GoogleCloudPlatform/functions-framework-conformance (GoogleCloudPlatform/functions-framework-conformance)
### [`v1.8.3`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.3)
[Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.2...v1.8.3)
##### Client
- Added `FUNCTION_SIGNATURE_TYPE` to the set of env vars populated at runtime.
### [`v1.8.2`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.2)
[Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.1...v1.8.2)
##### Client
- Added conformance tests for new `typed` declarative function signature that interoperates with `http` triggers.
### [`v1.8.1`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.1)
[Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.0...v1.8.1)
##### Client
- Change builder image used to the language specific unified builder used in prod.
actions/checkout (actions/checkout)
### [`v3.5.3`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v353)
[Compare Source](https://togithub.com/actions/checkout/compare/v3.5.2...v3.5.3)
- [Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in](https://togithub.com/actions/checkout/pull/1196)
- [Fix typos found by codespell](https://togithub.com/actions/checkout/pull/1287)
- [Add support for sparse checkouts](https://togithub.com/actions/checkout/pull/1369)
github/codeql-action (github/codeql-action)
### [`v2.20.1`](https://togithub.com/github/codeql-action/compare/v2.20.0...v2.20.1)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.20.0...v2.20.1)
### [`v2.20.0`](https://togithub.com/github/codeql-action/compare/v2.3.6...v2.20.0)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.6...v2.20.0)
### [`v2.3.6`](https://togithub.com/github/codeql-action/compare/v2.3.5...v2.3.6)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.5...v2.3.6)
### [`v2.3.5`](https://togithub.com/github/codeql-action/compare/v2.3.4...v2.3.5)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.4...v2.3.5)
### [`v2.3.4`](https://togithub.com/github/codeql-action/compare/v2.3.3...v2.3.4)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.3...v2.3.4)
### [`v2.3.3`](https://togithub.com/github/codeql-action/compare/v2.3.2...v2.3.3)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.2...v2.3.3)
ossf/scorecard-action (ossf/scorecard-action)
### [`v2.2.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.2.0)
[Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0)
#### What's Changed
- :seedling: Bump github.com/ossf/scorecard/v4 from v4.10.5 to v4.11.0 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1192](https://togithub.com/ossf/scorecard-action/pull/1192)
#### Scorecard Result Viewer
Thanks to contributions from [@cynthia-sg](https://togithub.com/cynthia-sg) and [@tegioz](https://togithub.com/tegioz) at [CLOMonitor](https://togithub.com/cncf/clomonitor), there is a new Scorecard Result visualization page at `https://securityscorecards.dev/viewer/?uri=`.
- [https://github.com/ossf/scorecard-webapp/pull/406](https://togithub.com/ossf/scorecard-webapp/pull/406)
- [https://github.com/ossf/scorecard-webapp/pull/422](https://togithub.com/ossf/scorecard-webapp/pull/422)
As an example, you can see our own score visualized [here](https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard)
Checkout our [README](https://togithub.com/ossf/scorecard-action/blob/08b4669551908b1024bb425080c797723083c031/README.md#scorecard-badge) to learn how to link your README badge to the new visualization page.
#### Publishing Results
This release contains two fixes which will improve the user experience when `publish_results` is `true`
- Runs that fail our [workflow restrictions](https://togithub.com/ossf/scorecard-action/blob/08b4669551908b1024bb425080c797723083c031/README.md#workflow-restrictions) will fail with a 400 response indicating the problem, instead of a vague 500 status. ([https://github.com/ossf/scorecard-action/pull/1156](https://togithub.com/ossf/scorecard-action/pull/1156), resolved [https://github.com/ossf/scorecard-action/issues/1150](https://togithub.com/ossf/scorecard-action/issues/1150))
- Scorecard action will retry when signing results and submitting them to our web API. This should help with flakiness from connection failures. ([https://github.com/ossf/scorecard-action/pull/1191](https://togithub.com/ossf/scorecard-action/pull/1191))
#### Docs
- 📖 Update README to accept fine-grained tokens by [@pnacht](https://togithub.com/pnacht) in [https://github.com/ossf/scorecard-action/pull/1175](https://togithub.com/ossf/scorecard-action/pull/1175)
- 📖 Update installation instructions to match current GitHub UI by [@joycebrum](https://togithub.com/joycebrum) in [https://github.com/ossf/scorecard-action/pull/1153](https://togithub.com/ossf/scorecard-action/pull/1153)
- 📖 Document the GitHub action workflow restrictions when publishing results. by [@spencerschrock](https://togithub.com/spencerschrock) in
#### New Contributors
- [@bobcallaway](https://togithub.com/bobcallaway) made their first contribution in [https://github.com/ossf/scorecard-action/pull/1140](https://togithub.com/ossf/scorecard-action/pull/1140)
- [@pnacht](https://togithub.com/pnacht) made their first contribution in [https://github.com/ossf/scorecard-action/pull/1175](https://togithub.com/ossf/scorecard-action/pull/1175)
**Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0
step-security/harden-runner (step-security/harden-runner)
### [`v2.4.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.4.1)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.4.0...v2.4.1)
##### What's Changed
Release v2.4.1 by [@varunsh-coder](https://togithub.com/varunsh-coder) and [@Devils-Knight](https://togithub.com/Devils-Knight) in [https://github.com/step-security/harden-runner/pull/309](https://togithub.com/step-security/harden-runner/pull/309)
This release
1. Shows a preview of the network events in the job summary markdown
2. Uses a fallback DNS service from Cloudflare in addition to Google DNS to improve reliability
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.4.1
Configuration
📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
14.18.43
->14.18.52
v1.8.0
->v1.8.3
v3.5.2
->v3.5.3
v2.3.2
->v2.20.1
v2.3.4
->v2.20.1
v2.1.3
->v2.2.0
v2.4.0
->v2.4.1
v2.3.1
->v2.4.1
Release Notes
GoogleCloudPlatform/functions-framework-conformance (GoogleCloudPlatform/functions-framework-conformance)
### [`v1.8.3`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.3) [Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.2...v1.8.3) ##### Client - Added `FUNCTION_SIGNATURE_TYPE` to the set of env vars populated at runtime. ### [`v1.8.2`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.2) [Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.1...v1.8.2) ##### Client - Added conformance tests for new `typed` declarative function signature that interoperates with `http` triggers. ### [`v1.8.1`](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/releases/tag/v1.8.1) [Compare Source](https://togithub.com/GoogleCloudPlatform/functions-framework-conformance/compare/v1.8.0...v1.8.1) ##### Client - Change builder image used to the language specific unified builder used in prod.actions/checkout (actions/checkout)
### [`v3.5.3`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v353) [Compare Source](https://togithub.com/actions/checkout/compare/v3.5.2...v3.5.3) - [Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in](https://togithub.com/actions/checkout/pull/1196) - [Fix typos found by codespell](https://togithub.com/actions/checkout/pull/1287) - [Add support for sparse checkouts](https://togithub.com/actions/checkout/pull/1369)github/codeql-action (github/codeql-action)
### [`v2.20.1`](https://togithub.com/github/codeql-action/compare/v2.20.0...v2.20.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.20.0...v2.20.1) ### [`v2.20.0`](https://togithub.com/github/codeql-action/compare/v2.3.6...v2.20.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.6...v2.20.0) ### [`v2.3.6`](https://togithub.com/github/codeql-action/compare/v2.3.5...v2.3.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.5...v2.3.6) ### [`v2.3.5`](https://togithub.com/github/codeql-action/compare/v2.3.4...v2.3.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.4...v2.3.5) ### [`v2.3.4`](https://togithub.com/github/codeql-action/compare/v2.3.3...v2.3.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.3...v2.3.4) ### [`v2.3.3`](https://togithub.com/github/codeql-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.2...v2.3.3)ossf/scorecard-action (ossf/scorecard-action)
### [`v2.2.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.2.0) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0) #### What's Changed - :seedling: Bump github.com/ossf/scorecard/v4 from v4.10.5 to v4.11.0 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1192](https://togithub.com/ossf/scorecard-action/pull/1192) #### Scorecard Result Viewer Thanks to contributions from [@cynthia-sg](https://togithub.com/cynthia-sg) and [@tegioz](https://togithub.com/tegioz) at [CLOMonitor](https://togithub.com/cncf/clomonitor), there is a new Scorecard Result visualization page at `https://securityscorecards.dev/viewer/?uri=step-security/harden-runner (step-security/harden-runner)
### [`v2.4.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.4.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.4.0...v2.4.1) ##### What's Changed Release v2.4.1 by [@varunsh-coder](https://togithub.com/varunsh-coder) and [@Devils-Knight](https://togithub.com/Devils-Knight) in [https://github.com/step-security/harden-runner/pull/309](https://togithub.com/step-security/harden-runner/pull/309) This release 1. Shows a preview of the network events in the job summary markdown 2. Uses a fallback DNS service from Cloudflare in addition to Google DNS to improve reliability **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.4.1Configuration
📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.