Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-12-04 17:35:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,138 Commits 7 Branches 76 Tags
47d8b51a4f00b9580a1285c7c73c178c228ae355
Commit Graph

5 Commits

Author SHA1 Message Date
dependabot[bot]
267ce8a820 build(deps): bump actions/checkout from 2.4.0 to 3 (#5238) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ec3a7ce113...a12a3943b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 07:05:33 -08:00
Yong Tang
4b864a97d1 Removed decoupled version comments in github actions (#5240) 
The dependenabot is correctly updating the version of
the github actions with commit hash. However,
the version comments that was placed initially
is not updated. As such the version has been decoupled.
For example, the checkout action
ec3a7ce113134d7a93b817d10a8272cb61118579
is actually on v3.0 yet the comment is still on v2.4.0.

This PR removes the decoupled version comments to avoid
confusion.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 06:49:39 -08:00
dependabot[bot]
8730862bf3 build(deps): bump actions/upload-artifact from 2.3.1 to 3 (#5237) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](82c141cc51...6673cd052c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:38:14 -08:00
dependabot[bot]
acc5ffcf36 build(deps): bump ossf/scorecard-action from 1.0.2 to 1.0.4 (#5235) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.2 to 1.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](c8416b0b2b...c1aec4ac82)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:37:26 -08:00
Yong Tang
402c08fea0 Add OSSF Security Scoreboard Scan (#5208) 
* Add OSSF Security Scoreboard Scan

This PR adds OSSF's Security Scoreboard Scan, to help tighten CoreDNS's security practice.

OSSF Scoreboard is recommended by GitHub. The result will show up in project's "Code Scanning Alerts" (together with existing CodeQL scan we already have).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-28 12:02:03 -05:00