Releases: fluent-labs/api
1.5.74: Bump dorny/paths-filter from v2.8.0 to v2.9.0
Bumps dorny/paths-filter from v2.8.0 to v2.9.0.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
1.5.73: Section finder job hardening
These jobs fail on any one single error. That is not what we want. This hardens the jobs so that they log errors and continue.
1.5.72: Get headings from English Wiktionary
Create a job to get headings from English wiktionary. Actually, all backups.
1.5.71: Whitelist cors for gatsby
Gatsby runs on a different port, so we need to allow cors for that port during development.
1.5.70: Cover all potential NPEs
We're getting a null pointer somewhere. Let's print out that spot and continue on.
1.5.69: Bump anchore/scan-action from 2.0.3 to v2.0.4
Bumps anchore/scan-action from 2.0.3 to v2.0.4.
Release notes
Sourced from anchore/scan-action's releases.
v2.0.4
New in scan-action v2.0.4
- bump grype to 0.7.0 (#81)
Changelog
Sourced from anchore/scan-action's changelog.
Release Notes
Version 2.0.2 - 2020-11-11
- Update
actions/coreto use version1.2.6[(Issue #71)](anchore/scan-action#71)Version 2.0.1 - 2020-02-11
Fixes:
- Removes unnecessary constraint in deduplication for SARIF reporting
- Allows defining and referencing the location of the SARIF report file
- Fixes multiple instances where undefined items in the reporting would break scanning
Version 2.0.0 - 2020-30-09
2.0.0 is a new major version of scan action based on the new Grype tool from Anchore. It is much faster for scanning compared to v1.x of the action and adds some new capabilities, including directory scanning as well as container image scanning, and also has more metadata about the vulnerability matches than previous versions for more transparency on the matching process.
Improvements and Changes:
- Significantly faster performance for scans
- New vulnerabilities output format is the JSON output from Grype directly
- Adds support for scanning directories as well as Docker containers, so you can do the same checks pre-and post-build of the container.
- Supports Automatic Code Scanning/SARIF for exposing results via your repository's Security tab.
- Updated the default branch from
mastertomainNOTE: This is a breaking change from v1.x, as indicated by the major version change. We strongly recommend using a
@v2or specific version instead of@mainBreaking Changes for v2:
- Inputs:
- Changed
image-referencetoimage(required)dockerfile-pathis no longer supported and not necessary for the vulnerability scanscustom-policy-pathis no longer supportedinclude-app-packagesis no longer necessary or supported. Application packages are on by default and will receive vulnerability matches.- Outputs:
billofmaterialsis no longer output. V2 is focused on vulnerability scanning and another action may be introduced for BoM support with its own options/config.policycheckis no longer output
Commits
3c947f3bump grype to 0.7.0- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
1.5.68: Get templates in simple english wiktionary
Extract all template examples from simple english wiktionary. This tells us which templates are most common, so we know what to implement first.
1.5.67: Mediawiki formatter
Basic mediawiki formatting. Lists and templates are for future PRs, but standard markup is in scope.
1.5.66: Identify top 1000 english words
With the top 1000 most frequent words, we can do a lot of testing and validation.
1.5.65: Definitions show source
For compliance reasons, we should know where our content came from. Let's surface this to the frontend so that we can appropriately attribute definitions.