Skip to content

Commit

Permalink
chore: bump actions/dependency-review-action from 4.3.4 to 4.3.5 (#1318)
Browse files Browse the repository at this point in the history
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.3.4 to 4.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.5</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: getRefs function to handle merge_group events by <a
href="https://github.com/louis-bompart"><code>@​louis-bompart</code></a>
in <a
href="https://github.com/actions/dependency-review-action/pull/766">actions/dependency-review-action#766</a></li>
<li>Create pull_request_template.md by <a
href="https://github.com/jonjanego"><code>@​jonjanego</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/794">actions/dependency-review-action#794</a></li>
<li>Update CONTRIBUTING.md by <a
href="https://github.com/jonjanego"><code>@​jonjanego</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/793">actions/dependency-review-action#793</a></li>
<li>Bump <code>@​types/node</code> from 20.11.28 to 20.16.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/815">actions/dependency-review-action#815</a></li>
<li>Upgrade transitive micromatch library by <a
href="https://github.com/elireisman"><code>@​elireisman</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/829">actions/dependency-review-action#829</a></li>
<li>Do not list changed dependencies in summary by <a
href="https://github.com/hmaurer"><code>@​hmaurer</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/828">actions/dependency-review-action#828</a></li>
<li>Update stale.yaml by <a
href="https://github.com/jonjanego"><code>@​jonjanego</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/832">actions/dependency-review-action#832</a></li>
<li>Bump got from 14.4.1 to 14.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/actions/dependency-review-action/pull/822">actions/dependency-review-action#822</a></li>
<li>Bump eslint-plugin-jest and ts-jest by <a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
in <a
href="https://github.com/actions/dependency-review-action/pull/840">actions/dependency-review-action#840</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/louis-bompart"><code>@​louis-bompart</code></a>
made their first contribution in <a
href="https://github.com/actions/dependency-review-action/pull/766">actions/dependency-review-action#766</a></li>
<li><a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
made their first contribution in <a
href="https://github.com/actions/dependency-review-action/pull/840">actions/dependency-review-action#840</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v4.3.4...v4.3.5">https://github.com/actions/dependency-review-action/compare/v4.3.4...v4.3.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/a6993e2c61fd5dc440b409aa1d6904921c5e1894"><code>a6993e2</code></a>
Merge pull request <a
href="https://github.com/actions/dependency-review-action/issues/840">#840</a>
from actions/dependabot-updates</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/d92f08b3ffab99059f272d5a517da020447d340a"><code>d92f08b</code></a>
Bump eslint-plugin-jest and ts-jest</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/3e334b7ca7ffb970f87176830a03bae8956b56cb"><code>3e334b7</code></a>
Merge pull request <a
href="https://github.com/actions/dependency-review-action/issues/822">#822</a>
from actions/dependabot/npm_and_yarn/got-14.4.2</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/32b7d886d598aa8c3119a0a5fdbb89d7afa11812"><code>32b7d88</code></a>
Merge pull request <a
href="https://github.com/actions/dependency-review-action/issues/832">#832</a>
from actions/jonjanego-patch-3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/14b94f8fbca386d31f26d25a495dbebb45a1a1eb"><code>14b94f8</code></a>
Update stale.yaml</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/6ea3b24563819b02be6332d9a462499780efd5d1"><code>6ea3b24</code></a>
Merge pull request <a
href="https://github.com/actions/dependency-review-action/issues/828">#828</a>
from actions/hm/summary</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/05042db2b6acd92ab2fbd7ffb3c7ae84fa03aebb"><code>05042db</code></a>
update dist packaging</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/6aacbe09345246424b8c496d1cd34c4da5d69597"><code>6aacbe0</code></a>
add a warning message if there is room in the summary prior to
cutoff</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/293ccdb6e90bdef5f22a243d7215fcfac19b5b39"><code>293ccdb</code></a>
add truncation escape valve to new file summary to avoid overflow</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/83c7cc6aa771a6b12a5d148208ab7e744db4f54c"><code>83c7cc6</code></a>
Do not list changes dependencies in summary</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/5a2ce3f5b92ee19cbb1541a4984c76d921601d7c...a6993e2c61fd5dc440b409aa1d6904921c5e1894">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.3.4&new-version=4.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Case Wylie <[email protected]>
  • Loading branch information
dependabot[bot] and cmwylie19 authored Oct 23, 2024
1 parent b39d8ab commit 91a4aea
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- name: 'Checkout Repository'
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: 'Dependency Review'
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5

circular-dependencies:
runs-on: ubuntu-latest
Expand Down

0 comments on commit 91a4aea

Please sign in to comment.