Skip to content

Bump ossf/scorecard-action from 2.2.0 to 2.3.0#1692

Merged
martincostello merged 1 commit intomainfrom
dependabot/github_actions/ossf/scorecard-action-2.3.0
Oct 12, 2023
Merged

Bump ossf/scorecard-action from 2.2.0 to 2.3.0#1692
martincostello merged 1 commit intomainfrom
dependabot/github_actions/ossf/scorecard-action-2.3.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 12, 2023

Bumps ossf/scorecard-action from 2.2.0 to 2.3.0.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.3.0

What's Changed

Documentation

New Contributors

Full Changelog: ossf/scorecard-action@v2.2.0...v2.3.0

Commits
  • 483ef80 🌱 Bump docker tag for v2.3.0 release. (#1271)
  • 5d35913 🌱 Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (#1270)
  • 49787a6 🌱 Bump distroless/base from 46c5b9b to a35b652 (#1269)
  • 4283c75 🌱 Bump github/codeql-action from 2.21.8 to 2.21.9 (#1268)
  • 709ecd0 🌱 Bump golang from 6974950 to c416cee (#1266)
  • 25bb02c 🌱 Bump actions/checkout from 4.0.0 to 4.1.0 (#1267)
  • b687393 🌱 Bump github/codeql-action from 2.21.5 to 2.21.8 (#1265)
  • 6a1c21f 🌱 Bump golang from cffaba7 to 6974950 (#1264)
  • 2dee8c1 🌱 Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (#1254)
  • e79dcb6 🌱 Upgrade to go 1.20 (#1262)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump ossf/scorecard-action from 2.2.0 to 2.3.0
ec4283e 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@08b4669...483ef80)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 12, 2023
@martincostello martincostello enabled auto-merge (squash) October 12, 2023 16:37
@codecov
Copy link

codecov bot commented Oct 12, 2023

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (16d5fa1) 84.63% compared to head (ec4283e) 84.63%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1692   +/-   ##
=======================================
  Coverage   84.63%   84.63%           
=======================================
  Files         306      306           
  Lines        6819     6819           
  Branches     1045     1045           
=======================================
  Hits         5771     5771           
  Misses        839      839           
  Partials      209      209
Flag Coverage Δ
macos ?
windows 84.63% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@martincostello martincostello merged commit c572d3a into main Oct 12, 2023
@martincostello martincostello deleted the dependabot/github_actions/ossf/scorecard-action-2.3.0 branch October 12, 2023 17:14
@dependabot dependabot bot mentioned this pull request Aug 18, 2025
Closed
@dependabot dependabot bot mentioned this pull request Aug 26, 2025
Closed
@dependabot dependabot bot mentioned this pull request Sep 2, 2025
Closed
This was referenced Sep 29, 2025
Open
Closed
@dependabot dependabot bot mentioned this pull request Oct 27, 2025
Closed
@dependabot dependabot bot mentioned this pull request Nov 24, 2025
Open
@dependabot dependabot bot mentioned this pull request Dec 11, 2025
Closed
This was referenced Jan 16, 2026
Open
Merged
@dependabot dependabot bot mentioned this pull request Jan 29, 2026
Closed
@dependabot dependabot bot mentioned this pull request Mar 5, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martincostello martincostello martincostello approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@martincostello