🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 #942

dependabot · 2022-09-19T21:13:23Z

Bumps codecov/codecov-action from 3.1.0 to 3.1.1.

Release notes

Sourced from codecov/codecov-action's releases.

3.1.1

What's Changed

Update deprecation warning by @slifty in codecov/codecov-action#661

Create codeql-analysis.yml by @mitchell-codecov in codecov/codecov-action#593

build(deps): bump node-fetch from 3.2.3 to 3.2.4 by @dependabot in codecov/codecov-action#714

build(deps-dev): bump typescript from 4.6.3 to 4.6.4 by @dependabot in codecov/codecov-action#713

README: fix typo by @Evalir in codecov/codecov-action#712

build(deps): bump github/codeql-action from 1 to 2 by @dependabot in codecov/codecov-action#724

build(deps-dev): bump @types/jest from 27.4.1 to 27.5.0 by @dependabot in codecov/codecov-action#717

fix: Remove a blank row by @johnmanjiro13 in codecov/codecov-action#725

Update README.md with correct badge version by @gsheni in codecov/codecov-action#726

build(deps-dev): bump @types/node from 17.0.25 to 17.0.33 by @dependabot in codecov/codecov-action#729

build(deps-dev): downgrade @types/node to 16.11.35 by @dependabot in codecov/codecov-action#734

build(deps): bump actions/checkout from 2 to 3 by @dependabot in codecov/codecov-action#723

build(deps): bump @actions/github from 5.0.1 to 5.0.3 by @dependabot in codecov/codecov-action#733

build(deps): bump @actions/core from 1.6.0 to 1.8.2 by @dependabot in codecov/codecov-action#732

build(deps-dev): bump @types/node from 16.11.35 to 16.11.36 by @dependabot in codecov/codecov-action#737

Create scorecards-analysis.yml by @mitchell-codecov in codecov/codecov-action#633

build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0 by @dependabot in codecov/codecov-action#749

fix: add more verbosity to validation by @thomasrockhu-codecov in codecov/codecov-action#747

build(deps-dev): bump typescript from 4.6.4 to 4.7.3 by @dependabot in codecov/codecov-action#755

Regenerate scorecards-analysis.yml by @mitchell-codecov in codecov/codecov-action#750

build(deps-dev): bump @types/node from 16.11.36 to 16.11.39 by @dependabot in codecov/codecov-action#759

build(deps-dev): bump @types/node from 16.11.39 to 16.11.40 by @dependabot in codecov/codecov-action#762

build(deps-dev): bump @vercel/ncc from 0.33.4 to 0.34.0 by @dependabot in codecov/codecov-action#746

build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 by @dependabot in codecov/codecov-action#757

build(deps): bump openpgp from 5.2.1 to 5.3.0 by @dependabot in codecov/codecov-action#760

build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 by @dependabot in codecov/codecov-action#748

build(deps-dev): bump typescript from 4.7.3 to 4.7.4 by @dependabot in codecov/codecov-action#766

Switch to v3 by @thomasrockhu in codecov/codecov-action#774

Fix network entry in table by @kevmoo in codecov/codecov-action#783

Trim arguments after splitting them by @mitchell-codecov in codecov/codecov-action#791

build(deps): bump openpgp from 5.3.0 to 5.4.0 by @dependabot in codecov/codecov-action#799

build(deps): bump @actions/core from 1.8.2 to 1.9.1 by @dependabot in codecov/codecov-action#798

Plumb failCi into verification function. by @RobbieMcKinstry in codecov/codecov-action#769

release: update changelog and version to 3.1.1 by @thomasrockhu-codecov in codecov/codecov-action#828

New Contributors

@slifty made their first contribution in codecov/codecov-action#661

@Evalir made their first contribution in codecov/codecov-action#712

@johnmanjiro13 made their first contribution in codecov/codecov-action#725

@gsheni made their first contribution in codecov/codecov-action#726

@kevmoo made their first contribution in codecov/codecov-action#783

@RobbieMcKinstry made their first contribution in codecov/codecov-action#769

Full Changelog: codecov/codecov-action@v3.1.0...v3.1.1

Changelog

Sourced from codecov/codecov-action's changelog.

3.1.1

Fixes

#661 Update deprecation warning

#593 Create codeql-analysis.yml

#712 README: fix typo

#725 fix: Remove a blank row

#726 Update README.md with correct badge version

#633 Create scorecards-analysis.yml

#747 fix: add more verbosity to validation

#750 Regenerate scorecards-analysis.yml

#774 Switch to v3

#783 Fix network entry in table

#791 Trim arguments after splitting them

#769 Plumb failCi into verification function.

Dependencies

#713 build(deps-dev): bump typescript from 4.6.3 to 4.6.4

#714 build(deps): bump node-fetch from 3.2.3 to 3.2.4

#724 build(deps): bump github/codeql-action from 1 to 2

#717 build(deps-dev): bump @types/jest from 27.4.1 to 27.5.0

#729 build(deps-dev): bump @types/node from 17.0.25 to 17.0.33

#734 build(deps-dev): downgrade @types/node to 16.11.35

#723 build(deps): bump actions/checkout from 2 to 3

#733 build(deps): bump @actions/github from 5.0.1 to 5.0.3

#732 build(deps): bump @actions/core from 1.6.0 to 1.8.2

#737 build(deps-dev): bump @types/node from 16.11.35 to 16.11.36

#749 build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0

#755 build(deps-dev): bump typescript from 4.6.4 to 4.7.3

#759 build(deps-dev): bump @types/node from 16.11.36 to 16.11.39

#762 build(deps-dev): bump @types/node from 16.11.39 to 16.11.40

#746 build(deps-dev): bump @vercel/ncc from 0.33.4 to 0.34.0

#757 build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1

#760 build(deps): bump openpgp from 5.2.1 to 5.3.0

#748 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0

#766 build(deps-dev): bump typescript from 4.7.3 to 4.7.4

#799 build(deps): bump openpgp from 5.3.0 to 5.4.0

#798 build(deps): bump @actions/core from 1.8.2 to 1.9.1

3.1.0

Features

#699 Incorporate xcode arguments for the Codecov uploader

Dependencies

#694 build(deps-dev): bump @vercel/ncc from 0.33.3 to 0.33.4

#696 build(deps-dev): bump @types/node from 17.0.23 to 17.0.25

#698 build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0

3.0.0

Breaking Changes

#689 Bump to node16 and small fixes

... (truncated)

Commits

d9f34f8 release: update changelog and version to 3.1.1 (#828)
0e9e7b4 Plumb failCi into verification function. (#769)
7f20bd4 build(deps): bump @actions/core from 1.8.2 to 1.9.1 (#798)
13bc253 build(deps): bump openpgp from 5.3.0 to 5.4.0 (#799)
5c0da1b Trim arguments after splitting them (#791)
68d5f6d Fix network entry in table (#783)
2a829b9 Switch to v3 (#774)
8e09eaf build(deps-dev): bump typescript from 4.7.3 to 4.7.4 (#766)
39e2229 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 (#748)
b2b7703 build(deps): bump openpgp from 5.2.1 to 5.3.0 (#760)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @naveensrinivasan.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

codecov · 2022-09-19T21:17:24Z

Codecov Report

Merging #942 (1e11215) into main (f60b7d6) will not change coverage.
The diff coverage is n/a.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #942   +/-   ##
=======================================
  Coverage   62.19%   62.19%           
=======================================
  Files           4        4           
  Lines         246      246           
=======================================
  Hits          153      153           
  Misses         77       77           
  Partials       16       16

naveensrinivasan · 2022-09-27T14:22:50Z

@dependabot merge

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md) - [Commits](codecov/codecov-action@81cd2dc...d9f34f8) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

273: chore(deps): update ossf/scorecard-action action to v2 r=renovate[bot] a=renovate[bot] [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | major | `v1.1.1` -> `v2.0.6` | --- ### Release Notes <details> <summary>ossf/scorecard-action</summary> ### [`v2.0.6`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.6) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6) #### What's Changed - Fix - Broken dockerfile by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#979 **Full Changelog**: ossf/scorecard-action@v2.0.5...v2.0.6 ### [`v2.0.5`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.5) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.4...v2.0.5) #### What's Changed - Remove trailing space from example by [`@jamacku](https://togithub.com/jamacku)` in [ossf/scorecard-action#955 - 🌱 Bump actions/cache from 3.0.8 to 3.0.10 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#956 - 🌱 Bump github/codeql-action from 2.1.25 to 2.1.26 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#957 - 🌱 Bump step-security/harden-runner from 1.4.5 to 1.5.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#958 - 🌱 Bump debian from `5cf1d98` to `b46fc4e` by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#959 - 🌱 Bump github.com/sigstore/cosign from 1.12.1 to 1.13.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#962 - 🌱 Upgrade to go 1.19 by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#961 - 🌱 Bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#967 - 🌱 Bump golang from `c2a98a5` to `b850621` by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#966 - 🌱 Bump golang from `b850621` to `25de7b6` by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#968 - New release for Scorecard v4.8.0 by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#969 #### New Contributors - [`@jamacku](https://togithub.com/jamacku)` made their first contribution in [ossf/scorecard-action#955 **Full Changelog**: ossf/scorecard-action@v2.0.4...v2.0.5 ### [`v2.0.4`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.4) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4) Fixes [#856](https://togithub.com/ossf/scorecard-action/issues/856) #### What's Changed - 🌱 Bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#934 - feat: do not run signing on pull requests by [`@laurentsimon](https://togithub.com/laurentsimon)` in [ossf/scorecard-action#935 - 🌱 Bump debian from 11.4-slim to 11.5-slim by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#936 - 🌱 Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#938 - 🌱 Bump github/codeql-action from 2.1.22 to 2.1.24 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#941 - 🐛 Restore behavior of ignoring scorecard runtime errors by [`@spencerschrock](https://togithub.com/spencerschrock)` in [ossf/scorecard-action#948 - 🌱 Bump actions/dependency-review-action from 2.1.0 to 2.4.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#950 - 🌱 Bump github.com/sigstore/cosign from 1.12.0 to 1.12.1 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#947 - 🌱 Bump github/codeql-action from 2.1.24 to 2.1.25 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#949 - 🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#942 - Create v2.0.4 patch by [`@spencerschrock](https://togithub.com/spencerschrock)` in [ossf/scorecard-action#952 #### New Contributors - [`@spencerschrock](https://togithub.com/spencerschrock)` made their first contribution in [ossf/scorecard-action#948 **Full Changelog**: ossf/scorecard-action@v2.0.3...v2.0.4 ### [`v2.0.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.2...v2.0.3) Patch for fix in [#898](https://togithub.com/ossf/scorecard-action/issues/898) ### [`v2.0.2`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.1...v2.0.2) Fixes [ossf/scorecard-action#895 ### [`v2.0.1`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.1) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.0...v2.0.1) Fix for [#856](https://togithub.com/ossf/scorecard-action/issues/856) ### [`v2.0.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.0) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v1.1.2...v2.0.0) #### What's Changed - 🌱 Prepare for a pre-release of the Golang action by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#750 - 🌱 Bump github/codeql-action from 2.1.12 to 2.1.16 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#751 - 🌱 Bump debian from 11.3-slim to 11.4-slim by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#749 - 🌱 Bump step-security/harden-runner from 1.4.3 to 1.4.4 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#646 - 🌱 Bump actions/setup-go from 3.2.0 to 3.2.1 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#748 - 🐛 Fix dependency conflicts in go.mod by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#771 - 🌱 Prepare for v2 beta1 release by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#766 - multi-repo-action: Note that tool is a work-in-progress by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#776 - 🐛 Fix intermittent failures in CI-Tests by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#778 - 🌱 Bump sigs.k8s.io/release-utils from 0.7.2 to 0.7.3 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#775 - 🌱 Bump actions/cache from 3.0.4 to 3.0.5 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#769 - 📖 Update README about the restrictions for scorecard-action:v2 by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#779 - 🌱 Bump github/codeql-action from 2.1.16 to 2.1.17 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#783 - 📖 Update instructions for Scorecard badge to README by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#785 - 🌱 Bump debian from `f576b80` to `a811e62` by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#787 - 🌱 Bump github.com/ossf/scorecard/v4 from 4.4.0 to 4.5.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#786 - 🌱 Bump github/codeql-action from 2.1.17 to 2.1.18 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#788 - 🌱 Bump actions/cache from 3.0.5 to 3.0.6 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#789 - 🐛 Add request application/json request header by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#791 - Create a new release v2.0.0-alpha.1 by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#803 - 🌱 Bump actions/cache from 3.0.6 to 3.0.7 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#807 - Olivekl patch 1 by [`@olivekl](https://togithub.com/olivekl)` in [ossf/scorecard-action#809 - 🌱 Fix cosign vulnerability by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#812 - 🌱 Allow for publish URL override by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#811 - 🌱 Bump github.com/ossf/scorecard/v4 from 4.5.0 to 4.6.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#820 - 🌱 Bump step-security/harden-runner from 1.4.4 to 1.4.5 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#808 - cmd/installer: Cleanups (2/n) by [`@justaugustus](https://togithub.com/justaugustus)` in [ossf/scorecard-action#833 - Update comments to allow for renovatebot updates by [`@laurentsimon](https://togithub.com/laurentsimon)` in [ossf/scorecard-action#834 - 🌱 Bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#839 - 🌱 Update actions/checkout requirement to [`2541b12`](https://togithub.com/ossf/scorecard-action/commit/2541b1294d2704b0964813337f33b291d3f8596b) by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#835 - 🌱 Bump github.com/sigstore/cosign from 1.11.0 to 1.11.1 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#842 - 🌱 Bump github/codeql-action from 2.1.18 to 2.1.21 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#844 - 🌱 Bump actions/setup-go from 3.2.1 to 3.3.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#843 - 🌱 Bump debian from `a811e62` to `68c1f6b` by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#840 - Fix workflow path in automatic creation of PR by [`@RadoslavGatev](https://togithub.com/RadoslavGatev)` in [ossf/scorecard-action#845 - 🌱 Bump actions/dependency-review-action from [`310e0dd`](https://togithub.com/ossf/scorecard-action/commit/310e0dd64f63b1d00101ecd3225d605a74261fb7) to 2.1.0 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#838 - 🌱 Bump actions/cache from 3.0.7 to 3.0.8 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#836 - 📖 Add docs for API by [`@azeemshaikh38](https://togithub.com/azeemshaikh38)` in [ossf/scorecard-action#849 - 🌱 Bump github/codeql-action from 2.1.21 to 2.1.22 by [`@dependabot](https://togithub.com/dependabot)` in [ossf/scorecard-action#853 - 🌱 Included License by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#852 - 🌱 Release v2.0.0 by [`@naveensrinivasan](https://togithub.com/naveensrinivasan)` in [ossf/scorecard-action#854 #### New Contributors - [`@RadoslavGatev](https://togithub.com/RadoslavGatev)` made their first contribution in [ossf/scorecard-action#845 **Full Changelog**: ossf/scorecard-action@v1.1.2...v2.0.0 ### [`v1.1.2`](https://togithub.com/ossf/scorecard-action/releases/tag/v1.1.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v1.1.1...v1.1.2) #### What's Changed - Fix for [ossf/scorecard-action#329 **Full Changelog**: ossf/scorecard-action@v1.1.1...v1.1.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/OpenPoolProject/stratum).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | minor | `v3.0.0` -> `v3.1.0` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v3.1.0` -> `v3.1.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.0.0` -> `v2.0.6` | | [pypa/gh-action-pypi-publish](https://togithub.com/pypa/gh-action-pypi-publish) | action | digest | `5fb2f04` -> `37f50c2` | --- ### Release Notes <details> <summary>actions/checkout</summary> ### [`v3.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v310) [Compare Source](https://togithub.com/actions/checkout/compare/v3.0.2...v3.1.0) - [Use @actions/core `saveState` and `getState`](https://togithub.com/actions/checkout/pull/939) - [Add `github-server-url` input](https://togithub.com/actions/checkout/pull/922) ### [`v3.0.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v302) [Compare Source](https://togithub.com/actions/checkout/compare/v3.0.1...v3.0.2) - [Add input `set-safe-directory`](https://togithub.com/actions/checkout/pull/770) ### [`v3.0.1`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v301) [Compare Source](https://togithub.com/actions/checkout/compare/v3.0.0...v3.0.1) - [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://togithub.com/actions/checkout/pull/762) - [Bumped various npm package versions](https://togithub.com/actions/checkout/pull/744) </details> <details> <summary>actions/upload-artifact</summary> ### [`v3.1.1`](https://togithub.com/actions/upload-artifact/releases/tag/v3.1.1) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v3.1.0...v3.1.1) - Update actions/core package to latest version to remove `set-output` deprecation warning [#351](https://togithub.com/actions/upload-artifact/issues/351) </details> <details> <summary>ossf/scorecard-action</summary> ### [`v2.0.6`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.6) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6) #### What's Changed - Fix - Broken dockerfile by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [ossf/scorecard-action#979 **Full Changelog**: ossf/scorecard-action@v2.0.5...v2.0.6 ### [`v2.0.5`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.5) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.4...v2.0.5) #### What's Changed - Remove trailing space from example by [@jamacku](https://togithub.com/jamacku) in [ossf/scorecard-action#955 - 🌱 Bump actions/cache from 3.0.8 to 3.0.10 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#956 - 🌱 Bump github/codeql-action from 2.1.25 to 2.1.26 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#957 - 🌱 Bump step-security/harden-runner from 1.4.5 to 1.5.0 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#958 - 🌱 Bump debian from `5cf1d98` to `b46fc4e` by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#959 - 🌱 Bump github.com/sigstore/cosign from 1.12.1 to 1.13.0 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#962 - 🌱 Upgrade to go 1.19 by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [ossf/scorecard-action#961 - 🌱 Bump github.com/spf13/cobra from 1.5.0 to 1.6.0 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#967 - 🌱 Bump golang from `c2a98a5` to `b850621` by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#966 - 🌱 Bump golang from `b850621` to `25de7b6` by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#968 - New release for Scorecard v4.8.0 by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [ossf/scorecard-action#969 #### New Contributors - [@jamacku](https://togithub.com/jamacku) made their first contribution in [ossf/scorecard-action#955 **Full Changelog**: ossf/scorecard-action@v2.0.4...v2.0.5 ### [`v2.0.4`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.4) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.3...v2.0.4) Fixes [#856](https://togithub.com/ossf/scorecard-action/issues/856) #### What's Changed - 🌱 Bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#934 - feat: do not run signing on pull requests by [@laurentsimon](https://togithub.com/laurentsimon) in [ossf/scorecard-action#935 - 🌱 Bump debian from 11.4-slim to 11.5-slim by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#936 - 🌱 Bump github.com/sigstore/cosign from 1.11.1 to 1.12.0 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#938 - 🌱 Bump github/codeql-action from 2.1.22 to 2.1.24 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#941 - 🐛 Restore behavior of ignoring scorecard runtime errors by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#948 - 🌱 Bump actions/dependency-review-action from 2.1.0 to 2.4.0 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#950 - 🌱 Bump github.com/sigstore/cosign from 1.12.0 to 1.12.1 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#947 - 🌱 Bump github/codeql-action from 2.1.24 to 2.1.25 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#949 - 🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 by [@dependabot](https://togithub.com/dependabot) in [ossf/scorecard-action#942 - Create v2.0.4 patch by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#952 #### New Contributors - [@spencerschrock](https://togithub.com/spencerschrock) made their first contribution in [ossf/scorecard-action#948 **Full Changelog**: ossf/scorecard-action@v2.0.3...v2.0.4 ### [`v2.0.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.2...v2.0.3) Patch for fix in [#898](https://togithub.com/ossf/scorecard-action/issues/898) ### [`v2.0.2`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.1...v2.0.2) Fixes [ossf/scorecard-action#895 ### [`v2.0.1`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.0.1) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.0...v2.0.1) Fix for [#856](https://togithub.com/ossf/scorecard-action/issues/856) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/google/osv.dev).  Co-authored-by: Andrew Pollock <andrewpollock@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 19, 2022

dependabot bot force-pushed the dependabot/github_actions/codecov/codecov-action-3.1.1 branch 3 times, most recently from d03edd0 to 403a50e Compare September 27, 2022 14:14

naveensrinivasan approved these changes Sep 27, 2022

View reviewed changes

dependabot bot force-pushed the dependabot/github_actions/codecov/codecov-action-3.1.1 branch from 403a50e to 008b546 Compare September 27, 2022 14:30

dependabot bot force-pushed the dependabot/github_actions/codecov/codecov-action-3.1.1 branch from 008b546 to 1e11215 Compare September 27, 2022 14:46

dependabot bot merged commit 65d491b into main Sep 27, 2022

dependabot bot deleted the dependabot/github_actions/codecov/codecov-action-3.1.1 branch September 27, 2022 15:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 #942

🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 #942

dependabot bot commented on behalf of github Sep 19, 2022 •

edited

codecov bot commented Sep 19, 2022 •

edited

naveensrinivasan commented Sep 27, 2022

🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 #942

🌱 Bump codecov/codecov-action from 3.1.0 to 3.1.1 #942

Conversation

dependabot bot commented on behalf of github Sep 19, 2022 • edited

3.1.1

What's Changed

New Contributors

3.1.1

Fixes

Dependencies

3.1.0

Features

Dependencies

3.0.0

Breaking Changes

codecov bot commented Sep 19, 2022 • edited

Codecov Report

naveensrinivasan commented Sep 27, 2022

dependabot bot commented on behalf of github Sep 19, 2022 •

edited

codecov bot commented Sep 19, 2022 •

edited