chore(deps, rust): update github.vscode-github-actions, github.vscode-pull-request-github, rust-lang.rust-analyzer, sonarsource.sonarlint-vscode in devcontainer.json

[philips-software-forest-releaser]

Note

Before merging this PR, please conduct a manual test checking basic functionality of the updated plug-ins. There are limited automated tests for the VS Code Extension updates.

Updates sonarsource.sonarlint-vscode from 4.44.0 to 4.45.0

Release notes

• Update Java analyzer 8.24 -> 8.26
• Update Python analyzer 5.18 -> 5.19
• Update PHP analyzer 3.54 -> 3.55

Updates rust-lang.rust-analyzer from 0.3.2819 to 0.3.2828

Release notes

Commit: 90c8906
Release: 2026-03-16 (v0.3.2828)

Fixes

• #21793 (first contribution) handle multi-byte UTF-8 identifiers in NameGenerator::suggest_name.
• #21767 remove crate from EditionedFileId.
• #21785 allow duplicate associated type shorthand resolution if it points to the same associated type.
• #21820 infer generic args for TraitRef and its associated types.
• #21794 validate naming convention for union types.
• #21771 make file watcher recursive.

Internal Improvements

• #21818 refactor MirLowerCtx to use &ExpressionStore instead of &Body.
• #21788 don't re-query source roots per-crate in analysis-stats.
• #21804 disambiguate error messages when proc-macro-srv changes the working directory.

See also the changelog post.

Updates github.vscode-pull-request-github from 0.132.0 to 0.132.1

Release notes

0.132.1

Fixes

• Can't add multiline GitHub PR Comment because Inline Chat button covers Comment button. https://www.github.com/microsoft/vscode-pull-request-github/issues/8504
• Deleting a worktree after merging a PR mixes the main branch with the worktree. https://www.github.com/microsoft/vscode-pull-request-github/issues/8519
• Missing issue webview icon.

Updates github.vscode-github-actions from 0.31.0 to 0.31.2

Release notes

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	23		0	0	0.28s
✅ DOCKERFILE	hadolint	3		0	0	0.33s
✅ JSON	npm-package-json-lint	yes		no	no	0.53s
✅ JSON	prettier	21	4	0	0	0.72s
✅ JSON	v8r	21		0	0	10.6s
✅ MARKDOWN	markdownlint	12	0	0	0	1.3s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.37s
✅ REPOSITORY	checkov	yes		no	no	30.76s
✅ REPOSITORY	gitleaks	yes		no	no	1.24s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
⚠️ REPOSITORY	grype	yes		no	42	47.84s
✅ REPOSITORY	secretlint	yes		no	no	2.28s
✅ REPOSITORY	syft	yes		no	no	2.58s
✅ REPOSITORY	trivy	yes		no	no	14.8s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.5s
✅ REPOSITORY	trufflehog	yes		no	no	8.13s
⚠️ SPELL	lychee	83		1	0	9.36s
✅ YAML	prettier	31	0	0	0	1.43s
✅ YAML	v8r	31		0	0	14.28s
✅ YAML	yamllint	31		0	0	1.37s

Detailed Issues

⚠️ REPOSITORY / grype - 42 warnings

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/continuous-integration.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/issue-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/issue-creation-tool-versions.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/linting-formatting.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/ossf-scorecard.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-conventional-title.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-report.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/release-build.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/release-please.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/update-dependencies.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/vulnerability-scan.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-acceptance-test.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-build-push.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-dependency-review.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-document-generation.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-integration-test-docker.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-integration-test-podman.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-publish-templates.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-sanitize-image-name.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/continuous-integration.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/issue-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/issue-creation-tool-versions.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/linting-formatting.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/ossf-scorecard.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-conventional-title.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-image-cleanup.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/pr-report.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/release-build.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/release-please.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/update-dependencies.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/vulnerability-scan.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-acceptance-test.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-build-push.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-dependency-review.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-document-generation.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-integration-test-docker.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-integration-test-podman.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-publish-templates.yml

warning: A medium vulnerability in github-action package: step-security/harden-runner, version v2.15.1 was found at: /.github/workflows/wc-sanitize-image-name.yml

warning: 42 warnings emitted

⚠️ SPELL / lychee - 1 error

[IGNORED] docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62 | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/salesforce@v9.4.0 (58 linters)
• oxsecurity/megalinter/flavors/javascript@v9.4.0 (61 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1208

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	144.74 MB	144.74 MB	+972 B (+0%)	🔼
linux/arm64	137.1 MB	137.1 MB	2.06 kB (0%)	🔽

[github-actions]

Test Results

4 files   -   9  4 suites   - 9   0s ⏱️ - 18m 47s
1 tests  -  32  1 ✅  -  32  0 💤 ±0  0 ❌ ±0 
4 runs   - 133  4 ✅  - 133  0 💤 ±0  0 ❌ ±0 

Results for commit 1ee787b. ± Comparison against base commit 618174e.

♻️ This comment has been updated with latest results.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud