Skip to content
This repository has been archived by the owner on Sep 13, 2024. It is now read-only.

[PROD](renovate) Update ossf/scorecard-action action to v2 #16455

Closed
wants to merge 1 commit into from
Closed

[PROD](renovate) Update ossf/scorecard-action action to v2 #16455

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 10, 2022
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
ossf/scorecard-action action major v1.1.2 -> v2.3.3

Release Notes

ossf/scorecard-action (ossf/scorecard-action)

v2.3.3

Compare Source

v2.3.2

Compare Source

v2.3.1

Compare Source

What's Changed

Full Changelog: ossf/scorecard-action@v2.3.0...v2.3.1

v2.3.0

Compare Source

What's Changed

Documentation

New Contributors

Full Changelog: ossf/scorecard-action@v2.2.0...v2.3.0

v2.2.0

Compare Source

What's Changed

Scorecard Result Viewer

Thanks to contributions from @​cynthia-sg and @​tegioz at CLOMonitor, there is a new Scorecard Result visualization page at https://securityscorecards.dev/viewer/?uri=<project-url>.

As an example, you can see our own score visualized here
Checkout our README to learn how to link your README badge to the new visualization page.

Publishing Results

This release contains two fixes which will improve the user experience when publish_results is true

Docs

New Contributors

Full Changelog: ossf/scorecard-action@v2.1.3...v2.2.0

v2.1.3

Compare Source

What's Changed

Bug Fixes
  • Invalid SARIF files from a bug in scorecard
  • Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
  • Scorecard action not reporting binary artifacts in the repo

Full Scorecard Changelog: ossf/scorecard@v4.10.2...v4.10.5

Full Changelog: ossf/scorecard-action@v2.1.2...v2.1.3

v2.1.2

Compare Source

What's Changed

Fixes

Full Changelog: ossf/scorecard-action@v2.1.1...v2.1.2

v2.1.1

Compare Source

Scorecard version

This release use Scorecard's v4.10.1

Full Changelog: ossf/scorecard-action@v2.1.0...v2.1.1

v2.1.0

Compare Source

What's Changed

Scorecard version

This release uses scorecard v4.10.0.

Improvements
Documentation

New Contributors

Full Changelog: ossf/scorecard-action@v2.0.6...v2.1.0

v2.0.6

Compare Source

What's Changed

Full Changelog: ossf/scorecard-action@v2.0.5...v2.0.6

v2.0.5

Compare Source

What's Changed

New Contributors

Full Changelog: ossf/scorecard-action@v2.0.4...v2.0.5

v2.0.4

Compare Source

Fixes #​856

What's Changed

New Contributors

Full Changelog: ossf/scorecard-action@v2.0.3...v2.0.4

v2.0.3

Compare Source

Patch for fix in #​898

v2.0.2

Compare Source

Fixes https://github.com/ossf/scorecard-action/issues/895

v2.0.1

Compare Source

Fix for #​856

v2.0.0

Compare Source

What's Changed

New Contributors

Full Changelog: ossf/scorecard-action@v1.1.2...v2.0.0

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone Europe/Warsaw, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Sep 10, 2022
@renovate renovate bot mentioned this pull request Sep 10, 2022
Closed
62 tasks
@blackduck-copilot
Copy link

blackduck-copilot bot commented Sep 10, 2022
edited
Loading

Black Duck Security Report

Merging #16455 into developer will not change security risk.

Added Components

Clean: 28

Removed Components

Clean: 25

Click here to see full report

@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from 78454db to 8c46917 Compare September 12, 2022 17:39
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from 8c46917 to c518147 Compare September 28, 2022 02:48
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch 2 times, most recently from 0ae02e3 to 20c5b78 Compare October 19, 2022 02:11
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch 3 times, most recently from f17a7c2 to e6fa469 Compare December 22, 2022 01:54
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from e6fa469 to 8034c96 Compare March 30, 2023 00:04
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from 8034c96 to b0b532b Compare June 23, 2023 22:17
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from b0b532b to eea9acd Compare October 6, 2023 21:58
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from eea9acd to c3fe3a8 Compare October 23, 2023 22:57
@renovate renovate bot force-pushed the renovate/ossf-scorecard-action-2.x branch from c3fe3a8 to 21be316 Compare May 9, 2024 23:06
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@mariuszkrzaczkowski mariuszkrzaczkowski

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mariuszkrzaczkowski @rskrzypczak