search

SwaragThaikkandi / SMdRQA

For doing multidimensional recurrent quantification analysis(MdRQA) and sliding window version of it
https://swaragthaikkandi.github.io/SMdRQA/
GNU General Public License v3.0
1 stars 0 forks source link

Update snyk/actions digest to a1346e4 #155

Closed renovate[bot] closed 4 months ago

renovate[bot] commented 4 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
snyk/actions action digest cf77efc -> a1346e4

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

cr-gpt[bot] commented 4 months ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

github-actions[bot] commented 4 months ago

Dependency Review

The following issues were found:

See the Details below.

License Issues

.github/workflows/snyk-security.yml

PackageVersionLicenseIssue Type
snyk/actions/setupa1346e4eaf761d462da22c34c681dc06849b6851NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/snyk/actions/setup a1346e4eaf761d462da22c34c681dc06849b6851 :green_circle: 4.8
Details
CheckScoreReason
Code-Review:green_circle: 9Found 18/20 approved changesets -- score normalized to 9
Maintained:warning: 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Signed-Releases:warning: -1no releases found
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
actions/snyk/actions/setup cf77efc3812bb036b3719dca4cecc3930db0b527 :green_circle: 4.8
Details
CheckScoreReason
Code-Review:green_circle: 9Found 18/20 approved changesets -- score normalized to 9
Maintained:warning: 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Signed-Releases:warning: -1no releases found
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

.github/workflows/snyk-security.yml
  • snyk/actions/setup@a1346e4eaf761d462da22c34c681dc06849b6851
  • snyk/actions/setup@cf77efc3812bb036b3719dca4cecc3930db0b527
cr-gpt[bot] commented 4 months ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

renovate[bot] commented 4 months ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.