Bump ossf/scorecard-action from 2.3.3 to 2.4.0 #152400

dependabot · 2024-07-26T21:06:57Z

Bumps ossf/scorecard-action from 2.3.3 to 2.4.0.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.4.0

What's Changed

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by @spencerschrock in ossf/scorecard-action#1410

🐛 lower license sarif alert threshold to 9 by @spencerschrock in ossf/scorecard-action#1411

Documentation

docs: dogfooding badge by @jkowalleck in ossf/scorecard-action#1399

New Contributors

@jkowalleck made their first contribution in ossf/scorecard-action#1399

Full Changelog: ossf/scorecard-action@v2.3.3...v2.4.0

Commits

62b2cac bump docker tag to v2.4.0 for release (#1414)
c09630c lower license score alert threshold to 9 (#1411)
cf8594c 🌱 Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)
de5fcb9 🌱 Bump the github-actions group with 2 updates (#1412)
a46b90b bump scorecard to v5.0.0 release (#1410)
9fc518d 🌱 Bump golang in the docker-images group (#1407)
a8eaa1b 🌱 Bump the github-actions group with 2 updates (#1408)
873d5fd 🌱 Bump the github-actions group across 1 directory with 2 updates (#...
54cc1fe 🌱 Bump the docker-images group with 2 updates (#1401)
82bcb91 🌱 Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@dc50aa9...62b2cac) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-07-26T21:06:59Z

Dependabot tried to add @christopherfujino, @jmagman and @keyonghan as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/flutter/flutter/pulls/152400/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the flutter/flutter repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

…er#152400)

Manual roll requested by [email protected] flutter/flutter@031dc3d...4d12197 2024-07-26 [email protected] further shard Mac tool_integration_tests from 4 to 5 shards (flutter/flutter#152399) 2024-07-26 [email protected] Change flutter_build_with_compilation_error_test to check stdout or stderr (flutter/flutter#152404) 2024-07-26 [email protected] [cupertino/icons.dart] Replace ligature references with characters corresponding to codepoints (flutter/flutter#152387) 2024-07-26 [email protected] Update minimum macOS version as needed in Swift package (flutter/flutter#152347) 2024-07-26 49699333+dependabot[bot]@users.noreply.github.com Bump github/codeql-action from 3.25.14 to 3.25.15 (flutter/flutter#152401) 2024-07-26 49699333+dependabot[bot]@users.noreply.github.com Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutter#152400) 2024-07-26 [email protected] Update text_painter.dart (flutter/flutter#152398) 2024-07-26 [email protected] Fix some tests that fail with Swift Package Manager enabled (flutter/flutter#152267) 2024-07-26 [email protected] Reland "Launch DDS from Dart SDK and prepare to serve DevTools from DDS (#146593)" (flutter/flutter#152386) 2024-07-26 [email protected] Make `DragGestureRecognizer` abstract methods public (flutter/flutter#151627) 2024-07-26 [email protected] Fix cursor position when Unicode Zs category is entered in TextField (flutter/flutter#152215) 2024-07-26 [email protected] Roll Flutter Engine from 354abf2800a0 to e28f8755e25b (2 revisions) (flutter/flutter#152388) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-packages Please CC [email protected],[email protected] on the revert to ensure that a human is aware of the problem. To file a bug in Packages: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md

dependabot bot added autosubmit Merge PR when tree becomes green via auto submit App c: contributor-productivity Team-specific productivity, code health, technical debt. team-infra Owned by Infrastructure team labels Jul 26, 2024

fluttergithubbot approved these changes Jul 26, 2024

View reviewed changes

github-actions bot removed c: contributor-productivity Team-specific productivity, code health, technical debt. team-infra Owned by Infrastructure team labels Jul 26, 2024

auto-submit bot merged commit bec6b91 into master Jul 26, 2024

auto-submit bot deleted the dependabot/github_actions/ossf/scorecard-action-2.4.0 branch July 26, 2024 21:45

engine-flutter-autoroll mentioned this pull request Jul 27, 2024

Roll Flutter from 7d5c1c04fb56 to e8d4c98b07f8 (115 revisions) flutter/packages#7227

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 27, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

b942e19

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 27, 2024

Roll Flutter from 7d5c1c04fb56 to f817e51a3a34 (116 revisions) flutter/packages#7228

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 27, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

f42c571

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 28, 2024

Roll Flutter from 7d5c1c04fb56 to 5efbde1a18ad (119 revisions) flutter/packages#7230

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 28, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

6c9111d

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 28, 2024

Roll Flutter from 7d5c1c04fb56 to 5efbde1a18ad (119 revisions) flutter/packages#7231

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 28, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

5dfdf75

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to a7bd806fc7f3 (29 revisions) flutter/packages#7247

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

86c9fe9

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to 771650ca16aa (30 revisions) flutter/packages#7248

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

29bd16a

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to 1a1b2a15f3da (31 revisions) flutter/packages#7249

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

32b3ce9

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to 804cca62ded0 (32 revisions) flutter/packages#7250

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

0486b04

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to 2e7fa83f6776 (33 revisions) flutter/packages#7251

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

b5fc6b0

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 29, 2024

Roll Flutter from 031dc3d156b9 to 634ff77381c2 (34 revisions) flutter/packages#7252

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 29, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

773705a

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 30, 2024

Roll Flutter from 031dc3d156b9 to 85960d24b9d2 (49 revisions) flutter/packages#7254

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 30, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

e5f5024

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 30, 2024

Roll Flutter from 031dc3d156b9 to 61848a448b08 (50 revisions) flutter/packages#7255

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 30, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

cb22ad0

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 30, 2024

Roll Flutter from 031dc3d156b9 to cd60efc618eb (51 revisions) flutter/packages#7256

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 30, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

6bcb1a7

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 30, 2024

Roll Flutter from 031dc3d156b9 to 5a47cfb3b04a (52 revisions) flutter/packages#7257

Closed

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 30, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

187fd6a

…er#152400)

engine-flutter-autoroll mentioned this pull request Jul 31, 2024

Manual roll Flutter from 031dc3d156b9 to 4d12197ca68d (12 revisions) flutter/packages#7259

Merged

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

6c00795

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

b90c3ce

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

a1ab4a9

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

35ee7b3

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

bffb14c

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

9c4a301

…er#152400)

engine-flutter-autoroll added a commit to engine-flutter-autoroll/packages that referenced this pull request Jul 31, 2024

bec6b91 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (flutter/flutt…

fea5003

…er#152400)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump ossf/scorecard-action from 2.3.3 to 2.4.0 #152400

Bump ossf/scorecard-action from 2.3.3 to 2.4.0 #152400

Uh oh!

dependabot bot commented on behalf of github Jul 26, 2024

Uh oh!

dependabot bot commented on behalf of github Jul 26, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump ossf/scorecard-action from 2.3.3 to 2.4.0 #152400

Bump ossf/scorecard-action from 2.3.3 to 2.4.0 #152400

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 26, 2024

v2.4.0

What's Changed

Documentation

New Contributors

Uh oh!

dependabot bot commented on behalf of github Jul 26, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant