fiaisis / run-detection

The way we detect when our system for reduction should automatically perform a reduction and with what arguments we should do that.
GNU General Public License v3.0
1 stars 1 forks source link

Bump ossf/scorecard-action from 2.3.0 to 2.3.1 #184

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 11 months ago

Bumps ossf/scorecard-action from 2.3.0 to 2.3.1.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.3.1

What's Changed

  • :seedling: Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 by @​spencerschrock in ossf/scorecard-action#1282
    • Adds additional Fuzzing detection and fixes a SAST bug related to detecting CodeQL. For a full changelist of what this includes, see the v4.13.1 release notes

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.0...v2.3.1

Commits
  • 0864cf1 :seedling: Bump docker tag to for v2.3.1 release (#1284)
  • 72df3bf :seedling: Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 (#1282)
  • 0ea411f :seedling: Bump the docker-images group with 1 update (#1281)
  • dbfd042 :seedling: Bump the github-actions group with 1 update (#1280)
  • 2fa1e2f :seedling: Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1278)
  • 652ddd0 :seedling: Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#1277)
  • 28d0c92 :seedling: Group Dependabot updates for GitHub Actions and Dockerfiles (#1276)
  • cb50491 :seedling: Bump distroless/base from a35b652 to b31a6e0 (#1275)
  • 87157ac :seedling: Bump github/codeql-action from 2.21.9 to 2.22.1 (#1274)
  • 7c1648b :seedling: Bump step-security/harden-runner from 2.5.1 to 2.6.0 (#1273)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 11 months ago

Codecov Report

Attention: 2 lines in your changes are missing coverage. Please review.

Comparison is base (94842cb) 96.17% compared to head (eaf5c94) 96.29%. Report is 3 commits behind head on main.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #184 +/- ## ========================================== + Coverage 96.17% 96.29% +0.12% ========================================== Files 10 10 Lines 366 378 +12 ========================================== + Hits 352 364 +12 Misses 14 14 ``` | [Files](https://app.codecov.io/gh/interactivereduction/run-detection/pull/184?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=interactivereduction) | Coverage Δ | | |---|---|---| | [rundetection/run\_detection.py](https://app.codecov.io/gh/interactivereduction/run-detection/pull/184?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=interactivereduction#diff-cnVuZGV0ZWN0aW9uL3J1bl9kZXRlY3Rpb24ucHk=) | `95.74% <96.22%> (+0.62%)` | :arrow_up: |

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.