starred/hardening
1
0
Fork 0
mirror of https://github.com/konstruktoid/hardening.git synced 2026-04-26 09:15:55 +03:00
Code Issues 6 Projects Releases 4 Packages Wiki Activity

[PR #263] [MERGED] Update ossf/scorecard-action action to v2.1.3 #283

New issue
Closed
opened 2026-03-03 14:30:30 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 14:30:30 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/konstruktoid/hardening/pull/263
Author: @renovate[bot]
Created: 3/29/2023
Status: Merged
Merged: 3/30/2023
Merged by: @konstruktoid

Base: masterHead: renovate/ossf-scorecard-action-2.x

📝 Commits (1)

  • b83b80f Update ossf/scorecard-action action to v2.1.3

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/scorecards.yml (+1 -1)

📄 Description

Mend Renovate

This PR contains the following updates:

Package Type Update Change
ossf/scorecard-action action patch v2.1.2 -> v2.1.3

Release Notes

ossf/scorecard-action

v2.1.3

Compare Source

What's Changed

Bug Fixes
  • Invalid SARIF files from a bug in scorecard
  • Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
  • Scorecard action not reporting binary artifacts in the repo

Full Scorecard Changelog: https://github.com/ossf/scorecard/compare/v4.10.2...v4.10.5

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/konstruktoid/hardening/pull/263 **Author:** [@renovate[bot]](https://github.com/apps/renovate) **Created:** 3/29/2023 **Status:** ✅ Merged **Merged:** 3/30/2023 **Merged by:** [@konstruktoid](https://github.com/konstruktoid) **Base:** `master` ← **Head:** `renovate/ossf-scorecard-action-2.x` --- ### 📝 Commits (1) - [`b83b80f`](https://github.com/konstruktoid/hardening/commit/b83b80f840f84c614b0924def9a9e8cadbb5dd7c) Update ossf/scorecard-action action to v2.1.3 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/scorecards.yml` (+1 -1) </details> ### 📄 Description [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.1.2` -> `v2.1.3` | --- ### Release Notes <details> <summary>ossf/scorecard-action</summary> ### [`v2.1.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3) #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 from 4.10.2 to 4.10.5 by [@&#8203;spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1111](https://togithub.com/ossf/scorecard-action/pull/1111) ##### Bug Fixes - Invalid SARIF files from a bug in scorecard - [#&#8203;1076](https://togithub.com/ossf/scorecard-action/issues/1076), [#&#8203;1094](https://togithub.com/ossf/scorecard-action/issues/1094) - Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner - [#&#8203;1092](https://togithub.com/ossf/scorecard-action/issues/1092) - Scorecard action not reporting binary artifacts in the repo - [#&#8203;1116](https://togithub.com/ossf/scorecard-action/issues/1116) **Full Scorecard Changelog**: https://github.com/ossf/scorecard/compare/v4.10.2...v4.10.5 **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/konstruktoid/hardening). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4yMi4xIiwidXBkYXRlZEluVmVyIjoiMzUuMjIuMSJ9--> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-03 14:30:30 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renovate/github-codeql-action-4.x
v2.2.0
v2.1.0
v2.0.0
v1.0.0
v1.0
Labels
Clear labels   
Stale

   
bug

   
bug

   
bug

   
pull-request

Mirrored from GitHub Pull Request

No labels
Stale
bug
bug
bug
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/hardening#283
No description provided.