Skip to content

build: update ossf/scorecard-action action to v2.1.3 #24924

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
angular-robot merged 1 commit into from
Mar 30, 2023
Merged

build: update ossf/scorecard-action action to v2.1.3 #24924

angular-robot merged 1 commit into from
Mar 30, 2023

Conversation

@angular-robot
Copy link
Contributor

@angular-robot angular-robot commented Mar 30, 2023

This PR contains the following updates:

Package Type Update Change
ossf/scorecard-action action patch v2.1.2 -> v2.1.3

Release Notes

ossf/scorecard-action

v2.1.3

Compare Source

What's Changed

Bug Fixes
  • Invalid SARIF files from a bug in scorecard
  • Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
  • Scorecard action not reporting binary artifacts in the repo

Full Scorecard Changelog: ossf/scorecard@v4.10.2...v4.10.5

Full Changelog: ossf/scorecard-action@v2.1.2...v2.1.3

Configuration

📅 Schedule: Branch creation - "after 10:00pm every weekday,before 4:00am every weekday,every weekend" in timezone America/Tijuana, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@angular-robot angular-robot added action: merge The PR is ready for merge by the caretaker target: minor This PR is targeted for the next minor release labels Mar 30, 2023
@angular-robot angular-robot bot added the area: build & ci Related the build and CI infrastructure of the project label Mar 30, 2023
@angular-robot angular-robot force-pushed the ng-renovate/scorecard-action branch from 3419981 to 0704a03 Compare March 30, 2023 16:18
@angular-robot angular-robot bot merged commit d50c038 into angular:main Mar 30, 2023
@angular-robot angular-robot deleted the ng-renovate/scorecard-action branch March 30, 2023 17:19
@angular-automatic-lock-bot
Copy link

angular-automatic-lock-bot bot commented Apr 30, 2023

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

This action has been performed automatically by a bot.

@angular-automatic-lock-bot angular-automatic-lock-bot bot locked and limited conversation to collaborators Apr 30, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@clydin clydin clydin approved these changes

Assignees

No one assigned

Labels

action: merge The PR is ready for merge by the caretaker area: build & ci Related the build and CI infrastructure of the project target: minor This PR is targeted for the next minor release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@angular-robot @clydin