mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-14 10:34:06 +02:00
bfa14284e744a74cc847d85be1772797736b2507
61
Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
5f81ff88e8 |
Bump github/codeql-action from 3.28.8 to 3.28.9 (#2921)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.9</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.9/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <h2>3.28.0 - 20 Dec 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0"><code>9e8d078</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2757">#2757</a> from github/update-v3.28.9-24e1c2d33</li> <li><a href="https://github.com/github/codeql-action/commit/43d9be670147092b305c63cf69481e8923af83b7"><code>43d9be6</code></a> Update changelog for v3.28.9</li> <li><a href="https://github.com/github/codeql-action/commit/24e1c2d337459cce262cbca8d69998e56cd5eb8e"><code>24e1c2d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2753">#2753</a> from github/update-bundle/codeql-bundle-v2.20.4</li> <li><a href="https://github.com/github/codeql-action/commit/57a08c0c7f05d4d8251162c9658ddd7cc7782198"><code>57a08c0</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/52189d23af4e071445f59d2e6fbbac566e49f15b"><code>52189d2</code></a> Update default bundle to codeql-bundle-v2.20.4</li> <li><a href="https://github.com/github/codeql-action/commit/08bc0cf022445eacafaa248bf48da20f26b8fd40"><code>08bc0cf</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2751">#2751</a> from github/henrymercer/fix-init-post-without-config</li> <li><a href="https://github.com/github/codeql-action/commit/cf7c6879199cf6eb2a002d3b2530ea1e4ce99610"><code>cf7c687</code></a> Send <code>init-post</code> status report in absence of config</li> <li><a href="https://github.com/github/codeql-action/commit/ad42dbd32d472b6fe380130655e27089c7eac343"><code>ad42dbd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2750">#2750</a> from github/dependabot/npm_and_yarn/npm-768bd9b555</li> <li><a href="https://github.com/github/codeql-action/commit/a8f5935da08829e657dfc18d887df9385685a20a"><code>a8f5935</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2749">#2749</a> from github/dependabot/github_actions/actions-29d379...</li> <li><a href="https://github.com/github/codeql-action/commit/9660df3fccdf5b20ab86e041325c17a2204cc1ae"><code>9660df3</code></a> Update checked-in dependencies</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/dd746615b3b9d728a6a37ca2045b68ca76d4841a...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f725f92e1a |
Bump github/codeql-action from 3.28.6 to 3.28.8 (#2857)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.6 to 3.28.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.7</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <h2>3.28.0 - 20 Dec 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li> <li>Don't fail in the unusual case that a file is on the search path. <a href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li> </ul> <h2>3.27.9 - 12 Dec 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/dd746615b3b9d728a6a37ca2045b68ca76d4841a"><code>dd74661</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2746">#2746</a> from github/update-v3.28.8-a91a3f767</li> <li><a href="https://github.com/github/codeql-action/commit/3210a3cda6446234a897a079af1b684aa4c73326"><code>3210a3c</code></a> Fix Kotlin version in changelog</li> <li><a href="https://github.com/github/codeql-action/commit/72f9d0296b7b9c91564f67ddf9def81c815ce0c6"><code>72f9d02</code></a> Update changelog for v3.28.8</li> <li><a href="https://github.com/github/codeql-action/commit/a91a3f76789881261b540fb7aa8a527214f8ac01"><code>a91a3f7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2744">#2744</a> from github/igfoo/kot2.1.10</li> <li><a href="https://github.com/github/codeql-action/commit/c520fb59d4c28e13147ed378b4c12599df187412"><code>c520fb5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2745">#2745</a> from github/mergeback/v3.28.7-to-main-6e545590</li> <li><a href="https://github.com/github/codeql-action/commit/3879c5766041d8b2b7504c5c4b2d6dbd289f7634"><code>3879c57</code></a> Add changelog entry</li> <li><a href="https://github.com/github/codeql-action/commit/0c2193725f360a9b0adcad3a71ce0d9cd4acb219"><code>0c21937</code></a> Run "npm run build"</li> <li><a href="https://github.com/github/codeql-action/commit/5a61bf07fab8324ecda8ebb1d817463b17b717d9"><code>5a61bf0</code></a> Kotlin: The 2.20.3 release supports Kotlin 2.1.10.</li> <li><a href="https://github.com/github/codeql-action/commit/163d1195df65a0e49551cd9b4fa0383e68d64a39"><code>163d119</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/bcf5cecbc6b147de017e1841778fa8d8644bf8a2"><code>bcf5cec</code></a> Update changelog and version after v3.28.7</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/17a820bf2e43b47be2c72b39cc905417bc1ab6d0...dd746615b3b9d728a6a37ca2045b68ca76d4841a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
78f1d2b843 |
Bump github/codeql-action from 3.28.1 to 3.28.6 (#2802)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.1 to 3.28.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.6</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <h2>3.28.0 - 20 Dec 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li> <li>Don't fail in the unusual case that a file is on the search path. <a href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li> </ul> <h2>3.27.9 - 12 Dec 2024</h2> <p>No user facing changes.</p> <h2>3.27.8 - 12 Dec 2024</h2> <ul> <li>Fixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. <a href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li> </ul> <h2>3.27.7 - 10 Dec 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/17a820bf2e43b47be2c72b39cc905417bc1ab6d0"><code>17a820b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2735">#2735</a> from github/aeisenberg/fix-permissions</li> <li><a href="https://github.com/github/codeql-action/commit/3a4eae00ff23d411ccf7ed58d680071d84b6f8b7"><code>3a4eae0</code></a> Add extra permission to mergeback workflow</li> <li><a href="https://github.com/github/codeql-action/commit/4e83f6b818d7c9f52143570963b2c7f7f055decb"><code>4e83f6b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2732">#2732</a> from github/update-v3.28.6-b49419044</li> <li><a href="https://github.com/github/codeql-action/commit/64ad47c7c184c89d0665bab67b8bd53e42425e85"><code>64ad47c</code></a> Update changelog for v3.28.6</li> <li><a href="https://github.com/github/codeql-action/commit/b494190443a6ef5636b96529b698caabed0a8248"><code>b494190</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2726">#2726</a> from github/aeisenberg/reenable-artifact-upload</li> <li><a href="https://github.com/github/codeql-action/commit/a8797048056402d6b6e8d3b3b5e67bb0ba32a6a1"><code>a879704</code></a> Clarify test fail;ure message</li> <li><a href="https://github.com/github/codeql-action/commit/62c322fad9e33d39a2f7517e621a0e07516f5b48"><code>62c322f</code></a> Add better comments around artifact upload tests</li> <li><a href="https://github.com/github/codeql-action/commit/c6b286132edd6f7f497542488a5a4d70768a2363"><code>c6b2861</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2731">#2731</a> from github/dependabot/npm_and_yarn/npm-e1e9e6cd15</li> <li><a href="https://github.com/github/codeql-action/commit/297e89a0d9ede0e543f8d0e122332129f9a65d86"><code>297e89a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2723">#2723</a> from github/marcogario/start-proxy_tests</li> <li><a href="https://github.com/github/codeql-action/commit/357e0ceaa944420266db3ff50182959161a023f0"><code>357e0ce</code></a> Update checked-in dependencies</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...17a820bf2e43b47be2c72b39cc905417bc1ab6d0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c5ae576541 |
Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.4</h2> <h2>What's Changed</h2> <p>Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a> from step-security/fix-enobufs</li> <li><a href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a> Update log statement</li> <li><a href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a> Add try catch block</li> <li><a href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a> Fix ENOBUFS issue</li> <li><a href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a> from AkhigbeEromo/Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a> Edit docs</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a> Merge branch 'Update-README' of <a href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li> <li><a href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a> Handle Ashish reviews</li> <li><a href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a> Merge branch 'main' into Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a> Clean up</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0ae862a84a |
Bump actions/upload-artifact from 4.5.0 to 4.6.0 (#2690)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.5.0 to 4.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Expose env vars to control concurrency and timeout by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a> from actions/yacaovsnc/add_variable_for_concurrency_a...</li> <li><a href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a> move files back to satisfy licensed ci</li> <li><a href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a> licensed cache updates</li> <li><a href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a> Expose env vars to controll concurrency and timeout</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/v4.5.0...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
672389d6b8 |
Bump github/codeql-action from 3.28.0 to 3.28.1 (#2693)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.1</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.1/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> <li>Update default CodeQL bundle version to 2.20.1. <a href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li> </ul> <h2>3.28.0 - 20 Dec 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li> <li>Don't fail in the unusual case that a file is on the search path. <a href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li> </ul> <h2>3.27.9 - 12 Dec 2024</h2> <p>No user facing changes.</p> <h2>3.27.8 - 12 Dec 2024</h2> <ul> <li>Fixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. <a href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li> </ul> <h2>3.27.7 - 10 Dec 2024</h2> <ul> <li>We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. <a href="https://redirect.github.com/github/codeql-action/pull/2631">#2631</a></li> <li>Update default CodeQL bundle version to 2.20.0. <a href="https://redirect.github.com/github/codeql-action/pull/2636">#2636</a></li> </ul> <h2>3.27.6 - 03 Dec 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.4. <a href="https://redirect.github.com/github/codeql-action/pull/2626">#2626</a></li> </ul> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.2 - 12 Nov 2024</h2> <ul> <li>Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". <a href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c"><code>b6a472f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2681">#2681</a> from github/update-v3.28.1-ea6acbfea</li> <li><a href="https://github.com/github/codeql-action/commit/bb999b434f581db70696c32bf01941ec0391c3cb"><code>bb999b4</code></a> Update changelog for v3.28.1</li> <li><a href="https://github.com/github/codeql-action/commit/ea6acbfeae40310725526bdaea16fb48c1f62be0"><code>ea6acbf</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2677">#2677</a> from github/angelapwen/deprecate-action-v2</li> <li><a href="https://github.com/github/codeql-action/commit/4df151edec34bbfb2f213ed8b2dc74363baa69ca"><code>4df151e</code></a> Merge branch 'main' into angelapwen/deprecate-action-v2</li> <li><a href="https://github.com/github/codeql-action/commit/a05a7eb09cb4faebee87507a854cbd429fbe6bc6"><code>a05a7eb</code></a> Fix PR number in changenote</li> <li><a href="https://github.com/github/codeql-action/commit/8d2753b250830f4073d10fc13a3264a17ba82a20"><code>8d2753b</code></a> Add public changelog blog post link</li> <li><a href="https://github.com/github/codeql-action/commit/e83e0a4f58f2ca25f7dd222e8689519a74bf26fc"><code>e83e0a4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2673">#2673</a> from github/dependabot/npm_and_yarn/npm-877f465710</li> <li><a href="https://github.com/github/codeql-action/commit/b7ff30899f3f4aa6705d70c1456d7189e1b320ba"><code>b7ff308</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2678">#2678</a> from github/update-bundle/codeql-bundle-v2.20.1</li> <li><a href="https://github.com/github/codeql-action/commit/1aa16c2c36f41e9ce531bdcd2aa834171700e48d"><code>1aa16c2</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.20.1</li> <li><a href="https://github.com/github/codeql-action/commit/fb65b6ce7884900fde5b15518bec92ad6875180e"><code>fb65b6c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2672">#2672</a> from github/mbg/start-proxy/include-type-in-urls-output</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/48ab28a6f5dbc2a99bf1e0131198dd8f1df78169...b6a472f63d85b9c78a3ac5e89422239fc15e9b3c">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
888ef104a2 |
Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686)
# Description https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/197 https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/198 https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/199 ## Checklist - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [x] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) |
||
|
|
238db1aaff | Update scorecards.yml | ||
|
|
1defa441d6 | Update scorecards.yml | ||
|
|
226cbe1a8e |
Bump ossf/scorecard-action from 2.3.3 to 2.4.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> |
||
|
|
dc5b214932 |
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <[email protected]> |