Closed dependabot[bot] closed 8 months ago
VIOLATION DESCRIPTION | NUMBER OF VIOLATIONS |
---|---|
HIGH/CRITICAL SECURITY VULNERABILITIES | 0 |
MAJOR UPDATES AVAILABLE | 0 |
LICENSE REQUIRES REVIEW | 0 |
LICENSE RISK HIGH | 9 |
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY | 1 |
Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps the ci group with 2 updates: anchore/sbom-action and peter-evans/repository-dispatch.
Updates
anchore/sbom-action
from 0.15.4 to 0.15.5Release notes
Sourced from anchore/sbom-action's releases.
Commits
24b0d52
chore(deps): update Syft to v0.101.1 (#437)Updates
peter-evans/repository-dispatch
from 2 to 3Release notes
Sourced from peter-evans/repository-dispatch's releases.
... (truncated)
Commits
ff45666
feat: update runtime to node 20 (#305)a4a9027
build(deps-dev): bump@types/node
from 18.19.6 to 18.19.8 (#304)2605253
build(deps-dev): bump prettier from 3.1.1 to 3.2.4 (#303)ab3258e
build(deps-dev): bump@types/node
from 18.19.4 to 18.19.6 (#302)240bc73
build(deps-dev): bump eslint-plugin-prettier from 5.1.2 to 5.1.3 (#301)8aa15c5
build(deps-dev): bump@types/node
from 18.19.3 to 18.19.4 (#300)22aa07c
build(deps-dev): bump eslint-plugin-prettier from 5.1.1 to 5.1.2 (#299)ba02985
build(deps-dev): bump eslint-plugin-prettier from 5.0.1 to 5.1.1 (#298)accfd7b
build(deps-dev): bump eslint from 8.55.0 to 8.56.0 (#297)3c7d964
build(deps): bump actions/upload-artifact from 3 to 4 (#295)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show