wayback icon indicating copy to clipboard operation
wayback copied to clipboard

Published 20 hours ago verified publisher icon wabarc

Bump returntocorp/semgrep-action from e9c03cf55b6e6228674d9c6837158af4b61598c9 to 1

Open dependabot[bot] opened this issue 3 years ago • 0 comments

Bumps returntocorp/semgrep-action from e9c03cf55b6e6228674d9c6837158af4b61598c9 to 1. This release includes the previously tagged commit.

Changelog

Sourced from returntocorp/semgrep-action's changelog.

Upcoming - Date

2022-06-23

Changed

  • Use semgrep 0.100.0

2022-05-25

Changed

  • Use semgrep 0.94.0

2022-05-12

Changed

  • Use semgrep 0.92.0

2022-04-26

Changed

  • Use semgrep 0.90.0

Fixed

  • Allow --config and --audit-on multiple times (#566)

2022-04-20

Changed

  • Use semgrep 0.89.0

  • The version of Git included in the Docker image has been bumped to 2.35.2; this means that the safe directory check added in response to CVE-2022-24765 now applies to scans done with semgrep-agent.

    If the directory you scan is owned by a different user than semgrep-agent runs with, you will need to run git config --global --add safe.directory /YOUR/REPO/PATH before scanning, see discussion on the release PR.

2022-03-24

Changed

  • Use semgrep 0.86.0
  • Move all functionality to semgrep ci and run that command

... (truncated)

Commits
  • aeafd77 Merge pull request #633 from returntocorp/release-0.111.1
  • 4efcf8c chore: Bump version to 0.111.1
  • d5b2131 Merge pull request #632 from returntocorp/release-0.111.0
  • a526ed2 chore: Bump version to 0.111.0
  • 327d887 Merge pull request #629 from returntocorp/release-0.110.0
  • a7aaf1a chore: Bump version to 0.110.0
  • 31f82c9 Merge pull request #627 from returntocorp/release-0.109.0
  • bc7c72f sort flags to command
  • bad0615 Update pytest snapshots
  • bd40e8d Update pytest snapshots
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Aug 29 '22 14:08 dependabot[bot]