CycloneDX / cyclonedx-node-pnpm

Create CycloneDX Software Bill of Materials (SBOM) from Node.js PNPM projects.
https://cyclonedx.org/
Apache License 2.0
12 stars 5 forks source link

chore(deps): Bump pnpm/action-setup from 2 to 4 #13

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps pnpm/action-setup from 2 to 4.

Release notes

Sourced from pnpm/action-setup's releases.

v4.0.0

An error is thrown if one version of pnpm is specified in the packageManager field of package.json and a different version is specified in the action's settings #122

v3.0.0

The action is updated to run on Node.js v20

v2.4.0

Add ability to install standalone binary (pnpm/action-setup#92).

v2.3.0

v2.2.4

No deprecation warnings are printed about set-state and set-output commands (pnpm/action-setup#57)

v2.2.3

Bump Node.js version to 16 pnpm/action-setup#56

v2.2.2

Fixing network issues.

Related issues:

Related PR:

v2.2.1

Fix "packageManager" reader pnpm/action-setup#35

v2.2.0

v2.1.0

Support pnpm v7 pnpm/action-setup#29

v2.0.1

Update versions in code examples in README.md to the latest ones to avoid users using the wrong versions.

Commits
  • fe02b34 docs: bump action-setup version in README
  • bee1f09 feat: throw error when multiple versions specified (#122)
  • ce859e3 refactor: replace fs-extra with Node.js built-in fs methods (#120)
  • 2ab6dce docs(README): fix link to LICENSE
  • e280758 docs(README): update dependency versions (#117)
  • 129abb7 Bump undici from 5.28.2 to 5.28.3 (#115)
  • a3252b7 docs(README): update version
  • 1ee9c9d feat!: node20 upgrade (#110)
  • ebcfd69 Bump actions/setup-node from 3 to 4 (#103)
  • d2613e0 docs: update pnpm version in caching example (#94)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)