secure-repo
secure-repo copied to clipboard
step-security
Orchestrate GitHub Actions Security
I have used the analyze and PR creation flow a couple of times on other repos in the same org, so I believe I have authorized corrrectly. However, I'm now...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.45 to 1.54.11. Release notes Sourced from github.com/aws/aws-sdk-go's releases. Release v1.54.11 (2024-06-28) Service Client Updates service/acm-pca: Updates service API service/cloudhsmv2: Updates service API and documentation Added 3...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 4.1.7. Release notes Sourced from actions/checkout's releases. v4.1.7 What's Changed Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739 Bump...
Bumps [step-security/wait-for-secrets](https://github.com/step-security/wait-for-secrets) from 1.0.3 to 1.2.0. Release notes Sourced from step-security/wait-for-secrets's releases. v1.2.0 What's Changed Bump step-security/harden-runner from 2.0.0 to 2.1.0 by @dependabot in step-security/wait-for-secrets#81 Bump github/codeql-action from 2.1.37 to...
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 1.6.0 to 3.0.1. Release notes Sourced from aws-actions/configure-aws-credentials's releases. v3.0.1 See the changelog for details about the changes included in this release. v3.0.0 See the changelog for...
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.6.0. Release notes Sourced from actions/checkout's releases. v3.6.0 What's Changed Mark test scripts with Bash'isms to be run via Bash by @dscho in actions/checkout#1377 Add...
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 1.6.0 to 2.2.0. Release notes Sourced from aws-actions/configure-aws-credentials's releases. v2.2.0 See the changelog for details about the changes included in this release. v2.1.0 See the changelog for...
Bumps golang from 1.17 to 1.22. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 1.6.0 to 4.0.2. Release notes Sourced from aws-actions/configure-aws-credentials's releases. v4.0.2 See the changelog for details about the changes included in this release. v4.0.1 See the changelog for...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.3.3. Release notes Sourced from actions/upload-artifact's releases. v4.3.3 What's Changed updating @actions/artifact dependency to v2.1.6 by @eggyhead in actions/upload-artifact#565 Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3 v4.3.2 What's Changed...