Azure Pipelines Dependency Submission
Version updated for https://github.com/jessehouwing/azure-pipelines-dependency-submission to version v1.0.8.
- This action is used across all versions by 1 repositories.
Action Type
This is a Node action using Node version 24.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
The “Azure Pipelines Dependency Submission” GitHub Action automates the process of submitting Azure Pipelines task dependencies to GitHub’s Dependency Graph, enabling vulnerability scanning and integration with Dependabot for automated security alerts. It simplifies dependency tracking by automatically discovering pipeline files, resolving templates, and mapping Azure DevOps tasks to full identifiers with version details. This action helps identify and address security vulnerabilities in Azure Pipelines tasks, enhancing the security and compliance of CI/CD workflows.
What’s Changed
What’s Changed
- Bump the npm-development group with 2 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/111
- Bump @rollup/rollup-linux-x64-gnu from 4.60.0 to 4.60.1 in the npm-production group by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/112
- Bump the actions-minor group with 4 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/113
- Bump the npm-development group with 6 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/115
- Bump addressable from 2.8.9 to 2.9.0 by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/116
- Bump ruby/setup-ruby from 1.299.0 to 1.300.0 in the actions-minor group by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/114
- Bump lodash from 4.17.23 to 4.18.1 by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/117
- Bump @actions/github from 9.0.0 to 9.1.0 by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/120
- Bump the npm-development group with 5 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/119
- Bump the actions-minor group with 3 updates by @dependabot[bot] in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/118
- Update @actions/github to version 9.1.0 and add .npmrc for legacy peer dependencies by @jessehouwing in https://github.com/jessehouwing/azure-pipelines-dependency-submission/pull/121
Full Changelog: https://github.com/jessehouwing/azure-pipelines-dependency-submission/compare/v1.0.7...v1.0.8