Stirling-PDF

mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-04-23 01:01:30 +00:00

Author	SHA1	Message	Date
dependabot[bot]	85b0f61f92	Bump actions/dependency-review-action from 4.5.0 to 4.6.0 (#3286 ) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.5.0 to 4.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Updating multiple dependency versions by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/870">actions/dependency-review-action#870</a></li> <li>Grouping minor and patch dependabot updates to lessen the number of PRs by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/876">actions/dependency-review-action#876</a></li> <li>Bump actions/stale from 9.0.0 to 9.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/878">actions/dependency-review-action#878</a></li> <li>Bump undici from 5.28.4 to 5.28.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/877">actions/dependency-review-action#877</a></li> <li>DR Action should link to the proxima stamp when appropriate in error messages by <a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li>Allow deny package removal by <a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li>Fix typos by <a href="https://github.com/omahs"><code>@omahs</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li>Bump esbuild from 0.19.5 to 0.25.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/900">actions/dependency-review-action#900</a></li> <li>Bump octokit and related dependencies by <a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li>Bump <code>@babel/helpers</code> from 7.23.2 to 7.26.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/905">actions/dependency-review-action#905</a></li> <li>Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/899">actions/dependency-review-action#899</a></li> <li>Update transitive dependency spdx-license-ids by <a href="https://github.com/ailox"><code>@ailox</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li>To not print OpenSSF Scorecard section if no dependencies scanned by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li>Improve usage of this action in dependency-review.yml by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/883">actions/dependency-review-action#883</a></li> <li>Clarify comment-summary-in-pr behaviour by <a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li>Prepare 4.6.0 Release candidate by <a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li><a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li><a href="https://github.com/omahs"><code>@omahs</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li><a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li><a href="https://github.com/ailox"><code>@ailox</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li><a href="https://github.com/fabasoad"><code>@fabasoad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li><a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li><a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0">https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`ce3cf9537a`"><code>ce3cf95</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/910">#910</a> from actions/brrygrdn/4.6.0-release-candidate</li> <li><a href="`479b69732e`"><code>479b697</code></a> Prepare 4.6.0</li> <li><a href="`aee95908ea`"><code>aee9590</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/902">#902</a> from Pantelis-Santorinios/patch-1</li> <li><a href="`080ada6281`"><code>080ada6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/883">#883</a> from fabasoad/fix/ci</li> <li><a href="`430e5f0bbf`"><code>430e5f0</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/884">#884</a> from fabasoad/fix/863</li> <li><a href="`51699b6461`"><code>51699b6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/855">#855</a> from ailox/ailox/fix/invalid-new-licenses</li> <li><a href="`ac9b193beb`"><code>ac9b193</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/899">#899</a> from actions/dependabot/npm_and_yarn/octokit/plugin-p...</li> <li><a href="`d630451aa0`"><code>d630451</code></a> Pin <code>@octokit/types</code> version for compatibility</li> <li><a href="`c8dafca32b`"><code>c8dafca</code></a> Add dist for <code>@octokit/plugin-paginate-rest</code> version bump</li> <li><a href="`bc858b5649`"><code>bc858b5</code></a> Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2</li> <li>Additional commits viewable in <a href="`3b139cfc5f...ce3cf9537a`">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.5.0&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-02 16:53:32 +01:00
dependabot[bot]	2938fcc044	Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285 ) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.1</h2> <h2>What's Changed</h2> <ul> <li>cache: add support for GitHub Actions cache v2 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`c6295a65d1`"><code>c6295a6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a> from step-security/rc-19</li> <li><a href="`3e118b145b`"><code>3e118b1</code></a> Improve error handling</li> <li><a href="`b38e918ba8`"><code>b38e918</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a> from h0x0er/jatin/cache-fix</li> <li><a href="`0664d30cda`"><code>0664d30</code></a> cache: added support for cache v2</li> <li><a href="`b131ca5ebf`"><code>b131ca5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a> from step-security/fix/security/GHSA-968p-4wvh-cqc8</li> <li><a href="`2dc9579753`"><code>2dc9579</code></a> Address vulnerabilities</li> <li><a href="`f054d811b5`"><code>f054d81</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li> <li><a href="`8a09271fed`"><code>8a09271</code></a> Update Readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li> <li><a href="`6ec6af7d62`"><code>6ec6af7</code></a> Update readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li> <li><a href="`539365ba33`"><code>539365b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a> from vorburger/patch-1</li> <li>Additional commits viewable in <a href="`4d991eb9b9...c6295a65d1`">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.0&new-version=2.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-02 16:53:13 +01:00
dependabot[bot]	554c112a94	Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980 ) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.4 to 2.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.0</h2> <h2>What's Changed</h2> <p>Release v2.11.0 in <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`4d991eb9b9`"><code>4d991eb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> from step-security/rc-18</li> <li><a href="`4ea872f897`"><code>4ea872f</code></a> Update README.md</li> <li><a href="`65d6f6e4ee`"><code>65d6f6e</code></a> Add workflows</li> <li><a href="`1034c9a805`"><code>1034c9a</code></a> Update package-lock.json</li> <li><a href="`ab221e2d7a`"><code>ab221e2</code></a> Update agent</li> <li><a href="`7cb6c2fb52`"><code>7cb6c2f</code></a> Update agent</li> <li>See full diff in <a href="`cb605e52c2...4d991eb9b9`">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.4&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-18 12:07:08 +00:00
dependabot[bot]	c5ae576541	Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761 ) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.4</h2> <h2>What's Changed</h2> <p>Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`cb605e52c2`"><code>cb605e5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a> from step-security/fix-enobufs</li> <li><a href="`61144dda3b`"><code>61144dd</code></a> Update log statement</li> <li><a href="`b8be370ff4`"><code>b8be370</code></a> Add try catch block</li> <li><a href="`6f6fa07e47`"><code>6f6fa07</code></a> Fix ENOBUFS issue</li> <li><a href="`18f6947f13`"><code>18f6947</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a> from AkhigbeEromo/Update-README</li> <li><a href="`81f844e743`"><code>81f844e</code></a> Edit docs</li> <li><a href="`4c766de2db`"><code>4c766de</code></a> Merge branch 'Update-README' of <a href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li> <li><a href="`c9c5f3273c`"><code>c9c5f32</code></a> Handle Ashish reviews</li> <li><a href="`2877824267`"><code>2877824</code></a> Merge branch 'main' into Update-README</li> <li><a href="`be87de076d`"><code>be87de0</code></a> Clean up</li> <li>Additional commits viewable in <a href="`c95a14d0e5...cb605e52c2`">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-21 11:11:01 +00:00
Ludy	888ef104a2	Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686 ) # Description https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/197 https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/198 https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/199 ## Checklist - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [x] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)	2025-01-13 22:26:05 +00:00
StepSecurity Bot	dc5b214932	[StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>	2024-12-21 12:28:35 +00:00

6 Commits