Closed dependabot[bot] closed 2 months ago
VIOLATION DESCRIPTION | NUMBER OF VIOLATIONS |
---|---|
HIGH/CRITICAL SECURITY VULNERABILITIES | 3 |
MAJOR UPDATES AVAILABLE | 0 |
LICENSE REQUIRES REVIEW | 1 |
HIGH RISK LICENSES | 10 |
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY | 0 |
Integration Tests for 8720957f458cd71d1fa1c017c0dbd4d5f8f4311c run with result: Success ✅!
Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps the ci group with 4 updates in the / directory: docker/build-push-action, anchore/sbom-action, goreleaser/goreleaser-action and fsfe/reuse-action.
Updates
docker/build-push-action
from 5 to 6Release notes
Sourced from docker/build-push-action's releases.
Commits
1ca370b
Merge pull request #1183 from crazy-max/revert-gha-cache-to2c95ebe
chore: update generated contentd189d0e
Revert "set repository and ghtoken attributes for gha cache type"a254f8c
Merge pull request #1179 from docker/dependabot/npm_and_yarn/docker/actions-t...94dae62
chore: update generated content267a69d
chore(deps): Bump@docker/actions-toolkit
from 0.31.0 to 0.33.0f23fb2a
Merge pull request #1133 from crazy-max/gha-cache-toef76d10
chore: update generated content522345f
set repository and ghtoken attributes for gha cache type1a16264
Merge pull request #1172 from crazy-max/build-export-disableUpdates
anchore/sbom-action
from 0.16.0 to 0.17.0Release notes
Sourced from anchore/sbom-action's releases.
Commits
d94f46e
chore(deps): update Syft to v1.9.0 (#479)ee41e6a
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#474)23e0b38
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#475)f4035cd
chore: serialize tests to prevent install race (#478)f3253ca
chore(deps): update Syft to v1.8.0 (#473)95b086a
fix: workaround windows install script (#477)72370e1
fix: allow users to properly use the file input over the default path value (...e28bab5
chore(deps): update Syft to v1.5.0 (#470)2283abe
docs: notes for matrix and required permissions (#469)07e5b3a
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466)Updates
goreleaser/goreleaser-action
from 5 to 6Release notes
Sourced from goreleaser/goreleaser-action's releases.
Commits
286f3b1
ci: fix testsbeac410
ci: update workflow and .goreleaser.yml18bbabc
feat!: use "~> v2" as default (#463)Updates
fsfe/reuse-action
from 3 to 4Release notes
Sourced from fsfe/reuse-action's releases.
Commits
3ae3c6b
Merge pull request #32 from carmenbianca/bump-v4f807a9c
Bump to v400117e7
Merge pull request #29 from jsoref/spelling910515a
spelling: githubcfe1368
activate v3 workflow testDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show