chore(deps): update github actions

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker/login-action (changelog)	action	digest	b45d80f → 4907a6d
super-linter/super-linter	action	minor	v8.5.0 → v8.6.0

---

Release Notes

super-linter/super-linter (super-linter/super-linter)

v8.6.0

Compare Source

🚀 Features

• improve zsh scripts support (#​7674) (6a65d3a), closes #​7618

🐛 Bugfixes

• exclude zsh scripts from file list (#​7536) (d0e883c)
• set markdownlint glob paths from rules file (#​7652) (53eb3bb), closes #​7650
• unset log level when getting renovate version (#​7594) (72c2bd7)

⬆️ Dependency updates

• bundler: bump rubocop in /dependencies in the rubocop group (#​7514) (f2264d2)
• bundler: bump rubocop in /dependencies in the rubocop group (#​7604) (c929dc3)
• bundler: bump rubocop in /dependencies in the rubocop group (#​7662) (bfb2fd9)
• bundler: bump rubocop-github in /dependencies in the rubocop group (#​7640) (a88d75e)
• bundler: bump the rubocop group across 1 directory with 2 updates (#​7565) (56ae6b3)
• docker: bump python in the docker-base-images group (#​7319) (717c087)
• docker: bump the docker group across 1 directory with 4 updates (#​7698) (11c750e)
• docker: bump the docker group across 1 directory with 5 updates (#​7615) (d7e1bd8)
• docker: bump the docker group across 1 directory with 6 updates (#​7566) (0f9cf19)
• docker: bump the docker group across 1 directory with 6 updates (#​7631) (ad7f508)
• docker: bump the docker group across 1 directory with 9 updates (#​7513) (89e3725)
• docker: bump the docker group with 2 updates (#​7577) (8b2f0c0)
• docker: bump the docker group with 2 updates (#​7641) (7293e37)
• docker: bump the docker group with 2 updates (#​7663) (eabfa25)
• java: bump com.puppycrawl.tools:checkstyle (#​7689) (4c66d9d)
• java: bump the java-gradle group across 2 directories with 2 updates (#​7581) (51af5a0)
• npm: bump ajv from 6.12.6 to 6.14.0 in /dependencies (#​7550) (7f00eb7)
• npm: bump axios from 1.12.2 to 1.13.5 in /dependencies (#​7510) (a891169)
• npm: bump brace-expansion from 1.1.12 to 1.1.13 in /dependencies (#​7685) (92c4cea)
• npm: bump express-rate-limit from 8.2.1 to 8.3.0 in /dependencies (#​7613) (c184a25)
• npm: bump flatted from 3.3.3 to 3.4.1 in /dependencies (#​7636) (013d8a7)
• npm: bump hono from 4.11.7 to 4.12.2 in /dependencies (#​7559) (5c3679f)
• npm: bump hono from 4.12.5 to 4.12.7 in /dependencies (#​7624) (c31d9ad)
• npm: bump markdown-it and renovate in /dependencies (#​7529) (9b794c2)
• npm: bump path-to-regexp from 8.3.0 to 8.4.0 in /dependencies (#​7687) (309fb55)
• npm: bump picomatch in /dependencies (#​7675) (df4f15e)
• npm: bump qs from 6.14.1 to 6.14.2 in /dependencies (#​7520) (a9e6534)
• npm: bump renovate (#​7699) (b91627f)
• npm: bump renovate from 43.4.0 to 43.4.4 in /dependencies (#​7524) (2ab5b9c)
• npm: bump smol-toml from 1.6.0 to 1.6.1 in /dependencies (#​7676) (d015498)
• npm: bump the npm group across 1 directory with 15 updates (#​7595) (58ee821)
• npm: bump the npm group across 1 directory with 2 updates (#​7623) (ddb4fbb)
• npm: bump the npm group across 1 directory with 2 updates (#​7664) (7e22df4)
• npm: bump the npm group across 1 directory with 3 updates (#​7612) (355a779)
• npm: bump the npm group across 1 directory with 4 updates (#​7633) (6e8bf45)
• npm: bump the npm group across 1 directory with 7 updates (#​7651) (946725f)
• npm: bump the npm group across 1 directory with 9 updates (#​7690) (db85efc)
• npm: bump underscore from 1.13.7 to 1.13.8 in /dependencies (#​7584) (9a661fa)
• python: bump ruff (#​7659) (576d1c4)
• python: bump snakefmt (#​7668) (1723a83)
• python: bump the pip group across 1 directory with 3 updates (#​7509) (d580241)
• python: bump the pip group across 1 directory with 3 updates (#​7582) (56b7621)
• python: bump the pip group across 1 directory with 3 updates (#​7634) (e3d8eca)
• python: bump the pip group across 1 directory with 3 updates (#​7648) (2e8137a)
• python: bump the pip group across 1 directory with 5 updates (#​7684) (cb17f60)
• python: bump the pip group across 1 directory with 6 updates (#​7567) (b823682)
• python: bump the pip group across 1 directory with 6 updates (#​7617) (3d2fc0d)

🧰 Maintenance

• define container image id after build meta (#​7519) (3ac699e), closes #​7517
• dev-docker: bump node in /dev-dependencies (#​7515) (27e3b04)
• dev-docker: bump node in /dev-dependencies (#​7564) (c4bf2ef)
• dev-docker: bump node in /dev-dependencies (#​7591) (ff08795)
• dev-docker: bump node in /dev-dependencies (#​7630) (209caca)
• dev-docker: bump node in /dev-dependencies (#​7678) (f35a407)
• dev-npm: bump handlebars (#​7683) (1b3e7cd)
• dev-npm: bump release-please in /dev-dependencies (#​7545) (c3c9451)
• dev-npm: bump the npm_and_yarn group across 1 directory with 1 update (#​7560) (10ac6af)
• dev-npm: bump the npm_and_yarn group across 1 directory with 1 update (#​7568) (4bdc8a4)
• dev-npm: bump the npm_and_yarn group across 1 directory with 1 update (#​7691) (c5ec78d)
• dev-npm: bump yaml (#​7677) (70db47b)
• extend filelist tests (#​7511) (4e9c814)
• fix chktex install and tar dep (#​7587) (6231a1c)
• fix npm build (#​7649) (ea3113b)
• fix npm build (#​7657) (6d120fe)
• force update rollup and minimatch (#​7621) (59403f0)
• github-actions: bump actions/download-artifact (#​7629) (f9e50a2)
• github-actions: bump the dev-ci-tools group across 1 directory with 3 updates (#​7609) (d518d58)
• github-actions: bump the dev-ci-tools group with 2 updates (#​7574) (aec39de)
• ungroup eslint (#​7539) (f33a1a1)
• update contributors action reference after repo transfer (#​7558) (576bdd3)
• update npm deps (#​7603) (dd82ec5)
• update rack to 3.2.5 (#​7569) (46e338c)
• update ruby and npm deps (#​7694) (eb8ddc7)
• update tar to 7.5.11 (#​7626) (016eb68)
• upgrade actions/checkout to version 6 (#​7645) (58a6e5d)

---

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 8616473.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
actions/docker/login-action	4907a6ddec9925e35a0a9e82d7399ccc52663121	🟢 8.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool detected but not run on all commits

Scanned Files

• .github/workflows/scan-image.yml

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.82%. Comparing base (a93a84f) to head (8616473).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #253   +/-   ##
=======================================
  Coverage   71.82%   71.82%           
=======================================
  Files          11       11           
  Lines         802      802           
  Branches      124      124           
=======================================
  Hits          576      576           
  Misses        163      163           
  Partials       63       63           

Flag	Coverage Δ
backend	71.82% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.