Bump senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml from 3 to 4

[dependabot]

Bumps senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml from 3 to 4.

Release notes

Sourced from senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml's releases.

4.0.0

What's Changed

• #260 make shared workflows generic, misc cleanup by @​kernelsam in senzing-factory/build-resources#261

Full Changelog: senzing-factory/build-resources@v3...4.0.0

3.0.31

What's Changed

• Bump super-linter/super-linter from 8.4.0 to 8.5.0 by @​dependabot[bot] in senzing-factory/build-resources#257
• if the PR's REFRESHED_AT matches main's value, it only passes if that… by @​kernelsam in senzing-factory/build-resources#259

Full Changelog: senzing-factory/build-resources@v3...3.0.31

3.0.30

What's Changed

• Bump super-linter/super-linter from 8.3.1 to 8.3.2 by @​dependabot[bot] in senzing-factory/build-resources#254
• Bump actions/download-artifact from 6 to 7 by @​dependabot[bot] in senzing-factory/build-resources#250
• Bump super-linter/super-linter from 8.3.2 to 8.4.0 by @​dependabot[bot] in senzing-factory/build-resources#255
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in senzing-factory/build-resources#249
• Fix regex for filtering GitHub workflows by @​kernelsam in senzing-factory/build-resources#256

Full Changelog: senzing-factory/build-resources@v3...3.0.30

3.0.29

What's Changed

• Bump super-linter/super-linter from 8.3.0 to 8.3.1 by @​dependabot[bot] in senzing-factory/build-resources#252
• Remove validation for natural language in workflows by @​kernelsam in senzing-factory/build-resources#253

Full Changelog: senzing-factory/build-resources@v3...3.0.29

3.0.28

What's Changed

• Add Markdown formatting guidelines to PR template by @​kernelsam in senzing-factory/build-resources#244
• Enhance PR review instructions for local and GitHub by @​kernelsam in senzing-factory/build-resources#246
• 247 dockter 1 by @​docktermj in senzing-factory/build-resources#248

New Contributors

• @​docktermj made their first contribution in senzing-factory/build-resources#248

Full Changelog: senzing-factory/build-resources@v3...3.0.28

3.0.27

Full Changelog: senzing-factory/build-resources@v3...3.0.27

3.0.26

Full Changelog: senzing-factory/build-resources@v3...3.0.26

... (truncated)

Changelog

Sourced from senzing-factory/build-resources/.github/workflows/add-to-project-dependabot.yaml's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, markdownlint, and this project adheres to Semantic Versioning.

[Unreleased]

• Thing 5
• Thing 4

[1.0.1] - yyyy-mm-dd

Added to 1.0.1

• Thing 3

Fixed in 1.0.1

• Thing 2

[1.0.0] - yyyy-mm-dd

Added to 1.0.0

• Thing 2
• Thing 1

Commits

• 52eb86b bump tags to v4, slack channel override, missing claude settings (#262)
• 08fb769 #260 make shared workflows generic, misc cleanup (#261)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #260
Resolves #262
Resolves #261
Resolves senzing-factory/build-resources#261
Resolves senzing-factory/build-resources#257
Resolves senzing-factory/build-resources#259
Resolves senzing-factory/build-resources#254
Resolves senzing-factory/build-resources#250
Resolves senzing-factory/build-resources#255
Resolves senzing-factory/build-resources#249
Resolves senzing-factory/build-resources#256
Resolves senzing-factory/build-resources#252
Resolves senzing-factory/build-resources#253
Resolves senzing-factory/build-resources#244
Resolves senzing-factory/build-resources#246
Resolves senzing-factory/build-resources#248

[github-actions]

🤖 Claude Code Review

---

Code Review Results

Code Quality ✅

✅ Code follows style guide

• This is a GitHub Actions workflow file updating a version reference from @v3 to @v4
• The change is minimal and follows YAML formatting conventions
• File: .github/workflows/add-to-project-app-server-dependabot.yaml:15

✅ No commented-out code

• No commented-out code present in the diff

✅ Meaningful variable names

• N/A - No new variables introduced

✅ DRY principle followed

• N/A - This is a version bump, not new functionality

✅ Identify Defects

• No bugs, logic errors, or security vulnerabilities detected
• This is a straightforward version bump of a reusable workflow
• The change appears to be part of a dependency update pattern (consistent with recent commits showing similar bumps)

✅ Project memory configuration

• No .claude/CLAUDE.md file exists in this repository, so no project-specific considerations needed

Testing ⚠️

⚠️ Unit tests for new functions

• N/A - No new functions added. This is infrastructure/workflow configuration.

⚠️ Integration tests for new endpoints

• N/A - No new endpoints

⚠️ Edge cases covered

• N/A - No testable logic changes

⚠️ Test coverage > 80%

• N/A - GitHub Actions workflows are not typically unit tested. The workflow itself will be validated when it runs.

Note: Testing checklist items are marked as ⚠️ (warning) rather than ❌ (fail) because they are not applicable to GitHub Actions workflow version bumps. These changes are validated through CI/CD execution.

Documentation ✅

✅ Readme updated if needed

• No README update needed for a workflow version bump

✅ API docs updated

• N/A - No API changes

✅ Inline comments for complex logic

• N/A - No complex logic added

✅ CHANGELOG.md updated

• This type of infrastructure change (bumping reusable workflow versions) typically does not require CHANGELOG entries as it doesn't affect end-user functionality

✅ Markdown files follow CommonMark

• N/A - No markdown files modified in this diff

Security ✅

✅ No hardcoded credentials

• No credentials present. Secrets are properly referenced via ${{ secrets.* }}

✅ Input validation implemented

• N/A - No new inputs

✅ Proper error handling

• N/A - No new error handling logic needed

✅ No sensitive data in logs

• No sensitive data present

✅ No license files flagged

• No .lic files or AQAAAD strings detected in the diff

---

Summary

Overall Assessment: ✅ APPROVED

This pull request is a straightforward dependency update that bumps the version of a reusable GitHub Actions workflow from v3 to v4. The change:

• Is minimal and focused (single line change)
• Follows proper patterns for version references in GitHub Actions
• Contains no security concerns
• Requires no additional documentation or testing
• Is consistent with recent repository activity (similar dependency bumps in commit history)

No issues found. This change is safe to merge.

Automated code review analyzing defects and coding standards