Bump hadolint/hadolint-action from 3.1.0 to 3.3.0

[dependabot]

Bumps hadolint/hadolint-action from 3.1.0 to 3.3.0.

Release notes

Sourced from hadolint/hadolint-action's releases.

v3.3.0

3.3.0 (2025-09-22)

Features

• trigger release workflow (2332a7b)

v3.2.0

3.2.0 (2025-09-03)

Features

• new minor release (3fc49fb)

Commits

• 2332a7b feat: trigger release workflow
• 2bfd2b9 Don't trigger release workflow on Tag
• 0931ae0 Release v3.3.0
• 3fc49fb feat: new minor release
• 45eb072 Trigger release workflow on tag
• 97f3e4f Merge pull request #94 from felipecrs/patch-1
• 3e9a095 Merge branch 'master' into patch-1
• 3285327 Merge pull request #96 from m-ildefons/update-ci-yml
• 8bde06f Update CI yml
• 24598f4 Update base image for Hadolint
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/hadolint/hadolint-action	3.3.0	🟢 3.5	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review 🟢 4 Found 7/15 approved changesets -- score normalized to 4 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• .github/workflows/ci.yml