Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

build(deps): bump coverallsapp/github-action from 2.2.3 to 2.3.7 #567

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump coverallsapp/github-action from 2.2.3 to 2.3.7 #567

wants to merge 1 commit into from
+1 −1

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 18, 2025

Bumps coverallsapp/github-action from 2.2.3 to 2.3.7.

Release notes

Sourced from coverallsapp/github-action's releases.

v2.3.7

What's Changed

New Contributors

Full Changelog: coverallsapp/github-action@v2...v2.3.7

v2.3.6

What's Changed

Full Changelog: coverallsapp/github-action@v2...v2.3.6

v2.3.5

What's Changed

New Contributors

Full Changelog: coverallsapp/github-action@v2...v2.3.5

v2.3.4

What's Changed

  • Add coverage-reporter-platform input option by @​afinetooth in coverallsapp/github-action#233
    • Since we have added support for coverage-reporter on aarch64, we need to provide users of our github-action the ability to select this architecture-specific version of coverage-reporter when they're using an aarch64 / arm64 runner in CI.

Full Changelog: coverallsapp/github-action@v2...v2.3.4

v2.3.3

What's Changed

Full Changelog: coverallsapp/github-action@v2...v2.3.3

v2.3.2

What's Changed

... (truncated)

Commits
  • 5cbfd81 Fix fail-on-error to handle all installation and execution failures (#254)
  • e988b39 Update workflow to sync and verify release branch (#249)
  • e7f4f97 README.md: Use current actions/setup-node and LTS version of Node.js (#247)
  • 648a8eb Explicitly set auto-detect as default for platform (#240)
  • 773b6d8 README/Inputs: list all (non-deprecated) inputs (#239)
  • 72709f8 Automatically detect the platform to install (#238)
  • cfd0633 Add coverage-reporter-platform input option (#233)
  • 0db2c3c Update README.md
  • 29d7fa2 Add two more helpful steps to update-major-version-tag workflow (#231)
  • 4cdef0b Always point the major version tag to the latest release (#230)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump coverallsapp/github-action from 2.2.3 to 2.3.7
6be8c1e 
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.2.3 to 2.3.7.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](coverallsapp/github-action@3dfc556...5cbfd81)

---
updated-dependencies:
- dependency-name: coverallsapp/github-action
  dependency-version: 2.3.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 18, 2025
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 18, 2025
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Nov 18, 2025
edited
Loading

Deploying quill-ui with  Cloudflare Pages  Cloudflare Pages

Latest commit: 6be8c1e
Status: ✅  Deploy successful!
Preview URL: https://59a5152f.quill-ui.pages.dev
Branch Preview URL: https://dependabot-github-actions-co-zn7v.quill-ui.pages.dev

View logs

@dependabot dependabot bot mentioned this pull request Nov 18, 2025
Closed
@github-actions
Copy link

github-actions bot commented Nov 18, 2025

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/coverallsapp/github-action 5cbfd81b66ca5d10c19b062c04de0199c215fb6e 🟢 4.1
Details
CheckScoreReason
Code-Review⚠️ 2Found 8/29 approved changesets -- score normalized to 2
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 52 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
actions/coverallsapp/github-action 3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 🟢 4.1
Details
CheckScoreReason
Code-Review⚠️ 2Found 8/29 approved changesets -- score normalized to 2
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 52 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 5
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

.github/workflows/coverall.yml

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@yashim-deriv yashim-deriv Awaiting requested review from yashim-deriv yashim-deriv is a code owner

@prince-deriv prince-deriv Awaiting requested review from prince-deriv prince-deriv is a code owner

@balakrishna-deriv balakrishna-deriv Awaiting requested review from balakrishna-deriv balakrishna-deriv is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant