caduceus icon indicating copy to clipboard operation
caduceus copied to clipboard

Published 20 hours ago verified publisher icon xmidt-org

chore(deps): bump xmidt-org/shared-go from 4.4.27 to 4.4.28

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps xmidt-org/shared-go from 4.4.27 to 4.4.28.

Release notes

Sourced from xmidt-org/shared-go's releases.

v4.4.28

Changelog

Commits
  • 766cd19 chore(deps): bump anchore/sbom-action from 0.17.7 to 0.17.8 (#213)
  • 9b20682 chore(deps): bump codecov/codecov-action from 5.0.4 to 5.0.7 (#212)
  • 67cdc1d chore(deps): bump codecov/codecov-action from 5.0.2 to 5.0.4 (#211)
  • 82d4661 chore(deps): bump codecov/codecov-action from 5.0.0 to 5.0.2 (#210)
  • 13a0aa1 chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.0 (#209)
  • ba5ad59 chore(deps): bump fsfe/reuse-action from 4.0.0 to 5 (#208)
  • f602b20 chore(deps): bump ruby/setup-ruby from 1.201.0 to 1.202.0 (#207)
  • 9ad973f chore(deps): bump ruby/setup-ruby from 1.200.0 to 1.201.0 (#206)
  • 8bbe77d chore(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (#205)
  • 4758ae2 chore(deps): bump ruby/setup-ruby from 1.199.0 to 1.200.0 (#204)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Nov 25 '24 23:11 dependabot[bot]

:warning: We detected 1 security issue in this pull request:

Hard-Coded Secrets (1)
Severity Details Docs
Medium Title: Github Key
https://github.com/xmidt-org/caduceus/blob/e193707e89d87d41f6eb4fa2f5599c790d6a7654/.github/workflows/ci.yml#L23		 :books:

More info on how to fix Hard-Coded Secrets in General.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

guardrails[bot] avatar Nov 25 '24 23:11 guardrails[bot]

completed by https://github.com/xmidt-org/caduceus/pull/610

denopink avatar Jun 11 '25 17:06 denopink

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Jun 11 '25 17:06 dependabot[bot]