This is an automated email from the ASF dual-hosted git repository.
github-bot pushed a change to branch
dependabot/maven/org.codehaus.mojo-buildnumber-maven-plugin-3.0.0
in repository https://gitbox.apache.org/repos/asf/cxf.git
discard f1c9f0a20b Bump buildnumber-maven-plugin from 1.4 to 3.0.0
add 89a19d5772 Fixing build badge
add bd82d8a346 Adding scorecards workflow
add cd2a2a2f66 Adding scorecards to README
add f3e15e52c7 Adding github actions to dependabot
add 4ab7b061ba [StepSecurity] ci: Harden GitHub Actions (#1090)
add c0755e976d Bump ossf/scorecard-action from 2.0.6 to 2.1.2 (#1088)
add b02cff4e3c Bump buildnumber-maven-plugin from 1.4 to 3.0.0
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (f1c9f0a20b)
\
N -- N -- N
refs/heads/dependabot/maven/org.codehaus.mojo-buildnumber-maven-plugin-3.0.0
(b02cff4e3c)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.github/dependabot.yml | 6 ++++
.github/workflows/codeql-analysis.yml | 10 +++---
.github/workflows/scorecards.yml | 62 +++++++++++++++++++++++++++++++++++
README.md | 4 +--
4 files changed, 75 insertions(+), 7 deletions(-)
create mode 100644 .github/workflows/scorecards.yml
