Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 #281

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2024

Bumps ossf/scorecard-action from 2.3.3 to 2.4.0.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.4.0

What's Changed

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

Documentation

New Contributors

Full Changelog: ossf/scorecard-action@v2.3.3...v2.4.0

Commits
  • 62b2cac bump docker tag to v2.4.0 for release (#1414)
  • c09630c lower license score alert threshold to 9 (#1411)
  • cf8594c 🌱 Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)
  • de5fcb9 🌱 Bump the github-actions group with 2 updates (#1412)
  • a46b90b bump scorecard to v5.0.0 release (#1410)
  • 9fc518d 🌱 Bump golang in the docker-images group (#1407)
  • a8eaa1b 🌱 Bump the github-actions group with 2 updates (#1408)
  • 873d5fd 🌱 Bump the github-actions group across 1 directory with 2 updates (#...
  • 54cc1fe 🌱 Bump the docker-images group with 2 updates (#1401)
  • 82bcb91 🌱 Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@dc50aa9...62b2cac)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 29, 2024
@julio-lopez julio-lopez enabled auto-merge (squash) August 5, 2024 06:24
@julio-lopez julio-lopez merged commit 9a28659 into master Aug 5, 2024
4 checks passed
@julio-lopez julio-lopez deleted the dependabot/github_actions/ossf/scorecard-action-2.4.0 branch August 5, 2024 06:24
shlokc9 pushed a commit to shlokc9/kubestr that referenced this pull request Aug 7, 2024
…#281)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@dc50aa9...62b2cac)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
shlokc9 added a commit that referenced this pull request Aug 20, 2024
* Adding the kubestr browse pvc command. Handling kubestr browse support for backward compatibility.

* Adding browse snapshot command. Updating browse command to browse pvc command.

* chore(deps): bump github/codeql-action in the github-actions group (#272)

Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@4fa2a79...2d79040)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump docker/build-push-action in the docker group (#273)

Bumps the docker group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/build-push-action` from 6.3.0 to 6.4.1
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1a16264...1ca370b)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing unused snapshot function parameter in cleanup

* Adding KubeExecutor Exec helper function to execute tree command

* Adding --show-tree logic in pvc_inspector.go

* Adding --show-tree logic in snapshot_inspector.go

* Printing out the tree structure for --show-tree

* Updating mock tests for new code changes

* Updating mount path in container args for creating a browse pod

* Updating the CSITestSuite.TestCreateInspectorApplication for changes in the mount path

* Adding Deprecated msg to the 'browse' command

* Adding mock tests for SnapshotBrowserStepper

* Adding fake tests for snapshot_inspector.go

* Renamed testcase CSITestSuite.TestCreateInspectorApplication to TestCreateInspectorApplicationForPVC

* Adding snapshot_inspector_steps_test.go

* Updating mock tests for new code changes

* Updating the mount paths in CSITestSuite.TestCreateInspectorApplicationForSnapshot

* Updating Deprecated msg for 'browse' command

* Making namespace, runAsUser & localport flags persistent

* Removing namespace, runAsUser & localport flags for browse snapshot because we made those persistent

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Updating namespace flag usage for better understanding

* Removing storage class flag

* Adding --show-tree logic in snapshot_inspector.go

* Updating mock objects for SnapshotBrowserStepper

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing storage class flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Adding --show-tree logic in snapshot_inspector.go

* Passing showTree var as function argument

* Making --show-tree a persistent flag

* Removing ShowTree dummy condition

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

* Adding "./kubestr browse snapshot" command (#277)

* Adding the kubestr browse pvc command. Handling kubestr browse support for backward compatibility.

* Adding browse snapshot command. Updating browse command to browse pvc command.

* chore(deps): bump github/codeql-action in the github-actions group (#272)

Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@4fa2a79...2d79040)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump docker/build-push-action in the docker group (#273)

Bumps the docker group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).

Updates `docker/build-push-action` from 6.3.0 to 6.4.1
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1a16264...1ca370b)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Removing unused snapshot function parameter in cleanup

* Adding mock tests for SnapshotBrowserStepper

* Adding Deprecated msg to the 'browse' command

* Adding fake tests for snapshot_inspector.go

* Renamed testcase CSITestSuite.TestCreateInspectorApplication to TestCreateInspectorApplicationForPVC

* Adding snapshot_inspector_steps_test.go

* Updating Deprecated msg for 'browse' command

* Making namespace, runAsUser & localport flags persistent

* Removing namespace, runAsUser & localport flags for browse snapshot because we made those persistent

* Removing storage class flag

* Update cmd/rootCmd.go

Co-authored-by: Sirish Bathina <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sirish Bathina <[email protected]>

* Adding --show-tree flag to both "./kubestr browse pvc" & "./kubestr browse snapshot" commands (#278)

* Adding the kubestr browse pvc command. Handling kubestr browse support for backward compatibility.

* Adding browse snapshot command. Updating browse command to browse pvc command.

* chore(deps): bump github/codeql-action in the github-actions group (#272)

Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@4fa2a79...2d79040)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump docker/build-push-action in the docker group (#273)

Bumps the docker group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/build-push-action` from 6.3.0 to 6.4.1
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1a16264...1ca370b)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing unused snapshot function parameter in cleanup

* Adding KubeExecutor Exec helper function to execute tree command

* Adding --show-tree logic in pvc_inspector.go

* Adding --show-tree logic in snapshot_inspector.go

* Printing out the tree structure for --show-tree

* Updating mock tests for new code changes

* Updating mount path in container args for creating a browse pod

* Updating the CSITestSuite.TestCreateInspectorApplication for changes in the mount path

* Adding Deprecated msg to the 'browse' command

* Adding mock tests for SnapshotBrowserStepper

* Adding fake tests for snapshot_inspector.go

* Renamed testcase CSITestSuite.TestCreateInspectorApplication to TestCreateInspectorApplicationForPVC

* Adding snapshot_inspector_steps_test.go

* Updating mock tests for new code changes

* Updating the mount paths in CSITestSuite.TestCreateInspectorApplicationForSnapshot

* Updating Deprecated msg for 'browse' command

* Making namespace, runAsUser & localport flags persistent

* Removing namespace, runAsUser & localport flags for browse snapshot because we made those persistent

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Updating namespace flag usage for better understanding

* Removing storage class flag

* Adding --show-tree logic in snapshot_inspector.go

* Updating mock objects for SnapshotBrowserStepper

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing storage class flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Adding --show-tree logic in snapshot_inspector.go

* Passing showTree var as function argument

* Making --show-tree a persistent flag

* Removing ShowTree dummy condition

* Removing duplicate browseSnapshotCmd

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Removing dummy ShowTree arg test

* Adding --show-tree flag to both "./kubestr browse pvc" & "./kubestr browse snapshot" commands (#278)

* Adding the kubestr browse pvc command. Handling kubestr browse support for backward compatibility.

* Adding browse snapshot command. Updating browse command to browse pvc command.

* chore(deps): bump github/codeql-action in the github-actions group (#272)

Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 3.25.12 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@4fa2a79...2d79040)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump docker/build-push-action in the docker group (#273)

Bumps the docker group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/build-push-action` from 6.3.0 to 6.4.1
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1a16264...1ca370b)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing unused snapshot function parameter in cleanup

* Adding KubeExecutor Exec helper function to execute tree command

* Adding --show-tree logic in pvc_inspector.go

* Adding --show-tree logic in snapshot_inspector.go

* Printing out the tree structure for --show-tree

* Updating mock tests for new code changes

* Updating mount path in container args for creating a browse pod

* Updating the CSITestSuite.TestCreateInspectorApplication for changes in the mount path

* Adding Deprecated msg to the 'browse' command

* Adding mock tests for SnapshotBrowserStepper

* Adding fake tests for snapshot_inspector.go

* Renamed testcase CSITestSuite.TestCreateInspectorApplication to TestCreateInspectorApplicationForPVC

* Adding snapshot_inspector_steps_test.go

* Updating mock tests for new code changes

* Updating the mount paths in CSITestSuite.TestCreateInspectorApplicationForSnapshot

* Updating Deprecated msg for 'browse' command

* Making namespace, runAsUser & localport flags persistent

* Removing namespace, runAsUser & localport flags for browse snapshot because we made those persistent

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Updating namespace flag usage for better understanding

* Removing storage class flag

* Adding --show-tree logic in snapshot_inspector.go

* Updating mock objects for SnapshotBrowserStepper

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Removing storage class flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Adding --show-tree logic in snapshot_inspector.go

* Passing showTree var as function argument

* Making --show-tree a persistent flag

* Removing ShowTree dummy condition

* Removing duplicate browseSnapshotCmd

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

* Adding --show-tree flag for browse snapshot & browse pvc commands

* Making --show-tree a persistent flag

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump the github-actions group across 1 directory with 2 updates (#282)

Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `github/codeql-action` from 3.25.13 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@2d79040...afb54ba)

Updates `actions/upload-artifact` from 4.3.4 to 4.3.5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@0b2256b...89ef406)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump the docker group across 1 directory with 4 updates (#283)

Bumps the docker group with 4 updates in the / directory: [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/setup-qemu-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@5927c83...49b3bc8)

Updates `docker/setup-buildx-action` from 3.4.0 to 3.6.1
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@4fd8129...988b5a0)

Updates `docker/login-action` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@0d4c9c5...9780b0c)

Updates `docker/build-push-action` from 6.4.1 to 6.5.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1ca370b...5176d81)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#281)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@dc50aa9...62b2cac)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* K10-23320: Fix function definition for Create and CreateFromSource (#274)

* fix function definition for Create and CreateFromSource

* update go mod

* update go mod

* update fakesnapshotter

* update create and createFromSource method

* change snapshot and content meta struct type

* sync kanister dependency

* Renamed struct

* Sync kanister dependency

* Sync kanister dependency

* Sync kanister dependency

* Sync kanister dependency to merge master commit

* Updating CreatePodArgs to consume PVC args in []string{} format instead of string (#285)

* Updating the PVCName, MountPath, DevicePath signature in CreatePodArgs

* Refactoring PVCName, MountPath, DevicePath variables into a single PVCMap with path definitions

* Removing unused PVCName variable from CreatePodArgs

* Updating DevicePath and MountPath error messages

* Removing placeholder test for browse snapshot and browse pvc

* Removing unused snapshotFetchOps from snapshotBrowserSteps

* Adding File restore command

* Adding mock objects and fake tests for file restore command

* Renaming file_restore_inspector.go

* Removing unused SnapshotFetcher interface

* Adding check for source PVC in Snapshot and supported accessModes in source PVC

* Adding --toPVC flag

* Fixing seg fault occurred because of the invalid error thrown in accessmodes check

* Removing check for ReadWriteOnce accessmode

* Update cmd/rootCmd.go

Co-authored-by: Sirish Bathina <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sirish Bathina <[email protected]>
Co-authored-by: saima sultana <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Development

Successfully merging this pull request may close these issues.

1 participant