Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / step-security/vitest-coverage-report-action issues and pull requests

#62 - Harden GitHub Actions Workflow - test.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#62 - Harden GitHub Actions Workflow - test.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#61 - Harden GitHub Actions Workflow - scorecards.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#61 - Harden GitHub Actions Workflow - scorecards.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#60 - Harden GitHub Actions Workflow - dependency-review.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#60 - Harden GitHub Actions Workflow - dependency-review.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#59 - Harden GitHub Actions Workflow - codeql-analysis.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#59 - Harden GitHub Actions Workflow - codeql-analysis.yml

Issue - State: closed - Opened by int-stepsecurity-advanced[bot] 27 days ago
Labels: High Severity

#58 - Bump the build-deps group across 1 directory with 6 updates

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 3 comments
Labels: dependencies, javascript

#58 - Bump the build-deps group across 1 directory with 6 updates

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 3 comments
Labels: dependencies, javascript

#57 - Bump @actions/core from 1.10.1 to 1.11.1 in the deps group

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, javascript

#57 - Bump @actions/core from 1.10.1 to 1.11.1 in the deps group

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, javascript

#56 - Bump github/codeql-action from 2.25.11 to 3.26.11

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, github_actions

#56 - Bump github/codeql-action from 2.25.11 to 3.26.11

Pull Request - State: open - Opened by dependabot[bot] about 2 months ago - 2 comments
Labels: dependencies, github_actions

#55 - Ignore non-relevant vulnerable dependencies

Pull Request - State: closed - Opened by shubham-stepsecurity 2 months ago - 2 comments

#55 - Ignore non-relevant vulnerable dependencies

Pull Request - State: closed - Opened by shubham-stepsecurity 2 months ago - 2 comments

#54 - Create osv-scanner.toml

Pull Request - State: closed - Opened by varunsh-coder 2 months ago - 2 comments

#53 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, github_actions

#53 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.10

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, github_actions

#52 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#52 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#51 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: open - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, javascript

#51 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: open - Opened by dependabot[bot] 2 months ago - 2 comments
Labels: dependencies, javascript

#50 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.9

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, github_actions

#49 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#49 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#48 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#48 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, javascript

#47 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, github_actions

#47 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 3 comments
Labels: dependencies, github_actions

#46 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#46 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#45 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#45 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#44 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#44 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#43 - chore(deps): bump step-security/harden-runner from 2.8.1 to 2.10.1

Pull Request - State: open - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, github_actions

#42 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#42 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#41 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#41 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#40 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#39 - chore(deps): bump actions/upload-artifact from 4.3.4 to 4.4.0

Pull Request - State: open - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, github_actions

#38 - chore(deps): bump axios from 1.7.2 to 1.7.7

Pull Request - State: open - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, javascript

#38 - chore(deps): bump axios from 1.7.2 to 1.7.7

Pull Request - State: open - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, javascript

#37 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#37 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#36 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#36 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#35 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#34 - chore(deps): bump the semantic-release group across 1 directory with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#33 - chore(deps): bump axios from 1.7.2 to 1.7.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, javascript

#32 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#31 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 3 comments
Labels: dependencies, github_actions

#30 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#29 - chore(deps): bump the semantic-release group across 1 directory with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#28 - chore(deps): bump axios from 1.7.2 to 1.7.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#27 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#26 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#25 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#24 - chore(deps): bump @semantic-release/github from 10.0.6 to 10.1.4 in the semantic-release group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#23 - chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.6

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#22 - chore(deps): bump github/codeql-action from 2.25.11 to 3.26.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#21 - chore(deps): bump step-security/harden-runner from 2.8.1 to 2.9.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#20 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#19 - chore(deps): bump axios from 1.7.2 to 1.7.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#18 - chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#17 - chore(deps): bump github/codeql-action from 2.25.11 to 3.25.15

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#16 - chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0

Pull Request - State: open - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, github_actions

#15 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#14 - chore(deps): bump @semantic-release/github from 10.0.6 to 10.1.3 in the semantic-release group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#13 - chore(deps): bump github/codeql-action from 2.25.11 to 3.25.14

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#12 - chore(deps): bump github/codeql-action from 2.25.11 to 3.25.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#11 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#10 - chore(deps): bump @semantic-release/github from 10.0.6 to 10.1.1 in the semantic-release group across 1 directory

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, javascript

#9 - chore(deps): bump step-security/harden-runner from 2.8.1 to 2.9.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, github_actions

#8 - chore(deps-dev): bump the build-deps group across 1 directory with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, javascript

#7 - chore(deps): bump github/codeql-action from 2.25.11 to 3.25.12

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, github_actions

#6 - chore(deps): bump actions/dependency-review-action from 4.3.3 to 4.3.4

Pull Request - State: open - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, github_actions

#5 - chore(deps): bump github/codeql-action from 2.25.11 to 3.25.11

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, github_actions

#4 - chore(deps): bump @semantic-release/github from 10.0.6 to 10.1.0 in the semantic-release group

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies

#3 - chore(deps-dev): bump the build-deps group with 6 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies

#2 - [StepSecurity] Apply security best practices

Pull Request - State: closed - Opened by step-security-bot 5 months ago

#1 - chore: initial release

Pull Request - State: closed - Opened by shubham-stepsecurity 5 months ago - 3 comments