dependabot[bot]
|
8e5ebf49a9
|
Bump actions/upload-artifact from 3.1.0 to 4.3.1 (#6851)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...5d5d22a31266ced268874388b861e4b58bb5c2f3)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2024-03-26 07:52:51 +11:00 |
|
dependabot[bot]
|
d935936295
|
Bump github/codeql-action from 2.2.4 to 3.24.9 (#6852)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](17573ee1cc...1b1aada464 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2024-03-26 07:48:33 +11:00 |
|
dependabot[bot]
|
5385d93a22
|
Bump ossf/scorecard-action from 2.1.2 to 2.3.1 (#6803)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](e38b1902ae...0864cf1902 )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2024-03-23 18:11:10 +11:00 |
|
Matthias Mair
|
b46b200101
|
Add OSSF Scorecard (#6769)
* Create scorecard.yml
* Add badge
* disable publishing
* Add security improvements (#181)
* Add OSSF Scorecard (#179)
* Create scorecard.yml
* Add badge
* disable publishing
* [StepSecurity] Apply security best practices (#180)
* [StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
* Update .pre-commit-config.yaml
* Update dependabot.yml
* Delete .github/workflows/dependency-review.yml
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Matthias Mair <code@mjmair.com>
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
* Update to upstream project
* disable shellcheck for now
---------
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
|
2024-03-21 10:11:49 +11:00 |
|