Skip to content

Commit

Permalink
Merge #547
Browse files Browse the repository at this point in the history 
547: chore(deps): update ossf/scorecard-action action to v2.1.3 r=renovate[bot] a=renovate[bot]

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.1.2` -> `v2.1.3` |

---

### Release Notes

<details>
<summary>ossf/scorecard-action</summary>

### [`v2.1.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.3)

[Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3)

#### What's Changed

-   🌱 Bump github.com/ossf/scorecard/v4 from 4.10.2 to 4.10.5 by [`@&#8203;spencerschrock](https://togithub.com/spencerschrock)` in [ossf/scorecard-action#1111

##### Bug Fixes

-   Invalid SARIF files from a bug in scorecard
    -   [#&#8203;1076](https://togithub.com/ossf/scorecard-action/issues/1076), [#&#8203;1094](https://togithub.com/ossf/scorecard-action/issues/1094)
-   Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
    -   [#&#8203;1092](https://togithub.com/ossf/scorecard-action/issues/1092)
-   Scorecard action not reporting binary artifacts in the repo
    -   [#&#8203;1116](https://togithub.com/ossf/scorecard-action/issues/1116)

**Full Scorecard Changelog**: ossf/scorecard@v4.10.2...v4.10.5

**Full Changelog**: ossf/scorecard-action@v2.1.2...v2.1.3

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/OpenPoolProject/stratum).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4yMi4xIiwidXBkYXRlZEluVmVyIjoiMzUuMjIuMSJ9-->


Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
@bors @renovate
bors[bot] and renovate[bot] committed Mar 30, 2023
2 parents 18be064 + 2afca9c commit 1c3b303
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
View file
Expand Up @@ -30,7 +30,7 @@ jobs:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
with:
results_file: results.sarif
results_format: sarif
Expand Down

0 comments on commit 1c3b303

Please sign in to comment.