Closed dependabot[bot] closed 4 months ago
Latest commit: 637c33c214bc859734138671f4e95ac8d74a1673
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
Bumps the development-dependencies group with 1 update: snyk.
Updates
snyk
from 1.1281.0 to 1.1283.0Release notes
Sourced from snyk's releases.
Commits
e52fdaa
feat: add python optional dependencies support (#5072)6cd177d
docs: add guidance on writing commit messages (#5071)c0d9ddf
chore(ci): persist unit test output (#5087)f0c8339
fix: enforce correct type for security-severity in sarif output (#5091)4f892f7
fix: remove dependencies when parent folder is deleted (#5080)9f4d512
fix(ci): upgrade slack webhook (#5085)2113022
fix(danger): commit pattern in danger to disable certain characters (#5089)00af20b
fix: enables multi-platform support for OCI images (#5082)54253f7
feat: populate CVSS scores in SARIF files (#5014) (#5088)8b271cd
feat(#2439): populate CVSS scores in SARIF files (#5014)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show