Azure Pipelines Dependency Submission
Version updated for https://github.com/jessehouwing/azure-pipelines-dependency-submission to version v1.0.2.
- This action is used across all versions by 1 repositories.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
The “Azure Pipelines Dependency Submission” GitHub Action automates the process of analyzing Azure Pipelines configuration files to detect task dependencies and submits them to GitHub’s Dependency Graph. This enables vulnerability scanning and Dependabot alerts for Azure Pipelines tasks, helping users identify and address security risks in their CI/CD pipelines. Key features include automatic discovery of pipeline files, resolution of task templates, and integration with Azure DevOps and GitHub for enhanced dependency management.
Release notes
What’s Changed
- Add GitHub Actions workflow for dependency submission by @jessehouwing in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/25
- Bump the npm-development group with 3 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/24
- Bump ruby/setup-ruby from 1.275.0 to 1.278.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/23
- pinning actions by @jessehouwing in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/26
- Bump @actions/github from 6.0.1 to 7.0.0 by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/30
- Bump the actions-minor group with 2 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/27
- Bump the npm-development group with 5 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/28
- Bump @rollup/rollup-linux-x64-gnu from 4.54.0 to 4.55.1 by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/31
- Bump @actions/core from 2.0.1 to 2.0.2 in the npm-production group across 1 directory by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/32
- Rebuilding dist after dependency updates by @jessehouwing in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/33
- Auto-update license files by @github-actions[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/34
Full Changelog: https://github.com/jessehouwing/azure-pipelines-dependency-submission/compare/v1.0.1...v1.0.2