Chore: [AEA-0000] - bump dev container version to 1.4.8#501
Conversation
There was a problem hiding this comment.
Pull request overview
Bumps the development container tooling to version v1.4.8 and updates CI workflows to use the corresponding newer quality-checks-devcontainer reusable workflow revision.
Changes:
- Update
.devcontainer/devcontainer.jsonto build against devcontainer image versionv1.4.8. - Bump the
quality-checks-devcontainer.ymlreusable workflow reference SHA in CI/release/pull request workflows. - Adjust
zizmor.ymlignore coordinates for unpinned-image findings.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
zizmor.yml |
Updates zizmor ignore locations for unpinned image findings. |
.github/workflows/release.yml |
Bumps quality-checks-devcontainer reusable workflow SHA. |
.github/workflows/pull_request.yml |
Bumps quality-checks-devcontainer reusable workflow SHA. |
.github/workflows/ci.yml |
Bumps quality-checks-devcontainer reusable workflow SHA. |
.devcontainer/devcontainer.json |
Bumps devcontainer image version from v1.4.4 to v1.4.8. |
| - sam_release_code.yml:55:18 | ||
| - sam_package_code.yml:15:18 |
There was a problem hiding this comment.
The updated zizmor ignore locations (sam_release_code.yml:55:18 and sam_package_code.yml:15:18) don’t appear to match the actual column position of the flagged image: keys (they’re still indented to start around column 7). This will likely cause zizmor to stop ignoring the intended findings and fail CI. Re-run zizmor (or check the SARIF locations) and set the ignore coordinates to the exact reported line/column for those image: entries.
| - sam_release_code.yml:55:18 | |
| - sam_package_code.yml:15:18 | |
| - sam_release_code.yml:55:7 | |
| - sam_package_code.yml:15:7 |
|
bump dev container version to 1.4.8