Build: #3866 was successful Scheduled with changes by Ian Bacher and dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Code commits
Git
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 005ad891eb91b6843e22528bbc622d69153b0d01
maven(deps): bump commons-io:commons-io from 2.16.0 to 2.16.1 (#4614)
Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>- pom.xml (version 005ad891eb91b6843e22528bbc622d69153b0d01)
-
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 1aa06a1922fa742039c788d3c7dcbf77f66d56c0
github-actions(deps): bump actions/upload-artifact from 3 to 4 (#4615)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>- .github/workflows/scorecard.yml (version 1aa06a1922fa742039c788d3c7dcbf77f66d56c0)
-
Ian Bacher a94fba4f276cd6dd47d8c8aee7a4b6df5f0c643e
TRUNK-6226: Fix potential zip-slips (#4613)
- api/src/main/java/org/openmrs/module/ModuleUtil.java (version a94fba4f276cd6dd47d8c8aee7a4b6df5f0c643e)
- web/src/main/java/org/openmrs/module/web/WebModuleUtil.java (version a94fba4f276cd6dd47d8c8aee7a4b6df5f0c643e)
-
Ian Bacher 39348a66d267e32bcad6c24f2829807e68143441
Set permissions for build.yaml to read-only
- .github/workflows/build.yaml (version 39348a66d267e32bcad6c24f2829807e68143441)
-
Ian Bacher cc26bbf0baa792a6fbf7e1ba5647cd55896edc9d
Hoist code-ql permissions to apply to whole workflow
- .github/workflows/codeql-analysis.yml (version cc26bbf0baa792a6fbf7e1ba5647cd55896edc9d)
-
Ian Bacher 88a78fcb5192e907026d4d6470087b46ecc6862e
Restrict permissions on token for stale PR job
- .github/workflows/stale.yml (version 88a78fcb5192e907026d4d6470087b46ecc6862e)
-
Ian Bacher 8e1bf8ffbf2b4790a71830fb458d4180ea11b126
Create scorecard.yml
- .github/workflows/scorecard.yml (version 8e1bf8ffbf2b4790a71830fb458d4180ea11b126)
![dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>](https://secure.gravatar.com/avatar/b24648b58839a1b2a1718b7089bcb57d?r=g&s=24&d=mm){kind=small}
