From b83a87cb01d5a6b37b1e4aa2ea9abd7b5ef60eb9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Mar 2023 07:04:45 +0000 Subject: [PATCH 1/2] Bump ossf/scorecard-action from 2.1.2 to 2.1.3 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index e735b9e..75f557c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 with: results_file: results.sarif results_format: sarif From 36ed0f8eb49e9fc7edb2cb83ccd57dfe0c7da2b3 Mon Sep 17 00:00:00 2001 From: Monty Bot Date: Thu, 30 Mar 2023 07:05:30 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=93=B0=20Automatic=20changes=20?= =?UTF-8?q?=E2=9A=99=20Adding=20news=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- news/20230330070530.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/20230330070530.bugfix diff --git a/news/20230330070530.bugfix b/news/20230330070530.bugfix new file mode 100644 index 0000000..6c0e1df --- /dev/null +++ b/news/20230330070530.bugfix @@ -0,0 +1 @@ +Dependency upgrade: scorecard-action-2.1.3