DEV Community

Jonas Brømsø
Jonas Brømsø

Posted on • Edited on

Release 0.42.0 of Spellcheck (GitHub) Action - yet another maintenance release

Yesterday I released version 0.42.0 of the GitHub Action for doing spelling checking of your documentation etc. for which I am the current maintainer.

Again the Python base-image was updated, so now we are pointing to:

  • 3.12.6

I can see that I forgot to write about some of the releases since 0.38.0.

There has been some interesting releases - well releases which was not just a bump of a base image.

0.41.0, 2024-08-12, maintenance release, update not required

0.40.0, 2024-07-18, maintenance release, update recommended

  • Minor error in the previous release, re-releasing as 0.40.0 see changes from 0.39.0 below

0.39.0, 2024-07-17, maintenance release, update recommended

  • PR from @snyk-bot #204 this updates the indirect Python dependency zipp from version 3.15.0 to 3.19.1 The dependency has a security flaw, please see below references.

Do note zipp is not a direct dependency, but it is a dependency of importlib-metadata, which is a dependency of pyspelling, which is the core component of this action.

By indicating is as a direct dependency of version 3.19.1, we can ensure that the action is not vulnerable, even though the vulnerability might not directly exploitable in the context of this action.

References:

But now we are back on track with 0.42.0.

My build script took care of the entire process, well apart from updating the Wiki.

So I am one happy maintainer.

Bug reports, feature requests, PR are as always most welcome

The change log:

0.42.0, 2024-09-22, maintenance release, update not required

Top comments (0)