search

DawnbrandBots / bastion-bot

A Discord bot for displaying information about Yu-Gi-Oh! cards.
https://discord.com/application-directory/383854640694820865
GNU Affero General Public License v3.0
10 stars 11 forks source link

Bump dotenv from 16.4.1 to 16.4.5 #427

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps dotenv from 16.4.1 to 16.4.5.

Changelog

Sourced from dotenv's changelog.

16.4.5 (2024-02-19)

Changed

  • 🐞 fix recent regression when using path option. return to historical behavior: do not attempt to auto find .env if path set. (regression was introduced in 16.4.3) #814

16.4.4 (2024-02-13)

Changed

  • 🐞 Replaced chaining operator ?. with old school && (fixing node 12 failures) #812

16.4.3 (2024-02-12)

Changed

  • Fixed processing of multiple files in options.path #805

16.4.2 (2024-02-10)

Changed

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
socket-security[bot] commented 4 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/dotenv@16.4.5 environment, filesystem 0 79.1 kB motdotla

🚮 Removed packages: npm/dotenv@16.4.1

View full report↗︎

codecov[bot] commented 4 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 43.18%. Comparing base (22d5cda) to head (79107b1).

:exclamation: Current head 79107b1 differs from pull request most recent head 70fa96d. Consider uploading reports for the commit 70fa96d to get more accurate results

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #427 +/- ## ========================================== + Coverage 43.03% 43.18% +0.15% ========================================== Files 31 31 Lines 4473 4455 -18 Branches 182 182 ========================================== - Hits 1925 1924 -1 + Misses 2548 2530 -18 - Partials 0 1 +1 ``` | [Flag](https://app.codecov.io/gh/DawnbrandBots/bastion-bot/pull/427/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DawnbrandBots) | Coverage Δ | | |---|---|---| | [unit](https://app.codecov.io/gh/DawnbrandBots/bastion-bot/pull/427/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DawnbrandBots) | `?` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DawnbrandBots#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

kevinlul commented 4 months ago

@dependabot rebase

kevinlul commented 4 months ago

Changes are not relevant

dependabot[bot] commented 4 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.