chore(deps, rust): update github.vscode-github-actions, github.vscode-pull-request-github, rust-lang.rust-analyzer, sonarsource.sonarlint-vscode in devcontainer.json

[philips-software-forest-releaser]

Note

Before merging this PR, please conduct a manual test checking basic functionality of the updated plug-ins. There are limited automated tests for the VS Code Extension updates.

Updates sonarsource.sonarlint-vscode from 5.1.0 to 5.2.1

Release notes

• Fixed synchronization failure when the server returns dependency risks of Malware type.

• On-demand download of analysis dependencies for C#

• Update JS/TS/CSS analyzer 12.2 -> 12.3

• Update Go analyzer 1.33 -> 1.36

• Update Java Symbolic Execution analyzer 8.16.3 -> 8.16.4

• Update PHP analyzer 3.55 -> 3.56

• Update IaC analyzer 2.8 -> 2.9

• Update C# analyzer 10.23 -> 10.24

Updates rust-lang.rust-analyzer from 0.3.2862 to 0.3.2878

Release notes

Commit: 8954b66
Release: 2026-04-27 (v0.3.2878)

New Features

• #21979 rename variables in constructors when renaming a field.

Fixes

• #22116 (first contribution) mark enum variants as deprecated when parent enum is deprecated.
• #22101 port call expression type checking and closure upvar inference from rustc.
• #22107 improve "Go to definition" on comparison operators.
• #22085 reduce relevance of deprecated items.

Internal Improvements

• #22054 (first contribution) de-duplicate lints.
• #22104 don't check solver's cache validity on every access.
• #22105 migrate wrap_unwrap_cfg_attr assist to SyntaxEditor and replace ast::make with SyntaxFactory in few handlers.
• #22111 group unstable features in a struct.

See also the changelog post.

Commit: adef948
Release: 2026-04-20 (v0.3.2870)

New Features

• #21906 exclude dependency and standard library results from reference search.
• #21740 support #[rust_analyzer::prefer_underscore_import] to import traits as _.

Fixes

• #22031 (first contribution) demote impl completions when an inherent impl block already exists.
• #22083 (first contribution) respect #[deprecated] when deciding if a ModuleDef completion is deprecated.
• #22046 (first contribution) add parser support for unstable type const items.
• #22022 add parser support for impl and mut restrictions.
• #22096 use ProofTreeVisitor for unsized coercion.
• #22025 don't add extra dereference after indexing in extract_function.
• #22044 don't complete unstable items that are gated by an internal feature.
• #22003 complete variants of hidden enums through public aliases.
• #21999 fix ref-completion with keyword prefix.
• #22018 enable completions inside strings in VS Code.
• #22032 allow ambiguity in associated type shorthands if they resolve to the same associated type from a supertrait.
• #22087 fix incorrect lifetime hints with self: Self parameter.
• #22066 recognize #[std::prelude::vX::test].
• #21487 offer extract_variable in macro calls.
• #22067 add parentheses on record literals in replace_let_with_if_let.
• #22030 fix MIR evaluation of sized &T with recursive const functions.
• #22073 fix panic on empty comments in convert_comment_block.
• #22077 fix a panic in replace_if_let_with_match.
• #22055 fixes some upvars_mentioned issues.
• #22070 handle name conflicts in extract_type_alias a little better.

Internal Improvements

• #21835 add hir::Type::{as_raw_ptr,is_mutable_raw_ptr}.
• #22092 synchronize function call argument check fudging with rustc.
• #22048 bump rustc crates.
• #22061 bump salsa.
• #22050 represent lower coroutines to closures.
• #22049, #22069 store a SyntaxFactory inside SyntaxEditor.
• #22043, #22095, #22042, #22039 replace ast::make with SyntaxFactory in raw_string, convert_range_for_to_while, expand_glob_import and generate_blanket_trait_impl.
• #22091, #22036 migrate generate_impl_text and IdentPat::set_pat to SyntaxEditor.
• #22081 migrate convert_iter_for_each_to_for assist to SyntaxEditor.
• #22037 remove set_visibility.
• #22041 remove GenericParamsOwnerEdit.
• #22057 remove clone_for_update from move_const_to_impl.
• #22063 remove LineIndexDatabase.
• #22065 fix new Clippy lints.
• #22084 slim down MiniCore Debug output.
• #22074 support RUSTFMT_TOOLCHAIN for xtask codegen.
• #22029, #22028 run rustdoc GitHub action on PRs.

See also the changelog post.

Updates github.vscode-pull-request-github from 0.136.0 to 0.140.0

Release notes

0.140.0

Changes

• New "Checkout Pull Request in Worktree" option added to the Pull Requests view context menu and the PR description view.

Fixes

• hasBranch called with repository name (pr.base.name) instead of branch name (pr.base.ref) in reviewManager.ts. https://www.github.com/microsoft/vscode-pull-request-github/issues/8668

Thank You

• @Will-hxw: Use pr.base.ref instead of pr.base.name in hasBranch call PR #8698

0.138.0

Fixes

• Extension does not show all PR checks. https://www.github.com/microsoft/vscode-pull-request-github/issues/8640
• File-scoped comment fails with "Error: File has been deleted". https://www.github.com/microsoft/vscode-pull-request-github/issues/8641
• PR made without the UI is not linked to the existing branch. https://www.github.com/microsoft/vscode-pull-request-github/issues/8643

0.136.0

Changes

• Add tool to create pull requests.
• Add tool to resolve review comments.
• Offer to delete worktrees from the clean up command.
• Include line numbers in "Apply suggestion using AI" context for code review comments.

Fixes

• Resolving comments doesn't update state on server. https://www.github.com/microsoft/vscode-pull-request-github/issues/8649
• PR description filled differently than on github.com. https://www.github.com/microsoft/vscode-pull-request-github/issues/8630
• Can't checkout PR locally when already on the same branch. https://www.github.com/microsoft/vscode-pull-request-github/issues/8624
• Parent folder checkbox not auto-checked when all children are marked as viewed. https://www.github.com/microsoft/vscode-pull-request-github/issues/8584
• Escape file names in processed links.

0.134.0

Changes

• Branch names in the create PR view are now cached for faster target branch loading.
• GitHub permalink links in PR and issue overview webviews now open the corresponding local file when the file exists in the workspace.

Fixes

• Selecting a target branch when creating a PR is sometimes broken. https://www.github.com/microsoft/vscode-pull-request-github/issues/8627
• "Apply suggestion using AI" for code comment reviews results in a redundant disclaimer suffix. https://www.github.com/microsoft/vscode-pull-request-github/issues/8605

Thank You

• @Daniel-Aaron-Bloom: Link to local file for permalinks in webview PR #8583

Updates github.vscode-github-actions from 0.31.3 to 0.31.5

Release notes

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	23		0	0	0.25s
✅ DOCKERFILE	hadolint	3		0	0	0.28s
✅ JSON	npm-package-json-lint	yes		no	no	0.57s
✅ JSON	prettier	21	4	0	0	1.03s
✅ JSON	v8r	21		0	0	11.16s
✅ MARKDOWN	markdownlint	12	0	0	0	1.38s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.24s
✅ REPOSITORY	checkov	yes		no	no	27.26s
✅ REPOSITORY	gitleaks	yes		no	no	1.09s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	52.52s
✅ REPOSITORY	secretlint	yes		no	no	2.1s
✅ REPOSITORY	syft	yes		no	no	2.36s
✅ REPOSITORY	trivy	yes		no	no	12.98s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.63s
✅ REPOSITORY	trufflehog	yes		no	no	6.32s
⚠️ SPELL	lychee	83		3	0	9.99s
✅ YAML	prettier	31	0	0	0	1.4s
✅ YAML	v8r	31		0	0	13.5s
✅ YAML	yamllint	31		0	0	1.17s

Detailed Issues

⚠️ SPELL / lychee - 3 errors

[ERROR] https://www.contributor-covenant.org/version/2/0/code_of_conduct.html | Network error: error sending request for url (https://www.contributor-covenant.org/version/2/0/code_of_conduct.html) Maybe a certificate error?
[IGNORED] docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62 | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[ERROR] https://securityscorecards.dev/viewer/?uri=github.com/philips-software/amp-devcontainer | Network error: error sending request for url (https://securityscorecards.dev/viewer/?uri=github.com/philips-software/amp-devcontainer) Maybe a certificate error?
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....121
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........3

Errors in README.md
[ERROR] https://securityscorecards.dev/viewer/?uri=github.com/philips-software/amp-devcontainer | Network error: error sending request for url (https://securityscorecards.dev/viewer/?uri=github.com/philips-software/amp-devcontainer) Maybe a certificate error?

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

Errors in .github/CODE_OF_CONDUCT.md
[ERROR] https://www.contributor-covenant.org/version/2/0/code_of_conduct.html | Network error: error sending request for url (https://www.contributor-covenant.org/version/2/0/code_of_conduct.html) Maybe a certificate error?

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/salesforce@v9.4.0 (58 linters)
• oxsecurity/megalinter/flavors/javascript@v9.4.0 (61 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1257

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	144.72 MB	144.72 MB	+58 B (+0%)	🔼
linux/arm64	137.03 MB	137.03 MB	+103 B (+0%)	🔼

[github-actions]

Test Results

4 files   -   9  4 suites   - 9   0s ⏱️ - 20m 40s
1 tests  -  32  1 ✅  -  32  0 💤 ±0  0 ❌ ±0 
4 runs   - 133  4 ✅  - 133  0 💤 ±0  0 ❌ ±0 

Results for commit 9aaf802. ± Comparison against base commit 13f103c.

♻️ This comment has been updated with latest results.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edge ➔ ghcr.io/philips-software/amp-devcontainer-rust:pr-1257

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	455.22 MB	455.22 MB	+102 B (+0%)	🔼
linux/arm64	408.41 MB	408.41 MB	292 B (0%)	🔽