Skip to content

build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.5#78

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/dependency-review-action-3.1.5
Closed

build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.5#78
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/dependency-review-action-3.1.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 8, 2024

Copy link
Copy Markdown
Contributor

Bumps actions/dependency-review-action from 3.1.0 to 3.1.5.

Release notes

Sourced from actions/dependency-review-action's releases.

3.1.5

What's Changed

Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5

3.1.4

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.4

3.1.3

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.3

3.1.2

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.2

3.1.1

What's Changed

  • Update a bunch of dependencies, including major version upgrades for octokit, @actions/github and typescript.

... (truncated)

Commits
  • c74b580 Merge pull request #651 from actions/release-3.1.5
  • cc4f653 Release 3.1.5
  • d2ed7c0 Merge pull request #649 from actions/per-page
  • 9e77cc7 npm run package
  • b383a9a Smaller per_page when requesting diff
  • 8a49820 Merge pull request #646 from actions/dependabot/npm_and_yarn/prettier-3.1.1
  • a10a70d Merge pull request #645 from actions/dependabot/npm_and_yarn/typescript-eslin...
  • 0de1638 Bump prettier from 3.1.0 to 3.1.1
  • 522f021 Bump @​typescript-eslint/parser from 6.13.1 to 6.16.0
  • 2597ca4 Merge pull request #640 from actions/dependabot/npm_and_yarn/eslint-8.56.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.0 to 3.1.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@6c5ccda...c74b580)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jan 8, 2024
@github-actions

github-actions Bot commented Jan 8, 2024

Copy link
Copy Markdown

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 1 0 0.01s
✅ COPYPASTE jscpd yes no 1.83s
✅ EDITORCONFIG editorconfig-checker 1 0 0.01s
✅ REPOSITORY checkov yes no 11.18s
✅ REPOSITORY gitleaks yes no 0.25s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY grype yes no 12.07s
✅ REPOSITORY secretlint yes no 0.98s
✅ REPOSITORY trivy yes no 4.13s
✅ REPOSITORY trivy-sbom yes no 3.74s
✅ REPOSITORY trufflehog yes no 4.0s
✅ YAML prettier 1 0 0 0.45s
✅ YAML v8r 1 0 2.32s
✅ YAML yamllint 1 0 0.71s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@dependabot @github

dependabot Bot commented on behalf of github Jan 22, 2024

Copy link
Copy Markdown
Contributor Author

Superseded by #81.

@dependabot dependabot Bot closed this Jan 22, 2024
@dependabot dependabot Bot deleted the dependabot/github_actions/actions/dependency-review-action-3.1.5 branch January 22, 2024 03:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants