Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: bump actions/dependency-review-action from 4.3.4 to 4.3.5 (#1318)
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.4 to 4.3.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.3.5</h2> <h2>What's Changed</h2> <ul> <li>fix: getRefs function to handle merge_group events by <a href="https://github.com/louis-bompart"><code>@louis-bompart</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/766">actions/dependency-review-action#766</a></li> <li>Create pull_request_template.md by <a href="https://github.com/jonjanego"><code>@jonjanego</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/794">actions/dependency-review-action#794</a></li> <li>Update CONTRIBUTING.md by <a href="https://github.com/jonjanego"><code>@jonjanego</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/793">actions/dependency-review-action#793</a></li> <li>Bump <code>@types/node</code> from 20.11.28 to 20.16.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/815">actions/dependency-review-action#815</a></li> <li>Upgrade transitive micromatch library by <a href="https://github.com/elireisman"><code>@elireisman</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/829">actions/dependency-review-action#829</a></li> <li>Do not list changed dependencies in summary by <a href="https://github.com/hmaurer"><code>@hmaurer</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/828">actions/dependency-review-action#828</a></li> <li>Update stale.yaml by <a href="https://github.com/jonjanego"><code>@jonjanego</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/832">actions/dependency-review-action#832</a></li> <li>Bump got from 14.4.1 to 14.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/822">actions/dependency-review-action#822</a></li> <li>Bump eslint-plugin-jest and ts-jest by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://github.com/actions/dependency-review-action/pull/840">actions/dependency-review-action#840</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/louis-bompart"><code>@louis-bompart</code></a> made their first contribution in <a href="https://github.com/actions/dependency-review-action/pull/766">actions/dependency-review-action#766</a></li> <li><a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> made their first contribution in <a href="https://github.com/actions/dependency-review-action/pull/840">actions/dependency-review-action#840</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/dependency-review-action/compare/v4.3.4...v4.3.5">https://github.com/actions/dependency-review-action/compare/v4.3.4...v4.3.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/a6993e2c61fd5dc440b409aa1d6904921c5e1894"><code>a6993e2</code></a> Merge pull request <a href="https://github.com/actions/dependency-review-action/issues/840">#840</a> from actions/dependabot-updates</li> <li><a href="https://github.com/actions/dependency-review-action/commit/d92f08b3ffab99059f272d5a517da020447d340a"><code>d92f08b</code></a> Bump eslint-plugin-jest and ts-jest</li> <li><a href="https://github.com/actions/dependency-review-action/commit/3e334b7ca7ffb970f87176830a03bae8956b56cb"><code>3e334b7</code></a> Merge pull request <a href="https://github.com/actions/dependency-review-action/issues/822">#822</a> from actions/dependabot/npm_and_yarn/got-14.4.2</li> <li><a href="https://github.com/actions/dependency-review-action/commit/32b7d886d598aa8c3119a0a5fdbb89d7afa11812"><code>32b7d88</code></a> Merge pull request <a href="https://github.com/actions/dependency-review-action/issues/832">#832</a> from actions/jonjanego-patch-3</li> <li><a href="https://github.com/actions/dependency-review-action/commit/14b94f8fbca386d31f26d25a495dbebb45a1a1eb"><code>14b94f8</code></a> Update stale.yaml</li> <li><a href="https://github.com/actions/dependency-review-action/commit/6ea3b24563819b02be6332d9a462499780efd5d1"><code>6ea3b24</code></a> Merge pull request <a href="https://github.com/actions/dependency-review-action/issues/828">#828</a> from actions/hm/summary</li> <li><a href="https://github.com/actions/dependency-review-action/commit/05042db2b6acd92ab2fbd7ffb3c7ae84fa03aebb"><code>05042db</code></a> update dist packaging</li> <li><a href="https://github.com/actions/dependency-review-action/commit/6aacbe09345246424b8c496d1cd34c4da5d69597"><code>6aacbe0</code></a> add a warning message if there is room in the summary prior to cutoff</li> <li><a href="https://github.com/actions/dependency-review-action/commit/293ccdb6e90bdef5f22a243d7215fcfac19b5b39"><code>293ccdb</code></a> add truncation escape valve to new file summary to avoid overflow</li> <li><a href="https://github.com/actions/dependency-review-action/commit/83c7cc6aa771a6b12a5d148208ab7e744db4f54c"><code>83c7cc6</code></a> Do not list changes dependencies in summary</li> <li>Additional commits viewable in <a href="https://github.com/actions/dependency-review-action/compare/5a2ce3f5b92ee19cbb1541a4984c76d921601d7c...a6993e2c61fd5dc440b409aa1d6904921c5e1894">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.3.4&new-version=4.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Case Wylie <[email protected]>
- Loading branch information