bitwarden-bot
commented
1 month ago Internal tracking:
- ID: PM-12873
- Link: https://bitwarden.atlassian.net/browse/PM-12873
Closed renovate[bot] closed 1 month ago
bitwarden-bot
commented
1 month ago Internal tracking:
codecov[bot]
commented
1 month ago All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 89.05%. Comparing base (
5fc811a) to head (65b4730). Report is 2 commits behind head on main.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
github-actions[bot]
commented
1 month ago 
Checkmarx One – Scan Summary & Details – 1d3d6492-bd5b-4623-87f3-52c346d84401
This PR contains the following updates:
v4.1.7->v4.2.02.0.33->2.0.35v4.5.0->v4.6.0v1.15.0->v1.16.0v2.1.2->v2.2.0v3.26.7->v3.26.10v1.192.0->v1.194.0Release Notes
actions/checkout (actions/checkout)
### [`v4.2.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.7...v4.2.0) - Add Ref and Commit outputs by [@lucacome](https://redirect.github.com/lucacome) in [https://github.com/actions/checkout/pull/1180](https://redirect.github.com/actions/checkout/pull/1180) - Dependency updates by [@dependabot-](https://redirect.github.com/dependabot-) [https://github.com/actions/checkout/pull/1777](https://redirect.github.com/actions/checkout/pull/1777), [https://github.com/actions/checkout/pull/1872](https://redirect.github.com/actions/checkout/pull/1872)checkmarx/ast-github-action (checkmarx/ast-github-action)
### [`v2.0.35`](https://redirect.github.com/Checkmarx/ast-github-action/releases/tag/2.0.35) [Compare Source](https://redirect.github.com/checkmarx/ast-github-action/compare/2.0.34...2.0.35) #### What's Changed ##### Other Changes - GitHub Action | Fix SAST & IAC Vul + Threshold (AST-47971) by [@elchananarb](https://redirect.github.com/elchananarb) in [https://github.com/Checkmarx/ast-github-action/pull/192](https://redirect.github.com/Checkmarx/ast-github-action/pull/192) - Fix permission entrypoint by [@amacedoo](https://redirect.github.com/amacedoo) in [https://github.com/Checkmarx/ast-github-action/pull/200](https://redirect.github.com/Checkmarx/ast-github-action/pull/200) #### New Contributors - [@elchananarb](https://redirect.github.com/elchananarb) made their first contribution in [https://github.com/Checkmarx/ast-github-action/pull/192](https://redirect.github.com/Checkmarx/ast-github-action/pull/192) - [@amacedoo](https://redirect.github.com/amacedoo) made their first contribution in [https://github.com/Checkmarx/ast-github-action/pull/200](https://redirect.github.com/Checkmarx/ast-github-action/pull/200) **Full Changelog**: https://github.com/Checkmarx/ast-github-action/compare/2.0.34...2.0.35 ### [`v2.0.34`](https://redirect.github.com/Checkmarx/ast-github-action/releases/tag/2.0.34) [Compare Source](https://redirect.github.com/checkmarx/ast-github-action/compare/2.0.33...2.0.34) #### What's Changed ##### Other Changes - upgrade cli to 2.2.5 by [@AlvoBen](https://redirect.github.com/AlvoBen) in [https://github.com/Checkmarx/ast-github-action/pull/197](https://redirect.github.com/Checkmarx/ast-github-action/pull/197) **Full Changelog**: https://github.com/Checkmarx/ast-github-action/compare/2.0.33...2.0.34codecov/codecov-action (codecov/codecov-action)
### [`v4.6.0`](https://redirect.github.com/codecov/codecov-action/releases/tag/v4.6.0) [Compare Source](https://redirect.github.com/codecov/codecov-action/compare/v4.5.0...v4.6.0) #### What's Changed - build(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1481](https://redirect.github.com/codecov/codecov-action/pull/1481) - build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1480](https://redirect.github.com/codecov/codecov-action/pull/1480) - build(deps-dev): bump ts-jest from 29.1.4 to 29.1.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1479](https://redirect.github.com/codecov/codecov-action/pull/1479) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.13.0 to 7.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1485](https://redirect.github.com/codecov/codecov-action/pull/1485) - build(deps-dev): bump [@typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin) from 7.13.0 to 7.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1484](https://redirect.github.com/codecov/codecov-action/pull/1484) - build(deps-dev): bump typescript from 5.4.5 to 5.5.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1490](https://redirect.github.com/codecov/codecov-action/pull/1490) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.13.1 to 7.14.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1493](https://redirect.github.com/codecov/codecov-action/pull/1493) - build(deps-dev): bump [@typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin) from 7.13.1 to 7.14.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1492](https://redirect.github.com/codecov/codecov-action/pull/1492) - build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1496](https://redirect.github.com/codecov/codecov-action/pull/1496) - build(deps-dev): bump [@typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin) from 7.14.1 to 7.15.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1501](https://redirect.github.com/codecov/codecov-action/pull/1501) - build(deps-dev): bump typescript from 5.5.2 to 5.5.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1500](https://redirect.github.com/codecov/codecov-action/pull/1500) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.14.1 to 7.15.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1499](https://redirect.github.com/codecov/codecov-action/pull/1499) - build(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1502](https://redirect.github.com/codecov/codecov-action/pull/1502) - build(deps-dev): bump ts-jest from 29.1.5 to 29.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1504](https://redirect.github.com/codecov/codecov-action/pull/1504) - build(deps-dev): bump [@typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin) from 7.15.0 to 7.16.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1503](https://redirect.github.com/codecov/codecov-action/pull/1503) - build(deps-dev): bump ts-jest from 29.2.0 to 29.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1507](https://redirect.github.com/codecov/codecov-action/pull/1507) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.15.0 to 7.16.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1505](https://redirect.github.com/codecov/codecov-action/pull/1505) - build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1509](https://redirect.github.com/codecov/codecov-action/pull/1509) - chore(ci): restrict scorecards to codecov/codecov-action by [@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov) in [https://github.com/codecov/codecov-action/pull/1512](https://redirect.github.com/codecov/codecov-action/pull/1512) - build(deps-dev): bump [@typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin) from 7.16.0 to 7.16.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1514](https://redirect.github.com/codecov/codecov-action/pull/1514) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.16.0 to 7.16.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1513](https://redirect.github.com/codecov/codecov-action/pull/1513) - test: `versionInfo` by [@marcobiedermann](https://redirect.github.com/marcobiedermann) in [https://github.com/codecov/codecov-action/pull/1407](https://redirect.github.com/codecov/codecov-action/pull/1407) - build(deps-dev): bump ts-jest from 29.2.2 to 29.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1515](https://redirect.github.com/codecov/codecov-action/pull/1515) - build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1516](https://redirect.github.com/codecov/codecov-action/pull/1516) - build(deps-dev): bump typescript from 5.5.3 to 5.5.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1521](https://redirect.github.com/codecov/codecov-action/pull/1521) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.16.1 to 7.17.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1520](https://redirect.github.com/codecov/codecov-action/pull/1520) - build(deps-dev): bump [@typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser) from 7.17.0 to 7.18.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1528](https://redirect.github.com/codecov/codecov-action/pull/1528) - build(deps): bump github/codeql-action from 3.25.13 to 3.25.15 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1526](https://redirect.github.com/codecov/codecov-action/pull/1526) - build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1525](https://redirect.github.com/codecov/codecov-action/pull/1525) - build(deps-dev): bump ts-jest from 29.2.3 to 29.2.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1532](https://redirect.github.com/codecov/codecov-action/pull/1532) - build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1534](https://redirect.github.com/codecov/codecov-action/pull/1534) - build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1542](https://redirect.github.com/codecov/codecov-action/pull/1542) - build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1541](https://redirect.github.com/codecov/codecov-action/pull/1541) - ref: Tidy up types and remove string coercion by [@nicholas-codecov](https://redirect.github.com/nicholas-codecov) in [https://github.com/codecov/codecov-action/pull/1536](https://redirect.github.com/codecov/codecov-action/pull/1536) - build(deps-dev): bump [@octokit/webhooks-types](https://redirect.github.com/octokit/webhooks-types) from 3.77.1 to 7.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1545](https://redirect.github.com/codecov/codecov-action/pull/1545) - build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1551](https://redirect.github.com/codecov/codecov-action/pull/1551) - feat: pass tokenless value as branch override by [@joseph-sentry](https://redirect.github.com/joseph-sentry) in [https://github.com/codecov/codecov-action/pull/1511](https://redirect.github.com/codecov/codecov-action/pull/1511) - build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1563](https://redirect.github.com/codecov/codecov-action/pull/1563) - Create makefile.yml by [@Hawthorne001](https://redirect.github.com/Hawthorne001) in [https://github.com/codecov/codecov-action/pull/1555](https://redirect.github.com/codecov/codecov-action/pull/1555) - build(deps): bump github/codeql-action from 3.26.2 to 3.26.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1562](https://redirect.github.com/codecov/codecov-action/pull/1562) - build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1557](https://redirect.github.com/codecov/codecov-action/pull/1557) - Spell `evenName` in the logs correctly by [@webknjaz](https://redirect.github.com/webknjaz) in [https://github.com/codecov/codecov-action/pull/1560](https://redirect.github.com/codecov/codecov-action/pull/1560) - build(deps-dev): bump typescript from 5.5.4 to 5.6.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1566](https://redirect.github.com/codecov/codecov-action/pull/1566) - build(deps-dev): bump [@types/jest](https://redirect.github.com/types/jest) from 29.5.12 to 29.5.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1567](https://redirect.github.com/codecov/codecov-action/pull/1567) - build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1569](https://redirect.github.com/codecov/codecov-action/pull/1569) - build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1571](https://redirect.github.com/codecov/codecov-action/pull/1571) - build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1575](https://redirect.github.com/codecov/codecov-action/pull/1575) - build(deps-dev): bump [@vercel/ncc](https://redirect.github.com/vercel/ncc) from 0.38.1 to 0.38.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1577](https://redirect.github.com/codecov/codecov-action/pull/1577) - chore: fix typo of OSS by [@shoothzj](https://redirect.github.com/shoothzj) in [https://github.com/codecov/codecov-action/pull/1578](https://redirect.github.com/codecov/codecov-action/pull/1578) - build(deps): bump github/codeql-action from 3.26.8 to 3.26.9 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1584](https://redirect.github.com/codecov/codecov-action/pull/1584) - build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/codecov/codecov-action/pull/1583](https://redirect.github.com/codecov/codecov-action/pull/1583) - fix: bump eslint parser deps by [@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov) in [https://github.com/codecov/codecov-action/pull/1586](https://redirect.github.com/codecov/codecov-action/pull/1586) - chore(release):4.6.0 by [@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov) in [https://github.com/codecov/codecov-action/pull/1587](https://redirect.github.com/codecov/codecov-action/pull/1587) #### New Contributors - [@nicholas-codecov](https://redirect.github.com/nicholas-codecov) made their first contribution in [https://github.com/codecov/codecov-action/pull/1536](https://redirect.github.com/codecov/codecov-action/pull/1536) - [@Hawthorne001](https://redirect.github.com/Hawthorne001) made their first contribution in [https://github.com/codecov/codecov-action/pull/1555](https://redirect.github.com/codecov/codecov-action/pull/1555) - [@webknjaz](https://redirect.github.com/webknjaz) made their first contribution in [https://github.com/codecov/codecov-action/pull/1560](https://redirect.github.com/codecov/codecov-action/pull/1560) - [@shoothzj](https://redirect.github.com/shoothzj) made their first contribution in [https://github.com/codecov/codecov-action/pull/1578](https://redirect.github.com/codecov/codecov-action/pull/1578) **Full Changelog**: https://github.com/codecov/codecov-action/compare/v4.5.0...v4.6.0codex-/return-dispatch (codex-/return-dispatch)
### [`v1.16.0`](https://redirect.github.com/Codex-/return-dispatch/releases/tag/v1.16.0) [Compare Source](https://redirect.github.com/codex-/return-dispatch/compare/v1.15.0...v1.16.0) ##### 🐞 Bug Fixes - Incorrect logging - by [@Codex-](https://redirect.github.com/Codex-) [(30034)](https://redirect.github.com/Codex-/return-dispatch/commit/3003423) - Internal retry should not fail action before the input timeout is exceeded - by [@Codex-](https://redirect.github.com/Codex-) [(d8c15)](https://redirect.github.com/Codex-/return-dispatch/commit/d8c15b5) - Use the highest timeout value when retrying - by [@Codex-](https://redirect.github.com/Codex-) [(852e0)](https://redirect.github.com/Codex-/return-dispatch/commit/852e0a1) ##### [View changes on GitHub](https://redirect.github.com/Codex-/return-dispatch/compare/v1.15.0...v1.16.0)crowdin/github-action (crowdin/github-action)
### [`v2.2.0`](https://redirect.github.com/crowdin/github-action/releases/tag/v2.2.0) [Compare Source](https://redirect.github.com/crowdin/github-action/compare/v2.1.3...v2.2.0) ##### What's Changed - CLI [4.2.0](https://redirect.github.com/crowdin/crowdin-cli/releases/tag/4.2.0) by [@andrii-bodnar](https://redirect.github.com/andrii-bodnar) **Full Changelog**: https://github.com/crowdin/github-action/compare/v2.1.2...v2.2.0 ### [`v2.1.3`](https://redirect.github.com/crowdin/github-action/releases/tag/v2.1.3) [Compare Source](https://redirect.github.com/crowdin/github-action/compare/v2.1.2...v2.1.3) ##### What's Changed - fix: issues related to checking for the existing pull requests by [@andrii-bodnar](https://redirect.github.com/andrii-bodnar) in [https://github.com/crowdin/github-action/pull/250](https://redirect.github.com/crowdin/github-action/pull/250) - docs: add sample configuration file by [@andrii-bodnar](https://redirect.github.com/andrii-bodnar) in [https://github.com/crowdin/github-action/pull/248](https://redirect.github.com/crowdin/github-action/pull/248) **Full Changelog**: https://github.com/crowdin/github-action/compare/v2.1.2...v2.1.3github/codeql-action (github/codeql-action)
### [`v3.26.10`](https://redirect.github.com/github/codeql-action/compare/v3.26.9...v3.26.10) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.26.9...v3.26.10) ### [`v3.26.9`](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9) ### [`v3.26.8`](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8)ruby/setup-ruby (ruby/setup-ruby)
### [`v1.194.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.194.0) [Compare Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.193.0...v1.194.0) **Full Changelog**: https://github.com/ruby/setup-ruby/compare/v1.193.0...v1.194.0 ### [`v1.193.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.193.0) [Compare Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.192.0...v1.193.0) ##### What's Changed - README.md - Windows - clarify installed packages, 2022 vs 2019 by [@MSP-Greg](https://redirect.github.com/MSP-Greg) in [https://github.com/ruby/setup-ruby/pull/642](https://redirect.github.com/ruby/setup-ruby/pull/642) - Add truffleruby-24.1.0,truffleruby+graalvm-24.1.0 by [@ruby-builder-bot](https://redirect.github.com/ruby-builder-bot) in [https://github.com/ruby/setup-ruby/pull/643](https://redirect.github.com/ruby/setup-ruby/pull/643) **Full Changelog**: https://github.com/ruby/setup-ruby/compare/v1.192.0...v1.193.0Configuration
📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.