diff --git a/CHANGELOG.rst b/CHANGELOG.rst index e92edc701..eb3371c8f 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -10,7 +10,8 @@ Unreleased .. vendor-insert-here -- Update vendored schemas: compose-spec, meltano, renovate (2025-07-06) +- Update vendored schemas: compose-spec, dependabot, gitlab-ci, meltano, mergify, + renovate (2025-07-20) 0.33.2 ------ diff --git a/src/check_jsonschema/builtin_schemas/vendor/dependabot.json b/src/check_jsonschema/builtin_schemas/vendor/dependabot.json index 2f11926aa..adc291a70 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/dependabot.json +++ b/src/check_jsonschema/builtin_schemas/vendor/dependabot.json @@ -698,6 +698,7 @@ }, "update": { "type": "object", + "additionalProperties": false, "properties": { "allow": { "description": "Customize which updates are allowed", @@ -1026,6 +1027,7 @@ "type": { "description": "Identifies the type of registry.", "enum": [ + "cargo-registry", "composer-repository", "docker-registry", "git", @@ -1034,6 +1036,7 @@ "maven-repository", "npm-registry", "nuget-feed", + "pub-repository", "python-index", "rubygems-server", "terraform-registry" diff --git a/src/check_jsonschema/builtin_schemas/vendor/gitlab-ci.json b/src/check_jsonschema/builtin_schemas/vendor/gitlab-ci.json index cadc1ad05..8400f36d2 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/gitlab-ci.json +++ b/src/check_jsonschema/builtin_schemas/vendor/gitlab-ci.json @@ -752,7 +752,10 @@ "additionalProperties": false, "properties": { "user": { - "type": ["string", "integer"], + "type": [ + "string", + "integer" + ], "minLength": 1, "maxLength": 255, "description": "Username or UID to use for the container. It also supports the UID:GID format." @@ -846,7 +849,10 @@ "additionalProperties": false, "properties": { "user": { - "type": ["string", "integer"], + "type": [ + "string", + "integer" + ], "minLength": 1, "maxLength": 255, "description": "Username or UID to use for the container. It also supports the UID:GID format." @@ -1028,6 +1034,52 @@ ], "additionalProperties": false }, + "aws_secrets_manager": { + "oneOf": [ + { + "type": "string", + "description": "The ARN or name of the secret to retrieve. To retrieve a secret from another account, you must use an ARN." + }, + { + "type": "object", + "markdownDescription": "Defines the secret to be fetched from AWS Secrets Manager. The secret_id refers to the ARN or name of the secret in AWS Secrets Manager. Version_id and version_stage are optional parameters that can be used to specify a specific version of the secret, else AWSCURRENT version will be returned.", + "properties": { + "secret_id": { + "type": "string", + "description": "The ARN or name of the secret to retrieve. To retrieve a secret from another account, you must use an ARN." + }, + "version_id": { + "type": "string", + "description": "The unique identifier of the version of the secret to retrieve. If you include both this parameter and VersionStage, the two parameters must refer to the same secret version. If you don't specify either a VersionStage or VersionId, Secrets Manager returns the AWSCURRENT version." + }, + "version_stage": { + "type": "string", + "description": "The staging label of the version of the secret to retrieve. If you include both this parameter and VersionStage, the two parameters must refer to the same secret version. If you don't specify either a VersionStage or VersionId, Secrets Manager returns the AWSCURRENT version." + }, + "region": { + "type": "string", + "description": "The AWS region where the secret is stored. Use this to override the region for a specific secret. Defaults to AWS_REGION variable." + }, + "role_arn": { + "type": "string", + "description": "The ARN of the IAM role to assume before retrieving the secret. Use this to override the ARN. Defaults to AWS_ROLE_ARN variable." + }, + "role_session_name": { + "type": "string", + "description": "The name of the session to use when assuming the role. Use this to override the session name. Defaults to AWS_ROLE_SESSION_NAME variable." + }, + "field": { + "type": "string", + "description": "The name of the field to retrieve from the secret. If not specified, the entire secret is retrieved." + } + }, + "required": [ + "secret_id" + ], + "additionalProperties": false + } + ] + }, "akeyless": { "type": "object", "properties": { @@ -1075,6 +1127,11 @@ "gcp_secret_manager" ] }, + { + "required": [ + "aws_secrets_manager" + ] + }, { "required": [ "akeyless" @@ -2411,10 +2468,11 @@ "type": "string" }, "strategy": { - "description": "You can mirror the pipeline status from the triggered pipeline to the source bridge job by using strategy: depend", + "description": "You can mirror or depend on the pipeline status from the triggered pipeline to the source bridge job by using strategy: `depend` or `mirror`", "type": "string", "enum": [ - "depend" + "depend", + "mirror" ] }, "inputs": { @@ -2595,10 +2653,11 @@ ] }, "strategy": { - "description": "You can mirror the pipeline status from the triggered pipeline to the source bridge job by using strategy: depend", + "description": "You can mirror or depend on the pipeline status from the triggered pipeline to the source bridge job by using strategy: `depend` or `mirror`", "type": "string", "enum": [ - "depend" + "depend", + "mirror" ] }, "forward": { diff --git a/src/check_jsonschema/builtin_schemas/vendor/meltano.json b/src/check_jsonschema/builtin_schemas/vendor/meltano.json index e4cb862fe..27a61398d 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/meltano.json +++ b/src/check_jsonschema/builtin_schemas/vendor/meltano.json @@ -815,6 +815,7 @@ "file", "email", "integer", + "decimal", "options", "object", "array", diff --git a/src/check_jsonschema/builtin_schemas/vendor/mergify.json b/src/check_jsonschema/builtin_schemas/vendor/mergify.json index 95303555d..e82f8a921 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/mergify.json +++ b/src/check_jsonschema/builtin_schemas/vendor/mergify.json @@ -1296,6 +1296,12 @@ ], "title": "Reporting Method", "type": "string" + }, + "post_comment": { + "default": true, + "description": "Whether to post merge protection status comments on pull requests", + "title": "Post Comment", + "type": "boolean" } }, "title": "MergeProtectionsModel", @@ -1306,7 +1312,7 @@ "properties": { "max_parallel_checks": { "default": 5, - "description": "The maximum number of speculative checks allowed to run at the same time.", + "description": "The maximum number of speculative checks allowed to run at the same time. Setting this value to 1 disables speculative checks.", "maximum": 128, "minimum": 1, "title": "Max Parallel Checks", @@ -2354,19 +2360,6 @@ "title": "Branch Protection Injection Mode", "type": "string" }, - "speculative_checks": { - "configuration_deprecated_attribute": { - "deprecated_summary_ghes_mode": "\n:bangbang: **Action Required** :bangbang:\n> **The configuration uses the deprecated `speculative_checks` attribute in the `queue_rules` section. It has been replaced in favor of `max_parallel_checks` in the `merge_queue` section of the configuration.\n> For more information: https://docs.mergify.com/merge-queue/speculative-checks/", - "deprecated_summary_saas_mode": "\n:bangbang: **Action Required** :bangbang:\n> **The configuration uses the deprecated `speculative_checks` attribute in the `queue_rules` section. It has been replaced in favor of `max_parallel_checks` in the `merge_queue` section of the configuration.\n> For more information: https://docs.mergify.com/merge-queue/speculative-checks/" - }, - "default": 1, - "deprecated": true, - "description": "The maximum number of checks to run in parallel in the queue. Must be between 1 and 128.", - "maximum": 128, - "minimum": 1, - "title": "Speculative Checks", - "type": "integer" - }, "batch_size": { "default": 1, "description": "The maximum number of pull requests per speculative check in the queue. Must be between 1 and 128.", @@ -2384,7 +2377,7 @@ }, "allow_inplace_checks": { "default": true, - "description": "Allow to update or rebase the original pull request to check its mergeability when first in the queue and not part of a batch or speculative check.", + "description": "Allow to update or rebase the original pull request to check its mergeability when first in the queue and not part of a batch (see: `batch_size`) or speculative check (see: `max_parallel_checks`).", "title": "Allow Inplace Checks", "type": "boolean" }, @@ -2578,19 +2571,6 @@ "title": "Branch Protection Injection Mode", "type": "string" }, - "speculative_checks": { - "configuration_deprecated_attribute": { - "deprecated_summary_ghes_mode": "\n:bangbang: **Action Required** :bangbang:\n> **The configuration uses the deprecated `speculative_checks` attribute in the `queue_rules` section. It has been replaced in favor of `max_parallel_checks` in the `merge_queue` section of the configuration.\n> For more information: https://docs.mergify.com/merge-queue/speculative-checks/", - "deprecated_summary_saas_mode": "\n:bangbang: **Action Required** :bangbang:\n> **The configuration uses the deprecated `speculative_checks` attribute in the `queue_rules` section. It has been replaced in favor of `max_parallel_checks` in the `merge_queue` section of the configuration.\n> For more information: https://docs.mergify.com/merge-queue/speculative-checks/" - }, - "default": 1, - "deprecated": true, - "description": "The maximum number of checks to run in parallel in the queue. Must be between 1 and 128.", - "maximum": 128, - "minimum": 1, - "title": "Speculative Checks", - "type": "integer" - }, "batch_size": { "default": 1, "description": "The maximum number of pull requests per speculative check in the queue. Must be between 1 and 128.", @@ -2608,7 +2588,7 @@ }, "allow_inplace_checks": { "default": true, - "description": "Allow to update or rebase the original pull request to check its mergeability when first in the queue and not part of a batch or speculative check.", + "description": "Allow to update or rebase the original pull request to check its mergeability when first in the queue and not part of a batch (see: `batch_size`) or speculative check (see: `max_parallel_checks`).", "title": "Allow Inplace Checks", "type": "boolean" }, @@ -2797,7 +2777,7 @@ } ], "default": null, - "description": "To rebase, Mergify needs to impersonate a GitHub user. You can specify the account to use with this option. If no `bot_account` is set, Mergify picks the pull request author. The user account must have already been logged in Mergify dashboard once.", + "description": "To rebase, Mergify needs to impersonate a GitHub user. You can specify the account to use with this option. If no `bot_account` is set, Mergify picks the pull request author. The user account must have already been logged in Mergify dashboard once.\n\n**Warning:** Due to security on GitHub side, rebase cannot be performed on pull requests created by bot accounts without explicitly setting the `bot_account` impersonation option.", "title": "Bot Account" }, "autosquash": { diff --git a/src/check_jsonschema/builtin_schemas/vendor/renovate.json b/src/check_jsonschema/builtin_schemas/vendor/renovate.json index 41148a8e5..dbe9255ad 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/renovate.json +++ b/src/check_jsonschema/builtin_schemas/vendor/renovate.json @@ -509,7 +509,7 @@ "type": "integer", "default": 0 }, - "baseBranches": { + "baseBranchPatterns": { "description": "List of one or more custom base branches defined as exact strings and/or via regex expressions.", "type": "array", "items": { @@ -6778,7 +6778,7 @@ "description": "Table column definitions to use in PR tables.", "type": "object", "default": { - "Package": "{{{depNameLinked}}}", + "Package": "{{{depNameLinked}}}{{#if newName}}{{#unless (equals depName newName)}} → {{{newNameLinked}}}{{/unless}}{{/if}}", "Type": "{{{depType}}}", "Update": "{{{updateType}}}", "Current value": "{{{currentValue}}}", @@ -8456,6 +8456,15 @@ "description": "Username for authentication.", "type": "string" }, + "variables": { + "description": "Object which holds variable name/value pairs.", + "type": "object", + "default": {}, + "additionalProperties": { + "type": "string" + }, + "$ref": "#" + }, "velaci": { "description": "Configuration object for the velaci manager", "type": "object", @@ -8663,6 +8672,11 @@ } ] }, + "enabled": { + "description": "Enable or disable corresponding functionality.", + "type": "boolean", + "default": true + }, "vulnerabilityFixStrategy": { "description": "Strategy to use when fixing vulnerabilities. `lowest` will propose the earliest version with a fix, `highest` will always pick the latest version.", "type": "string", diff --git a/src/check_jsonschema/builtin_schemas/vendor/sha256/dependabot.sha256 b/src/check_jsonschema/builtin_schemas/vendor/sha256/dependabot.sha256 index 68e57c85a..ed977fa83 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/sha256/dependabot.sha256 +++ b/src/check_jsonschema/builtin_schemas/vendor/sha256/dependabot.sha256 @@ -1 +1 @@ -6c5b8ebc737752ee140da9083e95ebb09c0e3d31d0398d8d301930adb64ea705 \ No newline at end of file +6b4230e1b15ccc441d423fa22f7a8b7234dce0392ea04dd0f30b1894b5d22876 \ No newline at end of file diff --git a/src/check_jsonschema/builtin_schemas/vendor/sha256/gitlab-ci.sha256 b/src/check_jsonschema/builtin_schemas/vendor/sha256/gitlab-ci.sha256 index 7dcdda295..616a43c0c 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/sha256/gitlab-ci.sha256 +++ b/src/check_jsonschema/builtin_schemas/vendor/sha256/gitlab-ci.sha256 @@ -1 +1 @@ -10e9a42e805b622c5e73997396757ea6a444a0aeb4c1e16a02fbb69d880ab387 \ No newline at end of file +a3bccdbd1d0d27b6069042004c0ebf23b2d2f4d4c4f9623a9fdc08262970b9ed \ No newline at end of file diff --git a/src/check_jsonschema/builtin_schemas/vendor/sha256/meltano.sha256 b/src/check_jsonschema/builtin_schemas/vendor/sha256/meltano.sha256 index e5efb42f7..59d9765fd 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/sha256/meltano.sha256 +++ b/src/check_jsonschema/builtin_schemas/vendor/sha256/meltano.sha256 @@ -1 +1 @@ -0a92bd465b669b8efc0dd7880bce82831db89df04c593fa9eed12453c6c6f283 \ No newline at end of file +1533427925729f2da89f0525c5a579c37932c2ccf2f3b9be6f8ecfed6adba33f \ No newline at end of file diff --git a/src/check_jsonschema/builtin_schemas/vendor/sha256/mergify.sha256 b/src/check_jsonschema/builtin_schemas/vendor/sha256/mergify.sha256 index a124f9dea..b001d998b 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/sha256/mergify.sha256 +++ b/src/check_jsonschema/builtin_schemas/vendor/sha256/mergify.sha256 @@ -1 +1 @@ -bbcf88a9253516a49e9f766370e85d6caccfbe6c7ef35a1b17c9ff4fd12cff7a \ No newline at end of file +0062d7c6c5d5537052a426f348e214ded9bfc46e319d7b5301b8fd40671841d8 \ No newline at end of file diff --git a/src/check_jsonschema/builtin_schemas/vendor/sha256/renovate.sha256 b/src/check_jsonschema/builtin_schemas/vendor/sha256/renovate.sha256 index 054af352f..f9e693bec 100644 --- a/src/check_jsonschema/builtin_schemas/vendor/sha256/renovate.sha256 +++ b/src/check_jsonschema/builtin_schemas/vendor/sha256/renovate.sha256 @@ -1 +1 @@ -11988fc6297c4f2fc752cf87e311f4b8baf23ed5d38288332eb8e2c6af14f010 \ No newline at end of file +6113fff0ea8902b9a90fa0baee631878792fe7c039af1d8cfcf2bf03614842c8 \ No newline at end of file