Bump senzing-factory/build-resources/.github/workflows/lint-workflows.yaml from 3 to 4

[dependabot]

Bumps senzing-factory/build-resources/.github/workflows/lint-workflows.yaml from 3 to 4.

Release notes

Sourced from senzing-factory/build-resources/.github/workflows/lint-workflows.yaml's releases.

4.0.0

What's Changed

• #260 make shared workflows generic, misc cleanup by @​kernelsam in senzing-factory/build-resources#261

Full Changelog: senzing-factory/build-resources@v3...4.0.0

3.0.31

What's Changed

• Bump super-linter/super-linter from 8.4.0 to 8.5.0 by @​dependabot[bot] in senzing-factory/build-resources#257
• if the PR's REFRESHED_AT matches main's value, it only passes if that… by @​kernelsam in senzing-factory/build-resources#259

Full Changelog: senzing-factory/build-resources@v3...3.0.31

3.0.30

What's Changed

• Bump super-linter/super-linter from 8.3.1 to 8.3.2 by @​dependabot[bot] in senzing-factory/build-resources#254
• Bump actions/download-artifact from 6 to 7 by @​dependabot[bot] in senzing-factory/build-resources#250
• Bump super-linter/super-linter from 8.3.2 to 8.4.0 by @​dependabot[bot] in senzing-factory/build-resources#255
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in senzing-factory/build-resources#249
• Fix regex for filtering GitHub workflows by @​kernelsam in senzing-factory/build-resources#256

Full Changelog: senzing-factory/build-resources@v3...3.0.30

3.0.29

What's Changed

• Bump super-linter/super-linter from 8.3.0 to 8.3.1 by @​dependabot[bot] in senzing-factory/build-resources#252
• Remove validation for natural language in workflows by @​kernelsam in senzing-factory/build-resources#253

Full Changelog: senzing-factory/build-resources@v3...3.0.29

3.0.28

What's Changed

• Add Markdown formatting guidelines to PR template by @​kernelsam in senzing-factory/build-resources#244
• Enhance PR review instructions for local and GitHub by @​kernelsam in senzing-factory/build-resources#246
• 247 dockter 1 by @​docktermj in senzing-factory/build-resources#248

New Contributors

• @​docktermj made their first contribution in senzing-factory/build-resources#248

Full Changelog: senzing-factory/build-resources@v3...3.0.28

3.0.27

Full Changelog: senzing-factory/build-resources@v3...3.0.27

3.0.26

Full Changelog: senzing-factory/build-resources@v3...3.0.26

... (truncated)

Changelog

Sourced from senzing-factory/build-resources/.github/workflows/lint-workflows.yaml's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, markdownlint, and this project adheres to Semantic Versioning.

[Unreleased]

• Thing 5
• Thing 4

[1.0.1] - yyyy-mm-dd

Added to 1.0.1

• Thing 3

Fixed in 1.0.1

• Thing 2

[1.0.0] - yyyy-mm-dd

Added to 1.0.0

• Thing 2
• Thing 1

Commits

• 52eb86b bump tags to v4, slack channel override, missing claude settings (#262)
• 08fb769 #260 make shared workflows generic, misc cleanup (#261)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #260
Resolves #262
Resolves #261
Resolves senzing-factory/build-resources#261
Resolves senzing-factory/build-resources#257
Resolves senzing-factory/build-resources#259
Resolves senzing-factory/build-resources#254
Resolves senzing-factory/build-resources#250
Resolves senzing-factory/build-resources#255
Resolves senzing-factory/build-resources#249
Resolves senzing-factory/build-resources#256
Resolves senzing-factory/build-resources#252
Resolves senzing-factory/build-resources#253
Resolves senzing-factory/build-resources#244
Resolves senzing-factory/build-resources#246
Resolves senzing-factory/build-resources#248

[github-actions]

🤖 Claude Code Review

Code Review Results

Summary

This PR updates the reusable workflow version from v3 to v4 for the lint-workflows GitHub Action. This is a dependency update with minimal risk.

---

Detailed Analysis

Code Quality ✅

• ✅ Code follows style guide: This is a GitHub Actions YAML configuration file. The change is a simple version bump that follows proper syntax.
• ✅ No commented-out code: Clean diff with no commented code.
• ✅ Meaningful variable names: N/A - this is a workflow configuration.
• ✅ DRY principle followed: N/A - single line change.
• ✅ Defects: No bugs, logic errors, or vulnerabilities introduced. This is a version bump of a reusable workflow.
• ⚠️ Project memory: No ./.claude/CLAUDE.md found in project root (only in build-resources/ subdirectory), so no project-specific guidelines to enforce.

Testing ⚠️

• ⚠️ Unit tests: Not applicable for GitHub Actions workflow configuration updates.
• ⚠️ Integration tests: Not applicable.
• ⚠️ Edge cases: Not applicable.
• ⚠️ Test coverage: Not applicable for workflow files.

Note: The change itself will be tested when the workflow runs on the PR.

Documentation ⚠️

• ❌ CHANGELOG.md updated: The CHANGELOG.md (.github/workflows/lint-workflows.yaml:18) was NOT updated to reflect this dependency bump. According to the file at line 1-30, changes should be documented here.
• ✅ README updated: Not applicable for internal workflow dependency bump.
• ✅ API docs updated: Not applicable.
• ✅ Inline comments: Not needed for this simple version bump.
• ✅ Markdown formatting: The CHANGELOG.md file is properly formatted per CommonMark specification.

Security ✅

• ✅ No hardcoded credentials: No credentials in the diff.
• ✅ Input validation: Not applicable.
• ✅ Proper error handling: Not applicable.
• ✅ No sensitive data in logs: No logging changes.
• ✅ License files: No .lic files or AQAAAD license strings detected in actual project files (only in documentation/prompts describing the check itself).

---

Required Actions

Critical Issues

None.

Required Changes

1. Update CHANGELOG.md - Add an entry documenting this workflow version bump:
   • File: CHANGELOG.md
   • Add a new unreleased section or append to the latest version section describing the workflow update from v3 to v4.

---

Recommendation

APPROVE with minor changes required: The code change itself is safe and follows best practices for dependency updates. However, the CHANGELOG.md should be updated to maintain proper project documentation standards.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Report

Summary

This PR updates the reusable workflow reference from @v3 to @v4 for the lint-workflows.yaml action. This is a minor dependency version bump.

---

Detailed Review

Code Quality

✅ Code follows style guide - .github/workflows/lint-workflows.yaml:18
The YAML workflow file is properly formatted and follows GitHub Actions conventions.

✅ No commented-out code
No commented code present in the diff.

✅ Meaningful variable names
N/A - This is a workflow configuration file, not application code.

✅ DRY principle followed
N/A - Single line change updating a version reference.

✅ Identify Defects
No bugs, logic errors, or security vulnerabilities detected. The change is straightforward - updating a reusable workflow reference from v3 to v4.

✅ Project memory configuration
No ./.claude/CLAUDE.md file exists in the repository, so no project-specific review guidelines to consider.

Testing

❌ Unit tests for new functions - .github/workflows/lint-workflows.yaml:18
No tests exist for this workflow change. However, this is a GitHub Actions workflow configuration, and testing typically occurs through actual workflow execution rather than unit tests. GitHub will validate the workflow syntax automatically.

❌ Integration tests for new endpoints
N/A - This is not an endpoint change.

❌ Edge cases covered
N/A - No edge cases to test for a version reference update.

❌ Test coverage > 80%
N/A - Workflow files are not typically measured by code coverage metrics.

Documentation

❌ README updated if needed - /home/runner/work/libpostal-data/libpostal-data/README.md
README does not need updating for this infrastructure change.

❌ API docs updated
N/A - No API changes.

✅ Inline comments for complex logic
No complex logic requiring comments.

❌ CHANGELOG.md updated - /home/runner/work/libpostal-data/libpostal-data/CHANGELOG.md:9
The CHANGELOG.md has not been updated to reflect this change. The latest entry is from 2025-11-07 (version 1.2.0). This workflow version bump should be documented if the project tracks infrastructure changes in the changelog.

Recommendation: Consider adding an entry like:

## [Unreleased]

### Changed

- Updated lint-workflows reusable workflow from v3 to v4

✅ Markdown files follow CommonMark specification
The existing markdown files appear properly formatted.

Security

✅ No hardcoded credentials
No credentials present in the diff.

✅ Input validation implemented
N/A - This is a workflow configuration change.

✅ Proper error handling
N/A - The reusable workflow handles its own error cases.

✅ No sensitive data in logs
No sensitive data introduced.

✅ No license files (.lic) or AQAAAD strings
No license files or suspicious encoded strings detected in the diff.

---

Overall Assessment

Status: ✅ APPROVED WITH MINOR RECOMMENDATION

This is a clean, low-risk change that updates a reusable workflow dependency. The only recommendation is to consider updating the CHANGELOG.md if the project tracks infrastructure/workflow changes. Otherwise, the PR is ready to merge.

Risk Level: Low
Files Changed: 1 (.github/workflows/lint-workflows.yaml)
Lines Changed: 1

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Results

Summary

This is a minor dependency version bump from v3 to v4 for the reusable workflow lint-workflows.yaml. This is a standard Dependabot-style update with minimal risk.

---

Code Quality

✅ Code follows style guide

• This is a GitHub Actions workflow configuration file (YAML)
• The change is a simple version bump in the uses field
• YAML formatting is correct and follows standard conventions
• File: .github/workflows/lint-workflows.yaml:18

✅ No commented-out code

• No commented code present

✅ Meaningful variable names

• N/A - This is a workflow configuration, not application code

✅ DRY principle followed

• N/A - Single line change

✅ No defects identified

• No bugs, logic errors, or security vulnerabilities in this change
• This is a version reference update to a reusable workflow
• The workflow maintains the same permissions structure

✅ Project memory compliance

• No .claude/CLAUDE.md file exists in this repository, so no project-specific conventions to check

---

Testing

⚠️ Unit tests for new functions

• N/A - No new functions added
• This is workflow infrastructure code

⚠️ Integration tests for new endpoints

• N/A - No endpoints involved

⚠️ Edge cases covered

• N/A - Version bump only

⚠️ Test coverage > 80%

• N/A - Workflow configuration files are not typically covered by unit tests
• The workflow itself performs linting as a form of testing

Note: Testing criteria don't apply to GitHub Actions workflow version bumps. The workflow should be validated by CI runs.

---

Documentation

❌ CHANGELOG.md not updated

• Issue: The CHANGELOG.md file has not been updated to reflect this change
• Location: /home/runner/work/libpostal-data/libpostal-data/CHANGELOG.md
• Last entry: Version 1.2.0 from 2025-11-07
• Recommendation: Add an entry documenting the workflow dependency update, even if minor

✅ README update not needed

• This internal workflow change doesn't affect user-facing functionality

✅ API docs not needed

• N/A - No API changes

✅ Inline comments not needed

• Workflow configuration is self-documenting

✅ Markdown formatting

• The workflow YAML file is properly formatted

---

Security

✅ No hardcoded credentials

• No credentials present in the change

✅ Input validation implemented

• N/A - This is a workflow reference

✅ Proper error handling

• N/A - Error handling is within the reusable workflow itself

✅ No sensitive data in logs

• No sensitive data introduced

✅ No license files checked in

• No .lic files found in repository

• ⚠️ Warning: Found AQAAAD strings in several files:

  • prompt-temp.md
  • prompt-header.md
  • build-resources/claude/pr-prompt.md
  • build-resources/.vscode/cspell.json
  • build-resources/.claude/CLAUDE.md

  These appear to be in untracked files (prompt-temp.md, prompt-header.md) and build resources documentation, not actual license files, but should be verified if these contain actual license data.

---

Overall Assessment

Recommendation: ✅ APPROVE with minor documentation update

This is a straightforward dependency version bump that:

• Follows the pattern of recent similar updates in the repository
• Maintains proper GitHub Actions security permissions
• Contains no code quality, security, or functional issues

Required before merge:

• Update CHANGELOG.md to document this workflow dependency update

Optional:

• Verify that the untracked files containing AQAAAD strings are not actual license files

---

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Summary

This PR updates a GitHub Actions workflow dependency from v3 to v4 of the senzing-factory/build-resources/.github/workflows/lint-workflows.yaml reusable workflow.

---

Code Quality

✅ Code follows style guide

• This is a GitHub Actions workflow YAML file. The change is minimal and follows standard GitHub Actions syntax.
• No code style issues detected.

✅ No commented-out code

• No commented code found in the diff or full file.

✅ Meaningful variable names

• N/A - This is a workflow configuration file with no custom variables introduced.

✅ DRY principle followed

• N/A - Single line version bump.

✅ Identify Defects

• No obvious defects detected.
• The version bump from v3 to v4 should be verified to ensure backward compatibility.
• Recommendation: Verify the changelog/release notes of senzing-factory/build-resources v4 to ensure there are no breaking changes in the reusable workflow.

✅ Project memory configuration

• No .claude/CLAUDE.md file exists in the repository, so no project-specific guidelines to validate against.

---

Testing

⚠️ Unit tests for new functions

• N/A - This is a workflow configuration change, not application code.

⚠️ Integration tests for new endpoints

• N/A - No endpoints modified.

⚠️ Edge cases covered

• N/A - Workflow configuration.

⚠️ Test coverage > 80%

• N/A - Workflow configuration change doesn't affect code coverage.

Note: For workflow changes, testing would typically involve:

• Verifying the workflow runs successfully in CI
• Checking that the upgraded reusable workflow functions as expected

---

Documentation

✅ README updated if needed

• No README update needed for a dependency version bump.

✅ API docs updated

• N/A - No API changes.

✅ Inline comments for complex logic

• N/A - The change is straightforward and self-explanatory.

❌ CHANGELOG.md updated

• .github/workflows/lint-workflows.yaml:18 - This dependency version bump should be documented in CHANGELOG.md
• Action Required: Add an entry documenting the upgrade from v3 to v4 of the lint-workflows reusable workflow.

✅ Markdown files follow CommonMark

• N/A - No markdown files modified in this PR.

---

Security

✅ No hardcoded credentials

• No credentials present.

✅ Input validation implemented

• N/A - Workflow configuration.

✅ Proper error handling

• N/A - Error handling is managed by the reusable workflow.

✅ No sensitive data in logs

• No sensitive data detected.

✅ No license files (.lic) or AQAAAD strings

• No license files or suspicious strings detected.

---

Overall Assessment

Status: ✅ Approved with minor recommendations

Critical Issues: None

Recommendations:

1. Update CHANGELOG.md - Document this dependency upgrade
2. Verify v4 compatibility - Review the release notes for senzing-factory/build-resources v4 to ensure no breaking changes affect this workflow
3. Monitor CI execution - Ensure the workflow runs successfully with the new version

Risk Level: Low - This is a standard dependency version bump with minimal risk, assuming the reusable workflow maintains backward compatibility.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Senzing Code Review

Summary

This is a minor version bump for a reusable GitHub Actions workflow dependency. The change updates the workflow reference from v3 to v4.

---

Code Quality

✅ Code Style Conformance

The YAML formatting follows proper conventions with consistent indentation and structure.

✅ No Commented-Out Code

No commented-out code present in this diff.

✅ Meaningful Variable Names

N/A - No variables introduced in this change.

✅ DRY Principle

N/A - This is a configuration change, not procedural code.

✅ Defects Analysis

No bugs, logic errors, or security vulnerabilities identified. The version bump from v3 to v4 is straightforward.

Recommendation: Verify that the breaking changes (if any) in the v4 workflow are compatible with this repository's needs. Review the changelog of senzing-factory/build-resources between v3 and v4.

✅ Project Memory Configuration

No .claude/CLAUDE.md file found in the repository to consider.

---

Testing

⚠️ Unit Tests

N/A - This is a GitHub Actions workflow configuration change, not application code.

Note: The workflow itself will be tested when it runs on the next PR or push event.

⚠️ Integration Tests

N/A - Workflow changes are validated through actual GitHub Actions execution.

⚠️ Edge Cases

N/A - Configuration change only.

⚠️ Test Coverage

N/A - Not applicable to workflow configuration files.

---

Documentation

✅ Readme Updates

No README update needed - this is an internal workflow dependency version bump.

✅ API Documentation

N/A - No API changes.

✅ Inline Comments

The workflow file is self-documenting. No complex logic requiring comments.

❌ CHANGELOG.md Update

.github/workflows/lint-workflows.yaml:18 - This dependency version bump should be documented in CHANGELOG.md if one exists in the repository.

Finding: No CHANGELOG.md update detected in this diff. Version bumps of reusable workflows should typically be logged.

✅ Markdown Formatting

N/A - No markdown files modified in this change.

---

Security

✅ No Hardcoded Credentials

No credentials present.

✅ Input Validation

N/A - No user input handling in this change.

✅ Proper Error Handling

N/A - Error handling is managed by the referenced workflow.

✅ No Sensitive Data in Logs

No sensitive data logging concerns.

✅ License Files Check

No .lic files or AQAAAD strings detected in this change.

---

Overall Assessment

Status: ✅ APPROVED with minor recommendations

This is a clean dependency version bump with no code quality, security, or functional concerns. The primary recommendation is to:

1. Document the change: Add an entry to CHANGELOG.md noting the workflow version update
2. Verify compatibility: Ensure the v4 workflow maintains compatibility with your current setup (check the upstream changelog for breaking changes)

The change itself is safe to merge once documentation is addressed.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Analyzing the pull request diff against the checklist criteria:

Summary

This PR updates the GitHub Actions workflow version from v3 to v4 for the lint-workflows action.

---

Detailed Review

Code Quality ✅

• ✅ Code follows style guide: This is a GitHub Actions workflow version bump - no code style issues apply
• ✅ No commented-out code: None present
• ✅ Meaningful variable names: N/A - this is a version reference
• ✅ DRY principle followed: N/A - single line change
• ✅ Identify Defects: No bugs, logic errors, or vulnerabilities introduced. This is a straightforward dependency version update
• ✅ Project memory configuration: No .claude/CLAUDE.md file exists in the repository to consider

Testing ⚠️

• ⚠️ Unit tests for new functions: N/A - no new functions
• ⚠️ Integration tests for new endpoints: N/A - workflow change only
• ⚠️ Edge cases covered: N/A - dependency version bump
• ⚠️ Test coverage > 80%: Cannot be verified from this diff, but this change doesn't affect test coverage

Note: For workflow updates, the "test" is whether the workflow runs successfully on the CI system.

Documentation ⚠️

• ⚠️ Readme updated if needed: No README changes, but likely not needed for a workflow version bump
• ⚠️ API docs updated: N/A - no API changes
• ⚠️ Inline comments for complex logic: N/A - workflow reference only
• ⚠️ CHANGELOG.md updated: Cannot verify from diff - should check if CHANGELOG exists and needs updating
• ⚠️ Markdown formatting: N/A - no markdown changes in this diff

Security ✅

• ✅ No hardcoded credentials: None present
• ✅ Input validation implemented: N/A - workflow version reference
• ✅ Proper error handling: N/A - delegated to the called workflow
• ✅ No sensitive data in logs: None introduced
• ✅ No license files: No .lic files or AQAAAD strings in the diff

---

Recommendations

1. Version Update Verification (.github/workflows/lint-workflows.yaml:18): Ensure that v4 of senzing-factory/build-resources/.github/workflows/lint-workflows.yaml is compatible with your current workflow configuration. Check the release notes for breaking changes.

2. CHANGELOG Update: If a CHANGELOG.md exists in the repository, consider adding an entry documenting this workflow version update.

3. Testing: Monitor the first run of this workflow after merge to ensure v4 works as expected.

---

Final Verdict: ✅ APPROVED WITH MINOR RECOMMENDATIONS

This is a low-risk change that updates a workflow dependency version. No code quality, security, or defect issues detected. The main recommendation is to verify v4 compatibility and consider documenting the change in the CHANGELOG if one exists.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

⚠️ No file changes detected - skipping code review.

This PR appears to contain only metadata changes (labels, description, etc.).