Bumps the gh-actions-packages group with 10 updates in the / directory:

Package	From	To
actions/checkout	`4.1.6`	`4.1.7`
snok/container-retention-policy	`2.2.1`	`3.0.0`
github/codeql-action	`3.25.6`	`3.25.11`
actions/dependency-review-action	`4.3.2`	`4.3.3`
bridgecrewio/checkov-action	`12.2762.0`	`12.2814.0`
anchore/sbom-action	`0.16.0`	`0.16.1`
docker/setup-buildx-action	`3.3.0`	`3.4.0`
docker/build-push-action	`5.3.0`	`6.3.0`
MishaKav/pytest-coverage-comment	`1.1.51`	`1.1.52`
mikepenz/action-junit-report	`4.2.1`	`4.3.1`

Updates actions/checkout from 4.1.6 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: https://github.com/actions/checkout/compare/v4.1.6...v4.1.7

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

v4.0.0

Support fetching without the --progress option

Update to node20

v3.6.0

Fix: Mark test scripts with Bash'isms to be run via Bash

Add option to fetch tags even if fetch-depth > 0

v3.5.3

Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in

Fix typos found by codespell

... (truncated)

Commits

692973e Prepare 4.1.7 release (#1775)
6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
b17fe1e Handle hidden refs (#1774)
b80ff79 Bump actions/checkout from 3 to 4 (#1697)
b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
See full diff in compare view

Updates snok/container-retention-policy from 2.2.1 to 3.0.0

Release notes

Sourced from snok/container-retention-policy's releases.

v3.0.0

Disclaimer: This release breaks the API of the action to a large degree. It might be wise to run the action with dry-run: true after upgrading.

This release is a complete rewrite of the action, tackling most if not all open issues in the issue tracker. Some of the highlights include:

Simplifying and consolidating the inputs of the action

Improving the runtime performance, and the initialization time of the action in CI

Support for multi-platform packages

Support for new token types (secrets.GITHUB_TOKEN and Github app tokens)

Much better handling of GitHub API rate limits

💥 There are a lot of breaking changes, so we've included a migration guide at the bottom of this post, to make things a bit simpler.

Since the release introduces a few thousand lines of code, we expect there may be a few things left to iron out. If you run into any problems, please share them in the v3 release issue.

In addition to what's mentioned above, other new features and changes include:

Significant effort has been spent on improving the logging, to give better insights into what exactly is happening

Updated license from BSD-3 to MIT.

The available syntax for image-names and image-tags previously allowed wildcards (using the * character). We now also allow the ? character to express a single-character wildcard. For example, the pattern ca? will match car and cat. See the wildmatch docs for details.

In addition to changing the inputs of the action (more details below), there are a few other breaking changes:

We'll no longer maintain mutable major and minor version tags for the action. There will be no v3 target for the action, just v3.0.0 and other exact versions. Mutable major version tags are generally hard to maintain and not much safer than tracking the main branch, so more precise tag tracking should reduce the likelihood of broken runs going forward. Paired with dependabot, upgrading should not be much harder than it has been.

The needs-assistance output was deleted

And in terms of performance improvements:

The action has been rewritten from a composite action to a container action, and the total size of the new image is < 10Mi.

The action would previously take ~30 seconds to initialize and would require a Python runtime. The action now starts in less than a second, and runs as a standalone binary.

The runtime of the action has been reduced, and assuming we need to delete less than 180 package versions, the action completes in, at most, a few seconds. See this example of a recent run. When we have to delete more than 180 package versions, there's a minute of waiting for every 180 new package versions, as a consequence of GitHub's secondary API rate limits. See the new README for details.

Migration guide
The account-type and org-name inputs have been replaced with account, which should be set to the literal string "user" if you previously used account-type: personal and to the organization name otherwise:
- account-type: personal
+ account: user
or
- account-type: organization
- org-name: acme
+ account: acme

... (truncated)

Commits

4f22ef8 fix: Correct oauth scope check
def81c2 fix(ci): Use input version tag when building image
ab30663 chore: Update docs for release and update action image
7793513 chore(deps): bump docker/build-push-action from 5 to 6
79a0b31 Remove oauth token
851b141 Rewrite the action in Rust
178bc0b chore: Update test workflow to test v3-develop branch
e6eea47 fix(workflows): Correct script and run every 3 hours
3bfc979 fix(ci): Revise test dockerfile
e66905c refactor(ci): Add variables to reduce clutter
Additional commits viewable in compare view

Updates github/codeql-action from 3.25.6 to 3.25.11

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.25.11 - 28 Jun 2024

Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349

Update default CodeQL bundle version to 2.17.6. #2352

3.25.10 - 13 Jun 2024

Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330

The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273

Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274

The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281

3.25.4 - 08 May 2024

Update default CodeQL bundle version to 2.17.2. #2270

3.25.3 - 25 Apr 2024

Update default CodeQL bundle version to 2.17.1. #2247

Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261

... (truncated)

Commits

b611370 Merge pull request #2357 from github/update-v3.25.11-de945755c
3e6431f Update changelog for v3.25.11
de94575 Merge pull request #2352 from github/update-bundle/codeql-bundle-v2.17.6
a32d305 Add changelog note
9ccc995 Update default bundle to codeql-bundle-v2.17.6
9b7c22c Merge pull request #2351 from github/dependabot/npm_and_yarn/npm-6791eaa26c
9cf3243 Rebuild
1895b29 Update checked-in dependencies
9dcfde9 Bump the npm group with 2 updates
8723b5b Merge pull request #2350 from github/angelapwen/add-exclude-pr-check-param
Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.3.2 to 4.3.3

Release notes

Sourced from actions/dependency-review-action's releases.

Notes for v4.3.3

What's Changed

Allow slashes in purl package names by @juxtin in actions/dependency-review-action#765

use the v3 version of the deps.dev API by @josieang in actions/dependency-review-action#741

PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @am-stead in actions/dependency-review-action#773

fix show-openssf-scorecard-levels input by @ramann in actions/dependency-review-action#776

Updates to the contribution guidelines by @jonjanego in actions/dependency-review-action#778

Create issue templates by @jonjanego in actions/dependency-review-action#777

Fix the max comment length issue by @jhutchings1 and @elireisman in actions/dependency-review-action#767

Bump project version to 4.3.3 in prep for a release by @elireisman in actions/dependency-review-action#781

New Contributors

@josieang made their first contribution in actions/dependency-review-action#741

@am-stead made their first contribution in actions/dependency-review-action#773

@ramann made their first contribution in actions/dependency-review-action#776

Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3

Commits

72eb03d Merge pull request #781 from actions/release-v4.3.3
137d8b4 bump to version v4.3.3
e6b618e Merge pull request #767 from actions/max-comment-length
3c42649 fix ws for linter
8e6ea8d update packaging
1b3d277 post-review: add PR comment full summary test case
220872c Update src/main.ts
087d0f8 repackage to update dist
4531204 whitespace
df1ca89 appease linter
Additional commits viewable in compare view

Updates bridgecrewio/checkov-action from 12.2762.0 to 12.2814.0

Commits

a8278c9 Bump checkov container version to 3.2.179
716515c Bump checkov container version to 3.2.178
b406dfe Bump checkov container version to 3.2.177
822daab Bump checkov container version to 3.2.176
9d5a8cd Bump checkov container version to 3.2.175
8e15b4f Bump checkov container version to 3.2.174
b055f97 Bump checkov container version to 3.2.173
09cb995 Bump checkov container version to 3.2.171
6a059bc Bump checkov container version to 3.2.169
f5cddbf Bump checkov container version to 3.2.168
Additional commits viewable in compare view

Updates anchore/sbom-action from 0.16.0 to 0.16.1

Release notes

Sourced from anchore/sbom-action's releases.

v0.16.1

Changes in v0.16.1

fix: workaround windows install issue (#477) [willmurphyscode]

fix: allow users to properly use the file input over the default path value (#471) [komish]

chore(deps): update Syft to v1.5.0 (#470) [anchore-actions-token-generator]

docs: notes for matrix and required permissions (#469) [kzantow]

chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466) [dependabot]

Commits

95b086a fix: workaround windows install script (#477)
72370e1 fix: allow users to properly use the file input over the default path value (...
e28bab5 chore(deps): update Syft to v1.5.0 (#470)
2283abe docs: notes for matrix and required permissions (#469)
07e5b3a chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466)
See full diff in compare view

Updates docker/setup-buildx-action from 3.3.0 to 3.4.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.4.0

Throw error message instead of exit code by @crazy-max in docker/setup-buildx-action#315

Bump @docker/actions-toolkit from 0.20.0 to 0.31.0 in docker/setup-buildx-action#321 docker/setup-buildx-action#338

Bump braces from 3.0.2 to 3.0.3 in docker/setup-buildx-action#329

Bump undici from 5.28.3 to 5.28.4 in docker/setup-buildx-action#312

Bump uuid from 9.0.1 to 10.0.0 in docker/setup-buildx-action#326

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v3.3.0...v3.4.0

Commits

4fd8129 Merge pull request #312 from docker/dependabot/npm_and_yarn/undici-5.28.4
3386dc4 chore: update generated content
d191aef build(deps): bump undici from 5.28.3 to 5.28.4
f686054 Merge pull request #338 from docker/dependabot/npm_and_yarn/docker/actions-to...
7854785 chore: update generated content
830928c fix builder type path
26d2aec build(deps): bump @docker/actions-toolkit from 0.23.0 to 0.31.0
ab17e3e Merge pull request #339 from crazy-max/missing-types-jsyaml
d79cb80 missing types for js-yaml
13cf788 Merge pull request #326 from docker/dependabot/npm_and_yarn/uuid-10.0.0
Additional commits viewable in compare view

Updates docker/build-push-action from 5.3.0 to 6.3.0

Release notes

Sourced from docker/build-push-action's releases.

v6.3.0

DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @crazy-max in docker/build-push-action#1172

DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @crazy-max in docker/build-push-action#1170 docker/build-push-action#1173

Bump @docker/actions-toolkit from 0.28.0 to 0.31.0 in docker/build-push-action#1171 docker/build-push-action#1159 docker/build-push-action#1169

Full Changelog: https://github.com/docker/build-push-action/compare/v6.2.0...v6.3.0

v6.2.0

Use default retention days for build export artifact by @crazy-max in docker/build-push-action#1153

Bump @docker/actions-toolkit from 0.27.0 to 0.28.0 in docker/build-push-action#1158

Full Changelog: https://github.com/docker/build-push-action/compare/v6.1.0...v6.2.0

v6.1.0

Bump @docker/actions-toolkit from 0.26.2 to 0.27.0 in docker/build-push-action#1149

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.2...v6.1.0

v6.0.2

Bump @docker/actions-toolkit from 0.26.1 to 0.26.2 in docker/build-push-action#1147

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.1...v6.0.2

v6.0.1

Bump @docker/actions-toolkit from 0.26.0 to 0.26.1 in docker/build-push-action#1142

Full Changelog: https://github.com/docker/build-push-action/compare/v6.0.0...v6.0.1

v6.0.0

Export build record and generate build summary by @crazy-max in docker/build-push-action#1120

Bump @docker/actions-toolkit from 0.24.0 to 0.26.0 in docker/build-push-action#1132 docker/build-push-action#1136 docker/build-push-action#1138

Bump braces from 3.0.2 to 3.0.3 in docker/build-push-action#1137

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0

v5.4.0

Show builder information before building by @crazy-max in docker/build-push-action#1128

Handle attestations correctly with provenance and sbom inputs by @crazy-max in docker/build-push-action#1086

Bump @docker/actions-toolkit from 0.19.0 to 0.24.0 in docker/build-push-action#1088 docker/build-push-action#1105 docker/build-push-action#1121 docker/build-push-action#1127

Bump undici from 5.28.3 to 5.28.4 in docker/build-push-action#1090

Full Changelog: https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0

Commits

1a16264 Merge pull request #1172 from crazy-max/build-export-disable
9eea548 chore: update generated content
11c2faa rename DOCKER_BUILD_EXPORT_RETENTION_DAYS to DOCKER_BUILD_RECORD_RETENTION_DAYS
de2365a opt to disable build record upload
bca5082 Merge pull request #1173 from crazy-max/build-summary-env-change
e7aab40 chore: update generated content
63eb759 switch DOCKER_BUILD_SUMMARY_DISABLE to DOCKER_BUILD_SUMMARY
53ec486 Merge pull request #1171 from docker/dependabot/npm_and_yarn/docker/actions-t...
fe9d9f1 chore: update generated content
ad37ba1 chore(deps): Bump @docker/actions-toolkit from 0.30.0 to 0.31.0
Additional commits viewable in compare view

Updates MishaKav/pytest-coverage-comment from 1.1.51 to 1.1.52

Release notes

Sourced from MishaKav/pytest-coverage-comment's releases.

v1.1.52

What's Changed

Add sample of permissions/Fix permissions of existing jobs by @m-tmatma in MishaKav/pytest-coverage-comment#162

Fix typo s/Percantage/Percentage/ by @jalessio in MishaKav/pytest-coverage-comment#165

junit: use data from all testsuites by @eltoder in MishaKav/pytest-coverage-comment#168

Use label instead of ref for workflow_run and workflow_dispatch by @cecheta in MishaKav/pytest-coverage-comment#160

Fix commit SHA for workflow_run by @cecheta in MishaKav/pytest-coverage-comment#158

New Contributors

@m-tmatma made their first contribution in MishaKav/pytest-coverage-comment#162

@jalessio made their first contribution in MishaKav/pytest-coverage-comment#165

@eltoder made their first contribution in MishaKav/pytest-coverage-comment#168

@cecheta made their first contribution in MishaKav/pytest-coverage-comment#160

Full Changelog: https://github.com/MishaKav/pytest-coverage-comment/compare/v1.1.51...v1.1.52

Changelog

Sourced from MishaKav/pytest-coverage-comment's changelog.

Changelog of the Pytest Coverage Comment

Pytest Coverage Comment 1.1.52

Release Date: 2024-06-30

Changes

fix commit sha and ref for workflow_run, instead of from the default branch, thanks to @cecheta for contribution

use label instead of ref for workflow_run and workflow_dispatch, thanks to @cecheta for contribution

use data from all testsuites instead the first one, thanks to @eltoder for contribution

Pytest Coverage Comment 1.1.51

Release Date: 2024-01-13

Changes

add workflow_run to the events that can trigger this action, big thanks to @Bouni for contribution

Pytest Coverage Comment 1.1.50

Release Date: 2023-11-26

Changes

add support for updateing the comment in PR through workflow_dispatch event by passing manually issue number, thanks to @alexjyong for contribution

Pytest Coverage Comment 1.1.49

Release Date: 2023-11-15

Changes

remove warning by run in node20 instead node16

add support for workflow_dispatch event, thanks to @f100024 for contribution

Pytest Coverage Comment 1.1.48

Release Date: 2023-08-02

Changes

Fix wrong badge link when have an empty space in total coverage

Pytest Coverage Comment 1.1.47

Release Date: 2023-03-18

Changes

... (truncated)

Commits

fa1c641 changelog for 1.1.52
7b6b113 Fix commit SHA for workflow_run (#158)
c1c1738 Use label instead of ref (#160)
2e3c380 junit: use data from all testsuites (#168)
ed05a2e fix typo in coverageComment
0e5d939 Fix typo s/Percantage/Percentage/ (#165)
0f5f92e Add sample of permissions/Fix permissions of existing jobs (#162)
See full diff in compare view

Updates mikepenz/action-junit-report from 4.2.1 to 4.3.1

Release notes

Sourced from mikepenz/action-junit-report's releases.

v4.3.1

🐛 Fixes

Revert optimisation to skip processing of scucessful tests

PR: #1122

v4.3.0

[!CAUTION] This version has a bug resulting in passed annotations not being created. Use v4.3.1 (or newer) instead See the report here: mikepenz/action-junit-report#1121

🚀 Features

Improve performance of action's processing

PR: #1105

Thanks @GUI

📦 Dependencies

Dependency Upgrades

PR: #1111

v4.2.2

🚀 Features

Add classname to check_title_template

PR: #1095

Thanks @valentin-demange

📦 Dependencies

Dependency upgrades

PR: #1101

Commits

db71d41 Merge pull request #1122 from mikepenz/fix/1121
2d70fb2 - revert testcase
c4cd1de - revert annotation optimisation (Skip processing of successful tests if `inc...
eb1a2b2 Merge pull request #1111 from mikepenz/feature/dependency_updates_20240620
71ce529 ```
d8a34d8 Merge branch 'refs/heads/GUI-perf'
8aa8974 - slight enhancement
a0437c7 Skip processing of successful tests if include_passed is not enabled.
1ba5f45 Improve performance by caching repeated file glob results.
ac30be7 Merge pull request #1101 from mikepenz/feature/dependency_updates_20240530
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
⚠️ 1 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 36893b31f0b9c7bc54ab788a42191a380585ccff.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

.github/workflows/.reusable-sast.yml

Package	Version	License	Issue Type
bridgecrewio/checkov-action	a8278c99fbd934feac4c1490423afcb6338a35e2	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

File	Stmts	Miss	Cover	Missing
semgr8s
__main__.py	18	18	0%	5–32
app.py	81	4	95%	117, 177–178, 209
k8s_api.py	22	2	91%	43–44
updater.py	29	2	93%	49–50
TOTAL	202	26	87%

semgr8ns / semgr8s

update: bump the gh-actions-packages group across 1 directory with 10 updates #306

v4.1.7

What's Changed

New Contributors

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.0.0

Migration guide

CodeQL Action Changelog

[UNRELEASED]

3.25.11 - 28 Jun 2024

3.25.10 - 13 Jun 2024

3.25.9 - 12 Jun 2024

3.25.8 - 04 Jun 2024

3.25.7 - 31 May 2024

3.25.6 - 20 May 2024

3.25.5 - 13 May 2024

3.25.4 - 08 May 2024

3.25.3 - 25 Apr 2024

Notes for v4.3.3

What's Changed

New Contributors

v0.16.1

Changes in v0.16.1

v3.4.0

v6.3.0

v6.2.0

v6.1.0

v6.0.2

v6.0.1

v6.0.0

v5.4.0

v1.1.52

What's Changed

New Contributors

Changelog of the Pytest Coverage Comment

Pytest Coverage Comment 1.1.52

Changes

Pytest Coverage Comment 1.1.51

Changes

Pytest Coverage Comment 1.1.50

Changes

Pytest Coverage Comment 1.1.49

Changes

Pytest Coverage Comment 1.1.48

Changes

Pytest Coverage Comment 1.1.47

Changes

v4.3.1

🐛 Fixes

v4.3.0

🚀 Features

📦 Dependencies

v4.2.2

🚀 Features

📦 Dependencies

Dependency Review

Snapshot Warnings

License Issues

.github/workflows/.reusable-sast.yml

OpenSSF Scorecard

Scanned Manifest Files