Bump ossf/scorecard-action from 2.1.1 to 2.1.2 #2863

dependabot · 2022-12-26T20:04:27Z

Bumps ossf/scorecard-action from 2.1.1 to 2.1.2.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.1.2

What's Changed

Fixes

🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by @spencerschrock in ossf/scorecard-action#1054

Full Changelog: ossf/scorecard-action@v2.1.1...v2.1.2

Commits

e38b190 Bump docker tag for release. (#1055)
7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (#1054)
013c0f8 🌱 Bump actions/dependency-review-action from 3.0.1 to 3.0.2
f93c094 🌱 Bump github/codeql-action from 2.1.36 to 2.1.37
ce8978e 🌱 Bump actions/upload-artifact from 3.1.0 to 3.1.1
5ce49db 🌱 Bump actions/setup-go from 3.4.0 to 3.5.0
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@15c10fc...e38b190) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested review from sethmlarson, pquentin and shazow as code owners December 26, 2022 20:04

dependabot bot added dependencies labels Dec 26, 2022

dependabot bot force-pushed the dependabot/github_actions/ossf/scorecard-action-2.1.2 branch from 7eab85c to 314a5af Compare December 31, 2022 02:33

sethmlarson added the Skip Changelog Pull requests that don't require a changelog entry label Dec 31, 2022

sethmlarson approved these changes Dec 31, 2022

View reviewed changes

sethmlarson merged commit 6cfdca5 into main Dec 31, 2022

sethmlarson deleted the dependabot/github_actions/ossf/scorecard-action-2.1.2 branch December 31, 2022 02:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump ossf/scorecard-action from 2.1.1 to 2.1.2 #2863

Bump ossf/scorecard-action from 2.1.1 to 2.1.2 #2863

dependabot bot commented on behalf of github Dec 26, 2022 •

edited

Bump ossf/scorecard-action from 2.1.1 to 2.1.2 #2863

Bump ossf/scorecard-action from 2.1.1 to 2.1.2 #2863

Conversation

dependabot bot commented on behalf of github Dec 26, 2022 • edited

v2.1.2

What's Changed

Fixes

dependabot bot commented on behalf of github Dec 26, 2022 •

edited