Closed dependabot[bot] closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Comparing ghcr.io/philips-software/amp-devcontainer-rust:latest
to ghcr.io/philips-software/amp-devcontainer-rust@sha256:64faee6cad52badaa32e90080370f87c9a0a92f5fc3b0cabfa4b5c80525c98f4
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 432.86M | 432.87M | 17.34K (+0.00%) |
linux/arm64 | 572.09M | 572.11M | 21.07K (+0.00%) |
Comparing ghcr.io/philips-software/amp-devcontainer-cpp:latest
to ghcr.io/philips-software/amp-devcontainer-cpp@sha256:a65eee5ac315feafe3d546a98b98b3660856a847d6ceaccf4b66f64f994c6f8f
OS/Platform | Previous Size | Current Size | Delta |
---|---|---|---|
linux/amd64 | 640.74M | 641.12M | 384.12K (+0.06%) |
linux/arm64 | 633.10M | 633.47M | 377.22K (+0.06%) |
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ ACTION | actionlint | 15 | 0 | 0.05s | |
✅ DOCKERFILE | hadolint | 2 | 0 | 0.47s | |
✅ JSON | prettier | 11 | 0 | 0 | 0.61s |
✅ JSON | v8r | 10 | 0 | 4.92s | |
✅ MARKDOWN | markdownlint | 8 | 0 | 0 | 1.02s |
✅ MARKDOWN | markdown-table-formatter | 8 | 0 | 0 | 0.21s |
✅ REPOSITORY | checkov | yes | no | 16.3s | |
✅ REPOSITORY | gitleaks | yes | no | 0.47s | |
✅ REPOSITORY | git_diff | yes | no | 0.01s | |
✅ REPOSITORY | grype | yes | no | 13.28s | |
✅ REPOSITORY | secretlint | yes | no | 1.26s | |
✅ REPOSITORY | trivy | yes | no | 7.03s | |
✅ REPOSITORY | trivy-sbom | yes | no | 1.47s | |
✅ REPOSITORY | trufflehog | yes | no | 3.08s | |
✅ SPELL | lychee | 48 | 0 | 0.92s | |
✅ YAML | prettier | 20 | 0 | 0 | 0.99s |
✅ YAML | v8r | 20 | 0 | 17.15s | |
✅ YAML | yamllint | 20 | 0 | 0.49s |
See detailed report in MegaLinter reports
2 files ±0 2 suites ±0 51s :stopwatch: ±0s 26 tests ±0 26 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0 28 runs ±0 28 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0
Results for commit 82255a82. ± Comparison against base commit 651a8c4f.
Description | Value |
---|---|
Number of added lines | 10 |
Number of deleted lines | 10 |
Number of changed files | 7 |
Number of commits | 1 |
Number of reviews | 1 |
Number of comments (w/o review comments) | 5 |
Number of reviews that contains a comment to resolve | 0 |
Number of reviews that requested a change from the author | 0 |
Number of reviews that approved the Pull Request | 1 |
Get the total number of participants of a Pull Request | 4 |
Description | Value |
---|---|
PR lead time (from creation to close of PR) | 21.1 Hours |
Time that was spend on the branch before the PR was created | 1 Sec |
Time that was spend on the branch before the PR was merged | 21.1 Hours |
Time to merge after last review | 4 Min |
Description | Value |
---|---|
Total runtime for last status check run (Workflow for PR) | 12.1 Min |
Total time spend in last status check run on PR | 3.5 Min |
🎉 Hooray! The changes in this pull request went live with the release of v5.1.4 🎉
Bumps the github-actions group with 4 updates in the / directory: sigstore/cosign-installer, docker/build-push-action, actions/upload-artifact and github/codeql-action.
Updates
sigstore/cosign-installer
from 3.5.0 to 3.6.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
4959ce0
update readme for new release (#170)45ffe83
bump default version to v2.4.0 release (#168)7e1d9c1
pin public key used for verification (#169)cc23fe1
Bump actions/setup-go from 5.0.1 to 5.0.2 (#167)b235ed9
Bump actions/checkout from 4.1.6 to 4.1.7 (#166)b49ef6b
Bump actions/checkout from 4.1.5 to 4.1.6 (#165)7a59e5a
Bump actions/checkout from 4.1.4 to 4.1.5 (#164)8d927bd
Bump actions/setup-go from 5.0.0 to 5.0.1 (#163)8c9caa0
Bump actions/checkout from 4.1.3 to 4.1.4 (#162)19351d0
Bump actions/checkout from 4.1.2 to 4.1.3 (#161)Updates
docker/build-push-action
from 6.5.0 to 6.6.1Release notes
Sourced from docker/build-push-action's releases.
Commits
16ebe77
Merge pull request #1205 from docker/dependabot/npm_and_yarn/docker/actions-t...646a62b
chore: update generated contentd92ab13
chore(deps): Bump@docker/actions-toolkit
from 0.37.0 to 0.37.14f7cdeb
Merge pull request #1198 from docker/dependabot/npm_and_yarn/docker/actions-t...ad3cd77
chore: update generated content3efbc13
chore(deps): Bump@docker/actions-toolkit
from 0.36.0 to 0.37.02dbe91d
Merge pull request #1197 from crazy-max/build-checks7de3854
chore: update generated content175aa53
opt to disable github annotations generation for build checks806a2a4
generate GitHub annotations for build checksUpdates
actions/upload-artifact
from 4.3.5 to 4.3.6Release notes
Sourced from actions/upload-artifact's releases.
Commits
834a144
Merge pull request #594 from actions/robherley/4.3.6134dcf3
v4.3.673a0b9c
revert back to@actions/artifact
2.1.8Updates
github/codeql-action
from 3.25.15 to 3.26.0Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
eb055d7
Merge pull request #2410 from github/update-v3.26.0-c24926b733884d04
Update changelog for v3.26.0c24926b
Merge pull request #2407 from github/dependabot/npm_and_yarn/npm-7954a73ad268ba39b
Merge branch 'main' into dependabot/npm_and_yarn/npm-7954a73ad28dd1773
Merge pull request #2408 from github/henrymercer/deprecate-codeql-2.13.4441c9d9
Merge pull request #2409 from github/henrymercer/fix-required-checksf03da13
Exclude push-only unit tests job from required PR checks script29a5cfc
Bump version to 3.26.09e440ad
Add changelog note136f5a5
Add CodeQL v2.17.6 to default test versionsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show