Closed dependabot[bot] closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ ACTION | actionlint | 15 | 0 | 0.04s | |
✅ DOCKERFILE | hadolint | 2 | 0 | 0.39s | |
✅ JSON | prettier | 11 | 0 | 0 | 0.63s |
✅ JSON | v8r | 10 | 0 | 5.68s | |
✅ MARKDOWN | markdownlint | 8 | 0 | 0 | 1.03s |
✅ MARKDOWN | markdown-table-formatter | 8 | 0 | 0 | 0.23s |
✅ REPOSITORY | checkov | yes | no | 15.5s | |
✅ REPOSITORY | gitleaks | yes | no | 0.25s | |
✅ REPOSITORY | git_diff | yes | no | 0.01s | |
✅ REPOSITORY | grype | yes | no | 13.0s | |
✅ REPOSITORY | secretlint | yes | no | 1.23s | |
✅ REPOSITORY | trivy | yes | no | 7.3s | |
✅ REPOSITORY | trivy-sbom | yes | no | 0.71s | |
✅ REPOSITORY | trufflehog | yes | no | 2.32s | |
✅ SPELL | lychee | 48 | 0 | 2.77s | |
✅ YAML | prettier | 20 | 0 | 0 | 1.01s |
✅ YAML | v8r | 20 | 0 | 17.62s | |
✅ YAML | yamllint | 20 | 0 | 0.38s |
See detailed report in MegaLinter reports
Comparing ghcr.io/philips-software/amp-devcontainer-rust:latest
to ghcr.io/philips-software/amp-devcontainer-rust@sha256:d63560e857e440a3388a15b7a9022ea597e36a49cb461198fb553e705caa58f5
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 432.86M | 432.87M | 17.34K (+0.00%) |
linux/arm64 | 572.09M | 572.11M | 21.07K (+0.00%) |
Comparing ghcr.io/philips-software/amp-devcontainer-cpp:latest
to ghcr.io/philips-software/amp-devcontainer-cpp@sha256:af930d0b278e6d03b5a694062e6354f8482f3745bd762bafe0dfb38e433f48d0
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 640.74M | 640.77M | 26.37K (+0.00%) |
linux/arm64 | 633.10M | 633.13M | 22.62K (+0.00%) |
2 files ±0 2 suites ±0 51s :stopwatch: ±0s 26 tests ±0 26 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0 28 runs ±0 28 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0
Results for commit 40077ecb. ± Comparison against base commit 9d613bac.
Description | Value |
---|---|
Number of added lines | 4 |
Number of deleted lines | 4 |
Number of changed files | 3 |
Number of commits | 1 |
Number of reviews | 1 |
Number of comments (w/o review comments) | 5 |
Number of reviews that contains a comment to resolve | 0 |
Number of reviews that requested a change from the author | 0 |
Number of reviews that approved the Pull Request | 1 |
Get the total number of participants of a Pull Request | 4 |
Description | Value |
---|---|
PR lead time (from creation to close of PR) | 1.1 Hours |
Time that was spend on the branch before the PR was created | 1 Sec |
Time that was spend on the branch before the PR was merged | 1.1 Hours |
Time to merge after last review | 3.9 Min |
Description | Value |
---|---|
Total runtime for last status check run (Workflow for PR) | 11.4 Min |
Total time spend in last status check run on PR | 3.4 Min |
🎉 Hooray! The changes in this pull request went live with the release of v5.1.4 🎉
Bumps the github-actions group with 2 updates: github/codeql-action and ossf/scorecard-action.
Updates
github/codeql-action
from 3.25.14 to 3.25.15Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
afb54ba
Merge pull request #2391 from github/update-v3.25.15-4b1d7da1057a4b22
Update changelog for v3.25.154b1d7da
Merge pull request #2385 from github/update-bundle/codeql-bundle-v2.18.197e8f69
Merge branch 'main' into update-bundle/codeql-bundle-v2.18.1f8e94f9
Merge pull request #2389 from github/mergeback/v3.25.14-to-main-5cf07d8b9e375a8
Update checked-in dependencies02d73d0
Update changelog and version after v3.25.14736528d
Add changelog note98042e7
Update default bundle to codeql-bundle-v2.18.1Updates
ossf/scorecard-action
from 2.3.3 to 2.4.0Release notes
Sourced from ossf/scorecard-action's releases.
Commits
62b2cac
bump docker tag to v2.4.0 for release (#1414)c09630c
lower license score alert threshold to 9 (#1411)cf8594c
:seedling: Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)de5fcb9
:seedling: Bump the github-actions group with 2 updates (#1412)a46b90b
bump scorecard to v5.0.0 release (#1410)9fc518d
:seedling: Bump golang in the docker-images group (#1407)a8eaa1b
:seedling: Bump the github-actions group with 2 updates (#1408)873d5fd
:seedling: Bump the github-actions group across 1 directory with 2 updates (#...54cc1fe
:seedling: Bump the docker-images group with 2 updates (#1401)82bcb91
:seedling: Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show