Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-12-24 11:05:11 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,173 Commits 8 Branches 77 Tags
1cb3eaa9e45df9e47c5a9deeb8d335a6eb1672ca
Commit Graph

8 Commits

Author SHA1 Message Date
dependabot[bot]
5b87abb6f0 build(deps): bump github/codeql-action from 1.1.5 to 2.1.6 (#5303) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8834766498...28eead2408)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-05 08:48:08 -04:00
dependabot[bot]
24643ca94c build(deps): bump github/codeql-action from 1.1.4 to 1.1.5 (#5280) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f5d822707e...8834766498)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-21 06:40:14 -07:00
dependabot[bot]
4da9439e3a build(deps): bump github/codeql-action from 1.1.3 to 1.1.4 (#5259) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1.1.3...f5d822707ee6e8fb81b04a5c0040b736da22e587)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-14 07:59:57 -07:00
dependabot[bot]
267ce8a820 build(deps): bump actions/checkout from 2.4.0 to 3 (#5238) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ec3a7ce113...a12a3943b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 07:05:33 -08:00
Yong Tang
4b864a97d1 Removed decoupled version comments in github actions (#5240) 
The dependenabot is correctly updating the version of
the github actions with commit hash. However,
the version comments that was placed initially
is not updated. As such the version has been decoupled.
For example, the checkout action
ec3a7ce113134d7a93b817d10a8272cb61118579
is actually on v3.0 yet the comment is still on v2.4.0.

This PR removes the decoupled version comments to avoid
confusion.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 06:49:39 -08:00
dependabot[bot]
8730862bf3 build(deps): bump actions/upload-artifact from 2.3.1 to 3 (#5237) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](82c141cc51...6673cd052c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:38:14 -08:00
dependabot[bot]
acc5ffcf36 build(deps): bump ossf/scorecard-action from 1.0.2 to 1.0.4 (#5235) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.2 to 1.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](c8416b0b2b...c1aec4ac82)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:37:26 -08:00
Yong Tang
402c08fea0 Add OSSF Security Scoreboard Scan (#5208) 
* Add OSSF Security Scoreboard Scan

This PR adds OSSF's Security Scoreboard Scan, to help tighten CoreDNS's security practice.

OSSF Scoreboard is recommended by GitHub. The result will show up in project's "Code Scanning Alerts" (together with existing CodeQL scan we already have).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-28 12:02:03 -05:00