Closed dependabot[bot] closed 1 year ago
@kenodegard Is https://github.com/actions-ecosystem/action-add-labels/commit/a8ae047fee0ca28235f9764e1c478d2136dc15c1 possibly a problem?
Yup looks like that's not something we can customize: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
Our concern with the mutability of tags is probably not worth the effort. We should spend the time to vet the person/org behind the actions instead.
Bumps actions-ecosystem/action-add-labels from 1.1.0 to 1.1.3.
Commits
18f1af5
Make github_token not requirement (#259)7548625
Update default branch for release trigger (#254)a8ae047
Update workflow trigger pull_request -> pull_request_target (#183)b2442fe
Makegithub_token
input optional (#160)442934f
Bump lodash from 4.17.15 to 4.17.19 (#69)4efa0cd
Bump@actions/core
from 1.2.4 to 1.2.6 (#100)cff25c1
Bump jest-circus from 24.9.0 to 26.0.1 (#40)7fd0d4e
Bump@zeit/ncc
from 0.20.5 to 0.22.3 (#42)bdfefdd
Bump@types/semver
from 6.2.1 to 7.2.0 (#41)96c379d
Bump typescript from 3.8.3 to 3.9.3 (#39)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)