Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / step-security/rust-cache issues and pull requests
#84 - Harden GitHub Actions Workflow - workspaces.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#83 - Harden GitHub Actions Workflow - target-dir.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#82 - Harden GitHub Actions Workflow - simple.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#81 - Harden GitHub Actions Workflow - scorecards.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#80 - Harden GitHub Actions Workflow - install.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#79 - Harden GitHub Actions Workflow - dependency-review.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#78 - Harden GitHub Actions Workflow - coverage.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#77 - Harden GitHub Actions Workflow - codeql.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#76 - Harden GitHub Actions Workflow - check-dist.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#75 - Harden GitHub Actions Workflow - buildjet.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#74 - Harden GitHub Actions Workflow - actions_release.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity
#73 - Bump actions/dependency-review-action from 4.3.3 to 4.4.0
Pull Request -
State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions
#72 - Bump actions/setup-node from 4.0.2 to 4.1.0
Pull Request -
State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions
#71 - Bump github/codeql-action from 3.25.11 to 3.27.0
Pull Request -
State: open - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions
#70 - Bump actions/dependency-review-action from 4.3.3 to 4.3.5
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: dependencies, github_actions
#69 - Bump github/codeql-action from 3.25.11 to 3.26.13
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#68 - Bump actions/upload-artifact from 3.1.3 to 4.4.3
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#67 - Bump actions/upload-artifact from 3.1.3 to 4.4.2
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#66 - Bump typescript from 5.4.3 to 5.6.3
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, javascript
#65 - Bump actions/upload-artifact from 3.1.3 to 4.4.1
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#64 - Bump github/codeql-action from 3.25.11 to 3.26.12
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#63 - Bump clap from 3.2.20 to 4.5.20 in /tests/wasm-workspace
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, rust
#62 - Bump github/codeql-action from 3.25.11 to 3.26.11
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#61 - Update ids in osv-scanner.toml
Pull Request -
State: closed - Opened by shubham-stepsecurity 2 months ago
#60 - Rename osv-scanner.toml file path
Pull Request -
State: closed - Opened by shubham-stepsecurity 2 months ago
#59 - Bump clap from 3.2.20 to 4.5.19 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, rust
#58 - Ignore non-relevant vulnerable dependencies
Pull Request -
State: closed - Opened by shubham-stepsecurity 2 months ago
#57 - Bump github/codeql-action from 3.25.11 to 3.26.10
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#56 - Bump github/codeql-action from 3.25.11 to 3.26.9
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#55 - Bump @vercel/ncc from 0.38.1 to 0.38.2
Pull Request -
State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies, javascript
#54 - Bump clap from 3.2.20 to 4.5.18 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, rust
#53 - Bump actions/setup-node from 4.0.2 to 4.0.4
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#52 - Bump github/codeql-action from 3.25.11 to 3.26.8
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#51 - Bump github/codeql-action from 3.25.11 to 3.26.7
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#50 - Bump step-security/harden-runner from 2.8.1 to 2.10.1
Pull Request -
State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions
#49 - Bump typescript from 5.4.3 to 5.6.2
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, javascript
#48 - Bump clap from 3.2.20 to 4.5.17 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, rust
#47 - Bump actions/upload-artifact from 3.1.3 to 4.4.0
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#46 - Bump axios from 1.7.4 to 1.7.7
Pull Request -
State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, javascript
#45 - Bump github/codeql-action from 3.25.11 to 3.26.6
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#44 - Bump github/codeql-action from 3.25.11 to 3.26.5
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#43 - Bump axios from 1.7.4 to 1.7.5
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, javascript
#42 - Bump github/codeql-action from 3.25.11 to 3.26.4
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#41 - update dependency & patch vulnerable build
Pull Request -
State: closed - Opened by shubham-stepsecurity 3 months ago
#40 - Bump github/codeql-action from 3.25.11 to 3.26.3
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#39 - Bump clap from 3.2.20 to 4.5.16 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#38 - Bump @actions/glob from 0.4.0 to 0.5.0
Pull Request -
State: open - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript
#37 - Bump github/codeql-action from 3.25.11 to 3.26.2
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#36 - Bump github/codeql-action from 3.25.11 to 3.26.1
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#35 - Bump axios from 1.7.2 to 1.7.4
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, javascript
#34 - Bump clap from 3.2.20 to 4.5.15 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#33 - Bump clap from 3.2.20 to 4.5.14 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#32 - Bump undici from 5.28.3 to 5.28.4
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, javascript
#31 - Bump h2 from 0.3.14 to 0.3.26 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, rust
#30 - Bump openssl from 0.10.41 to 0.10.66 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, rust
#29 - Bump mio from 0.8.4 to 0.8.11 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, rust
#28 - Bump github/codeql-action from 3.25.11 to 3.26.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#27 - Bump actions/upload-artifact from 3.1.3 to 4.3.6
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#26 - Bump step-security/harden-runner from 2.8.1 to 2.9.1
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#25 - Bump axios from 1.7.2 to 1.7.3
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, javascript
#24 - Bump actions/upload-artifact from 3.1.3 to 4.3.5
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#23 - Bump clap from 3.2.20 to 4.5.13 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#22 - Bump github/codeql-action from 3.25.11 to 3.25.15
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#21 - Bump github/codeql-action from 3.25.11 to 3.25.14
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#20 - Bump clap from 3.2.20 to 4.5.11 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#19 - Bump clap from 3.2.20 to 4.5.10 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, rust
#18 - Bump typescript from 5.4.3 to 5.5.4
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, javascript
#17 - Bump github/codeql-action from 3.25.11 to 3.25.13
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#16 - Bump step-security/harden-runner from 2.8.1 to 2.9.0
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#15 - Bump smol-toml from 1.1.4 to 1.3.0
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript
#14 - Bump github/codeql-action from 3.25.11 to 3.25.12
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#13 - Bump actions/dependency-review-action from 4.3.3 to 4.3.4
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#12 - Bump actions/setup-node from 4.0.2 to 4.0.3
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#11 - Bump clap from 3.2.20 to 4.5.9 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, rust
#10 - Bump reqwest from 0.11.11 to 0.12.4 in /tests/wasm-workspace
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, rust
#9 - Bump clap from 3.2.20 to 4.5.8 in /tests/wasm-workspace
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, rust
#8 - Bump smol-toml from 1.1.4 to 1.2.2
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, javascript
#7 - Bump typescript from 5.4.3 to 5.5.3
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, javascript
#6 - Bump serde_json from 1.0.85 to 1.0.109 in /tests/wasm-workspace
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, rust
#5 - Bump serde from 1.0.144 to 1.0.185 in /tests/wasm-workspace
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, rust
#4 - Bump tracing from 0.1.36 to 0.1.40 in /tests/wasm-workspace
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, rust
#3 - Bump actions/upload-artifact from 3.1.3 to 4.3.4
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#2 - [StepSecurity] Apply security best practices
Pull Request -
State: closed - Opened by step-security-bot 5 months ago
- 1 comment
#1 - chore: initial release
Pull Request -
State: closed - Opened by shubham-stepsecurity 5 months ago