dependabot[bot]
86949a7f90
Bump sonarsource/sonarqube-scan-action from 2.0.2 to 2.1.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](53c3e3207f...86fe817756
2024-05-24 08:13:20 +00:00
dependabot[bot]
cd649364d4
---
...
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-22 08:16:34 +00:00
dependabot[bot]
6bd30f6b12
---
...
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-21 08:16:14 +00:00
dependabot[bot]
95d16edfff
Bump actions/checkout from 4.1.5 to 4.1.6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
2024-05-17 08:58:40 +00:00
dependabot[bot]
378e87291d
Bump github/codeql-action from 3.25.4 to 3.25.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.4 to 3.25.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ccf74c9479...b7cec75265
2024-05-15 08:29:13 +00:00
dependabot[bot]
53833df20c
Bump ossf/scorecard-action from 2.3.1 to 2.3.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...dc50aa9510
2024-05-10 08:10:32 +00:00
dependabot[bot]
a1232909b7
Bump github/codeql-action from 3.25.3 to 3.25.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.3 to 3.25.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d39d31e687...ccf74c9479
2024-05-09 08:29:31 +00:00
dependabot[bot]
3a63f9ae94
Bump golangci/golangci-lint-action from 6.0.0 to 6.0.1
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](23faadfdeb...a4f60bb28d
2024-05-08 08:28:21 +00:00
95560ca44c
Merge pull request #34 from wneessen/dependabot/github_actions/actions/checkout-4.1.5
...
Bump actions/checkout from 4.1.4 to 4.1.5
2024-05-07 11:09:16 +02:00
dependabot[bot]
a0d850a541
Bump golangci/golangci-lint-action from 5.3.0 to 6.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.3.0 to 6.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](38e1018663...23faadfdeb
2024-05-07 08:52:34 +00:00
dependabot[bot]
21617455f2
Bump actions/checkout from 4.1.4 to 4.1.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-07 08:52:28 +00:00
dependabot[bot]
78e4eb0edf
Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.1.0 to 5.3.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](9d1e0624a7...38e1018663
2024-05-06 08:37:01 +00:00
dependabot[bot]
a6527636ad
Bump actions/setup-go from 5.0.0 to 5.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0c52d547c9...cdcb360436
2024-05-03 08:53:16 +00:00
dependabot[bot]
7ebec9aa02
Bump actions/dependency-review-action from 4.3.1 to 4.3.2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](e58c696e52...0c155c5e85
2024-05-01 08:37:57 +00:00
499df38991
Merge pull request #28 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-5.1.0
...
Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0
2024-04-30 11:49:41 +02:00
6736ea0439
Merge pull request #29 from wneessen/dependabot/github_actions/step-security/harden-runner-2.7.1
...
Bump step-security/harden-runner from 2.7.0 to 2.7.1
2024-04-30 11:49:27 +02:00
dependabot[bot]
4c4d53cdfa
Bump actions/dependency-review-action from 4.2.5 to 4.3.1
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.5 to 4.3.1.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](5bbc3ba658...e58c696e52
2024-04-30 08:34:30 +00:00
dependabot[bot]
e42a66bdd6
Bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
2024-04-30 08:34:21 +00:00
dependabot[bot]
fb7a210c15
Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](82d40c283a...9d1e0624a7
2024-04-30 08:34:04 +00:00
dependabot[bot]
b025b67248
Bump github/codeql-action from 3.25.2 to 3.25.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.2 to 3.25.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8f596b4ae3...d39d31e687
2024-04-26 08:16:26 +00:00
a41869a6de
Merge pull request #23 from wneessen/dependabot/github_actions/github/codeql-action-3.25.2
...
Bump github/codeql-action from 3.25.1 to 3.25.2
2024-04-25 11:11:59 +02:00
3e59d3b8c2
Merge pull request #24 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.3
...
Bump actions/upload-artifact from 4.3.2 to 4.3.3
2024-04-25 11:11:49 +02:00
6504019ef7
Merge pull request #26 from wneessen/dependabot/github_actions/actions/checkout-4.1.4
...
Bump actions/checkout from 4.1.2 to 4.1.4
2024-04-25 11:11:40 +02:00
dependabot[bot]
7d6aae2ece
Bump actions/checkout from 4.1.2 to 4.1.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...0ad4b8fada
2024-04-25 08:59:45 +00:00
dependabot[bot]
025ff32fd1
Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](3cfe3a4abb...82d40c283a
2024-04-25 08:59:35 +00:00
dependabot[bot]
faf921dc6c
Bump actions/upload-artifact from 4.3.2 to 4.3.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1746f4ab65...65462800fd
2024-04-23 08:15:05 +00:00
dependabot[bot]
2f89ea9ae7
Bump github/codeql-action from 3.25.1 to 3.25.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.1 to 3.25.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c7f9125735...8f596b4ae3
2024-04-23 08:15:01 +00:00
dependabot[bot]
912eb0eeb8
Bump actions/upload-artifact from 4.3.1 to 4.3.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...1746f4ab65
2024-04-19 08:23:26 +00:00
dependabot[bot]
242a86b8e7
Bump github/codeql-action from 3.25.0 to 3.25.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.0 to 3.25.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df5a14dc28...c7f9125735
2024-04-18 08:51:00 +00:00
dependabot[bot]
bc7a021e33
Bump github/codeql-action from 3.24.10 to 3.25.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4355270be1...df5a14dc28
2024-04-16 08:36:02 +00:00
dependabot[bot]
fea2280875
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](e1523de757...59acb6260d
2024-04-11 08:54:14 +00:00
be61815ff9
Merge pull request #16 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.3.0
...
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
2024-04-08 11:10:14 +02:00
dependabot[bot]
c22aac210b
Bump github/codeql-action from 3.24.9 to 3.24.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
2024-04-08 09:08:17 +00:00
dependabot[bot]
b80694f5df
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](2b51285047...d70bba72b1
2024-04-08 09:08:12 +00:00
dependabot[bot]
31beff9e47
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](9ad16418d1...53c3e3207f
2024-03-29 08:52:42 +00:00
dependabot[bot]
1919eabc08
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.4 to 4.2.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](733dd5d4a5...5bbc3ba658
2024-03-26 08:57:51 +00:00
795f9671b5
Merge pull request #12 from wneessen/dependabot/github_actions/github/codeql-action-3.24.9
...
Bump github/codeql-action from 3.24.8 to 3.24.9
2024-03-25 09:24:09 +01:00
dependabot[bot]
b7f7997861
Bump github/codeql-action from 3.24.8 to 3.24.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](05963f47d8...1b1aada464
2024-03-25 08:20:03 +00:00
dependabot[bot]
615b3eb5a4
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](0fa40c3c10...733dd5d4a5
2024-03-25 08:19:50 +00:00
f0e0b94307
Add SPDX license headers to workflows and Dependabot config
...
Added SPDX license headers to the GitHub workflows and the Dependabot configuration file, specifying the license as MIT. Also, minor formatting changes have been made to the dependency review workflow file.
2024-03-21 16:35:03 +01:00
7b6edf1c31
Merge pull request #3 from wneessen/dependabot/github_actions/actions/checkout-4.1.2
...
Bump actions/checkout from 2.7.0 to 4.1.2
2024-03-21 16:33:27 +01:00
dependabot[bot]
9a7db0fb90
Bump actions/checkout from 2.7.0 to 4.1.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.7.0 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.7.0...9bb56186c3b09b4f86b1c65136769dd318469633 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:33:13 +00:00
fc1ca00262
Merge pull request #4 from wneessen/dependabot/github_actions/github/codeql-action-3.24.8
...
Bump github/codeql-action from 2.24.8 to 3.24.8
2024-03-21 16:33:08 +01:00
f54f539549
Merge pull request #5 from wneessen/dependabot/github_actions/actions/setup-go-5.0.0
...
Bump actions/setup-go from 3.5.0 to 5.0.0
2024-03-21 16:32:47 +01:00
0fb013853b
Merge pull request #6 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0
...
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
2024-03-21 16:32:37 +01:00
dependabot[bot]
3f4a9c23cc
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](3a91952989...3cfe3a4abb
2024-03-21 15:31:34 +00:00
dependabot[bot]
4967c82d92
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
...
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action ) from 1.3.0 to 3.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases )
- [Commits](28cf8f33bc...a46482ca36
2024-03-21 15:31:31 +00:00
dependabot[bot]
08a58e25ad
Bump actions/setup-go from 3.5.0 to 5.0.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](6edd4406fa...0c52d547c9
2024-03-21 15:31:29 +00:00
dependabot[bot]
8d6a02c386
Bump github/codeql-action from 2.24.8 to 3.24.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.24.8 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.24.8...05963f47d870e2cb19a537396c1f668a348c7d8f )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:31:25 +00:00
StepSecurity Bot
5897a4ece0
[StepSecurity] Apply security best practices
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-21 15:21:39 +00:00
