[StepSecurity] Apply security best practices #6287
Conversation
Signed-off-by: StepSecurity Bot <[email protected]>
| @@ -18,3 +18,338 @@ updates: | |||
| update-types: | |||
| - "version-update:semver-major" | |||
| - "version-update:semver-minor" | |||
|
|
|||
| - package-ecosystem: nuget | |||
There was a problem hiding this comment.
not sure if this or manual one is better...
There was a problem hiding this comment.
Either manual or monthly could be a better cadence here. Daily would increase maintenance burden.
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #6287 +/- ##
==========================================
+ Coverage 86.53% 86.55% +0.02%
==========================================
Files 258 258
Lines 11792 11792
==========================================
+ Hits 10204 10207 +3
+ Misses 1588 1585 -3
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
This PR was marked stale due to lack of activity and will be closed in 7 days. Commenting or pushing will instruct the bot to automatically remove the label. This bot runs once per day. |
github-actions
bot
added
the
Stale
|
Closed as inactive. Feel free to reopen if this PR is still being worked on. |
Summary
This pull request is created by StepSecurity at the request of @cijothomas. Please merge the Pull Request to incorporate the requested changes. Please tag @cijothomas on your message if you have any questions related to the PR.
Security Fixes
Keeping your actions up to date with Dependabot
With Dependabot version updates, when Dependabot identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. This is recommended by GitHub as well as The Open Source Security Foundation (OpenSSF).
Feedback
For bug reports, feature requests, and general feedback; please email [email protected]. To create such PRs, please visit https://app.stepsecurity.io/securerepo.
Signed-off-by: StepSecurity Bot [email protected]