Merge branch 'main' into patch/llm-aer-031

.changeset/brown-trainers-type.md

@@ -0,0 +1,5 @@
+---
+"jira-tracing": minor
+---
+
+Adds changesetKey check if `process.env.CHANGESET_KEY` is passed in.

.changeset/calm-lions-love.md

@@ -0,0 +1,6 @@
+---
+"ci-sonarqube-go": patch
+"ci-sonarqube-ts": patch
+---
+
+update sonarsource/sonarqube-scan-action to v3.0.0

.changeset/fast-swans-attack.md

@@ -0,0 +1,5 @@
+---
+"update-action-versions": patch
+---
+
+bump dependencies

.changeset/hip-roses-explain.md

@@ -0,0 +1,5 @@
+---
+"setup-renovate": patch
+---
+
+bump renovatebot/github-action dependency

.changeset/hip-waves-punch.md

@@ -0,0 +1,8 @@
+---
+"ci-lint-go": minor
+---
+
+Added `only-new-issues` flag to be set to `true` in golangci-lint (ci-lint-go).
+This setting is critical. Without it, we cannot enable new rules without first
+resolving outstanding debt.  
+

.prettierignore

@@ -17,6 +17,7 @@ pnpm-lock.yaml
 yarn.lock
 /apps/go-mod-validator/test/__fixtures__/
 /.nx/cache
+/.changeset/
 
 # Don't LLM format prompt files
 /actions/llm-pr-writer/pr-writer-prompt.md

.tool-versions

@@ -1,2 +1,2 @@
 nodejs 20.16.0
-pnpm 9.6.0
+pnpm 9.7.0

actions/ci-lint-go/README.md

@@ -1 +1,22 @@
 # ci-lint-go
+
+Example:
+
+```yaml
+name: Golangci-lint
+
+on: [pull_request]
+
+jobs:
+  golangci-lint:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+      actions: read
+    steps:
+      - name: golangci-lint
+        uses: smartcontractkit/.github/actions/ci-lint-go@5f5ebd52cb13f4b8530cd3005ec7ec3180840219 # v0.2.5
+        with:
+          go-version-file: go.mod
+```

actions/ci-lint-go/action.yml

@@ -60,6 +60,10 @@ inputs:
     description: ""
     required: false
     default: --out-format checkstyle:golangci-lint-report.xml
+  only-new-issues:
+    description: "Report only the new issues introduced in your code"
+    required: false
+    default: "true"
   go-directory:
     description: ""
     default: .
@@ -116,6 +120,7 @@ runs:
         version: ${{ inputs.golangci-lint-version }}
         args: ${{ inputs.golangci-lint-args }}
         working-directory: ${{ inputs.go-directory }}
+        only-new-issues: ${{ inputs.only-new-issues }}
 
     - name: Print lint report artifact
       if: always()

actions/ci-sonarqube-go/action.yml

@@ -94,7 +94,7 @@ runs:
         echo "SONARQUBE_ARGS=$ARGS" >> $GITHUB_ENV
 
     - name: SonarQube Scan
-      uses: sonarsource/sonarqube-scan-action@aecaf43ae57e412bd97d70ef9ce6076e672fe0a9 # v2.3.0
+      uses: sonarsource/sonarqube-scan-action@0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 # v3.0.0
       with:
         args: ${{ env.SONARQUBE_ARGS }}
       env:

actions/ci-sonarqube-ts/action.yml

@@ -110,7 +110,7 @@ runs:
         steps.sonarqube_report_paths.outputs.sonarqube_lint_report_paths }}
 
     - name: SonarQube Scan
-      uses: sonarsource/sonarqube-scan-action@aecaf43ae57e412bd97d70ef9ce6076e672fe0a9 # v2.3.0
+      uses: sonarsource/sonarqube-scan-action@0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 # v3.0.0
       with:
         args: ${{ env.SONARQUBE_ARGS }}
       env:

actions/setup-renovate/action.yml

@@ -62,7 +62,7 @@ runs:
         aws-role-duration-seconds: ${{ inputs.aws-role-duration-seconds }}
 
     - name: Run renovate
-      uses: renovatebot/github-action@8ce0fe8066eb6b16e1bf499b21bc96e5ccd962a4 # v40.2.3
+      uses: renovatebot/github-action@76d49712364696a06b60e8647df46b288fff0ddc # v40.2.4
       with:
         renovate-version: ${{ inputs.renovate-version }}
         token: ${{ steps.get-access-token.outputs.access-token }}