dependabot[bot]
d6db13d763
build(deps): bump sonatype-nexus-community/nancy-github-action ( #1762 )
...
Bumps [sonatype-nexus-community/nancy-github-action](https://github.com/sonatype-nexus-community/nancy-github-action ) from 1.0.1 to v1.0.2.
- [Release notes](https://github.com/sonatype-nexus-community/nancy-github-action/releases )
- [Commits](https://github.com/sonatype-nexus-community/nancy-github-action/compare/1.0.1...aae196481b961d446f4bff9012e4e3b63d7921a4 )
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xiang Dai <long0dai@foxmail.com>
Co-authored-by: Xiang Dai <long0dai@foxmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 14:59:06 +08:00
Tam Mach
c1d7cfd721
ci(nancy): Bump nancy version to 1.0.1 ( #1410 )
...
This commit is to update version to 1.0.1
Closes #1320
Signed-off-by: Tam Mach <sayboras@yahoo.com>
2020-10-03 22:54:48 +10:00
Melvin
8263147d07
fix Nancy's branch name ( #1394 )
2020-09-25 01:37:42 -07:00
Tam Mach
ad26b68751
build(dep): Ignore known dependency failure in nancy ( #1378 )
...
Currently nancy is always failed, and we seem to ignore it completely.
This reduces the value of having security scanning significantly.
Ideally, the underlying issue should be fixed, however it will require
long time for external collaboration.
This commit is to ignore two known dependency failures.
Signed-off-by: Tam Mach <sayboras@yahoo.com>
2020-09-21 13:14:03 +10:00
Tam Mach
8084559c42
Tag nancy version to v0.3 ( #1321 )
...
This is suggested by nancy team to avoid coming breaking change
Relates: #1320
2020-08-19 10:41:33 +10:00
Sergey Vilgelm
862ed88cf0
Run nancy validation for all dependencies ( #1243 )
...
* Run nancy validation for all dependencies
* Update pr-extra.yml
Use `-json` flag
2020-07-16 17:14:12 -05:00
