{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":689174731,"defaultBranch":"main","name":"gpu-provisioner","ownerLogin":"Azure","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2023-09-09T02:06:16.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/6844498?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1716598507.0","currentOid":""},"activityList":{"items":[{"before":null,"after":"fcbfad683efdf5efbfc9e29690c05e005c2615c2","ref":"refs/heads/helayoty/auth-env","pushedAt":"2024-05-25T00:55:07.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Add auth from env option\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Add auth from env option"}},{"before":"8af5a087731bad818289e3900ae3835ed389c2dd","after":null,"ref":"refs/heads/dependabot/github_actions/github/codeql-action-3.25.6","pushedAt":"2024-05-20T17:47:55.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"be3f68002e59190fa9a5213e44d1f6d55b055dc3","after":"6f9e3077f9775b151b8d1b6139d41c54637218cb","ref":"refs/heads/main","pushedAt":"2024-05-20T17:47:54.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"chore: bump github/codeql-action from 2.13.4 to 3.25.6 (#131)\n\nBumps [github/codeql-action](https://github.com/github/codeql-action)\r\nfrom 2.13.4 to 3.25.6.\r\n
\r\nRelease notes\r\n

Sourced from github/codeql-action's\r\nreleases.

\r\n
\r\n

CodeQL Bundle v2.17.3

\r\n

Bundles CodeQL CLI v2.17.3

\r\n
    \r\n
  • (changelog,\r\nrelease)
    • \r\n
\r\n

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.17.3:

\r\n
    \r\n
  • codeql/cpp-queries (changelog,\r\nsource)
    • \r\n
  • codeql/cpp-all (changelog,\r\nsource)
    • \r\n
  • codeql/csharp-queries (changelog,\r\nsource)
    • \r\n
  • codeql/csharp-all (changelog,\r\nsource)
    • \r\n
  • codeql/go-queries (changelog,\r\nsource)
    • \r\n
  • codeql/go-all (changelog,\r\nsource)
    • \r\n
  • codeql/java-queries (changelog,\r\nsource)
    • \r\n
  • codeql/java-all (changelog,\r\nsource)
    • \r\n
  • codeql/javascript-queries (changelog,\r\nsource)
    • \r\n
  • codeql/javascript-all (changelog,\r\nsource)
    • \r\n
  • codeql/python-queries (changelog,\r\nsource)
    • \r\n
  • codeql/python-all (changelog,\r\nsource)
    • \r\n
  • codeql/ruby-queries (changelog,\r\nsource)
    • \r\n
  • codeql/ruby-all (changelog,\r\nsource)
    • \r\n
  • codeql/swift-queries (changelog,\r\nsource)
    • \r\n
  • codeql/swift-all (changelog,\r\nsource)
    • \r\n
\r\n

CodeQL Bundle v2.17.2

\r\n

Bundles CodeQL CLI v2.17.2

\r\n
    \r\n
  • (changelog,\r\nrelease)
    • \r\n
\r\n

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.17.2:

\r\n
    \r\n
  • codeql/cpp-queries (changelog,\r\nsource)
    • \r\n
  • codeql/cpp-all (changelog,\r\nsource)
    • \r\n
  • codeql/csharp-queries (changelog,\r\nsource)
    • \r\n
  • codeql/csharp-all (changelog,\r\nsource)
    • \r\n
  • codeql/go-queries (changelog,\r\nsource)
    • \r\n
  • codeql/go-all (changelog,\r\nsource)
    • \r\n
  • codeql/java-queries (changelog,\r\nsource)
    • \r\n
  • codeql/java-all (changelog,\r\nsource)
    • \r\n
  • codeql/javascript-queries (changelog,\r\nsource)
    • \r\n
  • codeql/javascript-all (changelog,\r\nsource)
    • \r\n
  • codeql/python-queries (changelog,\r\nsource)
    • \r\n
  • codeql/python-all (changelog,\r\nsource)
    • \r\n
  • codeql/ruby-queries (changelog,\r\nsource)
    • \r\n
  • codeql/ruby-all (changelog,\r\nsource)
    • \r\n
  • codeql/swift-queries (changelog,\r\nsource)
    • \r\n
  • codeql/swift-all (changelog,\r\nsource)
    • \r\n
\r\n

CodeQL Bundle v2.17.1

\r\n

Bundles CodeQL CLI v2.17.1

\r\n
    \r\n
  • (changelog,\r\nrelease)
    • \r\n
\r\n

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.17.1:

\r\n
    \r\n
  • codeql/cpp-queries (changelog,\r\nsource)
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from github/codeql-action's\r\nchangelog.

\r\n
\r\n

CodeQL Action Changelog

\r\n

See the releases\r\npage for the relevant changes to the CodeQL CLI and language\r\npacks.

\r\n

Note that the only difference between v2 and\r\nv3 of the CodeQL Action is the node version they support,\r\nwith v3 running on node 20 while we continue to release\r\nv2 to support running on node 16. For example\r\n3.22.11 was the first v3 release and is\r\nfunctionally identical to 2.22.11. This approach ensures an\r\neasy way to track exactly which features are included in different\r\nversions, indicated by the minor and patch version numbers.

\r\n

[UNRELEASED]

\r\n

No user facing changes.

\r\n

3.25.6 - 20 May 2024

\r\n
    \r\n
  • Update default CodeQL bundle version to 2.17.3. #2295
    • \r\n
\r\n

3.25.5 - 13 May 2024

\r\n
    \r\n
  • Add a compatibility matrix of supported CodeQL Action, CodeQL CLI,\r\nand GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md.\r\n#2273
    • \r\n
  • Avoid printing out a warning for a missing on.push\r\ntrigger when the CodeQL Action is triggered via a\r\nworkflow_call event. #2274
    • \r\n
  • The tools: latest input to the init Action\r\nhas been renamed to tools: linked. This option specifies\r\nthat the Action should use the tools shipped at the same time as the\r\nAction. The old name will continue to work for backwards compatibility,\r\nbut we recommend that new workflows use the new name. #2281
    • \r\n
\r\n

3.25.4 - 08 May 2024

\r\n
    \r\n
  • Update default CodeQL bundle version to 2.17.2. #2270
    • \r\n
\r\n

3.25.3 - 25 Apr 2024

\r\n
    \r\n
  • Update default CodeQL bundle version to 2.17.1. #2247
    • \r\n
  • Workflows running on macos-latest using CodeQL CLI\r\nversions before v2.15.1 will need to either upgrade their CLI version to\r\nv2.15.1 or newer, or change the platform to an Intel MacOS runner, such\r\nas macos-12. ARM machines with SIP disabled, including the\r\nnewest macos-latest image, are unsupported for CLI versions\r\nbefore 2.15.1. #2261
    • \r\n
\r\n

3.25.2 - 22 Apr 2024

\r\n

No user facing changes.

\r\n

3.25.1 - 17 Apr 2024

\r\n
    \r\n
  • We are rolling out a feature in April/May 2024 that improves the\r\nreliability and performance of analyzing code when analyzing a compiled\r\nlanguage with the autobuild build\r\nmode. #2235
    • \r\n
  • Fix a bug where the init Action would fail if\r\n--overwrite was specified in\r\nCODEQL_ACTION_EXTRA_OPTIONS. #2245
    • \r\n
\r\n

3.25.0 - 15 Apr 2024

\r\n
    \r\n
  • \r\n

    The deprecated feature for extracting dependencies for a Python\r\nanalysis has been removed. #2224

    \r\n

    As a result, the following inputs and environment variables are now\r\nignored:

    \r\n
      \r\n
    • The setup-python-dependencies input to the\r\ninit Action
      • \r\n
    • The\r\nCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION\r\nenvironment variable
      • \r\n
    \r\n

    We recommend removing any references to these from your workflows.\r\nFor more information, see the release notes for CodeQL Action v3.23.0\r\nand v2.23.0.

    \r\n
    • \r\n
  • \r\n

    Automatically overwrite an existing database if found on the\r\nfilesystem. #2229

    \r\n
    • \r\n
  • \r\n

    Bump the minimum CodeQL bundle version to 2.12.6. #2232

    \r\n
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.13.4&new-version=3.25.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"chore: bump github/codeql-action from 2.13.4 to 3.25.6 (#131)"}},{"before":null,"after":"8af5a087731bad818289e3900ae3835ed389c2dd","ref":"refs/heads/dependabot/github_actions/github/codeql-action-3.25.6","pushedAt":"2024-05-20T17:04:44.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore: bump github/codeql-action from 2.13.4 to 3.25.6\n\nBumps [github/codeql-action](https://github.com/github/codeql-action) from 2.13.4 to 3.25.6.\n- [Release notes](https://github.com/github/codeql-action/releases)\n- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/github/codeql-action/compare/cdcdbb579706841c47f7063dda365e292e5cad7a...9fdb3e49720b44c48891d036bb502feb25684276)\n\n---\nupdated-dependencies:\n- dependency-name: github/codeql-action\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore: bump github/codeql-action from 2.13.4 to 3.25.6"}},{"before":"276da26139308b40cd241372ea9afa6dfd5df408","after":null,"ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-08T01:03:10.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"Fei-Guo","name":"Fei Guo","path":"/Fei-Guo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43253347?s=80&v=4"}},{"before":"51d19e973fd4fdaf0b6b2468052ce60f88845c83","after":"be3f68002e59190fa9a5213e44d1f6d55b055dc3","ref":"refs/heads/main","pushedAt":"2024-05-08T01:03:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"Fei-Guo","name":"Fei Guo","path":"/Fei-Guo","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43253347?s=80&v=4"},"commit":{"message":"security: Update golang protobuf package (#130)\n\nUpdate golang protobuf package\r\nhttps://github.com/Azure/gpu-provisioner/security/dependabot/5\r\n\r\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang protobuf package (#130)"}},{"before":null,"after":"276da26139308b40cd241372ea9afa6dfd5df408","ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-08T00:10:46.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update golang protobuf package\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update golang protobuf package"}},{"before":"7fd4314b8d3a2f17299e2ad6a4b51d37704c2850","after":null,"ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-08T00:10:05.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"882c54f0eae14e5106639b4067609ead5ed23be9","after":"7fd4314b8d3a2f17299e2ad6a4b51d37704c2850","ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-08T00:07:02.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"security: Update golang grpc package (#129)\n\nBumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from\n1.53.0 to 1.56.3.\n\nFixes #128\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang grpc package (#129)"}},{"before":"51d19e973fd4fdaf0b6b2468052ce60f88845c83","after":"882c54f0eae14e5106639b4067609ead5ed23be9","ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-08T00:03:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"security: Update golang grpc package (#129)\n\nBumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from\n1.53.0 to 1.56.3.\n\nFixes #128\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang grpc package (#129)"}},{"before":null,"after":"51d19e973fd4fdaf0b6b2468052ce60f88845c83","ref":"refs/heads/helayoty/update-protobuf","pushedAt":"2024-05-07T23:58:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"security: Update golang grpc package (#129)\n\nBumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from\r\n1.53.0 to 1.56.3.\r\n\r\nFixes #128\r\n\r\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang grpc package (#129)"}},{"before":"93288147274b1a89234c73546d2d02e3c9718c7e","after":null,"ref":"refs/heads/dependabot/go_modules/google.golang.org/grpc-1.56.3","pushedAt":"2024-05-07T23:16:34.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"9dc2e3c003a58e7829504e6b901643567e3c5a36","after":null,"ref":"refs/heads/helayoty/update-go-grpc","pushedAt":"2024-05-07T23:16:27.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"b5fbce162cc33cbf740b17be4317b7e1362b4971","after":"51d19e973fd4fdaf0b6b2468052ce60f88845c83","ref":"refs/heads/main","pushedAt":"2024-05-07T23:16:26.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"security: Update golang grpc package (#129)\n\nBumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from\r\n1.53.0 to 1.56.3.\r\n\r\nFixes #128\r\n\r\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang grpc package (#129)"}},{"before":null,"after":"9dc2e3c003a58e7829504e6b901643567e3c5a36","ref":"refs/heads/helayoty/update-go-grpc","pushedAt":"2024-05-07T22:43:22.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update golang grpc package\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update golang grpc package"}},{"before":null,"after":"93288147274b1a89234c73546d2d02e3c9718c7e","ref":"refs/heads/dependabot/go_modules/google.golang.org/grpc-1.56.3","pushedAt":"2024-05-07T22:38:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3\n\nBumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.56.3.\n- [Release notes](https://github.com/grpc/grpc-go/releases)\n- [Commits](https://github.com/grpc/grpc-go/compare/v1.53.0...v1.56.3)\n\n---\nupdated-dependencies:\n- dependency-name: google.golang.org/grpc\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3"}},{"before":"3108579b5cefa965a826f592bcfe46e39cbdda81","after":null,"ref":"refs/heads/dependabot/go_modules/golang.org/x/net-0.23.0","pushedAt":"2024-05-07T22:37:28.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"bdc26bfb62635ebdb6584f2331596f0c17f180e0","after":null,"ref":"refs/heads/helayoty/golang-x-net-update","pushedAt":"2024-05-07T22:37:20.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"594714e4ce6848e3f9aa7213ff4077401a5318bf","after":"b5fbce162cc33cbf740b17be4317b7e1362b4971","ref":"refs/heads/main","pushedAt":"2024-05-07T22:37:19.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"security: Update golang.org/x/net package (#127)\n\nUpdate `golang.org/x/net` . Fixes #120\r\n\r\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"security: Update golang.org/x/net package (#127)"}},{"before":"1401353b63d907098d26123809e098d8e862ac35","after":"bdc26bfb62635ebdb6584f2331596f0c17f180e0","ref":"refs/heads/helayoty/golang-x-net-update","pushedAt":"2024-05-07T21:21:54.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update go packages\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update go packages"}},{"before":"b6c7a4042ff57b92db6ec6b07f52a1155e95194d","after":"1401353b63d907098d26123809e098d8e862ac35","ref":"refs/heads/helayoty/golang-x-net-update","pushedAt":"2024-05-07T21:19:32.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update go packages\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update go packages"}},{"before":"4cb99f79e17c40532ad14e91ba038f42f0e1a97d","after":"3108579b5cefa965a826f592bcfe46e39cbdda81","ref":"refs/heads/dependabot/go_modules/golang.org/x/net-0.23.0","pushedAt":"2024-05-07T21:06:58.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore: bump golang.org/x/net from 0.20.0 to 0.23.0\n\nBumps [golang.org/x/net](https://github.com/golang/net) from 0.20.0 to 0.23.0.\n- [Commits](https://github.com/golang/net/compare/v0.20.0...v0.23.0)\n\n---\nupdated-dependencies:\n- dependency-name: golang.org/x/net\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore: bump golang.org/x/net from 0.20.0 to 0.23.0"}},{"before":"86c1c783b44a1273b634a3c897e8a0c792385dae","after":"b6c7a4042ff57b92db6ec6b07f52a1155e95194d","ref":"refs/heads/helayoty/golang-x-net-update","pushedAt":"2024-05-07T21:06:44.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update go packages\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update go packages"}},{"before":"d193c4fba1b74b81f7a5254b18da1cbbc8618709","after":null,"ref":"refs/heads/helayoty/update-go-version","pushedAt":"2024-05-07T21:05:50.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"ea0a91b1d248a49667833864c8d74ed569ec5504","after":"594714e4ce6848e3f9aa7213ff4077401a5318bf","ref":"refs/heads/main","pushedAt":"2024-05-07T21:05:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"chore: Upgrade go version to 1.22 (#126)\n\nUpdate go version to 1.22.\r\n\r\nFixes CVE-2024-24788 and CVE-2024-24787\r\n\r\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"chore: Upgrade go version to 1.22 (#126)"}},{"before":null,"after":"d193c4fba1b74b81f7a5254b18da1cbbc8618709","ref":"refs/heads/helayoty/update-go-version","pushedAt":"2024-05-07T20:15:15.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Upgrade go version to 1.22\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Upgrade go version to 1.22"}},{"before":"0a304249c84199eb55a1aa9d810e53f10bd56aa8","after":null,"ref":"refs/heads/dependabot/github_actions/step-security/harden-runner-2.7.1","pushedAt":"2024-05-06T22:53:34.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"}},{"before":"1c12ebce881c35b710808e149d5db36dcf8b3d88","after":"ea0a91b1d248a49667833864c8d74ed569ec5504","ref":"refs/heads/main","pushedAt":"2024-05-06T22:53:33.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"chore: bump step-security/harden-runner from 2.7.0 to 2.7.1 (#125)\n\nBumps\r\n[step-security/harden-runner](https://github.com/step-security/harden-runner)\r\nfrom 2.7.0 to 2.7.1.\r\n
\r\nRelease notes\r\n

Sourced from step-security/harden-runner's\r\nreleases.

\r\n
\r\n

v2.7.1

\r\n

What's Changed

\r\n

Release v2.7.1 by @​varunsh-coder,\r\n@​h0x0er, @​ashishkurmi in\r\nstep-security/harden-runner#397\r\nThis release:

\r\n
    \r\n
  • Improves the capability to inspect\r\noutbound HTTPS traffic on GitHub-hosted and self-hosted VM\r\nrunners
    • \r\n
  • Updates README to add link to case study video\r\non how Harden-Runner detected a supply chain attack on a Google\r\nopen-source project
    • \r\n
  • Addresses minor bugs
    • \r\n
\r\n

Full Changelog: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1

\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • a4aa98b\r\nRelease v2.7.1 (#397)
    • \r\n
  • 6c3b1c9\r\nMerge pull request #379\r\nfrom step-security/dependabot/github_actions/step-sec...
    • \r\n
  • 3498091\r\nBump step-security/harden-runner from 2.6.1 to 2.7.0
    • \r\n
  • 63a88e2\r\nMerge pull request #378\r\nfrom step-security/update-readme3
    • \r\n
  • 07e5965\r\nUpdate README
    • \r\n
  • See full diff in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.7.0&new-version=2.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"chore: bump step-security/harden-runner from 2.7.0 to 2.7.1 (#125)"}},{"before":null,"after":"0a304249c84199eb55a1aa9d810e53f10bd56aa8","ref":"refs/heads/dependabot/github_actions/step-security/harden-runner-2.7.1","pushedAt":"2024-05-06T17:48:03.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"chore: bump step-security/harden-runner from 2.7.0 to 2.7.1\n\nBumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.7.0 to 2.7.1.\n- [Release notes](https://github.com/step-security/harden-runner/releases)\n- [Commits](https://github.com/step-security/harden-runner/compare/63c24ba6bd7ba022e95695ff85de572c04a18142...a4aa98b93cab29d9b1101a6143fb8bce00e2eac4)\n\n---\nupdated-dependencies:\n- dependency-name: step-security/harden-runner\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"chore: bump step-security/harden-runner from 2.7.0 to 2.7.1"}},{"before":"a3995aac504e00f5adb2d13ac0cc6de932e59852","after":"86c1c783b44a1273b634a3c897e8a0c792385dae","ref":"refs/heads/helayoty/golang-x-net-update","pushedAt":"2024-05-06T16:29:15.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"helayoty","name":"Heba","path":"/helayoty","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/31887807?s=80&v=4"},"commit":{"message":"Update go packages\n\nSigned-off-by: Heba Elayoty ","shortMessageHtmlLink":"Update go packages"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEU35Y7QA","startCursor":null,"endCursor":null}},"title":"Activity · Azure/gpu-provisioner"}