search

ActionsDesk / github-actions-allow-list-as-code-action

Automate GitHub Actions allow list for GitHub Enterprise Cloud accounts
MIT License
14 stars 6 forks source link

🆙 npm(deps): Bump the npm group with 4 updates #126

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the npm group with 4 updates: @octokit/plugin-enterprise-cloud, eslint-plugin-github, husky and rimraf.

Updates @octokit/plugin-enterprise-cloud from 12.5.0 to 13.0.0

Release notes

Sourced from @​octokit/plugin-enterprise-cloud's releases.

v13.0.0

13.0.0 (2024-05-09)

Features

BREAKING CHANGES

  • package is now ESM

v12.6.0

12.6.0 (2024-05-03)

Features

  • Dependabot alerts --> secret scanning (#540) (1794fbc)
Commits
  • 20cf836 feat: package is now ESM (#545)
  • 62110ae build(deps): lock file maintenance
  • cc8790b chore(deps): update dependency esbuild to ^0.21.0 (#544)
  • 1794fbc feat: Dependabot alerts --> secret scanning (#540)
  • 10d11dd build(deps): lock file maintenance
  • d496f44 build(deps): lock file maintenance
  • ca16b0e build(deps): lock file maintenance
  • See full diff in compare view


Updates eslint-plugin-github from 4.10.2 to 5.0.1

Release notes

Sourced from eslint-plugin-github's releases.

v5.0.1

What's Changed

Full Changelog: https://github.com/github/eslint-plugin-github/compare/v5.0.0...v5.0.1

v5.0.0

Formally releasing v5.0.0!

This release includes everything in pre-release v5.0.0-2!

We notably dropped support for node 14 and node 16 in favor of node 18.

What's Changed

v5.0.0-2

In this release, we are formally dropping support for node 14 and node 16.

What's Changed

Full Changelog: https://github.com/github/eslint-plugin-github/compare/v4.10.2...v5.0.0-2

Commits
  • 8d9ed4f Merge pull request #531 from github/kh-set-exception-on-rule
  • ec76d1c Provide exception for rowgroup
  • 948bc6a Merge pull request #530 from github/dependabot/npm_and_yarn/all-dependencies-...
  • 919dda0 backout eslint 9 update
  • 1bd0859 chore(deps): bump the all-dependencies group with 6 updates
  • 2b8550f Drop node 14 in publish workflow (#529)
  • ce529f9 Merge pull request #525 from github/kh-fix-bug-in-get-element-type-logic
  • 3979a24 Update tests/utils/get-element-type.mjs
  • 9d2dc5d add node 20 support
  • dd592c6 drop ndoe 16
  • Additional commits viewable in compare view


Updates husky from 9.0.11 to 9.1.4

Release notes

Sourced from husky's releases.

v9.1.4

  • Improve deprecation notice

v9.1.3

  • fix: better handle space in PATH

v9.1.2

Show a message instead of automatically removing deprecated code.

This only concerns projects that still have the following code in their hooks:

- #!/usr/bin/env sh # <- This is deprecated, remove it
- . "$(dirname -- "$0")/_/husky.sh"  # <- This is deprecated, remove it

Rest of your hook code

Hooks with these lines will fail in v10.0.0

v9.1.1

Super saiyan god dog! It's over 9.0.0!

What's new

You can now run package commands directly, no need for npx or equivalents. It makes writing hooks more intuitive and is also slightly faster 🐺⚡️

# .husky/pre-commit
- npx jest
+ jest # ~0.2s faster

A new recipe has been added to the docs. Lint staged files without external dependencies (inspired by Prettier docs). Feel free to modify it.

# .husky/pre-commit
prettier $(git diff --cached --name-only --diff-filter=ACMR | sed 's| |\\ |g') --write --ignore-unknown
git update-index --again

For more advanced use cases, see lint-staged.

Fixes

... (truncated)

Commits


Updates rimraf from 5.0.5 to 6.0.1

Changelog

Sourced from rimraf's changelog.

6.0

  • Drop support for nodes before v20
  • Add --version to CLI

5.0

  • No default export, only named exports

4.4

  • Provide Dirent or Stats object as second argument to filter

4.3

  • Return boolean indicating whether the path was fully removed
  • Add filter option
  • bin: add --verbose, -v to print files as they are deleted
  • bin: add --no-verbose, -V to not print files as they are deleted
  • bin: add -i --interactive to be prompted on each deletion
  • bin: add -I --no-interactive to not be prompted on each deletion
  • 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

  • Brought back glob support, using the new and improved glob v9

v4.1

  • Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
  • Accept and ignore -rf and -fr arguments to the bin.

v4.0

  • Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
  • Accept array of paths or single path.
  • Windows performance and reliability improved.
  • All strategies separated into explicitly exported methods.
  • Drop support for Node.js below version 14
  • rewrite in TypeScript
  • ship CJS/ESM hybrid module
  • Error on unknown arguments to the bin. (Previously they were silently ignored.)

v3.0

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @stoe.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 2 months ago

The following labels could not be found: dependency :robot:.