Skip to content

[pull] main from containerd:main#153

Merged
pull[bot] merged 12 commits intomakesoftwaresafe:mainfrom
containerd:main
Oct 8, 2025
Merged

[pull] main from containerd:main#153
pull[bot] merged 12 commits intomakesoftwaresafe:mainfrom
containerd:main

Conversation

@pull
Copy link
Copy Markdown

@pull pull bot commented Oct 8, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

dependabot bot and others added 12 commits October 6, 2025 23:08
@dependabot
build(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10
15d5fa7 
Bumps google.golang.org/protobuf from 1.36.9 to 1.36.10.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump actions/stale from 10.0.0 to 10.1.0
ba606fe 
Bumps [actions/stale](https://github.com/actions/stale) from 10.0.0 to 10.1.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@3a9db7e...5f858e3)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4
669c304 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.3.3 to 2.3.4.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@6cbd405...62c96d0)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 2.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump github/codeql-action from 3.30.5 to 3.30.6
7a7d7a9 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.5 to 3.30.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@3599b3b...64d10c1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3
f6b3b8c 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@05b42c6...4eaacf0)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dmcgowan
Fix gha api release file path
0f3c548 
The switch to actions/download-artifacts v5.0.0 changed the output path
to no longer include the name specified by upload.

Signed-off-by: Derek McGowan <derek@mcg.dev>
@mxpv
Merge pull request #12355 from containerd/dependabot/github_actions/o…
280b5af 
…ssf/scorecard-action-2.4.3

build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3
@mxpv
Merge pull request #12354 from containerd/dependabot/github_actions/g…
9391db4 
…ithub/codeql-action-3.30.6

build(deps): bump github/codeql-action from 3.30.5 to 3.30.6
@mxpv
Merge pull request #12353 from containerd/dependabot/github_actions/s…
351ed9c 
…oftprops/action-gh-release-2.3.4

build(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4
@mxpv
Merge pull request #12352 from containerd/dependabot/github_actions/a…
ac6e9d7 
…ctions/stale-10.1.0

build(deps): bump actions/stale from 10.0.0 to 10.1.0
@mxpv
Merge pull request #12351 from containerd/dependabot/go_modules/googl…
487ca3e 
…e.golang.org/protobuf-1.36.10

build(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10
@mxpv
Merge pull request #12356 from dmcgowan/fix-api-release
ea46953 
Fix gha api release file path
@pull pull bot locked and limited conversation to collaborators Oct 8, 2025
@pull pull bot added the ⤵️ pull label Oct 8, 2025
@pull pull bot merged commit ea46953 into makesoftwaresafe:main Oct 8, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dmcgowan @mxpv