angular
build: update scorecard action dependencies
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| actions/checkout | action | patch | v4.1.4 -> v4.1.5 |
| github/codeql-action | action | patch | v3.25.3 -> v3.25.4 |
| ossf/scorecard-action | action | patch | v2.3.1 -> v2.3.3 |
Release Notes
actions/checkout (actions/checkout)
v4.1.5
What's Changed
- Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
- Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
- Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
- Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
- README: Suggest
user.emailto be41898282+github-actions[bot]@​users.noreply.github.comby @cory-miller in https://github.com/actions/checkout/pull/1707
Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
ossf/scorecard-action (ossf/scorecard-action)
v2.3.3
[!NOTE]
There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag
What's Changed
- :seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1366
- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1374
- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1377
For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.
Documentation
- :book: Move token discussion out of main README. by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1279
- :book: link to
ossf/scorecardworkflow instead of maintaining an example by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1352 - :book: update api links to new scorecard.dev site by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1376
Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3
v2.3.2
Configuration
📅 Schedule: Branch creation - "after 10:00pm every weekday,before 4:00am every weekday,every weekend" in timezone America/Tijuana, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Renovate Bot.
