Skip to content

updated dependencies #121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chaptersix merged 6 commits into from
Dec 16, 2025
Merged

updated dependencies #121

chaptersix merged 6 commits into from
Dec 16, 2025

Conversation

@chaptersix
Copy link
Contributor

@chaptersix chaptersix commented Dec 16, 2025
edited
Loading

update dependencies

@chaptersix chaptersix requested a review from a team as a code owner December 16, 2025 20:44
@chaptersix chaptersix merged commit ca1343f into main Dec 16, 2025
6 checks passed
@chaptersix chaptersix deleted the alex/update-dep branch December 16, 2025 21:00
semgrep-managed-scans[bot]
semgrep-managed-scans bot reviewed Dec 16, 2025
View reviewed changes
.github/workflows/promql-to-dd-go_test.yaml
Comment on lines 8 to 11

jobs:
test:
strategy:
Copy link

@semgrep-managed-scans semgrep-managed-scans bot Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
No explicit GITHUB_TOKEN permissions found at the workflow or job level. Add a permissions: block at the workflow root (applies to all jobs) or per job with least privilege (e.g., contents: read and only specific writes like pull-requests: write if needed).

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by missing-explicit-permissions.

You can view more details about this finding in the Semgrep AppSec Platform.

semgrep-managed-scans[bot]
semgrep-managed-scans bot reviewed Dec 16, 2025
View reviewed changes
.github/workflows/extensibility.yaml
Comment on lines 10 to 13

jobs:
extensibility-test:
strategy:
Copy link

@semgrep-managed-scans semgrep-managed-scans bot Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
No explicit GITHUB_TOKEN permissions found at the workflow or job level. Add a permissions: block at the workflow root (applies to all jobs) or per job with least privilege (e.g., contents: read and only specific writes like pull-requests: write if needed).

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by missing-explicit-permissions.

You can view more details about this finding in the Semgrep AppSec Platform.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@semgrep-managed-scans semgrep-managed-scans[bot] semgrep-managed-scans[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chaptersix