dependabot[bot]
|
3444b63a89
|
Bump actions/checkout from 3.5.0 to 3.5.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-04-14 15:00:04 +02:00 |
Gary Gregory
|
1842b788fd
|
Merge pull request #317 from apache/dependabot/github_actions/actions/setup-java-3.11.0
Bump actions/setup-java from 3.10.0 to 3.11.0
|
2023-03-31 09:06:39 -04:00 |
dependabot[bot]
|
b64dd74baa
|
Bump actions/setup-java from 3.10.0 to 3.11.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.10.0...v3.11.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-31 12:56:29 +00:00 |
dependabot[bot]
|
da070b4c93
|
Bump ossf/scorecard-action from 2.1.2 to 2.1.3
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](e38b1902ae...80e868c13c )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-31 12:56:25 +00:00 |
dependabot[bot]
|
bda0cd8598
|
Bump actions/checkout from 3.4.0 to 3.5.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](24cb908017...8f4b7f8486 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-24 14:03:12 +01:00 |
dependabot[bot]
|
ca7885680f
|
Bump actions/cache from 3.3.0 to 3.3.1
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.3.0...v3.3.1)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-17 14:00:22 +01:00 |
dependabot[bot]
|
82aa29dac4
|
Bump actions/checkout from 3.3.0 to 3.4.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ac59398561...24cb908017 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-17 13:59:36 +01:00 |
dependabot[bot]
|
f90939b52a
|
Bump actions/cache from 3.2.6 to 3.3.0
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.6...v3.3.0)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-10 14:16:44 +01:00 |
dependabot[bot]
|
01c6a17ef1
|
Bump actions/cache from 3.2.5 to 3.2.6
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.5 to 3.2.6.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.5...v3.2.6)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-02-24 12:56:23 +00:00 |
dependabot[bot]
|
420cd15cac
|
Bump actions/cache from 3.2.4 to 3.2.5
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.4...v3.2.5)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-02-10 14:20:05 +01:00 |
dependabot[bot]
|
e4cf61b6c7
|
Bump actions/setup-java from 3.9.0 to 3.10.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.9.0...v3.10.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-02-10 14:19:47 +01:00 |
dependabot[bot]
|
201679d7c1
|
Bump actions/cache from 3.2.3 to 3.2.4
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.3...v3.2.4)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-02-03 13:24:18 +01:00 |
Gary Gregory
|
3b55ade372
|
Merge pull request #301 from apache/dependabot/github_actions/actions/upload-artifact-3.1.2
Bump actions/upload-artifact from 3.1.1 to 3.1.2
|
2023-01-13 07:49:20 -05:00 |
dependabot[bot]
|
ee6659d1af
|
Bump actions/upload-artifact from 3.1.1 to 3.1.2
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](83fd05a356...0b7f8abb15 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-01-13 12:00:28 +00:00 |
dependabot[bot]
|
656132c59f
|
Bump actions/cache from 3.2.2 to 3.2.3
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.2...v3.2.3)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-01-13 12:00:27 +00:00 |
dependabot[bot]
|
8d1dc08d4f
|
Bump actions/checkout from 3.2.0 to 3.3.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-01-06 12:00:20 +00:00 |
dependabot[bot]
|
4c9ac9c0aa
|
Bump actions/cache from 3.2.1 to 3.2.2
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.2.1...v3.2.2)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-30 12:00:19 +00:00 |
Gary Gregory
|
86b2bfa9c1
|
Merge pull request #294 from apache/dependabot/github_actions/actions/cache-3.2.1
Bump actions/cache from 3.0.11 to 3.2.1
|
2022-12-23 08:20:05 -05:00 |
dependabot[bot]
|
734482d447
|
Bump actions/cache from 3.0.11 to 3.2.1
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.1.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.11...v3.2.1)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-23 12:00:28 +00:00 |
dependabot[bot]
|
e4a34fbef3
|
Bump ossf/scorecard-action from 2.1.0 to 2.1.2
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](937ffa90d7...e38b1902ae )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-23 12:00:25 +00:00 |
Gary Gregory
|
1cf6a1a26c
|
Merge pull request #291 from apache/dependabot/github_actions/actions/setup-java-3.9.0
Bump actions/setup-java from 3.8.0 to 3.9.0
|
2022-12-16 08:31:02 -05:00 |
Gary Gregory
|
18bcd0d233
|
Merge pull request #289 from apache/dependabot/github_actions/ossf/scorecard-action-2.1.0
Bump ossf/scorecard-action from 2.0.6 to 2.1.0
|
2022-12-16 08:30:29 -05:00 |
dependabot[bot]
|
5c2fd46d8d
|
Bump actions/setup-java from 3.8.0 to 3.9.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.8.0 to 3.9.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.8.0...v3.9.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-16 12:00:25 +00:00 |
dependabot[bot]
|
f9f39c937f
|
Bump actions/checkout from 3.1.0 to 3.2.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...755da8c3cf )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-16 12:00:21 +00:00 |
dependabot[bot]
|
a2d977753d
|
Bump ossf/scorecard-action from 2.0.6 to 2.1.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](99c53751e0...937ffa90d7 )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-16 12:00:18 +00:00 |
dependabot[bot]
|
3cd25f5b31
|
Bump actions/setup-java from 3.6.0 to 3.8.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.6.0 to 3.8.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.6.0...v3.8.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-09 12:00:21 +00:00 |
Gary Gregory
|
9247498a95
|
Undo Bump actions/setup-java from 3.6.0 to 3.7.0
|
2022-12-06 06:51:07 -05:00 |
Gary Gregory
|
952e46bd38
|
Bump actions/setup-java from 3.6.0 to 3.7.0 #126
|
2022-12-01 22:02:58 -05:00 |
Gary Gregory
|
dc9316063c
|
Add GHitHub robots file
|
2022-11-19 17:54:13 -05:00 |
dependabot[bot]
|
f17766f4b0
|
Bump actions/upload-artifact from 3.1.0 to 3.1.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](3cea537223...83fd05a356 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-28 12:01:50 +00:00 |
Gary Gregory
|
5d494a6fd6
|
Match comment to pinned commit
|
2022-10-23 15:13:03 -04:00 |
Gary Gregory
|
cafb4d2f43
|
Update for Scorecards 2
|
2022-10-23 15:11:16 -04:00 |
Gary Gregory
|
481d8b1ff3
|
Update comment to match PR bump to 2.0.6
|
2022-10-23 14:12:45 -04:00 |
Gary Gregory
|
1b4e3af81a
|
Merge pull request #277 from apache/dependabot/github_actions/ossf/scorecard-action-2.0.6
Bump ossf/scorecard-action from 1.1.2 to 2.0.6
|
2022-10-23 13:53:53 -04:00 |
dependabot[bot]
|
0829b0d7a1
|
Bump actions/setup-java from 3.5.1 to 3.6.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.5.1...v3.6.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-22 01:18:54 +13:00 |
dependabot[bot]
|
8d72b51dd6
|
Bump ossf/scorecard-action from 1.1.2 to 2.0.6
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.2 to 2.0.6.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ce330fde6b...99c53751e0 )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-21 12:01:20 +00:00 |
Gary Gregory
|
93af662ddd
|
Enable doclint for GitHub builds
|
2022-10-15 10:12:52 -04:00 |
dependabot[bot]
|
827a1fcc98
|
Bump actions/cache from 3.0.10 to 3.0.11
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.10...v3.0.11)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-15 09:23:28 +13:00 |
Sebb
|
7fbe1495fa
|
Don't persist credentials unnecessarily
|
2022-10-08 15:18:47 +01:00 |
Gary Gregory
|
954a6ce6fd
|
Set to level permissions to 'read'
|
2022-10-07 20:07:09 -04:00 |
dependabot[bot]
|
ee2e3c11f6
|
Bump actions/cache from 3.0.9 to 3.0.10
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.9 to 3.0.10.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.9...v3.0.10)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-07 14:48:32 +00:00 |
dependabot[bot]
|
713f1fdaf3
|
Bump actions/checkout from 3.0.2 to 3.1.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.0.2...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-07 12:01:22 +00:00 |
Gary Gregory
|
69a68b197e
|
GitHub Actions build: no top level permission defined
|
2022-10-06 18:37:28 -04:00 |
Gary Gregory
|
f36e0f590b
|
Bump actions/setup-java from 3 to 3.5.1
|
2022-10-01 14:36:48 -04:00 |
dependabot[bot]
|
84a91755d4
|
Bump actions/cache from 3.0.8 to 3.0.9
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.9.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.8...v3.0.9)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-09-30 12:01:32 +00:00 |
Gary Gregory
|
4ed942fc8c
|
Use GitHub cache for CodeQL
|
2022-09-22 08:43:18 -04:00 |
Gary Gregory
|
573eab776c
|
Add same scorecards-analysis.yml as Apache Log4j (except for branches)
|
2022-09-12 09:53:37 -07:00 |
Gary Gregory
|
caa9e348ab
|
Bump actions/checkout from 3 to 3.0.2.
|
2022-09-06 09:23:37 -07:00 |
Gary Gregory
|
226628ab02
|
Bump actions/cache from 3.0.7 to 3.0.8
|
2022-08-22 15:20:52 -04:00 |
Gary Gregory
|
2236a52b19
|
Bump actions/cache from 3.0.6 to 3.0.7
|
2022-08-12 07:13:03 -04:00 |