chore(deps): bump actions/dependency-review-action from 2.5.1 to 3.0.8

dependabot[bot] commented 11 months ago

Bumps actions/dependency-review-action from 2.5.1 to 3.0.8.

Release notes

Sourced from actions/dependency-review-action's releases.

3.0.8

What's Changed

Added on-failure option to comment-summary-in-pr setting by @sgmurphy in actions/dependency-review-action#540

Previous configuration files using true/false for comment-summary-in-pr will be mapped automatically to the new values, but we encourage you to update to always/on-failure/never.

New Contributors

@sgmurphy made their first contribution in actions/dependency-review-action#540

Full Changelog: https://github.com/actions/dependency-review-action/compare/v3...v3.0.8

3.0.7

What's Changed

Make GHES support / setup more clear by @rajbos in actions/dependency-review-action#534

Add an option to deny packages or groups of packages by @adrienpessu in actions/dependency-review-action#544

New Contributors

@rajbos made their first contribution in actions/dependency-review-action#534

@adrienpessu made their first contribution in actions/dependency-review-action#544

Full Changelog: https://github.com/actions/dependency-review-action/compare/v3...v3.0.7

3.0.6

Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty package_url.

3.0.5

What's Changed

Thanks to @theztefan, we now have a new allow-dependencies-licenses option that takes a list of dependencies that will be excluded from license checks. See the configuration options for more information on how to use it.

Exclude dependencies from license checks by @theztefan in actions/dependency-review-action#423

Documentation examples by @theztefan in actions/dependency-review-action#423

Show snapshot warnings in the summary by @juxtin in actions/dependency-review-action#439

Fix default values for fail-on-severity by @febuiles in actions/dependency-review-action#451

Updated dependencies.

New Contributors

@juxtin made their first contribution in actions/dependency-review-action#439

@theztefan made their first contribution in actions/dependency-review-action#423

Full Changelog: https://github.com/actions/dependency-review-action/compare/v3...v3.0.5

3.0.4

What's New?

The Action can now publish a comment in the pull request if the comment-summary-in-pr option is set. More information can be found in the README.

New Contributors

@davelosert made their first contribution in actions/dependency-review-action#393

Changelog

... (truncated)

Commits

f6fff72 Merge pull request #540 from sgmurphy/comment-on-failure
61ee12c Merge pull request #548 from actions/dependabot/npm_and_yarn/typescript-eslin...
7d5babf Merge pull request #547 from actions/dependabot/npm_and_yarn/eslint-8.47.0
ddb1b93 Bump @typescript-eslint/eslint-plugin from 6.2.0 to 6.3.0
7c3177d Bump eslint from 8.46.0 to 8.47.0
31afeba Add unit tests
7ef37f3 Merge branch 'main' into comment-on-failure
2e59943 Parse boolean to enum
7d90b4f bumping to 3.0.7
02aa4b6 Merge pull request #544 from adrienpessu/main
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] commented 11 months ago

The following labels could not be found: Type: Security Patch.

netlify[bot] commented 11 months ago

Deploy Preview for veascan ready!

Name	Link
Latest commit	6eb4cabb4f440486896eab541a92973586a4c454
Latest deploy log	https://app.netlify.com/sites/veascan/deploys/64dc73beb3cf5b00087fcc5c
Deploy Preview	https://deploy-preview-269--veascan.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

kleros / vea