Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major dependencies #187

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update all non-major dependencies #187

wants to merge 1 commit into from

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Feb 1, 2024
edited

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action patch v4.1.1 -> v4.1.6
actions/setup-go action patch v5.0.0 -> v5.0.1
github/codeql-action action minor v2.23.0 -> v2.25.8
ossf/scorecard-action action patch v2.3.1 -> v2.3.3
step-security/harden-runner action minor v2.6.1 -> v2.8.0

Release Notes

actions/checkout (actions/checkout)

v4.1.6

Compare Source

v4.1.5

Compare Source

What's Changed

Full Changelog: actions/checkout@v4.1.4...v4.1.5

v4.1.4

Compare Source

v4.1.3

Compare Source

What's Changed

Full Changelog: actions/checkout@v4.1.2...v4.1.3

v4.1.2

Compare Source

actions/setup-go (actions/setup-go)

v5.0.1

Compare Source

What's Changed

New Contributors

Full Changelog: actions/setup-go@v5.0.0...v5.0.1

github/codeql-action (github/codeql-action)

v2.25.8

Compare Source

v2.25.7

Compare Source

v2.25.6

Compare Source

v2.25.5

Compare Source

v2.25.4

Compare Source

v2.25.3

Compare Source

v2.25.2

Compare Source

v2.25.1

Compare Source

v2.25.0

Compare Source

v2.24.11

Compare Source

v2.24.10

Compare Source

v2.24.9

Compare Source

v2.24.8

Compare Source

v2.24.7

Compare Source

v2.24.6

Compare Source

v2.24.5

Compare Source

v2.24.4

Compare Source

v2.24.3

Compare Source

v2.24.2

Compare Source

v2.24.1

Compare Source

v2.24.0

Compare Source

v2.23.2

Compare Source

v2.23.1

Compare Source

ossf/scorecard-action (ossf/scorecard-action)

v2.3.3

Compare Source

[!NOTE]
There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag

What's Changed

For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.

Documentation

Full Changelog: ossf/scorecard-action@v2.3.1...v2.3.3

v2.3.2

Compare Source

step-security/harden-runner (step-security/harden-runner)

v2.8.0

Compare Source

What's Changed

Release v2.8.0 by @​h0x0er and @​varunsh-coder in https://github.com/step-security/harden-runner/pull/416
This release includes:

  • File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process.
  • Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process.

These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process.

Full Changelog: step-security/harden-runner@v2...v2.8.0

v2.7.1

Compare Source

What's Changed

Release v2.7.1 by @​varunsh-coder, @​h0x0er, @​ashishkurmi in https://github.com/step-security/harden-runner/pull/397
This release:

  • Improves the capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners
  • Updates README to add link to case study video on how Harden-Runner detected a supply chain attack on a Google open-source project
  • Addresses minor bugs

Full Changelog: step-security/harden-runner@v2.7.0...v2.7.1

v2.7.0

Compare Source

What's Changed

Release 2.7.0 by @​varunsh-coder and @​h0x0er in https://github.com/step-security/harden-runner/pull/376
This release:

  1. Updates the node runtime to node20
  2. Adds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners

Full Changelog: step-security/harden-runner@v2...v2.7.0

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 8a2fadb to 046982c Compare February 15, 2024 16:30
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 2c6c170 to 24b298f Compare February 23, 2024 12:27
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from a78ed13 to 48c73c0 Compare March 18, 2024 16:45
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 7138786 to 2d88133 Compare April 22, 2024 15:16
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from 9595595 to 4d6f387 Compare April 30, 2024 00:55
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 8143dcb to d8e3ef1 Compare May 8, 2024 21:46
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from fc3155a to 798bc30 Compare May 16, 2024 20:52
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 80244d2 to 51fe751 Compare May 22, 2024 03:32
@HKWinterhalter HKWinterhalter removed their assignment Jun 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@renovate-bot @HKWinterhalter