Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / step-security/gh-actions-lua issues and pull requests

#57 - Harden GitHub Actions Workflow - test.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#56 - Harden GitHub Actions Workflow - scorecards.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#55 - Harden GitHub Actions Workflow - dependency-review.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#54 - Harden GitHub Actions Workflow - codeql.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#53 - Harden GitHub Actions Workflow - actions_release.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#52 - Bump @actions/cache from 3.1.2 to 3.3.0

Pull Request - State: open - Opened by dependabot[bot] 28 days ago
Labels: dependencies, javascript

#51 - Bump actions/dependency-review-action from 4.3.3 to 4.4.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#50 - Bump actions/checkout from 4.1.7 to 4.2.2

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#49 - Bump github/codeql-action from 3.25.11 to 3.27.0

Pull Request - State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#48 - Bump actions/dependency-review-action from 4.3.3 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, github_actions

#47 - Bump github/codeql-action from 3.25.11 to 3.26.13

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#46 - Bump actions/upload-artifact from 4.3.4 to 4.4.3

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#45 - Bump actions/upload-artifact from 4.3.4 to 4.4.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#44 - Bump github/codeql-action from 3.25.11 to 3.26.12

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#43 - Bump actions/checkout from 4.1.7 to 4.2.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#42 - Bump actions/upload-artifact from 4.3.4 to 4.4.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#41 - Bump @actions/core from 1.10.0 to 1.11.1

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, javascript

#40 - Bump github/codeql-action from 3.25.11 to 3.26.11

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago - 1 comment
Labels: dependencies, github_actions

#39 - Bump @actions/core from 1.10.0 to 1.11.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, javascript

#38 - Bump github/codeql-action from 3.25.11 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#37 - Bump actions/checkout from 4.1.7 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#36 - Bump github/codeql-action from 3.25.11 to 3.26.9

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#35 - Bump github/codeql-action from 3.25.11 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, github_actions

#34 - Bump github/codeql-action from 3.25.11 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#33 - Bump step-security/harden-runner from 2.8.1 to 2.10.1

Pull Request - State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#32 - Bump actions/upload-artifact from 4.3.4 to 4.4.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#31 - Bump axios from 1.7.4 to 1.7.7

Pull Request - State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, javascript

#30 - Bump github/codeql-action from 3.25.11 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#29 - Bump github/codeql-action from 3.25.11 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#28 - Bump axios from 1.7.4 to 1.7.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, javascript

#28 - Bump axios from 1.7.4 to 1.7.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, javascript

#27 - Bump github/codeql-action from 3.25.11 to 3.26.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#26 - Bump github/codeql-action from 3.25.11 to 3.26.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#25 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#24 - Bump github/codeql-action from 3.25.11 to 3.26.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#23 - Bump axios from 1.7.2 to 1.7.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#22 - Bump github/codeql-action from 3.25.11 to 3.26.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#21 - patch vulnerable build

Pull Request - State: closed - Opened by shubham-stepsecurity 4 months ago

#20 - Bump xml2js and @azure/core-http

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#19 - Bump tough-cookie and @azure/ms-rest-js

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#18 - Bump semver from 6.3.0 to 6.3.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript

#17 - Bump github/codeql-action from 3.25.11 to 3.26.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#16 - Bump actions/upload-artifact from 4.3.4 to 4.3.6

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#15 - Bump step-security/harden-runner from 2.8.1 to 2.9.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#14 - Bump actions/upload-artifact from 4.3.4 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#13 - Bump axios from 1.7.2 to 1.7.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, javascript

#12 - Bump ossf/scorecard-action from 2.3.3 to 2.4.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions

#11 - Bump github/codeql-action from 3.25.11 to 3.25.15

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#10 - Bump github/codeql-action from 3.25.11 to 3.25.14

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#9 - Bump github/codeql-action from 3.25.11 to 3.25.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#8 - Bump step-security/harden-runner from 2.8.1 to 2.9.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#7 - Bump actions/dependency-review-action from 4.3.3 to 4.3.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#6 - Bump github/codeql-action from 3.25.11 to 3.25.12

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#5 - Bump @actions/cache from 3.1.2 to 3.2.4

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#4 - Bump @actions/io from 1.1.2 to 1.1.3

Pull Request - State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript

#3 - Bump @actions/core from 1.10.0 to 1.10.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, javascript

#2 - [StepSecurity] Apply security best practices

Pull Request - State: closed - Opened by step-security-bot 5 months ago - 1 comment

#1 - chore: initial release

Pull Request - State: closed - Opened by shubham-stepsecurity 5 months ago - 3 comments