Sourced from actions/upload-artifact's\nreleases.
\n\n\nv4.3.6
\nWhat's Changed
\n\n
\n- Revert to
\n@actions/artifact
2.1.8 by@robherley
in actions/upload-artifact#594Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v4.3.6
\n
834a144
\nMerge pull request #594\nfrom actions/robherley/4.3.6134dcf3
\nv4.3.673a0b9c
\nrevert back to @actions/artifact
2.1.8eb055d7
\nMerge pull request #2410\nfrom github/update-v3.26.0-c24926b733884d04
\nUpdate changelog for v3.26.0c24926b
\nMerge pull request #2407\nfrom github/dependabot/npm_and_yarn/npm-7954a73ad268ba39b
\nMerge branch 'main' into dependabot/npm_and_yarn/npm-7954a73ad28dd1773
\nMerge pull request #2408\nfrom github/henrymercer/deprecate-codeql-2.13.4441c9d9
\nMerge pull request #2409\nfrom github/henrymercer/fix-required-checksf03da13
\nExclude push-only unit tests job from required PR checks script29a5cfc
\nBump version to 3.26.09e440ad
\nAdd changelog note136f5a5
\nAdd CodeQL v2.17.6 to default test versionsSourced from step-security/harden-runner's\nreleases.
\n\n\nv2.9.1
\nWhat's Changed
\nRelease v2.9.1 by
\n@h0x0er
and@varunsh-coder
\nin #440\nThis release includes two changes:\n
\n- Updated markdown displayed in the job summary by the Harden-Runner\nAction.
\n- Fixed a bug affecting Enterprise Tier customers where the agent\nattempted to upload telemetry for jobs with disable-telemetry set to\ntrue. No telemetry was uploaded as the endpoint was not in the allowed\nlist.
\nFull Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.9.1
\n
5c7944e
\nMerge pull request #440\nfrom step-security/rc-11c79be45
\nMerge branch 'main' into rc-11deb3383
\nMerge pull request #446\nfrom h0x0er/log-step23c8215
\nupdate dist727d06a
\nlogging stepf0db2aa
\nMerge pull request #441\nfrom step-security/dependabot/github_actions/github/c...1938ffc
\nMerge branch 'main' into\ndependabot/github_actions/github/codeql-action-3.25.138e7dd2c
\nMerge pull request #442\nfrom step-security/dependabot/github_actions/step-sec...f2823ee
\nBump step-security/publish-unit-test-result-action from 1 to 25f95e05
\nBump github/codeql-action from 2.13.4 to 3.25.13Sourced from actions/upload-artifact's\nreleases.
\n\n\nv4.3.5
\nWhat's Changed
\n\n
\n- Bump
\n@actions/artifact
to v2.1.9 by@robherley
in actions/upload-artifact#588\n\nFull Changelog: https://github.com/actions/upload-artifact/compare/v4.3.4...v4.3.5
\n
89ef406
\nMerge pull request #588\nfrom actions/robherley/4.3.523d796d
\nlicense updatese445c64
\nbump @actions/artifact
to v2.1.9Sourced from ossf/scorecard-action's\nreleases.
\n\n\nv2.4.0
\nWhat's Changed
\nThis update bumps the Scorecard version to the v5 release. For a\ncomplete list of changes, please refer to the v5.0.0\nrelease notes. Of special note to Scorecard Action is the Maintainer\nAnnotation feature, which can be used to suppress some Code Scanning\nfalse positives. Alerts will not be generated for any Scorecard Check\nwith an annotation.
\n\n
\n- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to\nv5.0.0 by
\n@spencerschrock
\nin ossf/scorecard-action#1410- :bug: lower license sarif alert threshold to 9 by
\n@spencerschrock
\nin ossf/scorecard-action#1411Documentation
\n\n
\n- docs: dogfooding badge by
\n@jkowalleck
in ossf/scorecard-action#1399New Contributors
\n\n
\n- \n
@jkowalleck
made\ntheir first contribution in ossf/scorecard-action#1399Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0
\n
62b2cac
\nbump docker tag to v2.4.0 for release (#1414)c09630c
\nlower license score alert threshold to 9 (#1411)cf8594c
\n:seedling: Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)de5fcb9
\n:seedling: Bump the github-actions group with 2 updates (#1412)a46b90b
\nbump scorecard to v5.0.0 release (#1410)9fc518d
\n:seedling: Bump golang in the docker-images group (#1407)a8eaa1b
\n:seedling: Bump the github-actions group with 2 updates (#1408)873d5fd
\n:seedling: Bump the github-actions group across 1 directory with 2\nupdates (#...54cc1fe
\n:seedling: Bump the docker-images group with 2 updates (#1401)82bcb91
\n:seedling: Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)