Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / step-security/setup-yq issues and pull requests
#98 - Harden GitHub Actions Workflow - test.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 26 days ago
Labels: High Severity
#97 - Harden GitHub Actions Workflow - scorecards.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 26 days ago
Labels: High Severity
#96 - Harden GitHub Actions Workflow - dependency-review.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 26 days ago
Labels: High Severity
#95 - Harden GitHub Actions Workflow - codeql.yml
Issue -
State: closed - Opened by int-stepsecurity-advanced[bot] 26 days ago
Labels: High Severity
#94 - Bump github/codeql-action from 2.22.8 to 3.26.13
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#93 - Bump actions/upload-artifact from 3.1.3 to 4.4.3
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions
#92 - Bump actions/upload-artifact from 3.1.3 to 4.4.2
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#91 - Bump github/codeql-action from 2.22.8 to 3.26.12
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#90 - Bump actions/upload-artifact from 3.1.3 to 4.4.1
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#89 - Bump @actions/core from 1.10.1 to 1.11.1
Pull Request -
State: open - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, javascript
#88 - Bump github/codeql-action from 2.22.8 to 3.26.11
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, github_actions
#87 - Bump @actions/core from 1.10.1 to 1.11.0
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, javascript
#86 - Create osv-scanner.toml
Pull Request -
State: closed - Opened by varunsh-coder 2 months ago
#85 - Bump github/codeql-action from 2.22.8 to 3.26.10
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#84 - Bump github/codeql-action from 2.22.8 to 3.26.9
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#83 - Bump @vercel/ncc from 0.30.0 to 0.38.2
Pull Request -
State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies, javascript
#82 - Bump github/codeql-action from 2.22.8 to 3.26.8
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: dependencies, github_actions
#81 - Bump github/codeql-action from 2.22.8 to 3.26.7
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#80 - Bump axios from 1.6.2 to 1.7.7
Pull Request -
State: open - Opened by dependabot[bot] 3 months ago
Labels: dependencies, javascript
#79 - Bump actions/upload-artifact from 3.1.3 to 4.4.0
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#78 - Bump github/codeql-action from 2.22.8 to 3.26.6
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#77 - Bump github/codeql-action from 2.22.8 to 3.26.5
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#76 - Bump axios from 1.6.2 to 1.7.5
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, javascript
#75 - Bump github/codeql-action from 2.22.8 to 3.26.4
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#74 - Bump github/codeql-action from 2.22.8 to 3.26.3
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, github_actions
#73 - Bump github/codeql-action from 2.22.8 to 3.26.2
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#72 - Bump github/codeql-action from 2.22.8 to 3.26.1
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#71 - Bump axios from 1.6.2 to 1.7.4
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, javascript
#70 - Bump actions/upload-artifact from 3.1.3 to 4.3.6
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#69 - Bump github/codeql-action from 2.22.8 to 3.26.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#68 - Bump actions/upload-artifact from 3.1.3 to 4.3.5
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#67 - Bump axios from 1.6.2 to 1.7.3
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, javascript
#66 - Bump ossf/scorecard-action from 2.3.3 to 2.4.0
Pull Request -
State: open - Opened by dependabot[bot] 4 months ago
Labels: dependencies, github_actions
#65 - Bump github/codeql-action from 2.22.8 to 3.25.15
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#64 - Bump github/codeql-action from 2.22.8 to 3.25.14
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#63 - Bump github/codeql-action from 2.22.8 to 3.25.13
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: dependencies, github_actions
#62 - Bump actions/dependency-review-action from 4.3.2 to 4.3.4
Pull Request -
State: open - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions
#61 - Bump actions/upload-artifact from 3.1.3 to 4.3.4
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#60 - Bump github/codeql-action from 2.22.8 to 3.25.12
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, github_actions
#59 - Bump follow-redirects from 1.15.5 to 1.15.6
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript
#58 - Bump undici from 5.28.3 to 5.28.4
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, javascript
#57 - Bump axios from 1.6.2 to 1.7.2
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
- 1 comment
Labels: dependencies, javascript
#56 - Bump github/codeql-action from 2.22.8 to 3.25.6
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#55 - Bump axios from 1.6.2 to 1.7.1
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, javascript
#54 - Bump axios from 1.6.2 to 1.7.0
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, javascript
#53 - Bump github/codeql-action from 2.22.8 to 3.25.5
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#52 - Bump ossf/scorecard-action from 2.0.6 to 2.3.3
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, github_actions
#51 - Bump github/codeql-action from 2.22.8 to 3.25.4
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#50 - Bump actions/dependency-review-action from 2.5.1 to 4.3.2
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, github_actions
#49 - Bump actions/dependency-review-action from 2.5.1 to 4.3.1
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#48 - Bump github/codeql-action from 2.22.8 to 3.25.3
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#47 - Bump actions/upload-artifact from 3.1.3 to 4.3.3
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#46 - Bump github/codeql-action from 2.22.8 to 3.25.2
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: dependencies, github_actions
#45 - Bump actions/upload-artifact from 3.1.3 to 4.3.2
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#44 - Bump github/codeql-action from 2.22.8 to 3.25.1
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#43 - Bump github/codeql-action from 2.22.8 to 3.25.0
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#42 - Bump github/codeql-action from 2.22.8 to 3.24.10
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#41 - Bump actions/dependency-review-action from 2.5.1 to 4.2.5
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#40 - Bump github/codeql-action from 2.22.8 to 3.24.9
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#39 - Bump actions/dependency-review-action from 2.5.1 to 4.2.4
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, github_actions
#38 - Bump actions/dependency-review-action from 2.5.1 to 4.2.3
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#37 - Bump github/codeql-action from 2.22.8 to 3.24.8
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#36 - Bump axios from 1.6.2 to 1.6.8
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, javascript
#35 - Bump github/codeql-action from 2.22.8 to 3.24.7
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#34 - Bump github/codeql-action from 2.22.8 to 3.24.6
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#33 - Bump github/codeql-action from 2.22.8 to 3.24.5
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#32 - Bump github/codeql-action from 2.22.8 to 3.24.4
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#31 - updating dependencies
Pull Request -
State: closed - Opened by ashishkurmi 9 months ago
#30 - Bump actions/upload-artifact from 3.1.3 to 4.3.1
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#29 - Bump actions/dependency-review-action from 2.5.1 to 4.1.3
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#28 - Bump actions/dependency-review-action from 2.5.1 to 4.1.2
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#27 - Bump github/codeql-action from 2.22.8 to 3.24.3
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#26 - Update package.json
Pull Request -
State: open - Opened by vaq130 10 months ago
#25 - Bump actions/dependency-review-action from 2.5.1 to 4.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#24 - Bump github/codeql-action from 2.22.8 to 3.24.1
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#23 - Bump github/codeql-action from 2.22.8 to 3.24.0
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#22 - Bump github/codeql-action from 2.22.8 to 3.23.2
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, github_actions
#21 - Bump axios from 1.6.2 to 1.6.7
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, javascript
#20 - Bump axios from 1.6.2 to 1.6.6
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
- 1 comment
Labels: dependencies, javascript
#19 - Bump actions/dependency-review-action from 2.5.1 to 4.0.0
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, github_actions
#18 - Bump github/codeql-action from 2.22.8 to 3.23.1
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, github_actions
#17 - Bump github/codeql-action from 2.22.8 to 3.23.0
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, github_actions
#16 - Bump axios from 1.6.2 to 1.6.5
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, javascript
#15 - Bump actions/dependency-review-action from 2.5.1 to 3.1.5
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, github_actions
#14 - Bump axios from 1.6.2 to 1.6.4
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, javascript
#13 - Bump axios from 1.6.2 to 1.6.3
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, javascript
#12 - Bump github/codeql-action from 2.22.8 to 3.22.12
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#11 - Bump github/codeql-action from 2.22.8 to 3.22.11
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#10 - Bump github/codeql-action from 2.22.8 to 2.22.10
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#9 - Bump github/codeql-action from 2.22.8 to 2.22.9
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#8 - Bump @actions/tool-cache from 1.7.2 to 2.0.1
Pull Request -
State: open - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, javascript
#7 - Bump actions/checkout from 3 to 4
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#6 - Bump @vercel/ncc from 0.30.0 to 0.38.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, javascript
#5 - Bump step-security/publish-action from b438f840875fdcb7d1de4fc3d1d30e86cf6acb5d to 00f33a2a7d8b77187d08ce666d0d5d73ad1dfb93
Pull Request -
State: open - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#4 - Bump actions/dependency-review-action from 2.5.1 to 3.1.4
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, github_actions
#3 - Bump ossf/scorecard-action from 2.0.6 to 2.3.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, github_actions
#2 - [StepSecurity] Apply security best practices
Pull Request -
State: closed - Opened by step-security-bot about 1 year ago
- 1 comment
#1 - Setup action
Pull Request -
State: closed - Opened by varunsh-coder about 1 year ago