Gary Gregory
|
18bcd0d233
|
Merge pull request #289 from apache/dependabot/github_actions/ossf/scorecard-action-2.1.0
Bump ossf/scorecard-action from 2.0.6 to 2.1.0
|
2022-12-16 08:30:29 -05:00 |
dependabot[bot]
|
f9f39c937f
|
Bump actions/checkout from 3.1.0 to 3.2.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...755da8c3cf)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-16 12:00:21 +00:00 |
|
dependabot[bot]
|
a2d977753d
|
Bump ossf/scorecard-action from 2.0.6 to 2.1.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](99c53751e0...937ffa90d7)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-16 12:00:18 +00:00 |
|
dependabot[bot]
|
f17766f4b0
|
Bump actions/upload-artifact from 3.1.0 to 3.1.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](3cea537223...83fd05a356)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-28 12:01:50 +00:00 |
Gary Gregory
|
5d494a6fd6
|
Match comment to pinned commit
|
2022-10-23 15:13:03 -04:00 |
|
Gary Gregory
|
cafb4d2f43
|
Update for Scorecards 2
|
2022-10-23 15:11:16 -04:00 |
|
Gary Gregory
|
481d8b1ff3
|
Update comment to match PR bump to 2.0.6
|
2022-10-23 14:12:45 -04:00 |
|
dependabot[bot]
|
8d72b51dd6
|
Bump ossf/scorecard-action from 1.1.2 to 2.0.6
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.2 to 2.0.6.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ce330fde6b...99c53751e0)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-21 12:01:20 +00:00 |
|
dependabot[bot]
|
713f1fdaf3
|
Bump actions/checkout from 3.0.2 to 3.1.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.0.2...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-07 12:01:22 +00:00 |
|
Gary Gregory
|
573eab776c
|
Add same scorecards-analysis.yml as Apache Log4j (except for branches)
|
2022-09-12 09:53:37 -07:00 |