commons-logging
commons-logging copied to clipboard
Published
20 hours ago •
apache
apache
Bump ossf/scorecard-action from 1.1.2 to 2.0.4
Bumps ossf/scorecard-action from 1.1.2 to 2.0.4.
Release notes
Sourced from ossf/scorecard-action's releases.
v2.0.4
Fixes #856
What's Changed
- :seedling: Bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 by
@dependabotin ossf/scorecard-action#934- feat: do not run signing on pull requests by
@laurentsimonin ossf/scorecard-action#935- :seedling: Bump debian from 11.4-slim to 11.5-slim by
@dependabotin ossf/scorecard-action#936- :seedling: Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 by
@dependabotin ossf/scorecard-action#938- :seedling: Bump github/codeql-action from 2.1.22 to 2.1.24 by
@dependabotin ossf/scorecard-action#941- 🐛 Restore behavior of ignoring scorecard runtime errors by
@spencerschrockin ossf/scorecard-action#948- :seedling: Bump actions/dependency-review-action from 2.1.0 to 2.4.0 by
@dependabotin ossf/scorecard-action#950- :seedling: Bump github.com/sigstore/cosign from 1.12.0 to 1.12.1 by
@dependabotin ossf/scorecard-action#947- :seedling: Bump github/codeql-action from 2.1.24 to 2.1.25 by
@dependabotin ossf/scorecard-action#949- :seedling: Bump codecov/codecov-action from 3.1.0 to 3.1.1 by
@dependabotin ossf/scorecard-action#942- Create v2.0.4 patch by
@spencerschrockin ossf/scorecard-action#952New Contributors
@spencerschrockmade their first contribution in ossf/scorecard-action#948Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4
v2.0.3
Patch for fix in #898
v2.0.2
Fixes ossf/scorecard-action#895
v2.0.1
Fix for #856
v2.0.0
What's Changed
- 🌱 Prepare for a pre-release of the Golang action by
@azeemshaikh38in ossf/scorecard-action#750- :seedling: Bump github/codeql-action from 2.1.12 to 2.1.16 by
@dependabotin ossf/scorecard-action#751- :seedling: Bump debian from 11.3-slim to 11.4-slim by
@dependabotin ossf/scorecard-action#749- :seedling: Bump step-security/harden-runner from 1.4.3 to 1.4.4 by
@dependabotin ossf/scorecard-action#646- :seedling: Bump actions/setup-go from 3.2.0 to 3.2.1 by
@dependabotin ossf/scorecard-action#748- 🐛 Fix dependency conflicts in go.mod by
@azeemshaikh38in ossf/scorecard-action#771- 🌱 Prepare for v2 beta1 release by
@azeemshaikh38in ossf/scorecard-action#766- multi-repo-action: Note that tool is a work-in-progress by
@naveensrinivasanin ossf/scorecard-action#776- 🐛 Fix intermittent failures in CI-Tests by
@azeemshaikh38in ossf/scorecard-action#778- :seedling: Bump sigs.k8s.io/release-utils from 0.7.2 to 0.7.3 by
@dependabotin ossf/scorecard-action#775- :seedling: Bump actions/cache from 3.0.4 to 3.0.5 by
@dependabotin ossf/scorecard-action#769- 📖 Update README about the restrictions for scorecard-action:v2 by
@azeemshaikh38in ossf/scorecard-action#779- :seedling: Bump github/codeql-action from 2.1.16 to 2.1.17 by
@dependabotin ossf/scorecard-action#783- 📖 Update instructions for Scorecard badge to README by
@azeemshaikh38in ossf/scorecard-action#785- :seedling: Bump debian from
f576b80toa811e62by@dependabotin ossf/scorecard-action#787- :seedling: Bump github.com/ossf/scorecard/v4 from 4.4.0 to 4.5.0 by
@dependabotin ossf/scorecard-action#786- :seedling: Bump github/codeql-action from 2.1.17 to 2.1.18 by
@dependabotin ossf/scorecard-action#788- :seedling: Bump actions/cache from 3.0.5 to 3.0.6 by
@dependabotin ossf/scorecard-action#789
... (truncated)
Commits
e363bfcBump docker to next release. (#952)65d491b:seedling: Bump codecov/codecov-action from 3.1.0 to 3.1.1f60b7d6:seedling: Bump github/codeql-action from 2.1.24 to 2.1.25be7ddf6:seedling: Bump github.com/sigstore/cosign from 1.12.0 to 1.12.19a2bfd4:seedling: Bump actions/dependency-review-action from 2.1.0 to 2.4.0 (#950)a346ade🐛 Restore behavior of ignoring scorecard runtime errors (#948)2db2a1c:seedling: Bump github/codeql-action from 2.1.22 to 2.1.24 (#941)c858631:seedling: Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 (#938)8ee777f:seedling: Bump debian from 11.4-slim to 11.5-slim (#936)6213479feat: do not run signing on pull requests (#935)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
