Skip to content

v2.1.3

Marketplace
Marketplace
Compare
Choose a tag to compare
@spencerschrock spencerschrock released this 29 Mar 20:29
· 206 commits to main since this release
v2.1.3
This tag was signed with the committer’s verified signature.
spencerschrock Spencer Schrock
SSH Key Fingerprint: iEdk6w6vKX4x8FmfzRZODCotdCVMA333R1fASrXv690 Learn about vigilant mode.
80e868c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What's Changed

Bug Fixes

  • Invalid SARIF files from a bug in scorecard
  • Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
  • Scorecard action not reporting binary artifacts in the repo

Full Scorecard Changelog: ossf/scorecard@v4.10.2...v4.10.5

Full Changelog: v2.1.2...v2.1.3

Contributors

spencerschrock
Assets 2
Loading