Releases: step-security/skip-duplicate-actions
Releases · step-security/skip-duplicate-actions
v5.3.3
What's Changed
- chore(deps): Bump github/codeql-action from 3.26.13 to 3.28.8 by @dependabot[bot] in #200
- feat: integrated with updated audit fix to handle provided build script by @Raj-StepSecurity in #218
- fix: Security updates by @github-actions[bot] in #219
- fix: Bump axios to 1.8.2 by @Raj-StepSecurity in #223
- feat: auto cherry pick workflow added by @Raj-StepSecurity in #227
- ci: updates in auto cherry pick by @Raj-StepSecurity in #230
- chore: Cherry-picked changes from upstream by @github-actions[bot] in #236
- fix: Security updates by @github-actions[bot] in #237
- fix: Security updates by @github-actions[bot] in #270
- ci: add guarddog security scanning workflow by @Raj-StepSecurity in #271
- [StepSecurity] ci: Harden GitHub Actions by @step-security-bot in #199
- ci: Update auto_cherry_pick.yml by @Raj-StepSecurity in #274
- fix: Security updates by @github-actions[bot] in #287
- fix: Security updates by @github-actions[bot] in #304
- feat: Update audit-package.yml by @Raj-StepSecurity in #310
- fix: Security updates by @github-actions[bot] in #311
- Revert "chore: Cherry-picked changes from upstream" by @Raj-StepSecurity in #312
- chore: dist updated by @github-actions[bot] in #318
- feat: Validate Subscription flow Updated by @Raj-StepSecurity in #317
- ci: Update actions_release.yml by @Raj-StepSecurity in #321
- fix: Security updates by @github-actions[bot] in #327
Full Changelog: v5...v5.3.3
Contributors
dependabot, step-security-bot, and Raj-StepSecurity
Assets 6
v5.3.2
What's Changed
- Create osv-scanner.toml by @varunsh-coder in #178
- vulns audited and fixed by @Raj-StepSecurity in #194
- Revert "Merge pull request #194 from step-security/fix_Alerts-Vuln" by @Raj-StepSecurity in #196
- workflow to fix vulnerabilities by @Raj-StepSecurity in #197
- fix: Security updates via npm audit fix
by @github-actions in #198 - chore(deps): Bump actions/upload-artifact from 3.1.3 to 4.4.3 by @dependabot in #185
- chore(deps): Bump github/codeql-action from 2.22.6 to 3.26.13 by @dependabot in #186
New Contributors
- @Raj-StepSecurity made their first contribution in #194
- @github-actions made their first contribution in #198
Full Changelog: v5...v5.3.2
Contributors
varunsh-coder, dependabot, and Raj-StepSecurity
Assets 6
v5.3.1
What's Changed
- chore(deps): Bump actions/checkout from 3 to 4 by @dependabot in #5
- updating dependencies by @ashishkurmi in #68
- chore(deps): Bump ossf/scorecard-action from 2.0.6 to 2.3.3 by @dependabot in #121
- chore(deps-dev): Bump braces from 3.0.2 to 3.0.3 by @dependabot in #125
- chore(deps-dev): Bump undici from 5.28.3 to 5.28.4 by @dependabot in #126
- chore(deps): Bump actions/dependency-review-action from 2.5.1 to 4.3.2 by @dependabot in #116
- chore(deps-dev): Bump follow-redirects from 1.15.5 to 1.15.6 by @dependabot in #128
- Update README.md by @shubham-stepsecurity in #127
- Update and rename release.yml to actions_release.yml by @shubham-stepsecurity in #135
New Contributors
- @dependabot made their first contribution in #5
- @ashishkurmi made their first contribution in #68
- @shubham-stepsecurity made their first contribution in #127
Full Changelog: v1...v5.3.1
Contributors
dependabot, ashishkurmi, and shubham-stepsecurity
Assets 6
v1.0.1
What's Changed
- Add logic to validate subscription by @varunsh-coder in #16
Full Changelog: v1...v1.0.1
Contributors
varunsh-coder
Assets 2
v1.0.0
Merge pull request #2 from step-security-bot/stepsecurity_remediation…