build(deps): bump mszostok/codeowners-validator from 0.7.1 to 0.7.4

[dependabot]

Bumps mszostok/codeowners-validator from 0.7.1 to 0.7.4.

Release notes

Sourced from mszostok/codeowners-validator's releases.

v0.7.4

🎉 GitHub Codeowners Validator 0.7.4 is now available!

Highlights

✨ New functionality

• Support GitHub App authentication (#146) (@​julienduchesne) Now, you can use the GitHub App auth instead of private token. Read more here: https:/mszostok/codeowners-validator/blob/main/docs/gh-token.md#github-app.

• New experimental check: Avoid shadowing (#149) (@​julienduchesne) Reports if entries go from least specific to most specific. Otherwise, earlier entries are completely ignored.

  For example:

  # First entry
  /build/logs/ @octocat
  # Shadows - reported as error
  * @s1
  /b*/logs @s5
  # OK
  /b*/other @o1
  /script/* @o2
  

🔧 Bug Fixes

• Apply hot fix to resolve issue with untrusted git repository for not-owned checker (#148) (@​mszostok) Added to solve problem with actions/checkout#766.

Changelog

• 7dfc6dca90f648c93a63a6b0cfb27feb946e5be3: Support Github App authentication (#146) (@​julienduchesne)
• 0e995bc01a215e58d30736f542714276f4aaf4b4: New experimental check: Avoid shadowing (#149) (@​julienduchesne)
• d1be4880cfc29e11d5c5a917d056c756fd3a6e94: Apply hot fix to resolve issue with untrusted git repository for not-owned checker (#148) (@​mszostok)
• cfa4033612462f8a76ddd55f3617a2a8cc713a8c: Update main README.md (#153) (@​mszostok)
• 7f3f5e28c6d7b8dfae5731e54ce2272ca384592f: Adjust docs and GitHub action for v0.7.4 release (#154) (@​mszostok)

v0.7.3

🎉 GitHub Codeowners Validator 0.7.3 is now available!

Highlights

✨ New functionality

• not-owned-checker: Add git-ls-tree implementation with subdirectory support (#141) (@​jeremycohen) Now you can specify against which subdirectories the not-owned check should be executed. To configure that, use the NOT_OWNED_CHECKER_SUBDIRECTORIES environment variable. In the default mode, it works as previously, where all files are checked.
• Add GitHub token validation to get rid of misleading error checks (#143)

🔧 Bug Fixes

• Fix scope and internal error handling (#145) (@​mszostok) The previous release informs the user about the internal error, but the exit code was not properly propagated. Now, besides the error message, the exit code is also set.

... (truncated)

Commits

• 7f3f5e2 Adjust docs and GitHub action for v0.7.4 release (#154)
• cfa4033 Update main README.md (#153)
• d1be488 Apply hot fix to resolve issue with untrusted git repository for not-owned ...
• 0e995bc New experimental check: Avoid shadowing (#149)
• 7dfc6dc Support Github App authentication (#146)
• 436c7ac Fix scope and internall error handling (#145)
• 4e0aa9d Prepare for release v0.7.3 (#144)
• 2ae5a4b Add token validation when necessary, fmt shell code, enable 'gocritics' (#143)
• a16e4b9 not-owned-checker: Add git-ls-tree implementation with subdirectory support (...
• f555ba6 Prepare for release v0.7.2 (#138)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.