Commit graph

4 commits

Author SHA1 Message Date
6d31b35fa2
Merge pull request #189 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.3
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
2024-03-22 16:12:42 +01:00
101e90f607
Add SPDX license headers to GitHub workflow files
This commit adds SPDX license headers to GitHub workflow files: scorecards.yml, dependency-review.yml, and dependabot.yml. This ensures that the license and copyright information is easily available for everyone to see.
2024-03-22 16:10:30 +01:00
dependabot[bot]
dbf19d2646
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 2.5.1 to 4.2.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](0efb1d1d84...0fa40c3c10)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:05 +00:00
StepSecurity Bot
886edbc0c9
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-22 14:36:47 +00:00