{"id":31933,"name":"src/sarif-sdk","ecosystem":"submodules","repository_url":null,"issues_count":7,"created_at":"2025-06-07T10:37:07.583Z","updated_at":"2025-06-07T10:37:07.583Z","purl":"pkg:submodules/src/sarif-sdk","unique_repositories_count":1,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"3635680009","node_id":"PR_kwDOOi9Eqs6z-0uo","number":22,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `02de14c`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-11T01:15:27.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-18T01:19:08.000Z","updated_at":"2025-12-11T01:15:29.000Z","time_to_close":1986979,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`02de14c`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `02de14c`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/02de14cf6ee1911cbe3b4aedfd9ce92a2da6bea4\"\u003e\u003ccode\u003e02de14c\u003c/code\u003e\u003c/a\u003e Added recursion depth protection for archive enumerator (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8541315fd1e77861b9ec6cff731d6f54bdb97c01\"\u003e\u003ccode\u003e8541315\u003c/code\u003e\u003c/a\u003e Release v4.6.0 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8820a97a503f6a40dfb0af132c5197decf392ae3\"\u003e\u003ccode\u003e8820a97\u003c/code\u003e\u003c/a\u003e Adding EscapeNonAscii when using SarifLogger (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/f7b221277de1764adbbb33a0c5521b40c1233515\"\u003e\u003ccode\u003ef7b2212\u003c/code\u003e\u003c/a\u003e Add filtering of symbolic links to (Ordered)FileSpecifier (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2872\"\u003e#2872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/0aca77495c22dc68dca150338b249c6dfad12268\"\u003e\u003ccode\u003e0aca774\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS to remove a user (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...02de14cf6ee1911cbe3b4aedfd9ce92a2da6bea4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"},{"uuid":"2847619750","node_id":"PR_kwDOOi9Eqs6puzqm","number":18,"state":"open","title":"Bump src/sarif-sdk from `fc9a9df` to `f7b2212`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-22T01:30:47.000Z","updated_at":"2025-09-22T01:30:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`f7b2212`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `f7b2212`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/f7b221277de1764adbbb33a0c5521b40c1233515\"\u003e\u003ccode\u003ef7b2212\u003c/code\u003e\u003c/a\u003e Add filtering of symbolic links to (Ordered)FileSpecifier (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2872\"\u003e#2872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/0aca77495c22dc68dca150338b249c6dfad12268\"\u003e\u003ccode\u003e0aca774\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS to remove a user (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...f7b221277de1764adbbb33a0c5521b40c1233515\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"},{"uuid":"2798635785","node_id":"PR_kwDOOi9Eqs6mz8sJ","number":16,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `d82dba3`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-22T01:30:50.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-04T09:22:08.000Z","updated_at":"2025-09-22T01:30:50.000Z","time_to_close":1526922,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`d82dba3`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `d82dba3`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"3371108039","node_id":"PR_kwDOOi9Eqs6mM_ci","number":15,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `8f8c796`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-04T09:22:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T03:55:31.000Z","updated_at":"2025-09-04T09:22:10.000Z","time_to_close":278799,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`8f8c796`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `8f8c796`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"2690459833","node_id":"PR_kwDOOi9Eqs6gXSi5","number":13,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `d4aab92`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-01T03:55:33.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-24T01:27:30.000Z","updated_at":"2025-09-01T03:55:33.000Z","time_to_close":3378483,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`d4aab92`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `d4aab92`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/4bc8f9aebab7c08ab9e84a35af86af414a6551bb\"\u003e\u003ccode\u003e4bc8f9a\u003c/code\u003e\u003c/a\u003e Correctly setting working directory in OrderedFileSpecifierTests (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2856\"\u003e#2856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"3061550724","node_id":"PR_kwDOOi9Eqs6WFKAx","number":10,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `5cde442`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-03T01:45:29.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-14T01:15:36.000Z","updated_at":"2025-06-03T01:45:30.000Z","time_to_close":1729793,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`5cde442`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `5cde442`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/4bc8f9aebab7c08ab9e84a35af86af414a6551bb\"\u003e\u003ccode\u003e4bc8f9a\u003c/code\u003e\u003c/a\u003e Correctly setting working directory in OrderedFileSpecifierTests (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2856\"\u003e#2856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d2555ab2a091309482d229f7a6f34ee379ff0e3e\"\u003e\u003ccode\u003ed2555ab\u003c/code\u003e\u003c/a\u003e Fixing non-determinism in OrderedFileSpecifier test (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2854\"\u003e#2854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/56317c92b0fa71111c4b249594615f0f4c2a83b4\"\u003e\u003ccode\u003e56317c9\u003c/code\u003e\u003c/a\u003e handle ambiguous file/directory references (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2852\"\u003e#2852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/bf07c00c0b5b74f4918b012d411c2c47d13e76bf\"\u003e\u003ccode\u003ebf07c00\u003c/code\u003e\u003c/a\u003e Allow for null archive URIs in \u003ccode\u003eMultithreadedZipArchiveArtifactProvider\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2851\"\u003e#2851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/dc8965a0f7728f7dbe8c31518fb90b2b01a912ae\"\u003e\u003ccode\u003edc8965a\u003c/code\u003e\u003c/a\u003e Zip work (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2838\"\u003e#2838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3a6c8632c5e4e43f8c67ba668df696ac6c33d77d\"\u003e\u003ccode\u003e3a6c863\u003c/code\u003e\u003c/a\u003e [DEP] Update \u003ccode\u003eMicrosoft.Data.SqlClient\u003c/code\u003e from 2.1.7 to 5.2.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2846\"\u003e#2846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c477b3a24b4a9dae3f35ba8f7cfaf4ed960dcdb4\"\u003e\u003ccode\u003ec477b3a\u003c/code\u003e\u003c/a\u003e Resolve Azure Identity and Newtonsoft.Json dependencies to resolve CVEs (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2842\"\u003e#2842\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...5cde442443be0d8a2815dba27db0684c0a738960\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}],"issue_packages":[{"old_version":"`fc9a9df`","new_version":"`02de14c`","update_type":null,"path":null,"pr_created_at":"2025-11-18T01:19:08.000Z","version_change":"`fc9a9df` → `02de14c`","issue":{"uuid":"3635680009","node_id":"PR_kwDOOi9Eqs6z-0uo","number":22,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `02de14c`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-11T01:15:27.000Z","author_association":null,"state_reason":null,"created_at":"2025-11-18T01:19:08.000Z","updated_at":"2025-12-11T01:15:29.000Z","time_to_close":1986979,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`02de14c`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `02de14c`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/02de14cf6ee1911cbe3b4aedfd9ce92a2da6bea4\"\u003e\u003ccode\u003e02de14c\u003c/code\u003e\u003c/a\u003e Added recursion depth protection for archive enumerator (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8541315fd1e77861b9ec6cff731d6f54bdb97c01\"\u003e\u003ccode\u003e8541315\u003c/code\u003e\u003c/a\u003e Release v4.6.0 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2875\"\u003e#2875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8820a97a503f6a40dfb0af132c5197decf392ae3\"\u003e\u003ccode\u003e8820a97\u003c/code\u003e\u003c/a\u003e Adding EscapeNonAscii when using SarifLogger (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2874\"\u003e#2874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/f7b221277de1764adbbb33a0c5521b40c1233515\"\u003e\u003ccode\u003ef7b2212\u003c/code\u003e\u003c/a\u003e Add filtering of symbolic links to (Ordered)FileSpecifier (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2872\"\u003e#2872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/0aca77495c22dc68dca150338b249c6dfad12268\"\u003e\u003ccode\u003e0aca774\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS to remove a user (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...02de14cf6ee1911cbe3b4aedfd9ce92a2da6bea4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"}},{"old_version":"`fc9a9df`","new_version":"`f7b2212`","update_type":null,"path":null,"pr_created_at":"2025-09-22T01:30:47.000Z","version_change":"`fc9a9df` → `f7b2212`","issue":{"uuid":"2847619750","node_id":"PR_kwDOOi9Eqs6puzqm","number":18,"state":"open","title":"Bump src/sarif-sdk from `fc9a9df` to `f7b2212`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-22T01:30:47.000Z","updated_at":"2025-09-22T01:30:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`f7b2212`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `f7b2212`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/f7b221277de1764adbbb33a0c5521b40c1233515\"\u003e\u003ccode\u003ef7b2212\u003c/code\u003e\u003c/a\u003e Add filtering of symbolic links to (Ordered)FileSpecifier (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2872\"\u003e#2872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/0aca77495c22dc68dca150338b249c6dfad12268\"\u003e\u003ccode\u003e0aca774\u003c/code\u003e\u003c/a\u003e Update CODEOWNERS to remove a user (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2873\"\u003e#2873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...f7b221277de1764adbbb33a0c5521b40c1233515\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"}},{"old_version":"`fc9a9df`","new_version":"`d82dba3`","update_type":null,"path":null,"pr_created_at":"2025-09-04T09:22:08.000Z","version_change":"`fc9a9df` → `d82dba3`","issue":{"uuid":"2798635785","node_id":"PR_kwDOOi9Eqs6mz8sJ","number":16,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `d82dba3`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-22T01:30:50.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-04T09:22:08.000Z","updated_at":"2025-09-22T01:30:50.000Z","time_to_close":1526922,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`d82dba3`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `d82dba3`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003e\u003ccode\u003ed82dba3\u003c/code\u003e\u003c/a\u003e Updating tasks to v3 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2869\"\u003e#2869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...d82dba366282bc93cfe6cece494ac5bff4f78e15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"`fc9a9df`","new_version":"`8f8c796`","update_type":null,"path":null,"pr_created_at":"2025-09-01T03:55:31.000Z","version_change":"`fc9a9df` → `8f8c796`","issue":{"uuid":"3371108039","node_id":"PR_kwDOOi9Eqs6mM_ci","number":15,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `8f8c796`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-04T09:22:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-01T03:55:31.000Z","updated_at":"2025-09-04T09:22:10.000Z","time_to_close":278799,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`8f8c796`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `8f8c796`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003e\u003ccode\u003e8f8c796\u003c/code\u003e\u003c/a\u003e Enabling CodeQL workflows and updating codeowners (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2868\"\u003e#2868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...8f8c7961b5003e8d401a02d6a575c4dc77010df7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"`fc9a9df`","new_version":"`d4aab92`","update_type":null,"path":null,"pr_created_at":"2025-07-24T01:27:30.000Z","version_change":"`fc9a9df` → `d4aab92`","issue":{"uuid":"2690459833","node_id":"PR_kwDOOi9Eqs6gXSi5","number":13,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `d4aab92`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-09-01T03:55:33.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-24T01:27:30.000Z","updated_at":"2025-09-01T03:55:33.000Z","time_to_close":3378483,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`d4aab92`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `d4aab92`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003e\u003ccode\u003ed4aab92\u003c/code\u003e\u003c/a\u003e Refactor invalid artifact checks (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3bade45407afa37c18b7c244b6bcdd0e0caf95c2\"\u003e\u003ccode\u003e3bade45\u003c/code\u003e\u003c/a\u003e Eliminate MD5 support as this algorithm suffers from security issues and trig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/9b7f3fe4ba429ee2bfd667df6369e8fbcac3aae2\"\u003e\u003ccode\u003e9b7f3fe\u003c/code\u003e\u003c/a\u003e Update ado-build.yml to use NET 8.0 and ubuntu-latest (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2865\"\u003e#2865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/65567ffe048ee1e6de2495836767d60a8f727333\"\u003e\u003ccode\u003e65567ff\u003c/code\u003e\u003c/a\u003e Fix UriFormatException when ZipArchiveArtifact is constructed with relative U...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c21eb395a18967f1a16bed2cd2f57241324b64c9\"\u003e\u003ccode\u003ec21eb39\u003c/code\u003e\u003c/a\u003e Update to net8.0 and related build cleanup (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2864\"\u003e#2864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/2f6b91222d79b58423017d73d3c971f149b05496\"\u003e\u003ccode\u003e2f6b912\u003c/code\u003e\u003c/a\u003e Fix TargetParseError when processing OPC files programatically (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2862\"\u003e#2862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/4bc8f9aebab7c08ab9e84a35af86af414a6551bb\"\u003e\u003ccode\u003e4bc8f9a\u003c/code\u003e\u003c/a\u003e Correctly setting working directory in OrderedFileSpecifierTests (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2856\"\u003e#2856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...d4aab92eb1b78a4bb8d87eeb18f6dbaaf3e69996\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"`fc9a9df`","new_version":"`5cde442`","update_type":null,"path":null,"pr_created_at":"2025-05-14T01:15:36.000Z","version_change":"`fc9a9df` → `5cde442`","issue":{"uuid":"3061550724","node_id":"PR_kwDOOi9Eqs6WFKAx","number":10,"state":"closed","title":"Bump src/sarif-sdk from `fc9a9df` to `5cde442`","user":"dependabot[bot]","labels":["dependencies","submodules"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-06-03T01:45:29.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-14T01:15:36.000Z","updated_at":"2025-06-03T01:45:30.000Z","time_to_close":1729793,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"src/sarif-sdk","old_version":"`fc9a9df`","new_version":"`5cde442`","repository_url":"https://github.com/microsoft/sarif-sdk"}],"path":null,"ecosystem":"submodules"},"body":"Bumps [src/sarif-sdk](https://github.com/microsoft/sarif-sdk) from `fc9a9df` to `5cde442`.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/5cde442443be0d8a2815dba27db0684c0a738960\"\u003e\u003ccode\u003e5cde442\u003c/code\u003e\u003c/a\u003e Update OrderedFileSpecifier to handle wildcards for file types (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2861\"\u003e#2861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/33945cfbffd75cef5119f92826314ccb945cd9d2\"\u003e\u003ccode\u003e33945cf\u003c/code\u003e\u003c/a\u003e Update Nuget.exe to version 6.13.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2857\"\u003e#2857\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/04ef57658be8d8384b8d354dd504505441c2301e\"\u003e\u003ccode\u003e04ef576\u003c/code\u003e\u003c/a\u003e Test utility file diffing enforcement of required result fingerprints (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2855\"\u003e#2855\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/4bc8f9aebab7c08ab9e84a35af86af414a6551bb\"\u003e\u003ccode\u003e4bc8f9a\u003c/code\u003e\u003c/a\u003e Correctly setting working directory in OrderedFileSpecifierTests (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2856\"\u003e#2856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/d2555ab2a091309482d229f7a6f34ee379ff0e3e\"\u003e\u003ccode\u003ed2555ab\u003c/code\u003e\u003c/a\u003e Fixing non-determinism in OrderedFileSpecifier test (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2854\"\u003e#2854\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/56317c92b0fa71111c4b249594615f0f4c2a83b4\"\u003e\u003ccode\u003e56317c9\u003c/code\u003e\u003c/a\u003e handle ambiguous file/directory references (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2852\"\u003e#2852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/bf07c00c0b5b74f4918b012d411c2c47d13e76bf\"\u003e\u003ccode\u003ebf07c00\u003c/code\u003e\u003c/a\u003e Allow for null archive URIs in \u003ccode\u003eMultithreadedZipArchiveArtifactProvider\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2851\"\u003e#2851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/dc8965a0f7728f7dbe8c31518fb90b2b01a912ae\"\u003e\u003ccode\u003edc8965a\u003c/code\u003e\u003c/a\u003e Zip work (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2838\"\u003e#2838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/3a6c8632c5e4e43f8c67ba668df696ac6c33d77d\"\u003e\u003ccode\u003e3a6c863\u003c/code\u003e\u003c/a\u003e [DEP] Update \u003ccode\u003eMicrosoft.Data.SqlClient\u003c/code\u003e from 2.1.7 to 5.2.2 (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2846\"\u003e#2846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/sarif-sdk/commit/c477b3a24b4a9dae3f35ba8f7cfaf4ed960dcdb4\"\u003e\u003ccode\u003ec477b3a\u003c/code\u003e\u003c/a\u003e Resolve Azure Identity and Newtonsoft.Json dependencies to resolve CVEs (\u003ca href=\"https://redirect.github.com/microsoft/sarif-sdk/issues/2842\"\u003e#2842\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...5cde442443be0d8a2815dba27db0684c0a738960\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tabsandwitch/binskim/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tabsandwitch%2Fbinskim/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}}]}