summaryrefslogtreecommitdiffstats
path: root/.github/workflows/scorecards.yml (follow)
Commit message (Collapse)AuthorAgeFilesLines
* build(deps): bump actions/checkout from 4.2.0 to 4.2.2dependabot[bot]2024-11-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...11bd71901bbe5b1630ceea73d27597364c9af683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.7 to 4.2.0dependabot[bot]2024-10-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0dependabot[bot]2024-08-011-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.6 to 4.1.7dependabot[bot]2024-07-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: Switch to Ubuntu 24.04Daan De Meyer2024-06-081-1/+1
|
* build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3dependabot[bot]2024-06-031-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...dc50aa9510b46c811795eb24b2f1ba02a914e534) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.2 to 4.1.6dependabot[bot]2024-06-031-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...a5ac7e51b41094c92402da3b24376905380afc29) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.1 to 4.1.2dependabot[bot]2024-03-131-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.0 to 4.1.1dependabot[bot]2023-11-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1dependabot[bot]2023-11-011-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...0864cf19026789058feabb7e87baa5f140aac736) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.6.0 to 4.1.0dependabot[bot]2023-10-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.5.3 to 3.6.0dependabot[bot]2023-09-021-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.5.2 to 3.5.3dependabot[bot]2023-07-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0dependabot[bot]2023-07-011-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/80e868c13c90f172d68d1f4501dee99e2479f7af...08b4669551908b1024bb425080c797723083c031) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Squashed commit of the following:Joyce Brum2023-06-141-30/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | commit ef2fc83647f69c172c11e0dea318bf6ecf79a4aa Author: Joyce <joycebrum@google.com> Date: Wed Jun 14 12:18:23 2023 -0300 Update scorecards.yml Signed-off-by: Joyce <joycebrum@google.com> commit c59c05c6ab156b20249e8056d8cbaafbe0c495f8 Merge: 7431a54568 f66d040d95 Author: Joyce <joycebrum@google.com> Date: Wed Jun 14 10:22:28 2023 -0300 Merge branch 'main' into fix/disable-code-scanning-alerts commit 7431a54568746a2fa4db1b23e1359984335df41e Author: Joyce <joycebrum@google.com> Date: Tue Jun 13 18:15:21 2023 -0300 Remove code scanning alerts scorecards.yml Signed-off-by: Joyce <joycebrum@google.com> Signed-off-by: Joyce Brum <joycebrum@google.com>
* Fix scorecard version comment format (#28027)Joyce2023-06-131-4/+4
| | | | | * Update scorecards.yml version comments Signed-off-by: Joyce <joycebrum@google.com>
* build(deps): bump github/codeql-action from 2.2.9 to 2.3.5dependabot[bot]2023-06-011-1/+1
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.3.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...0225834cc549ee0ca93cb085b92954821a145866) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.3.0 to 3.5.2dependabot[bot]2023-05-111-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/ac593985615ec2ede58e132d2e21d2b1cbd6127c...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2dependabot[bot]2023-05-111-1/+1
| | | | | | | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3.1.1...0b7f8abb1508181956e8e162db84b466c27e18ce) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.2.5 to 2.2.9dependabot[bot]2023-04-011-1/+1
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/32dc499307d133bb5085bae78498c0ac2cf762d5...04df1262e6247151b5ac09cd2c303ac36ad3f62b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3dependabot[bot]2023-04-011-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.1.29 to 2.2.5dependabot[bot]2023-03-011-1/+1
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.29 to 2.2.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6...32dc499307d133bb5085bae78498c0ac2cf762d5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.2.0 to 3.3.0dependabot[bot]2023-03-011-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/755da8c3cf115ac066823e79a1e1788f8940201b...ac593985615ec2ede58e132d2e21d2b1cbd6127c) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2dependabot[bot]2023-01-061-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.1.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/99c53751e09b9529366343771cc321ec74e9bd3d...e38b1902ae4f44df626f11ba0734b14fb91f8f86) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.0.2 to 3.2.0dependabot[bot]2023-01-061-1/+1
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.0.2...755da8c3cf115ac066823e79a1e1788f8940201b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1dependabot[bot]2022-12-011-1/+1
| | | | | | | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...83fd05a356d7e2593de66fc9913b3002723633cb) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github/codeql-action from 2.1.17 to 2.1.29dependabot[bot]2022-11-011-1/+1
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.17 to 2.1.29. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2.1.17...ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ossf/scorecard-action from 2.0.4 to 2.0.6dependabot[bot]2022-11-011-1/+1
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.4 to 2.0.6. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e363bfca00e752f91de7b7d2a77340e2e523cb18...99c53751e09b9529366343771cc321ec74e9bd3d) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: run the Scorecards action in PRs only on config updateFrantisek Sumsal2022-10-201-7/+11
| | | | | | Also, unify the string quotation a bit and drop one unnecessary expression syntax (as everything in `if` statements is automatically evaluated as an expression).
* ci: add a missing SPDX lineFrantisek Sumsal2022-10-201-0/+3
|
* ci: Enable Scorecard Github Action and Badge (#25054)Joyce2022-10-191-0/+63
* chore: enable scorecard action * chore: add badge to the README file * chore: enable on config file update * chore: update scorecard to 2.0.4 * chore: run scorecard on PR at main branch * chore: add condition to publish_result key * chore: skip upload to code scanning if PR * chore: only runs scorecard in the main repo Resolves: #25042
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 13:14:24 +0100