Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(action): update ossf/scorecard-action action to v2.4.0 #883

Merged
merged 1 commit into from
Nov 4, 2024
Merged

ci(action): update ossf/scorecard-action action to v2.4.0 #883

merged 1 commit into from
Nov 4, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 10, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change OpenSSF
ossf/scorecard-action action minor v2.3.1 -> v2.4.0 OpenSSF Scorecard

Release Notes

ossf/scorecard-action (ossf/scorecard-action)

v2.4.0

Compare Source

What's Changed

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

Documentation

New Contributors

Full Changelog: ossf/scorecard-action@v2.3.3...v2.4.0

v2.3.3

Compare Source

[!NOTE]
There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag

What's Changed

For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.

Documentation

Full Changelog: ossf/scorecard-action@v2.3.1...v2.3.3

v2.3.2

Compare Source

Configuration

📅 Schedule: Branch creation - "before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label May 10, 2024
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from ce1dad8 to 39e86b6 Compare July 26, 2024 18:56
@renovate renovate bot changed the title ci(action): update ossf/scorecard-action action to v2.3.3 ci(action): update ossf/scorecard-action action to v2.4.0 Jul 26, 2024
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from 3ca96e9 to 27ede32 Compare November 4, 2024 03:22
intcreator
intcreator approved these changes Nov 4, 2024
View reviewed changes
Copy link
Collaborator

@intcreator intcreator left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can trust ossf on this one

@intcreator intcreator merged commit e0880a1 into main Nov 4, 2024
19 checks passed
@intcreator intcreator deleted the renovate/ossf-scorecard-action-2.x branch November 4, 2024 05:49
@ncb000gt
Copy link
Member

ncb000gt commented Nov 4, 2024

🎉 This PR is included in version 3.1.9 🎉

The release is available on:

Your semantic-release bot 📦🚀

intcreator pushed a commit to Zamoca42/node-cron that referenced this pull request Nov 4, 2024
@semantic-release-bot
Release v3.1.9 [skip ci]
e1b9a16 
## [3.1.9](kelektiv/node-cron@v3.1.8...v3.1.9) (2024-11-04)

### 🛠 Builds

* **typescript:** add missing "types" property to package.json ([kelektiv#908](kelektiv#908)) ([1953c97](kelektiv@1953c97))

### 📚 Documentation

* Add .nvmrc with recommended Node version for development ([kelektiv#904](kelektiv#904)) ([91848e9](kelektiv@91848e9))

### ⚙️ Continuous Integrations

* **action:** update github/codeql-action action to v3.27.0 ([kelektiv#866](kelektiv#866)) ([a6dd871](kelektiv@a6dd871))
* **action:** update ossf/scorecard-action action to v2.4.0 ([kelektiv#883](kelektiv#883)) ([e0880a1](kelektiv@e0880a1))

### ♻️ Chores

* **config:** migrate renovate config ([kelektiv#903](kelektiv#903)) ([5ce34f4](kelektiv@5ce34f4))
* **deps:** lock file maintenance ([be77f4a](kelektiv@be77f4a))
* **deps:** update dependency [@fast-check](https://github.com/fast-check)/jest to v2 ([kelektiv#891](kelektiv#891)) ([20c448b](kelektiv@20c448b))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.17.2 ([24fa266](kelektiv@24fa266))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.17.3 ([5bd340e](kelektiv@5bd340e))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.17.4 ([1ce42a4](kelektiv@1ce42a4))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.17.5 ([767c430](kelektiv@767c430))
* **deps:** update semantic-release related packages (major) ([kelektiv#835](kelektiv#835)) ([73a8d37](kelektiv@73a8d37))
This was referenced Nov 9, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@intcreator intcreator intcreator approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ncb000gt @intcreator