Bump step-security/harden-runner from 2.0.0 to 2.1.0 by dependabot[bot] · Pull Request #861 · ben-manes/caffeine (original) (raw)

Bumps step-security/harden-runner from 2.0.0 to 2.1.0.

Release notes

Sourced from step-security/harden-runner's releases.

v2.1.0

What's Changed

• Add harden-runner insights URL in job summary by @​h0x0er and @​varunsh-coder in step-security/harden-runner#227. This makes it easier to locate and click on the insights link. One had to look for it in the build log earlier.
• Update README.md by @​varunsh-coder in step-security/harden-runner#210
• Bump github/codeql-action from 2.1.29 to 2.1.31 by @​dependabot in step-security/harden-runner#206
• Bump step-security/harden-runner from 1.5.0 to 2.0.0 by @​dependabot in step-security/harden-runner#211
• Update README by @​varunsh-coder in step-security/harden-runner#216
• Bump ossf/scorecard-action from 2.0.6 to 2.1.0 by @​dependabot in step-security/harden-runner#221
• Bump github/codeql-action from 2.1.31 to 2.1.37 by @​dependabot in step-security/harden-runner#220
• Bump ossf/scorecard-action from 2.1.0 to 2.1.2 by @​dependabot in step-security/harden-runner#223
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 by @​dependabot in step-security/harden-runner#225
• Bump actions/checkout from 3.1.0 to 3.3.0 by @​dependabot in step-security/harden-runner#224

Full Changelog: step-security/harden-runner@v2...v2.1.0

Commits

• 18bf8ad Add step-security insights url in job summary (#227)
• 8a1ef77 Merge pull request #224 from step-security/dependabot/github_actions/actions/...
• 55ac879 Merge pull request #225 from step-security/dependabot/github_actions/actions/...
• df4ea73 Merge pull request #223 from step-security/dependabot/github_actions/ossf/sco...
• 1a7bdcd Merge pull request #220 from step-security/dependabot/github_actions/github/c...
• 6e39bc0 Bump actions/upload-artifact from 3.1.1 to 3.1.2
• 96d83b3 Bump actions/checkout from 3.1.0 to 3.3.0
• 717b0e7 Bump ossf/scorecard-action from 2.1.0 to 2.1.2
• 266a5d6 Merge pull request #221 from step-security/dependabot/github_actions/ossf/sco...
• ec78446 Bump ossf/scorecard-action from 2.0.6 to 2.1.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)