Closed dependabot[bot] closed 2 months ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ ACTION | actionlint | 15 | 0 | 0.05s | |
✅ DOCKERFILE | hadolint | 2 | 0 | 0.46s | |
✅ JSON | prettier | 11 | 0 | 0 | 0.72s |
✅ JSON | v8r | 10 | 0 | 5.03s | |
✅ MARKDOWN | markdownlint | 8 | 0 | 0 | 1.04s |
✅ MARKDOWN | markdown-table-formatter | 8 | 0 | 0 | 0.26s |
✅ REPOSITORY | checkov | yes | no | 16.22s | |
✅ REPOSITORY | gitleaks | yes | no | 0.26s | |
✅ REPOSITORY | git_diff | yes | no | 0.01s | |
✅ REPOSITORY | grype | yes | no | 12.74s | |
✅ REPOSITORY | secretlint | yes | no | 1.31s | |
✅ REPOSITORY | trivy | yes | no | 6.34s | |
✅ REPOSITORY | trivy-sbom | yes | no | 2.0s | |
✅ REPOSITORY | trufflehog | yes | no | 2.62s | |
✅ SPELL | lychee | 48 | 0 | 1.41s | |
✅ YAML | prettier | 20 | 0 | 0 | 1.03s |
✅ YAML | v8r | 20 | 0 | 13.37s | |
✅ YAML | yamllint | 20 | 0 | 0.44s |
See detailed report in MegaLinter reports
Comparing ghcr.io/philips-software/amp-devcontainer-rust:latest
to ghcr.io/philips-software/amp-devcontainer-rust@sha256:f343cde5cfc33e08684a7b9cd7f3d5d3a115da26b701cf9bdc893de9b05489b2
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 432.86M | 432.86M | 0.00 (+0.00%) |
linux/arm64 | 572.09M | 572.09M | 0.00 (+0.00%) |
Comparing ghcr.io/philips-software/amp-devcontainer-cpp:latest
to ghcr.io/philips-software/amp-devcontainer-cpp@sha256:b37baa23802c70bf3fa3fb4a3541b142f83ecd6547851bca2946fe58d8fc0e06
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 640.74M | 640.74M | 0.00 (+0.00%) |
linux/arm64 | 633.10M | 633.10M | 0.00 (+0.00%) |
2 files ±0 2 suites ±0 52s :stopwatch: -1s 26 tests ±0 26 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0 28 runs ±0 28 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0
Results for commit a3101677. ± Comparison against base commit a48af198.
Description | Value |
---|---|
Number of added lines | 4 |
Number of deleted lines | 4 |
Number of changed files | 3 |
Number of commits | 1 |
Number of reviews | 1 |
Number of comments (w/o review comments) | 5 |
Number of reviews that contains a comment to resolve | 0 |
Number of reviews that requested a change from the author | 0 |
Number of reviews that approved the Pull Request | 1 |
Get the total number of participants of a Pull Request | 4 |
Description | Value |
---|---|
PR lead time (from creation to close of PR) | 18.3 Min |
Time that was spend on the branch before the PR was created | 1 Sec |
Time that was spend on the branch before the PR was merged | 18.3 Min |
Time to merge after last review | 4 Min |
Description | Value |
---|---|
Total runtime for last status check run (Workflow for PR) | 13.3 Min |
Total time spend in last status check run on PR | 4.2 Min |
🎉 Hooray! The changes in this pull request went live with the release of v5.1.4 🎉
Bumps the github-actions group with 2 updates: docker/build-push-action and anchore/sbom-action.
Updates
docker/build-push-action
from 6.3.0 to 6.4.0Release notes
Sourced from docker/build-push-action's releases.
Commits
a254f8c
Merge pull request #1179 from docker/dependabot/npm_and_yarn/docker/actions-t...94dae62
chore: update generated content267a69d
chore(deps): Bump@docker/actions-toolkit
from 0.31.0 to 0.33.0f23fb2a
Merge pull request #1133 from crazy-max/gha-cache-toef76d10
chore: update generated content522345f
set repository and ghtoken attributes for gha cache typeUpdates
anchore/sbom-action
from 0.16.1 to 0.17.0Release notes
Sourced from anchore/sbom-action's releases.
Commits
d94f46e
chore(deps): update Syft to v1.9.0 (#479)ee41e6a
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#474)23e0b38
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#475)f4035cd
chore: serialize tests to prevent install race (#478)f3253ca
chore(deps): update Syft to v1.8.0 (#473)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show