From ba7f1f5cc4ba66657d8ed551ed1aa7ec84eadf30 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 07:40:40 +0000 Subject: [PATCH 1/3] build(deps): bump apisec-inc/apisec-run-scan from 1.0.6 to 1.0.7 Bumps [apisec-inc/apisec-run-scan](https://github.com/apisec-inc/apisec-run-scan) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/apisec-inc/apisec-run-scan/releases) - [Commits](https://github.com/apisec-inc/apisec-run-scan/compare/025432089674a28ba8fb55f8ab06c10215e772ea...eadaedebb5b8516971299b64cea226dc9d9edb6c) --- updated-dependencies: - dependency-name: apisec-inc/apisec-run-scan dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/apisec-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/apisec-scan.yml b/.github/workflows/apisec-scan.yml index 4b6ae2470..8519958ec 100644 --- a/.github/workflows/apisec-scan.yml +++ b/.github/workflows/apisec-scan.yml @@ -60,7 +60,7 @@ jobs: egress-policy: audit - name: APIsec scan - uses: apisec-inc/apisec-run-scan@025432089674a28ba8fb55f8ab06c10215e772ea + uses: apisec-inc/apisec-run-scan@eadaedebb5b8516971299b64cea226dc9d9edb6c with: # The APIsec username with which the scans will be executed apisec-username: ${{ secrets.apisec_username }} From ab70ee1109bd73ccec33ee4ae16e883e09fee04a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 07:40:44 +0000 Subject: [PATCH 2/3] build(deps): bump ossf/scorecard-action from 2.0.6 to 2.3.1 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/99c53751e09b9529366343771cc321ec74e9bd3d...0864cf19026789058feabb7e87baa5f140aac736) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8fba18489..685a50c5f 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,7 +42,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif From bf8e6a90bd46e720e43dcdf44be5ac9a4af87cc4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 07:40:49 +0000 Subject: [PATCH 3/3] build(deps): bump nowsecure/nowsecure-sbom-action Bumps [nowsecure/nowsecure-sbom-action](https://github.com/nowsecure/nowsecure-sbom-action) from ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c to cb90736222622af24edb9dcd89809cb70c93ff9b. - [Release notes](https://github.com/nowsecure/nowsecure-sbom-action/releases) - [Commits](https://github.com/nowsecure/nowsecure-sbom-action/compare/ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c...cb90736222622af24edb9dcd89809cb70c93ff9b) --- updated-dependencies: - dependency-name: nowsecure/nowsecure-sbom-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- .github/workflows/nowsecure-mobile-sbom.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nowsecure-mobile-sbom.yml b/.github/workflows/nowsecure-mobile-sbom.yml index 9e9c30621..a50dace4e 100644 --- a/.github/workflows/nowsecure-mobile-sbom.yml +++ b/.github/workflows/nowsecure-mobile-sbom.yml @@ -48,7 +48,7 @@ jobs: run: ./gradlew assembleDebug # Update this to build your Android or iOS application - name: NowSecure upload app - uses: nowsecure/nowsecure-sbom-action@ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c + uses: nowsecure/nowsecure-sbom-action@cb90736222622af24edb9dcd89809cb70c93ff9b with: token: ${{ secrets.NS_TOKEN }} app_file: app-debug.apk # Update this to a path to your .ipa or .apk