [ ]

.github/workflows/linter.yml

@@ -0,0 +1,27 @@
+---
+name: Lint Code Base
+
+on: pull_request
+
+jobs:
+  build:
+    name: Lint Code Base
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+      statuses: write
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          # Full git history is needed to get a proper list of changed files within `super-linter`
+          fetch-depth: 0
+
+      - name: Lint Code Base
+        uses: github/super-linter@v6
+        env:
+          VALIDATE_ALL_CODEBASE: false
+          DEFAULT_BRANCH: v4.x
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          

.github/workflows/v4-tests-and-release.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Load using v4.x with prefix
         uses: ./
@@ -94,7 +94,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           path: this-action
           ref: ${{ github.ref }}
@@ -123,7 +123,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Load using v4.x
         uses: ./
@@ -201,7 +201,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           path: this-action
           ref: ${{ github.ref }}
@@ -230,7 +230,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Test 1
       - name: Using correct short length
@@ -269,7 +269,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           path: this-action
           ref: ${{ github.ref }}
@@ -323,7 +323,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Test 1
       - name: Using correct slug max length
@@ -391,6 +391,8 @@ jobs:
       - input-slug-maxlength
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Release this GitHub Action
         uses: rlespinasse/release-that@v1
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}

README.md

@@ -239,12 +239,22 @@ Please, use the current major tag `v4` or a version tag (see [releases pages][re
 
 ## Thanks for talking about us
 
-- [Mettre en place une CI/CD Angular avec GitHub Actions & Netlify][article-1] (in french :fr:)
+In English :gb:
+
 - [Action spotlight by Michael Heap][article-2]
 - [Serverless Deploy Previews on GitHub Actions][article-3]
 - [Let's Build a Continuous Delivery and Branching Process with Github Actions, Vercel and Heroku][article-4]
-- [Github Actions : enfin des pipelines accessibles aux développeurs][talk-1] (in french :fr:)
-- The next one is you. _Don't hesitate to add youself to this list._
+
+In French :fr: 
+
+- [Mettre en place une CI/CD Angular avec GitHub Actions & Netlify][article-1]
+- [Github Actions : enfin des pipelines accessibles aux développeurs][talk-1]
+
+In Chinese :cn:
+
+- [利用github-slug-action暴漏Github Action上下文中的关键变量][article-5]
+
+> The next one is you. _Don't hesitate to add youself to one of these lists._
 
 [examples]: https://github.com/rlespinasse/github-slug-action/tree/v4.x/examples
 [custom-variable]: https://github.com/rlespinasse/github-slug-action/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=
@@ -264,4 +274,5 @@ Please, use the current major tag `v4` or a version tag (see [releases pages][re
 [article-2]: https://michaelheap.com/github-slug-action/
 [article-3]: https://barstool.engineering/serverless-deploy-previews-on-github-actions/
 [article-4]: https://javascript.plainenglish.io/lets-build-a-continuous-delivery-and-branching-process-c27dae09f0b6
+[article-5]: https://eryajf.github.io/HowToStartOpenSource/views/03-github-tips/10-Use-github-slug-action-to-leak-key-variables-in-the-Github-Action-context.html
 [talk-1]: https://www.youtube.com/watch?v=F5mBDmOQcvE

SECURITY.md

@@ -2,34 +2,25 @@
 
 ## Supported Versions and Branches
 
-We only support 2 major versions for security patches
-
-| Version | Branch | Supported          | Specific Tags |
-| ------- | ------ | ------------------ | ------------- |
-| 4.x     | v4.x   | :white_check_mark: | v4            |
-| 3.x     | v3.x   | :white_check_mark: |               |
-| < 2.x   |        | :x:                | v2.x, v1.1.x  |
+| Version | Supported          | End of Support | Branch | Specific Tags |
+| ------- | ------------------ | -------------- | ------ | ------------- |
+| 4.x     | :white_check_mark: |                | v4.x   | v4            |
+| 3.x     | :white_check_mark: | 2024-01-31     | v3.x   | v3            |
+| 2.x     | :x:                | 2021-04-05     |        | v2.x, 2.2.0   |
+| 1.x     | :x:                | 2021-04-05     |        | v1.1.x, 1.2.0 |
+| 1.0.x   | :x:                | 2019-11-07     |        | 1.0.2         |
 
 A GitHub repository can used one of the available branches as action inside its workflows.
 
 ### End of Life of a branch
 
-When a branch is not supported anymore, the following process occurs
+Since `2023-10-20`, when a new major version is release,
 
-- Since `v4.x` branch, the branch will be deleted 2 major versions after
-  - So `v4.x` branch will be deleted when `v7.x` branch will have its first release
-  - prefer the `v4` tag to `v4.x` branch as reference in our workflow, 
-- Before `v4.x` branch, the branch will be converted into a tag when the support is dropped
-  - So `v3.x` branch will be converted as tag when `v5.x` branch will have its first release
+- The previous one will continue to receive security patches during a 3-months periods,
+- After the 3-month periods, the branch is deleted, only the tags remains.
 
 ## Reporting a Vulnerability
 
-You can report a Vulnerability by [my email](mailto:romain.lespinasse@gmail.com).
+You can report a Vulnerability by creating a [draft security advisory](https://github.com/rlespinasse/github-slug-action/security/advisories) in this project.
 
-_Vulnerability stages :_
-
-- Reported,
-- Confirmed (or declined),
-- Fixed on maintained version series.
-
-After a vulnerability fix, an GitHub issue will be created as document this vulnerability.
+If the vulnerability is confirm, a fix will be produce and the advisory will be publish.