actions/component-detection-dependency-submission-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
324 Commits 1 Branch 0 Tags
main
Commit Graph

31 Commits

Author SHA1 Message Date
Lewis Jones
cfe815dd6d Add fork sync mechanism 2025-06-10 14:51:08 +01:00
Mathew Payne
1a821e1ee2 Merge branch 'main' into dependabot/github_actions/actions-dependencies-37cd5763f6 2025-05-13 09:12:58 +01:00
Chad Bentz
7cfdb92164 Potential fix for code scanning alert no. 11: Workflow does not contain permissions 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2025-05-12 17:30:29 -04:00
Chad Bentz
7eebd4d574 Potential fix for code scanning alert no. 12: Workflow does not contain permissions 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2025-05-12 17:29:23 -04:00
dependabot[bot]
66493a2f02 Bump actions/setup-node in the actions-dependencies group 
Bumps the actions-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node).


Updates `actions/setup-node` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.2.0...v4.4.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 13:05:25 +00:00
Paul Hodgkinson
d5ba02889a Merge pull request #95 from advanced-security/dependabot/github_actions/actions-dependencies-c2de478214 
Bump actions/setup-node from 4.1.0 to 4.2.0 in the actions-dependencies group
 2025-04-07 17:04:19 +01:00
Barry Gordon
024fc8bf58 Remove the workflow not the config 2025-04-04 11:23:32 +00:00
Barry Gordon
c71cfb58d3 Remove CodeQL config since we use Default Setup 2025-04-04 10:11:35 +00:00
dependabot[bot]
a0c82b9f57 Bump actions/setup-node in the actions-dependencies group 
Bumps the actions-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node).


Updates `actions/setup-node` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.1.0...v4.2.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-27 13:45:02 +00:00
dependabot[bot]
b53413783f Bump the actions-dependencies group with 4 updates 
Bumps the actions-dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `actions/setup-node` from 3.7.0 to 4.1.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.7.0...v4.1.0)

Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-02 15:56:23 +00:00
Lane Seppala
21f62c116e Fix dependabot config syntax 2024-10-25 20:39:27 +00:00
Lane Seppala
5c6120e741 Fix dependabot config and CODEOWNERS 2024-10-25 20:35:02 +00:00
Justin Hutchings
3ea8a853fc Merge pull request #39 from advanced-security/dependabot/github_actions/actions/setup-node-3.7.0 
Bump actions/setup-node from 3.6.0 to 3.7.0
 2024-05-08 06:30:55 +10:00
Justin Hutchings
d2ad702059 Add grouping, disable version updates for npm 2024-05-08 06:29:56 +10:00
dependabot[bot]
e1ef448669 Bump actions/setup-node from 3.6.0 to 3.7.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.6.0...v3.7.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-06 13:36:32 +00:00
Justin Hutchings
bcaa41e34f Update docs for ownership change (#2) 
* Add files to prepare for ownership change

* Fix tests

* Update repo name

* Update dependencies

* Attempt to fix permissions issues blocking test

* Update permissions

* Add environment variable

* Fix variable name

* Update test.yml

* Update test.yml
 2023-04-07 16:21:17 -07:00
dependabot[bot]
53814606dc Bump actions/setup-node from 3.5.1 to 3.6.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-20 18:49:01 +00:00
Justin Hutchings
28e1b2fbd1 Fix syntax error in test 2023-01-20 01:55:32 +00:00
Justin Hutchings
58d8d00a21 Update tests 2023-01-20 01:53:38 +00:00
Justin Hutchings
0600b92ced Update tests 2023-01-20 01:51:58 +00:00
dependabot[bot]
0658a067cc Bump actions/setup-node from 3.5.0 to 3.5.1 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.5.0...v3.5.1)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-13 21:57:53 +00:00
Justin Hutchings
180c8fe672 Merge pull request #2 from jhutchings1/dependabot/github_actions/github/codeql-action-2 
Bump github/codeql-action from 1 to 2
 2022-10-04 20:48:27 -07:00
Justin Hutchings
b0bc410c62 Merge pull request #3 from jhutchings1/dependabot/github_actions/actions/upload-artifact-3 
Bump actions/upload-artifact from 2 to 3
 2022-10-04 20:48:16 -07:00
Justin Hutchings
f952cbb063 Merge pull request #15 from jhutchings1/dependabot/github_actions/actions/setup-node-3.5.0 
Bump actions/setup-node from 2.5.1 to 3.5.0
 2022-10-04 20:47:46 -07:00
Justin Hutchings
c67c887e46 Update testing, fix SPDX 2.3 2022-10-04 15:36:21 -07:00
dependabot[bot]
37eb375ca2 Bump actions/setup-node from 2.5.1 to 3.5.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.5.1 to 3.5.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2.5.1...v3.5.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-27 22:05:30 +00:00
Justin Hutchings
682bea9f2a Add workflow_dispatch 2022-08-25 11:58:18 -07:00
Justin Hutchings
3081ac1cb4 Update test.yml 2022-08-25 11:54:54 -07:00
dependabot[bot]
f736d24e0c Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-25 16:12:32 +00:00
dependabot[bot]
39cb391c63 Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-25 16:12:29 +00:00
Justin Hutchings
1467e01173 Initial commit 2022-08-25 09:12:00 -07:00