You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gi...@apache.org on 2022/12/23 13:06:38 UTC

[commons-bsf] branch dependabot/maven/com.github.spotbugs-spotbugs-4.7.3 updated (5c5cdc8 -> 3cc1df8)

This is an automated email from the ASF dual-hosted git repository.

github-bot pushed a change to branch dependabot/maven/com.github.spotbugs-spotbugs-4.7.3
in repository https://gitbox.apache.org/repos/asf/commons-bsf.git


 discard 5c5cdc8  Bump spotbugs from 4.2.0 to 4.7.3
     add c6be38f  Bump Scorecards from 1 to 2
     add 7169017  Add GHitHub robots file
     add 81d0672  Bump actions/setup-java from 3.5.1 to 3.8.0
     add ad90f32  Merge pull request #67 from apache/dependabot/github_actions/actions/setup-java-3.8.0
     add 67089e4  Bump ossf/scorecard-action from 2.0.6 to 2.1.2
     add 6691c34  Merge pull request #72 from apache/dependabot/github_actions/ossf/scorecard-action-2.1.2
     add ddc596b  Bump actions/checkout from 3.1.0 to 3.2.0
     add 5cc30b2  Merge pull request #69 from apache/dependabot/github_actions/actions/checkout-3.2.0
     add 4407ca6  Bump actions/setup-java from 3.8.0 to 3.9.0
     add d7b0a4e  Merge pull request #68 from apache/dependabot/github_actions/actions/setup-java-3.9.0
     add b094b70  Bump actions/upload-artifact from 3.1.0 to 3.1.1
     add 7701b7e  Merge pull request #63 from apache/dependabot/github_actions/actions/upload-artifact-3.1.1
     add 6ab2844  Bump github/codeql-action from 1 to 2
     add 756261f  Merge pull request #44 from apache/dependabot/github_actions/github/codeql-action-2
     add 2ac6003  Bump commons-parent from 54 to 55
     add cd85376  Merge pull request #71 from apache/dependabot/maven/org.apache.commons-commons-parent-55
     add 58fe51e  Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
     add ea9c25a  Merge pull request #64 from apache/dependabot/maven/com.github.spotbugs-spotbugs-maven-plugin-4.7.3.0
     add 3cc1df8  Bump spotbugs from 4.2.0 to 4.7.3

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (5c5cdc8)
            \
             N -- N -- N   refs/heads/dependabot/maven/com.github.spotbugs-spotbugs-4.7.3 (3cc1df8)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

No new revisions were added by this update.

Summary of changes:
 .github/{dependabot.yml => GH-ROBOTS.txt} | 16 ++-----
 .github/workflows/codeql-analysis.yml     |  8 ++--
 .github/workflows/maven.yml               |  4 +-
 .github/workflows/scorecards-analysis.yml | 69 +++++++++++++++++++++++++++++++
 pom.xml                                   |  4 +-
 5 files changed, 81 insertions(+), 20 deletions(-)
 copy .github/{dependabot.yml => GH-ROBOTS.txt} (76%)
 create mode 100644 .github/workflows/scorecards-analysis.yml