[PR #107] [CLOSED] 🌱 Bump google/osv-scanner-action from 1.9.2 to 2.0.0 #106

New issue

Closed

opened 2026-03-03 16:28:16 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 16:28:16 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/natrontech/pbs-exporter/pull/107
Author: @dependabot[bot]
Created: 3/24/2025
Status: ❌ Closed

Base: main ← Head: dependabot/github_actions/google/osv-scanner-action-2.0.0

📝 Commits (1)

ed32924 🌱 Bump google/osv-scanner-action from 1.9.2 to 2.0.0

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/osv-scan.yml (+1 -1)

📄 Description

Bumps google/osv-scanner-action from 1.9.2 to 2.0.0.

Release notes

Sourced from google/osv-scanner-action's releases.

v2.0.0

What's Changed

Updated to support OSV-Scanner V2

Workflows, add support for matrix strategies by @GeoDerp in google/osv-scanner-action#52

Support checking out submodules by @faern in google/osv-scanner-action#57

Full Changelog: https://github.com/google/osv-scanner-action/compare/v1.9.2...v2.0.0

Commits

98b584e Merge pull request #63 from renovate-bot/renovate/workflows
256cd6a chore(deps): update github/codeql-action action to v3.28.11
90fad54 Merge pull request #64 from google/update-to-v2.0.0
f9d9b03 Include git root
6e516af Update unified workflow example to point to v2.0.0 reusable workflows
4299e5f Update reusable workflows to point to v2.0.0 actions
119c605 Update actions to use v2.0.0 osv-scanner image
4d317bc Merge pull request #62 from AbhishekSrikanth/fix-release-badge
b3fa036 fix: escape hyphen in release badge URL
38fe519 Merge pull request #60 from google/fix-remaining-skip-git
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/natrontech/pbs-exporter/pull/107 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 3/24/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/github_actions/google/osv-scanner-action-2.0.0` --- ### 📝 Commits (1) - [`ed32924`](https://github.com/natrontech/pbs-exporter/commit/ed329244e04f73c0ec858a912cb4324a5acc2019) :seedling: Bump google/osv-scanner-action from 1.9.2 to 2.0.0 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/osv-scan.yml` (+1 -1) </details> ### 📄 Description Bumps [google/osv-scanner-action](https://github.com/google/osv-scanner-action) from 1.9.2 to 2.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/osv-scanner-action/releases">google/osv-scanner-action's releases</a>.</em></p> <blockquote> <h2>v2.0.0</h2> <h2>What's Changed</h2> <ul> <li>Updated to support OSV-Scanner V2</li> <li>Workflows, add support for matrix strategies by <a href="https://github.com/GeoDerp"><code>@GeoDerp</code></a> in <a href="https://redirect.github.com/google/osv-scanner-action/pull/52">google/osv-scanner-action#52</a></li> <li>Support checking out submodules by <a href="https://github.com/faern"><code>@faern</code></a> in <a href="https://redirect.github.com/google/osv-scanner-action/pull/57">google/osv-scanner-action#57</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google/osv-scanner-action/compare/v1.9.2...v2.0.0">https://github.com/google/osv-scanner-action/compare/v1.9.2...v2.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/osv-scanner-action/commit/98b584ee2ed2da3935ccce10e06739d54cdcd20b"><code>98b584e</code></a> Merge pull request <a href="https://redirect.github.com/google/osv-scanner-action/issues/63">#63</a> from renovate-bot/renovate/workflows</li> <li><a href="https://github.com/google/osv-scanner-action/commit/256cd6a9fe070e8cc443188861a7066e506f3eea"><code>256cd6a</code></a> chore(deps): update github/codeql-action action to v3.28.11</li> <li><a href="https://github.com/google/osv-scanner-action/commit/90fad544eb4036129491f76db3161ffdc2956748"><code>90fad54</code></a> Merge pull request <a href="https://redirect.github.com/google/osv-scanner-action/issues/64">#64</a> from google/update-to-v2.0.0</li> <li><a href="https://github.com/google/osv-scanner-action/commit/f9d9b03ebbfc80ebc41ce7c0fd09267184979008"><code>f9d9b03</code></a> Include git root</li> <li><a href="https://github.com/google/osv-scanner-action/commit/6e516aff2e1c300b4c4880549bcfec528e300dfb"><code>6e516af</code></a> Update unified workflow example to point to v2.0.0 reusable workflows</li> <li><a href="https://github.com/google/osv-scanner-action/commit/4299e5fdcc642221d700a4211ac7af48b83353f1"><code>4299e5f</code></a> Update reusable workflows to point to v2.0.0 actions</li> <li><a href="https://github.com/google/osv-scanner-action/commit/119c605e0e6e6c491e092da25b0c752d109b0b43"><code>119c605</code></a> Update actions to use v2.0.0 osv-scanner image</li> <li><a href="https://github.com/google/osv-scanner-action/commit/4d317bcdd41c78b1de9bc824935560000fe00d07"><code>4d317bc</code></a> Merge pull request <a href="https://redirect.github.com/google/osv-scanner-action/issues/62">#62</a> from AbhishekSrikanth/fix-release-badge</li> <li><a href="https://github.com/google/osv-scanner-action/commit/b3fa036d8e29358ed2249d0c69bb4875c013bf1a"><code>b3fa036</code></a> fix: escape hyphen in release badge URL</li> <li><a href="https://github.com/google/osv-scanner-action/commit/38fe5192f7462b770610c9cca5a8dafc05ad0c0f"><code>38fe519</code></a> Merge pull request <a href="https://redirect.github.com/google/osv-scanner-action/issues/60">#60</a> from google/fix-remaining-skip-git</li> <li>Additional commits viewable in <a href="https://github.com/google/osv-scanner-action/compare/764c91816374ff2d8fc2095dab36eecd42d61638...98b584ee2ed2da3935ccce10e06739d54cdcd20b">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google/osv-scanner-action&package-manager=github_actions&previous-version=1.9.2&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>