step-security/foundry-toolchain issues and pull requests

#59 - Harden GitHub Actions Workflow - scorecards.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#59 - Harden GitHub Actions Workflow - scorecards.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#58 - Harden GitHub Actions Workflow - dependency-review.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#58 - Harden GitHub Actions Workflow - dependency-review.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#57 - Harden GitHub Actions Workflow - codeql.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#57 - Harden GitHub Actions Workflow - codeql.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#56 - Harden GitHub Actions Workflow - check-dist.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#56 - Harden GitHub Actions Workflow - check-dist.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#55 - Harden GitHub Actions Workflow - actions_release.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#55 - Harden GitHub Actions Workflow - actions_release.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#54 - Bump @actions/cache from 3.2.2 to 3.3.0

Pull Request - State: open - Opened by dependabot[bot] 28 days ago
Labels: dependencies, javascript

#54 - Bump @actions/cache from 3.2.2 to 3.3.0

Pull Request - State: open - Opened by dependabot[bot] 28 days ago
Labels: dependencies, javascript

#53 - Bump actions/setup-node from 2.5.1 to 4.1.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#53 - Bump actions/setup-node from 2.5.1 to 4.1.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#52 - Bump actions/checkout from 3.6.0 to 4.2.2

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#52 - Bump actions/checkout from 3.6.0 to 4.2.2

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#51 - Bump github/codeql-action from 2.25.11 to 3.27.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#51 - Bump github/codeql-action from 2.25.11 to 3.27.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#50 - Bump github/codeql-action from 2.25.11 to 3.26.13

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#50 - Bump github/codeql-action from 2.25.11 to 3.26.13

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#49 - Bump actions/upload-artifact from 2.3.1 to 4.4.3

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#49 - Bump actions/upload-artifact from 2.3.1 to 4.4.3

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#48 - Bump actions/upload-artifact from 2.3.1 to 4.4.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#48 - Bump actions/upload-artifact from 2.3.1 to 4.4.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#47 - Bump actions/upload-artifact from 2.3.1 to 4.4.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#47 - Bump actions/upload-artifact from 2.3.1 to 4.4.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#46 - Bump github/codeql-action from 2.25.11 to 3.26.12

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#46 - Bump github/codeql-action from 2.25.11 to 3.26.12

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#45 - Bump actions/checkout from 3.6.0 to 4.2.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#45 - Bump actions/checkout from 3.6.0 to 4.2.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#44 - Bump github/codeql-action from 2.25.11 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#44 - Bump github/codeql-action from 2.25.11 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#43 - Bump github/codeql-action from 2.25.11 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#43 - Bump github/codeql-action from 2.25.11 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#42 - Bump actions/checkout from 3.6.0 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#42 - Bump actions/checkout from 3.6.0 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#41 - Bump github/codeql-action from 2.25.11 to 3.26.9

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#41 - Bump github/codeql-action from 2.25.11 to 3.26.9

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#40 - Bump @vercel/ncc from 0.33.4 to 0.38.2

Pull Request - State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies, javascript

#40 - Bump @vercel/ncc from 0.33.4 to 0.38.2

Pull Request - State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies, javascript

#39 - Bump actions/setup-node from 2.5.1 to 4.0.4

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#39 - Bump actions/setup-node from 2.5.1 to 4.0.4

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#38 - Bump github/codeql-action from 2.25.11 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#38 - Bump github/codeql-action from 2.25.11 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#37 - Bump github/codeql-action from 2.25.11 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#37 - Bump github/codeql-action from 2.25.11 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#36 - Bump step-security/harden-runner from 2.8.1 to 2.10.1

Pull Request - State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#36 - Bump step-security/harden-runner from 2.8.1 to 2.10.1

Pull Request - State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#35 - Bump actions/upload-artifact from 2.3.1 to 4.4.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#35 - Bump actions/upload-artifact from 2.3.1 to 4.4.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#34 - Bump github/codeql-action from 2.25.11 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#34 - Bump github/codeql-action from 2.25.11 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#33 - Bump github/codeql-action from 2.25.11 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#33 - Bump github/codeql-action from 2.25.11 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#32 - Bump github/codeql-action from 2.25.11 to 3.26.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#32 - Bump github/codeql-action from 2.25.11 to 3.26.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#31 - Bump github/codeql-action from 2.25.11 to 3.26.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#31 - Bump github/codeql-action from 2.25.11 to 3.26.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#30 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#30 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#29 - Bump axios from 1.7.2 to 1.7.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#29 - Bump axios from 1.7.2 to 1.7.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#28 - Bump github/codeql-action from 2.25.11 to 3.26.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#28 - Bump github/codeql-action from 2.25.11 to 3.26.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#27 - Bump github/codeql-action from 2.25.11 to 3.26.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#27 - Bump github/codeql-action from 2.25.11 to 3.26.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#26 - Bump step-security/harden-runner from 2.8.1 to 2.9.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#26 - Bump step-security/harden-runner from 2.8.1 to 2.9.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#25 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#25 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#24 - Bump undici from 5.26.4 to 5.28.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#24 - Bump undici from 5.26.4 to 5.28.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#23 - Bump github/codeql-action from 2.25.11 to 3.26.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#23 - Bump github/codeql-action from 2.25.11 to 3.26.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#22 - Bump actions/upload-artifact from 2.3.1 to 4.3.6

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#22 - Bump actions/upload-artifact from 2.3.1 to 4.3.6

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#21 - Bump actions/upload-artifact from 2.3.1 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#21 - Bump actions/upload-artifact from 2.3.1 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#20 - Bump github/codeql-action from 2.25.11 to 3.25.15

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#20 - Bump github/codeql-action from 2.25.11 to 3.25.15

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#19 - Bump ossf/scorecard-action from 2.0.6 to 2.4.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#19 - Bump ossf/scorecard-action from 2.0.6 to 2.4.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#18 - Bump github/codeql-action from 2.25.11 to 3.25.14

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#18 - Bump github/codeql-action from 2.25.11 to 3.25.14

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#17 - Bump github/codeql-action from 2.25.11 to 3.25.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#17 - Bump github/codeql-action from 2.25.11 to 3.25.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#16 - Bump prettier from 2.8.8 to 3.3.3

Pull Request - State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript

#16 - Bump prettier from 2.8.8 to 3.3.3

Pull Request - State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript

#15 - Bump github/codeql-action from 2.25.11 to 3.25.12

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#15 - Bump github/codeql-action from 2.25.11 to 3.25.12

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#14 - Bump actions/setup-node from 2.5.1 to 4.0.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#14 - Bump actions/setup-node from 2.5.1 to 4.0.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#13 - Bump actions/upload-artifact from 2.3.1 to 4.3.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#13 - Bump actions/upload-artifact from 2.3.1 to 4.3.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#12 - Bump @actions/tool-cache from 1.7.2 to 2.0.1

Pull Request - State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript

#12 - Bump @actions/tool-cache from 1.7.2 to 2.0.1

Pull Request - State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript

#11 - Bump @vercel/ncc from 0.33.4 to 0.38.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#11 - Bump @vercel/ncc from 0.33.4 to 0.38.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#10 - Bump @actions/cache from 3.2.2 to 3.2.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#10 - Bump @actions/cache from 3.2.2 to 3.2.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

GitHub / step-security/foundry-toolchain issues and pull requests