secure-repo
secure-repo copied to clipboard
step-security
Orchestrate GitHub Actions Security
Bumps [github.com/aws/aws-lambda-go](https://github.com/aws/aws-lambda-go) from 1.30.0 to 1.47.0. Release notes Sourced from github.com/aws/aws-lambda-go's releases. v1.47.0 What's Changed Fix compile error in sample code for S3ObjectLambdaEvent by @kdnakt in aws/aws-lambda-go#551 Handle disconnect route...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220421235706-1d1ef9303861 to 0.23.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220421235706-1d1ef9303861 to 0.7.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
I tried to use the secure-repo tool for my repository (https://github.com/quokka-astro/quokka), but it fails without an error message:  Can you provide any assistance?
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.4.0. Release notes Sourced from actions/upload-artifact's releases. v4.4.0 Notice: Breaking Changes :warning: We will no longer include hidden files and folders by default in the...
Bumps golang from 1.17 to 1.23. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.45 to 1.55.5. Release notes Sourced from github.com/aws/aws-sdk-go's releases. Release v1.55.5 (2024-07-30) Service Client Updates service/appstream: Updates service API and documentation Added support for Red Hat Enterprise...
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.14+incompatible to 26.1.4+incompatible. Release notes Sourced from github.com/docker/docker's releases. v26.1.4 26.1.4 For a full list of pull requests and changes in this release, refer to the relevant...
Since harden-runner doesn't support Windows, it seems a bit silly for the secure-repo tool to add the harden-runner action to every job running on a Windows runner. https://github.com/step-security-bot/newrelic-dotnet-agent/commit/a2461358f729292db4a0bdfc5b23474f48a7f02d
For a while now, Gradle has new actions for setup and validation, see https://github.com/gradle/actions/blob/main/docs/deprecation-upgrade-guide.md.
