ci: fix update dependencies

[rjaegers]

🚀 Hey, I have created a Pull Request

Description of changes

This pull request introduces several improvements to the automation of updating VS Code extensions and APT dependencies in the development container setup. The changes enhance robustness, improve release note generation, and streamline the process for both scheduled and pull request-based updates. Notably, the VS Code extension update logic now more reliably fetches release notes, outputs a summary file, and the workflow better supports PR previews and manual testing.

Key changes:

VS Code Extension Update Action Improvements

• The update script (update-vscode-extensions.sh) now fetches GitHub release notes based on the publish date of the current extension version, making it more robust to different versioning schemes and ensuring only relevant release notes are included. It also prevents GitHub backlinks and at-mentions in the notes.
• The script now outputs the markdown summary to a temporary file and exposes its path as an output (markdown-summary-file), instead of embedding the summary directly in workflow outputs. [1] [2]
• The action definition and workflow steps are updated to use this new output, improving compatibility and reliability. [1] [2]

Workflow Enhancements

• The workflow now supports pull request triggers for previewing dependency updates, with job names and steps adapted to clarify when a job is a test run. [1] [2] [3]
• The VS Code extension update workflow generates a PR body file that includes a manual testing reminder and the update summary, using the new summary file output.
• Only creates a pull request for actual dependency updates when not running as a pull request event, reducing noise and accidental PR creation during previews. [1] [2]

Robustness and Usability

• Improved shell script argument handling, quoting, and error messages for better safety and clarity.
• The script now safely handles cases where no extensions are updated, and always outputs well-formed JSON.

These changes collectively make the dependency update process more reliable, informative, and user-friendly for both maintainers and reviewers.

✔️ Checklist

• I have followed the contribution guidelines for this repository
• I have added tests for new behavior, and have not broken any existing tests
• I have added or updated relevant documentation
• I have verified that all added components are accounted for in the SBOM

[Copilot]

Pull request overview

This PR fixes issues in the dependency update workflow and improves release notes handling. It corrects the APT requirements file pattern matching to be more flexible, and prevents potential issues with excessively large release notes by implementing truncation logic.

Changes:

• Updated the APT requirements file pattern to match files without requiring a dash separator
• Added truncation logic for release notes bodies exceeding 32,768 characters

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
.github/workflows/update-dependencies.yml	Removed dash requirement from apt-requirements file pattern
.github/actions/update-vscode-extensions/update-vscode-extensions.sh	Added release notes body size validation and truncation

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1114

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	167.84 MB	167.84 MB	+113 B (+0%)	🔼
linux/arm64	160.6 MB	160.6 MB	240 B (0%)	🔽

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	20		0	0	0.49s
✅ DOCKERFILE	hadolint	3		0	0	0.63s
✅ GHERKIN	gherkin-lint	6		0	0	2.41s
✅ JSON	npm-package-json-lint	yes		no	no	0.45s
✅ JSON	prettier	21	4	0	0	0.52s
✅ JSON	v8r	21		0	0	7.33s
✅ MARKDOWN	markdownlint	12	0	0	0	0.88s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.24s
✅ REPOSITORY	checkov	yes		no	no	16.95s
✅ REPOSITORY	gitleaks	yes		no	no	0.51s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	27.95s
✅ REPOSITORY	secretlint	yes		no	no	0.91s
✅ REPOSITORY	syft	yes		no	no	1.82s
✅ REPOSITORY	trivy	yes		no	no	7.52s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.22s
✅ REPOSITORY	trufflehog	yes		no	no	2.22s
⚠️ SPELL	lychee	80		1	0	11.88s
✅ YAML	prettier	28	0	0	0	1.0s
✅ YAML	v8r	28		0	0	7.44s
✅ YAML	yamllint	28		0	0	1.0s

Detailed Issues

⚠️ SPELL / lychee - 1 error

[IGNORED] docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.7.0@sha256:a703d335fa237f8fc3303329d87e2555dca5187930da38bfa9010fa4e690933a)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,GHERKIN_GHERKIN_LINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edge ➔ ghcr.io/philips-software/amp-devcontainer-rust:pr-1114

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	548.25 MB	548.25 MB	+169 B (+0%)	🔼
linux/arm64	502.73 MB	502.73 MB	303 B (0%)	🔽

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:edge ➔ ghcr.io/philips-software/amp-devcontainer-cpp:pr-1114

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	682.84 MB	682.84 MB	+857 B (+0%)	🔼
linux/arm64	664.57 MB	664.57 MB	16 B (0%)	🔽

[Copilot]

@rjaegers I've opened a new pull request, #1119, to work on those changes. Once the pull request is ready, I'll request review from you.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

[github-actions]

Test Results

 7 files  ±0   7 suites  ±0   3m 59s ⏱️ -8s
33 tests ±0  33 ✅ ±0  0 💤 ±0  0 ❌ ±0 
69 runs  ±0  69 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 770eb72. ± Comparison against base commit f3459f2.

♻️ This comment has been updated with latest results.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

[github-actions]

Pull Request Report (#1114)

Static measures

Description	Value
Number of added lines	80
Number of deleted lines	47
Number of changed files	3
Number of commits	26
Number of reviews	16
Number of comments (w/o review comments)	7
Number of reviews that contains a comment to resolve	15
Number of reviews that requested a change from the author	0
Number of reviews that approved the Pull Request	1
Get the total number of participants of a Pull Request	10

Time related measures

Description	Value
PR lead time (from creation to close of PR)	4 Days
Time that was spend on the branch before the PR was created	1.3 Min
Time that was spend on the branch before the PR was merged	4 Days
Time to merge after last review	1.5 Hours

Status check related measures

Description	Value
Total runtime for last status check run (Workflow for PR)	51 Min
Total time spend in last status check run on PR	32.2 Min