Commit Graph

8 Commits

Author SHA1 Message Date
dependabot[bot] c7ad4f0f68
chore(deps): bump the actions group with 3 updates
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [docker/login-action](https://github.com/docker/login-action).


Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](b4ffde65f4...9bb56186c3)

Updates `docker/setup-buildx-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](0d103c3126...2b51285047)

Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](343f7c4344...e92390c5fb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 03:11:41 +00:00
dependabot[bot] 342784b237
chore(deps): bump the actions group with 1 update
Updates the requirements on [github/codeql-action](https://github.com/github/codeql-action) to permit the latest version.

Updates `github/codeql-action` to 7e187e1c529d80bac7b87a16e7a792427f65cf02
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](7e187e1c52)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-15 16:33:50 +00:00
Ivan Dyachkov 56d0de8453 ci: bump actions versions 2024-02-15 16:37:20 +01:00
Ivan Dyachkov 4a4f96d4b5 ci: scorecard workflow can only run on master branch 2024-02-02 08:51:51 +01:00
Ivan Dyachkov 0a0bf3123b ci: bump actions versions 2024-01-17 15:18:03 +01:00
Ivan Dyachkov 4c9078d05f ci: pin more dependencies 2024-01-11 22:08:38 +01:00
Ivan Dyachkov e1944739e9 ci: restrict token permissions and pin deps 2024-01-11 11:34:44 +01:00
Ivan Dyachkov 7212e8acee chore(ci): add ossf scorecard analysis workflow 2023-10-11 09:59:27 +02:00