ossf/scorecard-action
### [`v2.0.4`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.4)
[Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4)
Fixes [#856](https://togithub.com/ossf/scorecard-action/issues/856)
#### What's Changed
- :seedling: Bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/934](https://togithub.com/ossf/scorecard-action/pull/934)
- feat: do not run signing on pull requests by [@laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/ossf/scorecard-action/pull/935](https://togithub.com/ossf/scorecard-action/pull/935)
- :seedling: Bump debian from 11.4-slim to 11.5-slim by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/936](https://togithub.com/ossf/scorecard-action/pull/936)
- :seedling: Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/938](https://togithub.com/ossf/scorecard-action/pull/938)
- :seedling: Bump github/codeql-action from 2.1.22 to 2.1.24 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/941](https://togithub.com/ossf/scorecard-action/pull/941)
- 🐛 Restore behavior of ignoring scorecard runtime errors by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/948](https://togithub.com/ossf/scorecard-action/pull/948)
- :seedling: Bump actions/dependency-review-action from 2.1.0 to 2.4.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/950](https://togithub.com/ossf/scorecard-action/pull/950)
- :seedling: Bump github.com/sigstore/cosign from 1.12.0 to 1.12.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/947](https://togithub.com/ossf/scorecard-action/pull/947)
- :seedling: Bump github/codeql-action from 2.1.24 to 2.1.25 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/949](https://togithub.com/ossf/scorecard-action/pull/949)
- :seedling: Bump codecov/codecov-action from 3.1.0 to 3.1.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/942](https://togithub.com/ossf/scorecard-action/pull/942)
- Create v2.0.4 patch by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/952](https://togithub.com/ossf/scorecard-action/pull/952)
#### New Contributors
- [@spencerschrock](https://togithub.com/spencerschrock) made their first contribution in [https://github.com/ossf/scorecard-action/pull/948](https://togithub.com/ossf/scorecard-action/pull/948)
**Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v2.0.3
->v2.0.4
Release Notes
ossf/scorecard-action
### [`v2.0.4`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.4) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4) Fixes [#856](https://togithub.com/ossf/scorecard-action/issues/856) #### What's Changed - :seedling: Bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/934](https://togithub.com/ossf/scorecard-action/pull/934) - feat: do not run signing on pull requests by [@laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/ossf/scorecard-action/pull/935](https://togithub.com/ossf/scorecard-action/pull/935) - :seedling: Bump debian from 11.4-slim to 11.5-slim by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/936](https://togithub.com/ossf/scorecard-action/pull/936) - :seedling: Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/938](https://togithub.com/ossf/scorecard-action/pull/938) - :seedling: Bump github/codeql-action from 2.1.22 to 2.1.24 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/941](https://togithub.com/ossf/scorecard-action/pull/941) - 🐛 Restore behavior of ignoring scorecard runtime errors by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/948](https://togithub.com/ossf/scorecard-action/pull/948) - :seedling: Bump actions/dependency-review-action from 2.1.0 to 2.4.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/950](https://togithub.com/ossf/scorecard-action/pull/950) - :seedling: Bump github.com/sigstore/cosign from 1.12.0 to 1.12.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/947](https://togithub.com/ossf/scorecard-action/pull/947) - :seedling: Bump github/codeql-action from 2.1.24 to 2.1.25 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/949](https://togithub.com/ossf/scorecard-action/pull/949) - :seedling: Bump codecov/codecov-action from 3.1.0 to 3.1.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/ossf/scorecard-action/pull/942](https://togithub.com/ossf/scorecard-action/pull/942) - Create v2.0.4 patch by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/952](https://togithub.com/ossf/scorecard-action/pull/952) #### New Contributors - [@spencerschrock](https://togithub.com/spencerschrock) made their first contribution in [https://github.com/ossf/scorecard-action/pull/948](https://togithub.com/ossf/scorecard-action/pull/948) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.