Bump sobelow from 0.11.1 to 0.13.0

[dependabot[bot]]

Bumps sobelow from 0.11.1 to 0.13.0.

Release notes

Sourced from sobelow's releases.

v0.13.0

• Removed
  • Support for minimum Elixir versions 1.5 & 1.6 (POTENTIALLY BREAKING - only applies if you relied on Elixir 1.5 or 1.6, 1.7+ is still supported)
• Enhancements
  • Fixed all credo warnings
  • Implemented all credo "Code Readability" adjustments
  • Took advantage of some credo refactoring opportunities
  • Added (sub)module documentation that was missing for some vulnerabilities and unified presentation of others
• Bug fixes
  • Fixed --details / -d not displaying correct information
  • Fixed incompatibility issue with Elixir 1.15
• Misc
  • Added mix credo --strict to project
  • Improvements to GitHub CI
    • Hex Audit
    • Compiler Warnings as Errors
    • Checks Formatting
  • Added helper mix test.all alias

v.0.12.2

v0.12.2

• Bug fixes
  • Removed :castore and introduced :verify_none to quiet warning and unblock escript usage, see #133 for more context on why this is necessary

v.0.12.1

v0.12.1

• Bug fixes
  • Lowered required version of :castore to remove upgrade path issues
  • Reconfigured :verify_peer to actually use CAStore and remove warning

v.0.12.0

v0.12.0

Please note it has been quite some time between GitHub releases - please refer to the CHANGELOG for more information on what has changed since v0.8.0, the changelog below is ONLY for the changes between v.0.11.1 and v.0.12.0

• Removed
  • Support for minimum Elixir version 1.4 (POTENTIALLY BREAKING - only applies if you relied on Elixir 1.4, 1.5+ is still supported)
  • Enhancements
    • Adds support for HEEx to XSS.Raw
    • Adds --version CLI flag
    • README Improvements
      • Umbrella App usage
      • Clearer installation process
      • Layout changes
    • Updated dependencies
  • Bug fixes
    • Adds to_string() to exit_on
    • Sets SSL opt verify_peer in version check
    • Reworks -v, --verbose printing to not use the now deprecated Macro.to_string/2
  • Misc
    • Allows atom values for threshold in config file
    • Uses SPDX ID for licenses in mixfile

... (truncated)

Changelog

Sourced from sobelow's changelog.

v0.13.0

• Removed
  • Support for minimum Elixir versions 1.5 & 1.6 (POTENTIALLY BREAKING - only applies if you relied on Elixir 1.5 or 1.6, 1.7+ is still supported)
• Enhancements
  • Fixed all credo warnings
  • Implemented all credo "Code Readability" adjustments
  • Took advantage of some credo refactoring opportunities
  • Added (sub)module documentation that was missing for some vulnerabilities and unified presentation of others
• Bug fixes
  • Fixed --details / -d not displaying correct information
  • Fixed incompatibility issue with Elixir 1.15
• Misc
  • Added mix credo --strict to project
  • Improvements to GitHub CI
    • Hex Audit
    • Compiler Warnings as Errors
    • Checks Formatting
  • Added helper mix test.all alias

v0.12.2

• Bug fixes
  • Removed :castore and introduced :verify_none to quiet warning and unblock escript usage, see #133 for more context on why this is necessary

v0.12.1

• Bug fixes
  • Lowered required version of :castore to remove upgrade path issues
  • Reconfigured :verify_peer to actually use CAStore and remove warning

v0.12.0

• Removed
  • Support for minimum Elixir version 1.4 (POTENTIALLY BREAKING - only applies if you relied on Elixir 1.4, 1.5+ is still supported)
• Enhancements
  • Adds support for HEEx to XSS.Raw
  • Adds --version CLI flag
  • README Improvements
    • Umbrella App usage
    • Clearer installation process
    • Layout changes
  • Updated dependencies
• Bug fixes
  • Adds to_string() to exit_on
  • Sets SSL opt verify_peer in version check
  • Reworks -v, --verbose printing to not use the now deprecated Macro.to_string/2
• Misc
  • Allows atom values for threshold in config file
  • Uses SPDX ID for licenses in mixfile
  • Fixed typo

v0.11.2

• Enhancements

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[nelsonic]

Superseded by #231

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.