undici icon indicating copy to clipboard operation
undici copied to clipboard

Published 20 hours ago verified publisher icon nodejs

build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps step-security/harden-runner from 2.6.0 to 2.6.1.

Release notes

Sourced from step-security/harden-runner's releases.

v2.6.1

What's Changed

Release v2.6.1 by @​varunsh-coder and @​h0x0er in step-security/harden-runner#356 This release:

  1. Improves the job summary markdown written by the Harden-Runner Action
  2. Improves detection of cache endpoint used by the job
  3. Detects use of Kubernetes mode in Actions Runner Controller (ARC) based runners
  4. Updates dependencies

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.6.1

Commits
  • eb238b5 Release v2.6.1 (#356)
  • 2579b52 Merge pull request #350 from step-security/dependabot/github_actions/actions/...
  • c11b220 Merge pull request #352 from step-security/dependabot/github_actions/ossf/sco...
  • 3338abc Bump ossf/scorecard-action from 2.3.0 to 2.3.1
  • 7523e86 Bump actions/checkout from 4.1.0 to 4.1.1
  • bf4cac9 Merge pull request #349 from step-security/dependabot/github_actions/ossf/sco...
  • ab35e30 Bump ossf/scorecard-action from 2.2.0 to 2.3.0
  • 02adcd6 Merge pull request #348 from step-security/dependabot/github_actions/step-sec...
  • cddb4d2 Bump step-security/harden-runner from 2.5.1 to 2.6.0
  • d7f96b7 Merge pull request #347 from step-security/varunsh-coder-patch-1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Dec 01 '23 22:12 dependabot[bot]

Codecov Report

Attention: 143 lines in your changes are missing coverage. Please review.

Comparison is base (e39a632) 85.54% compared to head (3bbf499) 84.23%. Report is 130 commits behind head on main.

Files Patch % Lines
lib/fetch/index.js 55.45% 49 Missing :warning:
lib/fetch/util.js 23.72% 45 Missing :warning:
lib/handler/RetryHandler.js 73.91% 30 Missing :warning:
lib/fetch/headers.js 88.63% 5 Missing :warning:
lib/api/readable.js 80.00% 4 Missing :warning:
lib/client.js 92.10% 3 Missing :warning:
lib/core/util.js 90.47% 2 Missing :warning:
lib/fetch/request.js 90.47% 2 Missing :warning:
lib/core/request.js 97.56% 1 Missing :warning:
lib/fetch/dataURL.js 85.71% 1 Missing :warning:
... and 1 more
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2487      +/-   ##
==========================================
- Coverage   85.54%   84.23%   -1.32%     
==========================================
  Files          76       76              
  Lines        6858     7156     +298     
==========================================
+ Hits         5867     6028     +161     
- Misses        991     1128     +137

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Dec 01 '23 22:12 codecov-commenter

Superseded by #2690.

dependabot[bot] avatar Feb 01 '24 22:02 dependabot[bot]