dependabot[bot]
a2c9096790
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-07-01 10:36:23 +00:00
dependabot[bot]
479f9f3004
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2023-07-01 10:35:10 +00:00
Joyce Brum
2b3211c836
Squashed commit of the following:
...
commit ef2fc83647f69c172c11e0dea318bf6ecf79a4aa
Author: Joyce <joycebrum@google.com>
Date: Wed Jun 14 12:18:23 2023 -0300
Update scorecards.yml
Signed-off-by: Joyce <joycebrum@google.com>
commit c59c05c6ab156b20249e8056d8cbaafbe0c495f8
Merge: 7431a54568 f66d040d95
2023-06-14 20:22:50 +01:00
Joyce
3f2ff79763
Fix scorecard version comment format ( #28027 )
...
* Update scorecards.yml version comments
Signed-off-by: Joyce <joycebrum@google.com>
2023-06-13 22:36:32 +01:00
dependabot[bot]
7cd4f577e8
build(deps): bump github/codeql-action from 2.2.9 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...0225834cc5
2023-06-01 21:57:36 +08:00
dependabot[bot]
43a221473c
build(deps): bump actions/checkout from 3.3.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...8e5e7e5ab8
2023-05-11 09:34:08 +02:00
dependabot[bot]
c07aa178b3
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.1...0b7f8abb1508181956e8e162db84b466c27e18ce )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:31:55 +02:00
dependabot[bot]
ca0a1a3107
build(deps): bump github/codeql-action from 2.2.5 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...04df1262e6
2023-04-01 19:11:42 +02:00
dependabot[bot]
6e57813113
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-04-01 18:08:20 +02:00
dependabot[bot]
ef1e3104a6
build(deps): bump github/codeql-action from 2.1.29 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.29 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ec3cf9c605...32dc499307
2023-03-01 14:58:18 +00:00
dependabot[bot]
7afcf8b193
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-03-01 13:13:04 +00:00
dependabot[bot]
4371496fa9
build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...e38b1902ae
2023-01-06 18:49:21 +00:00
dependabot[bot]
5afe9a300a
build(deps): bump actions/checkout from 3.0.2 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.0.2...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-06 18:47:52 +00:00
dependabot[bot]
690e7bfe8f
build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...83fd05a356d7e2593de66fc9913b3002723633cb )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-01 10:02:00 +00:00
dependabot[bot]
cd00185881
build(deps): bump github/codeql-action from 2.1.17 to 2.1.29
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.29.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.17...ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 11:20:30 +00:00
dependabot[bot]
ed770fc10a
build(deps): bump ossf/scorecard-action from 2.0.4 to 2.0.6
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e363bfca00...99c53751e0
2022-11-01 10:25:31 +00:00
Frantisek Sumsal
b3ea9cf13b
ci: run the Scorecards action in PRs only on config update
...
Also, unify the string quotation a bit and drop one unnecessary
expression syntax (as everything in `if` statements is automatically
evaluated as an expression).
2022-10-20 17:10:50 +02:00
Frantisek Sumsal
3e35a3302c
ci: add a missing SPDX line
2022-10-20 17:03:37 +02:00
Joyce
b7a279f9ef
ci: Enable Scorecard Github Action and Badge ( #25054 )
...
* chore: enable scorecard action
* chore: add badge to the README file
* chore: enable on config file update
* chore: update scorecard to 2.0.4
* chore: run scorecard on PR at main branch
* chore: add condition to publish_result key
* chore: skip upload to code scanning if PR
* chore: only runs scorecard in the main repo
Resolves : #25042
2022-10-19 09:05:39 +00:00
