Skip to content

Update dependencies in stale-branches workflow#261

Merged
RalphHightower merged 1 commit intomainfrom
RalphHightower-patch-1
May 3, 2026
Merged

Update dependencies in stale-branches workflow#261
RalphHightower merged 1 commit intomainfrom
RalphHightower-patch-1

Conversation

@RalphHightower
Copy link
Copy Markdown
Owner

@RalphHightower RalphHightower commented May 3, 2026

No description provided.

@RalphHightower
Update dependencies in stale-branches workflow
dbb90a1 
Signed-off-by: Ralph Hightower <32745442+RalphHightower@users.noreply.github.com>
@RalphHightower RalphHightower self-assigned this May 3, 2026
@RalphHightower RalphHightower added the dependencies Pull requests that update a dependency file label May 3, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 3, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/crs-k/stale-branches 3761c6625fc7087355ddc5134bb6acfb36bc80b8 🟢 4.2
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1014 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 1Found 2/12 approved changesets -- score normalized to 1
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 1SAST tool is not run on all commits -- score normalized to 1
actions/step-security/harden-runner 8d3c67de8e2fe68ef647c8db1e6a09f647780f40 🟢 8.2
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
CI-Tests🟢 1015 out of 15 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Contributors🟢 6project has 2 contributing companies or organizations -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1014 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
SAST🟢 10SAST tool is run on all commits
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 46 existing vulnerabilities detected

Scanned Files

  • .github/workflows/stale-branches.yml

@RalphHightower RalphHightower merged commit d9b3176 into main May 3, 2026
5 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@RalphHightower RalphHightower

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RalphHightower