Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
466: Use external action to setup the Rust toolchain r=jonasbb a=jonasbb The action takes care of integrating CI and caching too. 467: Bump ossf/scorecard-action from 1.1.0 to 1.1.1 r=jonasbb a=dependabot[bot] Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.0 to 1.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <h2>What's Changed</h2> <p>Fix for <a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/323">ossf/scorecard-action#323</a></p> <p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1">https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ossf/scorecard-action/commit/3e15ea8318eee9b333819ec77a36aca8d39df13e"><code>3e15ea8</code></a> ✨ Bump container hash to use scorecard v4.3.1 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/324">#324</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/6c071aca8599d63e8125a51b6b698c0f9e75bc54"><code>6c071ac</code></a> 🌱 Bump actions/setup-go from 3.1.0 to 3.2.0</li> <li><a href="https://github.com/ossf/scorecard-action/commit/51fbe793f85fb5cc5ba2014839c838aff0228177"><code>51fbe79</code></a> 🌱 Bump debian from <code>fbaacd5</code> to <code>06a93cb</code></li> <li><a href="https://github.com/ossf/scorecard-action/commit/d8a25b210c487a143a67fac8ae05612b6ee81ff9"><code>d8a25b2</code></a> 🌱 Bump github.com/caarlos0/env/v6 from 6.9.2 to 6.9.3</li> <li><a href="https://github.com/ossf/scorecard-action/commit/cd3637b65cef198b9be1162b557eeaab7a0a8887"><code>cd3637b</code></a> Update README.md (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/319">#319</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/77f5e34142bc416a475a7c6abd090302af532f7c"><code>77f5e34</code></a> 🌱 .github: Add dependency review action (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/165">#165</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/ef34fe9e22cb41cacfa034924045103524c632f1"><code>ef34fe9</code></a> 📖 docs/e2e: Add information about golang-staging branch tests (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/170">#170</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/1aa187dfb0742950fb8f08f4068dd6af6bd3367a"><code>1aa187d</code></a> 🌱 Bump github/codeql-action from 2.1.10 to 2.1.11 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/311">#311</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/049eb0c0d4a12868f4be4b39f1f896ca0cd3aa13"><code>049eb0c</code></a> 🌱 Bump github.com/ossf/scorecard/v4 from 4.2.0 to 4.3.0 (<a href="https://github-redirect.dependabot.com/ossf/scorecard-action/issues/313">#313</a>)</li> <li>See full diff in <a href="https://github.com/ossf/scorecard-action/compare/v1.1.0...v1.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=1.1.0&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: Jonas Bushart <jonas@bushart.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information