search

google / mtail

extract internal monitoring data from application logs for collection in a timeseries database
Apache License 2.0
3.82k stars 378 forks source link

build(deps): bump slsa-framework/slsa-verifier from 2.5.1 to 2.6.0 #901

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps slsa-framework/slsa-verifier from 2.5.1 to 2.6.0.

Release notes

Sourced from slsa-framework/slsa-verifier's releases.

v2.6.0

What's Changed

Full Changelog: https://github.com/slsa-framework/slsa-verifier/compare/v2.5.1...v2.6.0

v2.6.0-rc.1

This is a pre-release. DO NOT install

What's Changed

... (truncated)

Commits
  • 3714a2a fix: use tag for the builder in the release workflow (#788)
  • 208ac12 feat: vsa support (#777)
  • 1049da4 chore(deps): update github-actions (#786)
  • 903cddc fix(deps): update dependency org.apache.maven:maven-core to v3.9.8 (#787)
  • 4bab78a chore(deps): update npm dev (#650)
  • 163abe5 chore(deps): update golang:1.21 docker digest to b405b62 (#774)
  • 2f70fef fix: make download-artifacts.sh more flexible (#761)
  • b69efee fix(deps): update golang.org/x/exp digest to 7f521ea (#775)
  • 34ab203 chore(deps): bump the npm_and_yarn group across 2 directories with 2 updates ...
  • 9fb6f24 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /actions/installer (#780)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 1 month ago

Unit Test Results

    1 files     27 suites   8m 46s :stopwatch:   648 tests   647 :white_check_mark: 1 :zzz: 0 :x: 1 917 runs  1 914 :white_check_mark: 3 :zzz: 0 :x:

Results for commit a6a3ae4c.