New experimental check: Avoid shadowing (#149) (@​julienduchesne)
Reports if entries go from least specific to most specific. Otherwise, earlier entries are completely ignored.
For example:
# First entry
/build/logs/ @octocat
# Shadows - reported as error
* @s1
/b*/logs @s5
# OK
/b*/other @o1
/script/* @o2
🔧 Bug Fixes
Apply hot fix to resolve issue with untrusted git repository for not-owned checker (#148) (@​mszostok)
Added to solve problem with actions/checkout#766.
Changelog
7dfc6dca90f648c93a63a6b0cfb27feb946e5be3: Support Github App authentication (#146) (@​julienduchesne)
0e995bc01a215e58d30736f542714276f4aaf4b4: New experimental check: Avoid shadowing (#149) (@​julienduchesne)
d1be4880cfc29e11d5c5a917d056c756fd3a6e94: Apply hot fix to resolve issue with untrusted git repository for not-owned checker (#148) (@​mszostok)
cfa4033612462f8a76ddd55f3617a2a8cc713a8c: Update main README.md (#153) (@​mszostok)
7f3f5e28c6d7b8dfae5731e54ce2272ca384592f: Adjust docs and GitHub action for v0.7.4 release (#154) (@​mszostok)
Commits
7f3f5e2 Adjust docs and GitHub action for v0.7.4 release (#154)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps mszostok/codeowners-validator from 0.7.3 to 0.7.4.
Release notes
Sourced from mszostok/codeowners-validator's releases.
Commits
7f3f5e2Adjust docs and GitHub action for v0.7.4 release (#154)cfa4033Update main README.md (#153)d1be488Apply hot fix to resolve issue with untrusted git repository fornot-owned...0e995bcNew experimental check: Avoid shadowing (#149)7dfc6dcSupport Github App authentication (#146)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)