Skip to content

build(deps-dev): Bump danger from 12.3.4 to 13.0.5#138

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/danger-13.0.5
Closed

build(deps-dev): Bump danger from 12.3.4 to 13.0.5#138
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/danger-13.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jan 19, 2026
edited
Loading

Bumps danger from 12.3.4 to 13.0.5.

Release notes

Sourced from danger's releases.

Release 13.0.5

No release notes provided.

Release 13.0.4

Fun sidenote, it's been exactly a year and we had to update the node version etc

Screenshot 2025-04-16 at 08 14 22

Changelog

Sourced from danger's changelog.

Main

13.0.4

13.0.3

  • Lots of deploy faff, as we are forced to update node in all the build processing [@​orta]

13.0.0

  • Breaking Update @octokit/rest from 18 to 20 to prevent transitive CVEs - Fixes #1479 [@​fbartho]
  • Clean up dead discussion link - Fixes #1467 [@​fbartho]
  • Adds infra for pythons pre-commit hooks
  • Replace parse-git-config with ini + fs as it has a CVE out - #1486
  • Disabled Windows CI as it was failing for successful builds
Commits
  • 67ed2c1 Release 13.0.5
  • a05ae4a CHANGELOG
  • 3a7c728 Merge pull request #1493 from danger/SimenB-patch-1
  • 61e64e2 Fix Dockerfile syntax for multi-stage builds
  • b5764b4 Merge pull request #1491 from yoshi-taka/remove-lodash.keys
  • 2375820 Merge pull request #1492 from yoshi-taka/remove-shutdown-providers
  • e689e98 fix: missed commit
  • 53a8ca9 chore(ci): remove legacy providers (BuddyBuild, DockerCloud, Nevercode)
  • e7367d5 chore: remove lodash.keys
  • 6a85f77 Merge pull request #1490 from yoshi-taka/remove-lodash-find
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps-dev): Bump danger from 12.3.4 to 13.0.5
8ee3b60 
Bumps [danger](https://github.com/danger/danger-js) from 12.3.4 to 13.0.5.
- [Release notes](https://github.com/danger/danger-js/releases)
- [Changelog](https://github.com/danger/danger-js/blob/main/CHANGELOG.md)
- [Commits](danger/danger-js@12.3.4...13.0.5)

---
updated-dependencies:
- dependency-name: danger
  dependency-version: 13.0.5
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Jan 19, 2026

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from mcj-coder as a code owner January 19, 2026 06:54
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jan 19, 2026

This Dependabot PR contains a version-update:semver-major update and requires manual review before merging.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jan 19, 2026
edited
Loading




Fails
🚫 PR must have a Summary or Description section.
🚫 PR must have auto-merge enabled. Enable via PR settings → "Enable auto-merge".

This ensures PRs are merged automatically once all checks pass.
🚫 PR title subject should start with lowercase.

Current: "build(deps-dev): Bump danger from 12.3.4 to 13.0.5"

The subject after the colon should start with a lowercase letter.
🚫 PR body must contain an issue reference.

Add one of the following to your PR description:

This ensures traceability between commits and issues.

Generated by 🚫 dangerJS against 8ee3b60

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 30, 2026

Superseded by #177.

@dependabot dependabot Bot closed this Mar 30, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/danger-13.0.5 branch March 30, 2026 06:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mcj-coder mcj-coder Awaiting requested review from mcj-coder mcj-coder is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants