Closed dependabot[bot] closed 5 months ago
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.
Package | Version | Score | Details | ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
actions/actions/dependency-review-action | 0c155c5e8556a497adf53f2c18edabf945ed8e70 | :green_circle: 6.4 | Details
| ||||||||||||||||||||||||||||||||||||||||||||||||
actions/actions/dependency-review-action | 5bbc3ba658137598168acb2ab73b21c432dd411b | :green_circle: 6.4 | Details
|
Code Climate has analyzed commit 7f256244 and detected 0 issues on this pull request.
View more on Code Climate.
Bumps actions/dependency-review-action from 4.2.5 to 4.3.2.
Release notes
Sourced from actions/dependency-review-action's releases.
Commits
0c155c5
Merge pull request #762 from actions/juxtin/prepare-4.3.2f3dac32
Merge pull request #761 from actions/juxtin/fix-allow-dependencies-licensesd0d5cc3
Update version number to 4.3.249fbbe0
Fix package-url parsing for allow-dependencies-licensese58c696
Merge pull request #758 from actions/juxtin/prepare-4.3.19b7c72d
Change version to 4.3.17dcfabf
Merge pull request #753 from actions/juxtin/debug-purl5f0808f
Validate that deny-packages purls are completefcc66c2
Refine purl parsing and tests1dd418b
Basic tests for PURL validation in configYou can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show