search

korken89 / fugit

`fugit` provides a comprehensive library of `Duration` and `Instant` for the handling of time in embedded systems, doing all it can at compile time.
Apache License 2.0
55 stars 16 forks source link

Bump dangoslen/changelog-enforcer from 2 to 3 #17

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps dangoslen/changelog-enforcer from 2 to 3.

Release notes

Sourced from dangoslen/changelog-enforcer's releases.

Changelog Enforcer 3.0.0

:rocket: The 3.0.0 release of the Changelog Enforcer is here! This release relies soley on the GitHub API instead of local git commands from a cloned repository. This means, for example, that actions/checkout does not need to be run before running the enforcer.

Fixes

Dependencies

  • Bumps @vercel/ncc from 0.28.6 to 0.31.1
  • Bumps @actions/core from 1.4.0 to 1.6.0
  • Bumps jest from 27.0.5 to 27.3.1
  • Bumps actions/checkout from 2.3.4 to 2.4.0
  • Bumps uglify-js from 3.13.9 to 3.14.3
  • Bumps eslint from 7.28.0 to 8.2.0

Changelog Enforcer 2.3.1

Changed

  • Only runs on pull_request and pull_request_target events. This is to address issue #140

Changelog Enforcer 2.3.0

Dependencies

  • Bumps lodash from 4.17.19 to 4.17.21
  • Bumps stefanzweifel/git-auto-commit-action from 4 to 4.11.0
  • Bumps actions/checkout from 2 to 2.3.4
  • Bumps actions/create-release from 1 to 1.1.4
  • Bumps uglify-js from 3.13.3 to 3.13.9
  • Bumps eslint from 7.25.0 to 7.28.0
  • Bumps @vercel/ncc from 0.28.2 to 0.28.6
  • Bumps @actions/github from 4.0.0 to 5.0.0
  • Bumps dangoslen/dependabot-changelog-helper from 0.3.2 to 1
  • Bumps @actions/exec from 1.0.4 to 1.1.0
  • Bumps @actions/core from 1.2.7 to 1.4.0
  • Bumps jest from 26.6.3 to 27.0.5
  • Bumps ws from 7.4.0 to 7.5.3

Changelog Enforcer 2.2.0

Internal Changes

  • The pull_request workflow now executes as a pull_request_target workflow to handle incoming pull requests from forked repos.
    • This is needed because Dependabot now works as a forked branch. The reasoning and ways to accomodate are listed in a GitHub Security article
    • The verified label is needed to allow the workflow to execute

Dependencies

  • Bumps uglify-js from 3.13.2 to 3.13.3
  • Bumps y18n from 4.0.1 to 5.0.8
  • Bumps @vercel/ncc from 0.27.0 to 0.28.2
  • Bumps @actions/core from 1.2.6 to 1.2.7
  • Bumps eslint from 7.23.0 to 7.25.0

Changelog Enforcer 2.1.0

Deprecated

  • The input versionPattern is now deprecated. Starting in v3.0.0 the Changelog Enforcer will only work with Keep a Changelog for verifying the latest expected version.

Dependencies

  • Bumps eslint from 7.21.0 to 7.23.0
  • Bumps uglify-js from 3.13.0 3.13.2

... (truncated)

Changelog

Sourced from dangoslen/changelog-enforcer's changelog.

CHANGELOG

Inspired from Keep a Changelog

[v3.0.0]

:rocket: The 3.0.0 release of the Changelog Enforcer is here! This release relies soley on the GitHub API instead of local git commands from a cloned repository. This means, for example, that actions/checkout does not need to be run before running the enforcer.

Fixes

Dependencies

  • Bumps @vercel/ncc from 0.28.6 to 0.31.1
  • Bumps @actions/core from 1.4.0 to 1.6.0
  • Bumps jest from 27.0.5 to 27.3.1
  • Bumps actions/checkout from 2.3.4 to 2.4.0
  • Bumps uglify-js from 3.13.9 to 3.14.3
  • Bumps eslint from 7.28.0 to 8.2.0

[v2.3.1]

Changed

  • Only runs on pull_request and pull_request_target events. This is to address issue #140

[v2.3.0]

Dependencies

  • Bumps lodash from 4.17.19 to 4.17.21
  • Bumps stefanzweifel/git-auto-commit-action from 4 to 4.11.0
  • Bumps actions/checkout from 2 to 2.3.4
  • Bumps actions/create-release from 1 to 1.1.4
  • Bumps uglify-js from 3.13.3 to 3.13.9
  • Bumps eslint from 7.25.0 to 7.28.0
  • Bumps @vercel/ncc from 0.28.2 to 0.28.6
  • Bumps @actions/github from 4.0.0 to 5.0.0
  • Bumps dangoslen/dependabot-changelog-helper from 0.3.2 to 1
  • Bumps @actions/exec from 1.0.4 to 1.1.0
  • Bumps @actions/core from 1.2.7 to 1.4.0
  • Bumps jest from 26.6.3 to 27.0.5
  • Bumps ws from 7.4.0 to 7.5.3

[v2.2.0]

Changed

  • The pull_request workflow now executes as a pull_request_target workflow to handle incoming pull requests from forked repos.
    • This is needed because Dependabot now works as a forked branch. The reasoning and ways to accommodate are listed in a GitHub Security article
    • The verified label is needed to allow the workflow to execute

Dependencies

  • Bumps uglify-js from 3.13.2 to 3.13.3
  • Bumps y18n from 4.0.1 to 5.0.8
  • Bumps @vercel/ncc from 0.27.0 to 0.28.2
  • Bumps @actions/core from 1.2.6 to 1.2.7
  • Bumps eslint from 7.23.0 to 7.25.0
  • Bumps hosted-git-info from 2.8.8 to 2.8.9

[v2.1.0]

Deprecated

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)