Bump Afterlife-Guide/SemVer.Action from 1.1.1.16 to 1.2.2.14

[dependabot]

Bumps Afterlife-Guide/SemVer.Action from 1.1.1.16 to 1.2.2.14.

Release notes

Sourced from Afterlife-Guide/SemVer.Action's releases.

1.2.2.14

What's Changed

• Merge master into develop branch by @​baynezy in Afterlife-Guide/SemVer.Action#239
• Merge master into develop branch by @​baynezy in Afterlife-Guide/SemVer.Action#243
• Enable non-root access to workspace files by @​baynezy in Afterlife-Guide/SemVer.Action#245
• Bump Afterlife-Guide/SemVer.Action from 1.1.1.16 to 1.2.1.19 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#244
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#246
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#247
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#248
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#249
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#250
• Bump the verify group with 2 updates by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#252
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#253
• Bump cake-build/cake-action from 3.0.0 to 3.0.1 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#254
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#255
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#256
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#257
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#258
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#259
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#260
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#261
• Bump Microsoft.NET.Test.Sdk from 17.14.1 to 18.0.0 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#266
• Bump Microsoft.Extensions.DependencyInjection and Microsoft.Extensions.Hosting by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#265
• Bump FsCheck.Xunit from 3.3.0 to 3.3.1 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#262
• Bump JunitXml.TestLogger from 6.1.0 to 7.0.2 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#263
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#268
• Bump EnricoMi/publish-unit-test-result-action from 2.20.0 to 2.21.0 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#269
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#270
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#271
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#272
• Revert "Enable non-root access to workspace files" by @​baynezy in Afterlife-Guide/SemVer.Action#273
• Release version 1.2.2.14 by @​baynezy in Afterlife-Guide/SemVer.Action#274

Full Changelog: Afterlife-Guide/SemVer.Action@1.2.1.19...1.2.2.14

1.2.1.19

What's Changed

• Revert switching docker to non-root by @​baynezy in Afterlife-Guide/SemVer.Action#242

Full Changelog: Afterlife-Guide/SemVer.Action@1.2.0.13...1.2.1.19

1.2.0.13

What's Changed

• Merge master into develop branch by @​baynezy in Afterlife-Guide/SemVer.Action#202
• Merge master into develop branch by @​baynezy in Afterlife-Guide/SemVer.Action#206
• Bump Afterlife-Guide/SemVer.Action from 1.0.9.11 to 1.1.0.12 by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#203
• Bump the verify group with 1 update by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#207
• Bump the verify group with 2 updates by @​dependabot[bot] in Afterlife-Guide/SemVer.Action#208

... (truncated)

Changelog

Sourced from Afterlife-Guide/SemVer.Action's changelog.

[1.2.2.14] - 2025-11-07

[1.2.1.19] - 2025-09-09

Changed

• Reverted Docker non-root (#240)

[1.2.0.13] - 2025-09-08

Fixed

• Fixed security vulnerability by preventing direct use of user-controlled data in workflow run blocks to prevent command injection

Changed

• Migrated from thomaseizinger/keep-a-changelog-new-release to baynezy/ChangeLogger.Action (#210)
• Added GH_TOKEN environment variable to all GitHub Action workflows for consistent token access (#215)
• Set up copilot environment (#225)
• Updated Dockerfile to use uppercase 'AS' in multi-stage builds for SonarQube compliance (#229)

Fixed

• Reduced Information logging calls in WriteJsonCommand.cs to comply with SonarQube rule S6664 (#230)

Security

• Updated all external GitHub Actions to use full commit SHA hashes instead of version tags for improved security (#235)
• Updated Docker image to run as non-root user instead of root user to improve security posture (#233)

Commits

• 9102e86 Merge pull request #274 from Afterlife-Guide/release/1.2.2.14
• 8d86d83 Prepare release 1.2.2.14
• f7d25f6 Merge pull request #273 from Afterlife-Guide/feature/issue-0-revert
• 3950902 Revert "Enable non-root access to workspace files"
• edddda9 Merge pull request #272 from Afterlife-Guide/dependabot/nuget/test/SemVer.Jso...
• cd0fd16 Bump the verify group with 1 update
• 412fe10 Merge pull request #271 from Afterlife-Guide/dependabot/nuget/test/SemVer.Jso...
• aba85f1 Bump the verify group with 1 update
• d7789bb Merge pull request #270 from Afterlife-Guide/dependabot/nuget/test/SemVer.Jso...
• f41f9d2 Bump the verify group with 1 update
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Superseded by #203.