Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: exchange versions with pinned commits #598

Merged
merged 5 commits into from
Feb 19, 2025
Merged

chore: exchange versions with pinned commits #598

merged 5 commits into from
Feb 19, 2025

Conversation

morri-son
Copy link
Contributor

Description

exchange versions with pinned commits

@morri-son morri-son requested a review from a team as a code owner February 19, 2025 11:03
@morri-son morri-son added the kind/chore chore, maintenance, etc. label Feb 19, 2025
@morri-son morri-son added this to the 2025-Q1 milestone Feb 19, 2025
@morri-son morri-son enabled auto-merge (squash) February 19, 2025 11:04
@github-actions GitHub Actions
Copy link

Mend Scan Summary: ❌

Repository: open-component-model/ocm-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 2
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 9
RESTRICTED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

@github-actions GitHub Actions
Copy link

Mend Scan Summary: ❌

Repository: open-component-model/ocm-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 2
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 9
RESTRICTED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

@github-actions GitHub Actions
Copy link

Mend Scan Summary: ❌

Repository: open-component-model/ocm-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 2
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 9
RESTRICTED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

@github-actions GitHub Actions
Copy link

Mend Scan Summary: ❌

Repository: open-component-model/ocm-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 2
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 9
RESTRICTED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

@morri-son morri-son merged commit 4051b6d into main Feb 19, 2025
10 of 11 checks passed
@morri-son morri-son deleted the exchange-versions-with-pinned-commits branch February 19, 2025 11:59
@hilmarf
Copy link
Member

hilmarf commented Feb 19, 2025

@morri-son how did you do that? Manually? Is there any automated way to fix such things?

@morri-son
Copy link
Contributor Author

@morri-son how did you do that? Manually? Is there any automated way to fix such things?

manually to check if the Alerts go away. There's an open PR dependabot/dependabot-core#7913 which should get this obvious thing done, especially as the dependant folks themselves don't use pinned commits in their GHAs 😂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hilmarf hilmarf hilmarf approved these changes

Assignees
No one assigned
Labels
kind/chore chore, maintenance, etc.
Projects
None yet
Milestone
2025-Q1
Development

Successfully merging this pull request may close these issues.
2 participants
@morri-son @hilmarf