Closed dependabot[bot] closed 3 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 88.49%. Comparing base (
6413a43
) to head (593e7e3
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps the github-actions group with 5 updates in the / directory:
2.7.1
2.8.0
4.1.5
4.1.6
3.1.0
3.2.0
2.13.4
3.25.7
4.3.1
4.4.1
Updates
step-security/harden-runner
from 2.7.1 to 2.8.0Release notes
Sourced from step-security/harden-runner's releases.
Commits
f086349
Merge pull request #416 from step-security/rc-8b9c325d
Update image808a771
Add info about file and process events7171429
Update agent9ff9d14
Merge pull request #406 from step-security/dependabot/github_actions/step-sec...ac5fa01
Bump step-security/harden-runner from 2.7.0 to 2.7.1Updates
actions/checkout
from 4.1.5 to 4.1.6Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
a5ac7e5
Update for 4.1.6 release (#1733)24ed1a3
Check platform for extension (#1732)Updates
docker/login-action
from 3.1.0 to 3.2.0Release notes
Sourced from docker/login-action's releases.
Commits
0d4c9c5
Merge pull request #722 from crazy-max/update-readmeb29e14f
add contributing section to README218a70c
Merge pull request #721 from docker/dependabot/npm_and_yarn/docker/actions-to...b820080
build(deps): bump@docker/actions-toolkit
from 0.23.0 to 0.24.027530a9
Merge pull request #720 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...d072a60
chore: update generated content7c627b5
build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...787cfc6
Merge pull request #694 from docker/dependabot/npm_and_yarn/undici-5.28.48e66e91
chore: update generated content5ba5e97
build(deps): bump undici from 5.28.3 to 5.28.4Updates
github/codeql-action
from 2.13.4 to 3.25.7Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
f079b84
Merge pull request #2317 from github/update-v3.25.7-a095bf2a1e1a4268
Update changelog for v3.25.7a095bf2
Merge pull request #2313 from github/revert-2312-update-bundle/codeql-bundle-...bbd4e19
Revert "Update default bundle to 2.17.4"9ab5d16
Merge pull request #2312 from github/update-bundle/codeql-bundle-v2.17.4028346e
Add changelog note5fe0847
Update default bundle to codeql-bundle-v2.17.49550da9
Merge pull request #2311 from github/henrymercer/pack-missing-auth-config-error6548a4d
Add configuration error for missing auth to package registry7927df0
Bump micromatch from 4.0.5 to 4.0.7 in the npm group (#2310)Updates
codecov/codecov-action
from 4.3.1 to 4.4.1Release notes
Sourced from codecov/codecov-action's releases.
Commits
125fc84
chore(release): 4.4.1 (#1441)c9dbf6a
fix: isPullRequestFromFork returns false for any PR (#1437)59fc46f
build(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#1438)3889fdd
build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 (#1439)d42a336
fix: prevent xlarge from running on forks (#1432)fd624e5
build(deps-dev): bump@typescript-eslint/eslint-plugin
from 7.8.0 to 7.9.0 (#...6d79887
chore(release): 4.4.0 (#1430)37364fa
build(deps-dev): bump@typescript-eslint/parser
from 7.8.0 to 7.9.0 (#1428)2791a5c
fix: remove GPG and run on spawn (#1426)b71af43
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#1420)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show