Skip to content

Bump the patch-and-minor group across 1 directory with 2 updates#34

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/patch-and-minor-8327a06afa
Open

Bump the patch-and-minor group across 1 directory with 2 updates#34
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/patch-and-minor-8327a06afa

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited
Loading

Bumps the patch-and-minor group with 2 updates in the / directory: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml and google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml.

Updates google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml from 2.3.5 to 2.3.8

Release notes

Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml's releases.

v2.3.8

What's Changed

This updates OSV-Scanner to v2.3.8.

Full Changelog: google/osv-scanner-action@v2.3.5...v2.3.8

Commits
  • 9a49870 Update unified workflow example to point to v2.3.8 reusable workflows
  • 3adb4b1 Update reusable workflows to point to v2.3.8 actions
  • 8dc0919 "Update actions to use v2.3.8 osv-scanner image"
  • 43f380b Merge pull request #125 from google/update-to-v2.3.6
  • dcf4ddd Update unified workflow example to point to v2.3.6 reusable workflows
  • b9dbb7e Update reusable workflows to point to v2.3.6 actions
  • fe54858 "Update actions to use v2.3.6 osv-scanner image"
  • eb5b619 Merge pull request #100 from thomasleplus/main
  • 9517144 feat: output results in reusable workflow
  • f17cd09 Merge branch 'main' into main
  • Additional commits viewable in compare view

Updates google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml from 2.3.5 to 2.3.8

Release notes

Sourced from google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's releases.

v2.3.8

What's Changed

This updates OSV-Scanner to v2.3.8.

Full Changelog: google/osv-scanner-action@v2.3.5...v2.3.8

Commits
  • 9a49870 Update unified workflow example to point to v2.3.8 reusable workflows
  • 3adb4b1 Update reusable workflows to point to v2.3.8 actions
  • 8dc0919 "Update actions to use v2.3.8 osv-scanner image"
  • 43f380b Merge pull request #125 from google/update-to-v2.3.6
  • dcf4ddd Update unified workflow example to point to v2.3.6 reusable workflows
  • b9dbb7e Update reusable workflows to point to v2.3.6 actions
  • fe54858 "Update actions to use v2.3.6 osv-scanner image"
  • eb5b619 Merge pull request #100 from thomasleplus/main
  • 9517144 feat: output results in reusable workflow
  • f17cd09 Merge branch 'main' into main
  • Additional commits viewable in compare view

@dependabot dependabot Bot added ci CI / workflow changes dependencies Pull requests that update a dependency file labels May 11, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 11, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml 9a498708959aeaef5ef730655706c5a1df1edbc2 UnknownUnknown
actions/google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml 9a498708959aeaef5ef730655706c5a1df1edbc2 UnknownUnknown

Scanned Files

  • .github/workflows/osv-scanner.yml

@dependabot dependabot Bot changed the title Bump the patch-and-minor group with 2 updates Bump the patch-and-minor group across 1 directory with 2 updates May 18, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/patch-and-minor-8327a06afa branch from d2c14da to 3f85fc4 Compare May 18, 2026 06:29
@dependabot
Bump the patch-and-minor group across 1 directory with 2 updates
2f3427c 
Bumps the patch-and-minor group with 2 updates in the / directory: [google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action) and [google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action).


Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml` from 2.3.5 to 2.3.8
- [Release notes](https://github.com/google/osv-scanner-action/releases)
- [Commits](google/osv-scanner-action@c518547...9a49870)

Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml` from 2.3.5 to 2.3.8
- [Release notes](https://github.com/google/osv-scanner-action/releases)
- [Commits](google/osv-scanner-action@c518547...9a49870)

---
updated-dependencies:
- dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml
  dependency-version: 2.3.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
- dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml
  dependency-version: 2.3.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-and-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/patch-and-minor-8327a06afa branch from 3f85fc4 to 2f3427c Compare May 25, 2026 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ci CI / workflow changes dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants