v1.2.8

What's Changed

• fix: Security updates by @github-actions[bot] in #265
• ci: add guarddog security scanning workflow by @Raj-StepSecurity in #266
• ci: Update auto_cherry_pick.yml by @Raj-StepSecurity in #268
• fix: Security updates by @github-actions[bot] in #269
• fix: Security updates by @github-actions[bot] in #270
• chore: dist updated by @github-actions[bot] in #273
• feat: Validate Subscription flow Updated by @Raj-StepSecurity in #272

Full Changelog: v1...v1.2.8

v1.2.7

What's Changed

• Bump axios to 1.8.2 by @Raj-StepSecurity in #237
• ci: add auto cherry-pick workflow by @Raj-StepSecurity in #241
• chore: Cherry-picked changes from upstream by @github-actions in #243
• chore: manually compiled latest code by @Raj-StepSecurity in #246
• [StepSecurity] Apply security best practices by @stepsecurity-app in #250

New Contributors

• @stepsecurity-app made their first contribution in #250

Full Changelog: v1...v1.2.7

v1.2.6

What's Changed

• integrated with updated audit fix to handle provided build script by @Raj-StepSecurity in #229
• fix: Security updates by @github-actions in #232

Full Changelog: v1...v1.2.6

v1.2.5

What's Changed

• Create osv-scanner.toml by @varunsh-coder in #167
• vulns audited and fixed by @Raj-StepSecurity in #208
• Revert "Merge pull request #208 from step-security/fix_Alerts" by @Raj-StepSecurity in #209
• workflow to fix vulnerabilities by @Raj-StepSecurity in #210
• fix: Security updates via npm audit fix
  by @github-actions in #211
• Bump actions/upload-artifact from 3.1.3 to 4.4.3 by @dependabot in #175

New Contributors

• @Raj-StepSecurity made their first contribution in #208
• @github-actions made their first contribution in #211

Full Changelog: v1...v1.2.5

v1.2.4

What's Changed

• Bump braces from 3.0.2 to 3.0.3 by @dependabot in #126
• Bump undici from 5.28.3 to 5.28.4 by @dependabot in #127
• Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #115
• patch vulnerable build by @shubham-stepsecurity in #128
• Bump axios from 1.7.2 to 1.7.4 by @dependabot in #132
• patch vulnerable build by @shubham-stepsecurity in #136

Full Changelog: v1...v1.2.4

v1.2.3

What's Changed

• chore: fast forward to latest tag v1.2.3 by @shubham-stepsecurity in #108

Full Changelog: v1...v1.2.3

v1.2.2

What's Changed

• [StepSecurity] Apply security best practices by @step-security-bot in #2
• Bump axios from 1.6.2 to 1.6.7 by @dependabot in #33
• Bump step-security/publish-action from b438f840875fdcb7d1de4fc3d1d30e86cf6acb5d to 00f33a2a7d8b77187d08ce666d0d5d73ad1dfb93 by @dependabot in #5
• Bump actions/checkout from 2 to 4 by @dependabot in #7
• upgrading dependencies by @ashishkurmi in #49
• Bump ossf/scorecard-action from 2.0.6 to 2.3.3 by @dependabot in #93
• Bump undici from 5.28.3 to 5.28.4 by @dependabot in #105
• Bump follow-redirects from 1.15.5 to 1.15.6 by @dependabot in #106
• Bump actions/dependency-review-action from 2.5.1 to 4.3.4 by @dependabot in #104
• update release workflow by @shubham-stepsecurity in #107

New Contributors

• @step-security-bot made their first contribution in #2
• @dependabot made their first contribution in #33
• @ashishkurmi made their first contribution in #49
• @shubham-stepsecurity made their first contribution in #107

Full Changelog: v1.0.0...v1.2.2

v1.0.0

What's Changed

• Setup Action by @varunsh-coder in #1

New Contributors

• @varunsh-coder made their first contribution in #1

Full Changelog: https://github.com/step-security/workflow-dispatch/commits/v1.0.0