Skip to content
This repository was archived by the owner on Feb 25, 2025. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: flutter/engine
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 171b4b2
Choose a base ref
...
head repository: flutter/engine
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 9aa7cb0
Choose a head ref
  • 4 commits
  • 5 files changed
  • 2 contributors

Commits on Oct 10, 2023

  1. Roll Skia from f4f3c909993d to 4378ce41f461 (1 revision) (#46699) 

    https://skia.googlesource.com/skia.git/+log/f4f3c909993d..4378ce41f461

2023-10-10 [email protected] Roll Skia Infra from 2e3e38a84286 to f9f3328bcef8 (8 revisions)

If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
https://autoroll.skia.org/r/skia-flutter-autoroll
Please CC [email protected],[email protected],[email protected],[email protected] on the revert to ensure that a human
is aware of the problem.

To file a bug in Skia: https://bugs.chromium.org/p/skia/issues/entry
To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose

To report a problem with the AutoRoller itself, please file a bug:
https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
    @skia-flutter-autoroll
    skia-flutter-autoroll authored Oct 10, 2023
    Configuration menu
    Copy the full SHA
    4bd40b2 View commit details
    Browse the repository at this point in the history

  2. Roll Fuchsia Linux SDK from 3JmrIr49bTV2DIWsW... to dCjN58uZQBmAFWSxN… 

    …... (#46700)

If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
https://autoroll.skia.org/r/fuchsia-linux-sdk-flutter-engine
Please CC [email protected],[email protected],[email protected] on the revert to ensure that a human
is aware of the problem.

To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose

To report a problem with the AutoRoller itself, please file a bug:
https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
    @skia-flutter-autoroll
    skia-flutter-autoroll authored Oct 10, 2023
    Configuration menu
    Copy the full SHA
    215a007 View commit details
    Browse the repository at this point in the history

  3. Bump ossf/scorecard-action from 2.1.3 to 2.3.0 (#46701) 

    Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>:seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by <a href="https://github.com/spencerschrock"><code>@�spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1270">ossf/scorecard-action#1270</a>
<ul>
<li>For a full changelist of what this includes, see the <a href="https://github.com/ossf/scorecard/releases/tag/v4.12.0">v4.12.0</a> and <a href="https://github.com/ossf/scorecard/releases/tag/v4.13.0">v4.13.0</a> release notes</li>
</ul>
</li>
<li>:sparkles: Send rekor tlog index to webapp when publishing results by <a href="https://github.com/spencerschrock"><code>@�spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1169">ossf/scorecard-action#1169</a></li>
<li>:bug: Prevent url clipping for GHES instances by <a href="https://github.com/rajbos"><code>@�rajbos</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1225">ossf/scorecard-action#1225</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>:book: Update access rights needed to see the results in code scanning by <a href="https://github.com/rajbos"><code>@�rajbos</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1229">ossf/scorecard-action#1229</a></li>
<li>:book: Add package comments. by <a href="https://github.com/spencerschrock"><code>@�spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1221">ossf/scorecard-action#1221</a></li>
<li>:book: Add SECURITY.md file by <a href="https://github.com/david-a-wheeler"><code>@�david-a-wheeler</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1250">ossf/scorecard-action#1250</a></li>
<li>:book: Fix typo in token input docs by <a href="https://github.com/aabouzaid"><code>@�aabouzaid</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1258">ossf/scorecard-action#1258</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/david-a-wheeler"><code>@�david-a-wheeler</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1250">ossf/scorecard-action#1250</a></li>
<li><a href="https://github.com/aabouzaid"><code>@�aabouzaid</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1258">ossf/scorecard-action#1258</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0">https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0</a></p>
<h2>v2.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>:seedling: Bump github.com/ossf/scorecard/v4 from v4.10.5 to v4.11.0 by <a href="https://github.com/spencerschrock"><code>@�spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1192">ossf/scorecard-action#1192</a></li>
</ul>
<h2>Scorecard Result Viewer</h2>
<p>Thanks to contributions from <a href="https://github.com/cynthia-sg"><code>@�cynthia-sg</code></a> and <a href="https://github.com/tegioz"><code>@�tegioz</code></a> at <a href="https://github.com/cncf/clomonitor">CLOMonitor</a>, there is a new Scorecard Result visualization page at <code>https://securityscorecards.dev/viewer/?uri=&lt;project-url&gt;</code>.</p>
<ul>
<li><a href="https://redirect.github.com/ossf/scorecard-webapp/pull/406">ossf/scorecard-webapp#406</a></li>
<li><a href="https://redirect.github.com/ossf/scorecard-webapp/pull/422">ossf/scorecard-webapp#422</a></li>
</ul>
<p>As an example, you can see our own score visualized <a href="https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard">here</a>
Checkout our <a href="https://github.com/ossf/scorecard-action/blob/08b4669551908b1024bb425080c797723083c031/README.md#scorecard-badge">README</a> to learn how to link your README badge to the new visualization page.</p>
<h2>Publishing Results</h2>
<p>This release contains two fixes which will improve the user experience when <code>publish_results</code> is <code>true</code></p>
<ul>
<li>Runs that fail our <a href="https://github.com/ossf/scorecard-action/blob/08b4669551908b1024bb425080c797723083c031/README.md#workflow-restrictions">workflow restrictions</a> will fail with a 400 response indicating the problem, instead of a vague 500 status. (<a href="https://redirect.github.com/ossf/scorecard-action/pull/1156">ossf/scorecard-action#1156</a>, resolved <a href="https://redirect.github.com/ossf/scorecard-action/issues/1150">ossf/scorecard-action#1150</a>)</li>
<li>Scorecard action will retry when signing results and submitting them to our web API. This should help with flakiness from connection failures. (<a href="https://redirect.github.com/ossf/scorecard-action/pull/1191">ossf/scorecard-action#1191</a>)</li>
</ul>
<h2>Docs</h2>
<ul>
<li>� Update README to accept fine-grained tokens by <a href="https://github.com/pnacht"><code>@�pnacht</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1175">ossf/scorecard-action#1175</a></li>
<li>� Update installation instructions to match current GitHub UI  by <a href="https://github.com/joycebrum"><code>@�joycebrum</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1153">ossf/scorecard-action#1153</a></li>
<li>� Document the GitHub action workflow restrictions when publishing results. by <a href="https://github.com/spencerschrock"><code>@�spencerschrock</code></a> in</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bobcallaway"><code>@�bobcallaway</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1140">ossf/scorecard-action#1140</a></li>
<li><a href="https://github.com/pnacht"><code>@�pnacht</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1175">ossf/scorecard-action#1175</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0">https://github.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398"><code>483ef80</code></a> 🌱 Bump docker tag for v2.3.0 release. (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1271">#1271</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1"><code>5d35913</code></a> 🌱 Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1270">#1270</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046"><code>49787a6</code></a> 🌱 Bump distroless/base from <code>46c5b9b</code> to <code>a35b652</code> (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1269">#1269</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a"><code>4283c75</code></a> 🌱 Bump github/codeql-action from 2.21.8 to 2.21.9 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1268">#1268</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c"><code>709ecd0</code></a> 🌱 Bump golang from <code>6974950</code> to <code>c416cee</code> (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1266">#1266</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba"><code>25bb02c</code></a> 🌱 Bump actions/checkout from 4.0.0 to 4.1.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1267">#1267</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189"><code>b687393</code></a> 🌱 Bump github/codeql-action from 2.21.5 to 2.21.8 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1265">#1265</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f"><code>6a1c21f</code></a> 🌱 Bump golang from <code>cffaba7</code> to <code>6974950</code> (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1264">#1264</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709"><code>2dee8c1</code></a> 🌱 Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1254">#1254</a>)</li>
<li><a href="https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373"><code>e79dcb6</code></a> 🌱 Upgrade to go 1.20 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1262">#1262</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/ossf/scorecard-action/compare/80e868c13c90f172d68d1f4501dee99e2479f7af...483ef80eb98fb506c348f7d62e28055e49fe2398">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.3&new-version=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
    @dependabot
    dependabot[bot] authored Oct 10, 2023
    Configuration menu
    Copy the full SHA
    40dcf48 View commit details
    Browse the repository at this point in the history

  4. Roll Skia from 4378ce41f461 to c969e4aff32c (1 revision) (#46702) 

    https://skia.googlesource.com/skia.git/+log/4378ce41f461..c969e4aff32c

2023-10-10 [email protected] Roll SK Tool from f9f3328bcef8 to 4cd74d52e02d

If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
https://autoroll.skia.org/r/skia-flutter-autoroll
Please CC [email protected],[email protected],[email protected],[email protected] on the revert to ensure that a human
is aware of the problem.

To file a bug in Skia: https://bugs.chromium.org/p/skia/issues/entry
To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose

To report a problem with the AutoRoller itself, please file a bug:
https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
    @skia-flutter-autoroll
    skia-flutter-autoroll authored Oct 10, 2023
    Configuration menu
    Copy the full SHA
    9aa7cb0 View commit details
    Browse the repository at this point in the history
Loading