dependabot[bot]
664b7299e6
Bump github/codeql-action from 3.26.7 to 3.26.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.7 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8214744c54...294a9d9291
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-19 13:44:59 +00:00
dependabot[bot]
68109ed40d
Bump github/codeql-action from 3.26.6 to 3.26.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.6 to 3.26.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4dd16135b6...8214744c54
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 13:46:00 +00:00
dependabot[bot]
6d9829776a
Bump step-security/harden-runner from 2.9.1 to 2.10.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](5c7944e73c...91182cccc0
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-11 14:09:18 +00:00
dependabot[bot]
6f97bd59b9
Bump actions/upload-artifact from 4.3.6 to 4.4.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.6 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](834a144ee9...50769540e7
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-02 14:04:59 +00:00
dependabot[bot]
fa05b38e31
Bump sonarsource/sonarqube-quality-gate-action
...
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action ) from 72f24ebf1f81eda168a979ce14b8203273b7c3ad to dc2f7b0dd95544cd550de3028f89193576e958b9.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases )
- [Commits](72f24ebf1f...dc2f7b0dd9
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-30 13:19:01 +00:00
dependabot[bot]
52e8265f97
Bump github/codeql-action from 3.26.5 to 3.26.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.5 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2c779ab0d0...4dd16135b6
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-29 13:59:21 +00:00
dependabot[bot]
1ea51e2a41
Bump github/codeql-action from 3.26.4 to 3.26.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.4 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f0f3afee80...2c779ab0d0
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 14:05:22 +00:00
dependabot[bot]
57139ae50a
Bump github/codeql-action from 3.26.3 to 3.26.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.3 to 3.26.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](883d8588e5...f0f3afee80
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 14:05:22 +00:00
dependabot[bot]
7fbcfcc3f8
Bump github/codeql-action from 3.26.2 to 3.26.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.2 to 3.26.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](429e197704...883d8588e5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-20 13:15:19 +00:00
8b69fa92ae
Update Go version in SonarQube workflow
...
Bump Go version from 1.22.x to 1.23.x in the SonarQube GitHub Actions workflow. This ensures compatibility with the latest features and improvements in Go.
2024-08-16 10:30:20 +02:00
e61d1689f6
Update Go version in golangci-lint workflow
...
Change Go version from 1.22 to 1.23 in the GitHub Actions workflow configuration for golangci-lint. This ensures compatibility with the latest Go features and improvements.
2024-08-16 10:29:21 +02:00
801a93459e
Update workflow to support Go 1.23
...
This commit adjusts the GitHub Actions workflow to include Go 1.23 in the matrix of supported versions. It also updates conditional steps for sendmail installation and coverage upload to reflect the new Go version.
2024-08-16 10:28:52 +02:00
dependabot[bot]
58075536a3
Bump github/codeql-action from 3.26.1 to 3.26.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.1 to 3.26.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29d86d22a3...429e197704
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-15 13:37:42 +00:00
dependabot[bot]
e9ff81052e
Bump github/codeql-action from 3.26.0 to 3.26.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.0 to 3.26.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](eb055d739a...29d86d22a3
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-14 14:04:28 +00:00
dependabot[bot]
a3a41f2399
Bump sonarsource/sonarqube-scan-action from 2.3.0 to 3.0.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.3.0 to 3.0.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](aecaf43ae5...0c0f3958d9
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-13 13:26:01 +00:00
a5864d6f95
Merge pull request #276 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.6
...
Bump actions/upload-artifact from 4.3.5 to 4.3.6
2024-08-07 16:49:33 +02:00
dependabot[bot]
45c041f4fa
Bump actions/upload-artifact from 4.3.5 to 4.3.6
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](89ef406dd8...834a144ee9
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 13:43:34 +00:00
dependabot[bot]
ab9aa2b46f
Bump github/codeql-action from 3.25.15 to 3.26.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.15 to 3.26.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](afb54ba388...eb055d739a
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 13:43:31 +00:00
dependabot[bot]
a80447d2be
Bump step-security/harden-runner from 2.9.0 to 2.9.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0d381219dd...5c7944e73c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 13:36:40 +00:00
dependabot[bot]
a1ca73fb31
Bump actions/upload-artifact from 4.3.4 to 4.3.5
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b2256b8c0...89ef406dd8
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 14:04:31 +00:00
dependabot[bot]
cd91fbd777
Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](a4f60bb28d...aaa42aa062
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-30 13:54:10 +00:00
95bd224acd
Merge pull request #265 from wneessen/dependabot/github_actions/github/codeql-action-3.25.15
...
Bump github/codeql-action from 3.25.14 to 3.25.15
2024-07-29 15:41:51 +02:00
dependabot[bot]
161082f757
Bump ossf/scorecard-action from 2.3.3 to 2.4.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](dc50aa9510...62b2cac7ed
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-29 13:33:00 +00:00
dependabot[bot]
7af241aef3
Bump github/codeql-action from 3.25.14 to 3.25.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.14 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5cf07d8b70...afb54ba388
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-29 13:32:57 +00:00
dependabot[bot]
d199a3a1e8
Bump github/codeql-action from 3.25.13 to 3.25.14
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.13 to 3.25.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d790406f5...5cf07d8b70
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-25 13:37:13 +00:00
dependabot[bot]
94fe71c647
Bump github/codeql-action from 3.25.12 to 3.25.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.12 to 3.25.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4fa2a79536...2d790406f5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 13:49:10 +00:00
dependabot[bot]
47e901d80d
Bump step-security/harden-runner from 2.8.1 to 2.9.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](17d0e2bd7d...0d381219dd
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-19 13:18:49 +00:00
ee3f0f1284
Merge pull request #258 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.3.4
...
Bump actions/dependency-review-action from 4.3.3 to 4.3.4
2024-07-12 16:00:53 +02:00
dependabot[bot]
58c0f034bc
Bump github/codeql-action from 3.25.11 to 3.25.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...4fa2a79536
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-12 13:59:26 +00:00
dependabot[bot]
35b3f6eba0
Bump actions/dependency-review-action from 4.3.3 to 4.3.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](72eb03d02c...5a2ce3f5b9
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-12 13:59:17 +00:00
dependabot[bot]
e8b7d0825f
Bump actions/setup-go from 5.0.1 to 5.0.2
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](cdcb360436...0a12ed9d6a
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-11 13:36:12 +00:00
dependabot[bot]
132fe02384
Bump actions/upload-artifact from 4.3.3 to 4.3.4
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](65462800fd...0b2256b8c0
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-08 13:18:08 +00:00
dependabot[bot]
307c7de311
Bump fsfe/reuse-action from 3.0.0 to 4.0.0
...
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action ) from 3.0.0 to 4.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases )
- [Commits](a46482ca36...3ae3c6bdf1
)
---
updated-dependencies:
- dependency-name: fsfe/reuse-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-04 13:42:06 +00:00
dependabot[bot]
09521758db
Bump sonarsource/sonarqube-scan-action from 2.2.0 to 2.3.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](540792c588...aecaf43ae5
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-02 13:51:17 +00:00
dependabot[bot]
ca0d94c7a7
Bump github/codeql-action from 3.25.10 to 3.25.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.10 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](23acc5c183...b611370bb5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 13:44:21 +00:00
dependabot[bot]
9a092adfa0
Bump github/codeql-action from 3.25.9 to 3.25.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.9 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](530d4feaa9...23acc5c183
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-14 13:46:10 +00:00
6ad0e472a5
Merge pull request #246 from wneessen/dependabot/github_actions/github/codeql-action-3.25.9
...
Bump github/codeql-action from 3.25.8 to 3.25.9
2024-06-13 15:51:19 +02:00
7bc849c786
Merge pull request #247 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-2.2
...
Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2
2024-06-13 15:51:00 +02:00
dependabot[bot]
1191060ab7
Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.1.0 to 2.2.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](86fe817756...540792c588
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 13:50:11 +00:00
dependabot[bot]
9af8ceb037
Bump github/codeql-action from 3.25.8 to 3.25.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.8 to 3.25.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...530d4feaa9
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 13:50:07 +00:00
dependabot[bot]
4ac1748a31
Bump codecov/codecov-action from 4.4.1 to 4.5.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.4.1 to 4.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](125fc84a9a...e28ff129e5
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 13:49:50 +00:00
dependabot[bot]
cedc52f565
Bump step-security/harden-runner from 2.8.0 to 2.8.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f086349bfa...17d0e2bd7d
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-07 13:25:34 +00:00
dependabot[bot]
33591bb136
Bump actions/dependency-review-action from 4.3.2 to 4.3.3
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](0c155c5e85...72eb03d02c
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-06 13:40:11 +00:00
dependabot[bot]
5930d58289
Bump github/codeql-action from 3.25.7 to 3.25.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.7 to 3.25.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f079b84933...2e230e8fe0
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-05 13:55:29 +00:00
dependabot[bot]
819d3999f9
Bump golang/govulncheck-action from 1.0.2 to 1.0.3
...
Bumps [golang/govulncheck-action](https://github.com/golang/govulncheck-action ) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/golang/govulncheck-action/releases )
- [Commits](3a32958c27...dd0578b371
)
---
updated-dependencies:
- dependency-name: golang/govulncheck-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-04 13:55:49 +00:00
dependabot[bot]
55b199e0c3
Bump github/codeql-action from 3.25.6 to 3.25.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.6 to 3.25.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9fdb3e4972...f079b84933
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 14:05:31 +00:00
dependabot[bot]
b174a9cce1
Bump sonarsource/sonarqube-scan-action from 2.0.2 to 2.1.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](53c3e3207f...86fe817756
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-23 14:08:07 +00:00
dependabot[bot]
6991aecc5d
---
...
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-22 13:15:46 +00:00
0733614cf5
Merge pull request #233 from wneessen/dependabot/github_actions/codecov/codecov-action-4.4.1
...
Bump codecov/codecov-action from 4.4.0 to 4.4.1
2024-05-21 15:37:34 +02:00
dependabot[bot]
af9dcfbdae
---
...
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-21 13:22:23 +00:00
dependabot[bot]
533bd2938e
---
...
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-21 13:22:13 +00:00
dependabot[bot]
0d68a27a2d
Bump codecov/codecov-action from 4.3.1 to 4.4.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](5ecb98a3c6...6d798873df
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-15 13:39:23 +00:00
98b08c70a1
Merge pull request #229 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-6.0.1
...
Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1
2024-05-13 16:16:54 +02:00
dependabot[bot]
ff7e758eb8
Bump github/codeql-action from 3.25.3 to 3.25.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.3 to 3.25.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d39d31e687...b7cec75265
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-13 13:31:22 +00:00
dependabot[bot]
d66f651b67
Bump ossf/scorecard-action from 2.3.1 to 2.3.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...dc50aa9510
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-10 13:38:39 +00:00
dependabot[bot]
4087353734
Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](23faadfdeb...a4f60bb28d
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-08 14:03:36 +00:00
dependabot[bot]
b50f0b0a67
Bump golangci/golangci-lint-action from 5.3.0 to 6.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.3.0 to 6.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](38e1018663...23faadfdeb
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-07 13:56:49 +00:00
dependabot[bot]
fe75fe44ea
Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.1.0 to 5.3.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](9d1e0624a7...38e1018663
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-06 13:20:34 +00:00
763a904340
Merge pull request #224 from wneessen/dependabot/github_actions/actions/setup-go-5.0.1
...
Bump actions/setup-go from 5.0.0 to 5.0.1
2024-05-02 16:37:40 +02:00
dependabot[bot]
047ba0368d
Bump actions/setup-go from 5.0.0 to 5.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0c52d547c9...cdcb360436
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-02 14:07:50 +00:00
dependabot[bot]
e561e97f9f
Bump codecov/codecov-action from 4.3.0 to 4.3.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](84508663e9...5ecb98a3c6
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-02 14:07:45 +00:00
dependabot[bot]
0624d1e6d7
Bump actions/dependency-review-action from 4.3.1 to 4.3.2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](e58c696e52...0c155c5e85
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-01 13:38:38 +00:00
1965350bc0
Merge pull request #219 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.3.1
...
Bump actions/dependency-review-action from 4.2.5 to 4.3.1
2024-04-30 17:01:49 +02:00
6ea97376d3
Merge pull request #220 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-5.1.0
...
Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0
2024-04-30 17:01:22 +02:00
dependabot[bot]
63d721cf6f
Bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 14:03:23 +00:00
dependabot[bot]
e528d585c5
Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](82d40c283a...9d1e0624a7
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 14:03:18 +00:00
dependabot[bot]
8553ede1cb
Bump actions/dependency-review-action from 4.2.5 to 4.3.1
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.5 to 4.3.1.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](5bbc3ba658...e58c696e52
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 14:03:14 +00:00
dependabot[bot]
ac528ba2c3
Bump github/codeql-action from 3.25.2 to 3.25.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.2 to 3.25.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8f596b4ae3...d39d31e687
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-26 13:45:44 +00:00
dependabot[bot]
c6841b9523
Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](3cfe3a4abb...82d40c283a
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-25 13:54:44 +00:00
3668a80791
Merge pull request #215 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.3
...
Bump actions/upload-artifact from 4.3.2 to 4.3.3
2024-04-23 16:16:25 +02:00
dependabot[bot]
d7ac8d8710
Bump github/codeql-action from 3.25.1 to 3.25.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.1 to 3.25.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c7f9125735...8f596b4ae3
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 13:31:39 +00:00
dependabot[bot]
b00fc0dffe
Bump actions/upload-artifact from 4.3.2 to 4.3.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1746f4ab65...65462800fd
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 13:31:10 +00:00
dependabot[bot]
4ee8e3d82f
Bump actions/upload-artifact from 4.3.1 to 4.3.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...1746f4ab65
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-19 14:06:10 +00:00
dependabot[bot]
6c47311c22
Bump github/codeql-action from 3.25.0 to 3.25.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.0 to 3.25.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df5a14dc28...c7f9125735
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-17 13:36:49 +00:00
dependabot[bot]
8b0caa9000
Bump github/codeql-action from 3.24.10 to 3.25.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4355270be1...df5a14dc28
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-15 13:12:31 +00:00
dependabot[bot]
f4ed106a4b
Bump codecov/codecov-action from 4.2.0 to 4.3.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](7afa10ed9b...84508663e9
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-10 13:59:22 +00:00
dependabot[bot]
eeb00f034f
Bump github/codeql-action from 3.24.9 to 3.24.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 13:59:24 +00:00
ae36ab8722
Merge pull request #205 from wneessen/dependabot/github_actions/sonarsource/sonarqube-quality-gate-action-72f24ebf1f81eda168a979ce14b8203273b7c3ad
...
Bump sonarsource/sonarqube-quality-gate-action from f9fe214a5be5769c40619de2fff2726c36d2d5eb to 72f24ebf1f81eda168a979ce14b8203273b7c3ad
2024-04-04 16:30:36 +02:00
dependabot[bot]
adb90c453d
Bump codecov/codecov-action from 4.1.1 to 4.2.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](c16abc29c9...7afa10ed9b
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-04 13:21:24 +00:00
dependabot[bot]
294de2c5ee
Bump sonarsource/sonarqube-quality-gate-action
...
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action ) from f9fe214a5be5769c40619de2fff2726c36d2d5eb to 72f24ebf1f81eda168a979ce14b8203273b7c3ad.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases )
- [Commits](f9fe214a5b...72f24ebf1f
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-04 13:21:20 +00:00
dependabot[bot]
b0bda8dbc8
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](9ad16418d1...53c3e3207f
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-28 13:31:06 +00:00
dependabot[bot]
d5d377c575
Bump codecov/codecov-action from 4.1.0 to 4.1.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](54bcd8715e...c16abc29c9
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-27 13:55:03 +00:00
dependabot[bot]
181ce199af
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.4 to 4.2.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](733dd5d4a5...5bbc3ba658
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-26 13:47:39 +00:00
3a31eb181e
Merge pull request #198 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.1
...
Bump actions/upload-artifact from 3.1.3 to 4.3.1
2024-03-25 16:13:01 +01:00
32a66f3df9
Merge pull request #199 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.4
...
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
2024-03-25 16:12:48 +01:00
9976302dd9
Merge pull request #200 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0
...
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
2024-03-25 16:12:33 +01:00
dependabot[bot]
d28b22d05e
Bump actions/setup-go from 3.5.0 to 5.0.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](6edd4406fa...0c52d547c9
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:33 +00:00
dependabot[bot]
4660a9d734
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
...
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action ) from 1.3.0 to 3.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases )
- [Commits](28cf8f33bc...a46482ca36
)
---
updated-dependencies:
- dependency-name: fsfe/reuse-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:29 +00:00
dependabot[bot]
82a0ffef1a
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](0fa40c3c10...733dd5d4a5
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:26 +00:00
dependabot[bot]
92bf3166c4
Bump actions/upload-artifact from 3.1.3 to 4.3.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.3 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](a8a3f3ad30...5d5d22a312
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:21 +00:00
StepSecurity Bot
d87e2205d6
[StepSecurity] ci: Harden GitHub Actions
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-23 18:01:31 +00:00
25ee875300
"Add Govulncheck Security Scan workflow"
...
A new GitHub Actions workflow for Govulncheck Security Scan has been added. This workflow gets activated on every push or pull request and includes runner hardening and executing 'govulncheck' to identify potential vulnerabilities.
2024-03-23 18:59:10 +01:00
c78388a2cb
Add read permissions to GitHub workflow files
...
This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
2024-03-23 15:49:03 +01:00
976adc5be9
Merge pull request #186 from wneessen/dependabot/github_actions/github/codeql-action-3.24.9
...
Bump github/codeql-action from 1.1.39 to 3.24.9
2024-03-22 16:13:33 +01:00
bd513b3d5a
Merge pull request #187 from wneessen/dependabot/github_actions/codecov/codecov-action-4.1.0
...
Bump codecov/codecov-action from 3.1.6 to 4.1.0
2024-03-22 16:13:20 +01:00
f82a3fc261
Merge pull request #188 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-4.0.0
...
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
2024-03-22 16:13:08 +01:00
e789acfa75
Merge pull request #190 from wneessen/dependabot/github_actions/ossf/scorecard-action-2.3.1
...
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
2024-03-22 16:12:55 +01:00
6d31b35fa2
Merge pull request #189 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.3
...
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
2024-03-22 16:12:42 +01:00
101e90f607
Add SPDX license headers to GitHub workflow files
...
This commit adds SPDX license headers to GitHub workflow files: scorecards.yml, dependency-review.yml, and dependabot.yml. This ensures that the license and copyright information is easily available for everyone to see.
2024-03-22 16:10:30 +01:00
dependabot[bot]
60578e4c00
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...0864cf1902
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:09 +00:00