dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-12 18:07:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
282 Commits 8 Branches 28 Tags
25d8fcd410e8f0d68706ffc092a61d1ff5caf173
Commit Graph

282 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions
25d8fcd410 [dependabot skip] Update dist/ with build changes 2022-04-20 10:14:26 +00:00
dependabot[bot]
f410d97ac6 Bump @actions/github from 5.0.0 to 5.0.1 
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-20 10:13:32 +00:00
Barry Gordon
2c14e91d87 Fix typo in build workflow 2022-04-20 11:10:47 +01:00
Barry Gordon
5566d3bb08 Avoid using actor 2022-04-20 10:04:52 +01:00
Barry Gordon
9a3ea4fc12 Correctly checkout the repository to use the local action 2022-04-20 09:59:02 +01:00
Barry Gordon
ba38fe5cb2 Merge pull request #205 from dependabot/brrygrdn/automation-tidy-up 
Dependabot updates run monthly and attempt to auto-compile dist/
 2022-04-20 09:50:08 +01:00
Barry Gordon
221b2c09c5 Prefer npm to NPM 
Co-authored-by: Jurre <jurre@github.com>
 2022-04-19 20:01:37 +01:00
Barry Gordon
a20aed188f Fix script path 2022-04-19 20:00:27 +01:00
Barry Gordon
a5e702392a Use a single automation PAT 2022-04-19 20:00:27 +01:00
Barry Gordon
f9682a0a6a Add a workflow to compile dist/ for Dependabot PRs 2022-04-19 20:00:27 +01:00
Barry Gordon
2017141629 Fix sed command for OSX 2022-04-19 20:00:26 +01:00
Barry Gordon
6790cb69ed Use a separate workflow to check the diff compilation 2022-04-19 20:00:26 +01:00
Barry Gordon
083b8484d8 Dependabot checks monthly, and checks GitHub Actions 2022-04-19 20:00:23 +01:00
Barry Gordon
4da8422b7e Merge pull request #203 from dependabot/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.20.0 
Bump @typescript-eslint/eslint-plugin from 5.12.1 to 5.20.0
 2022-04-19 18:12:40 +01:00
dependabot[bot]
28c827d4ff Bump @typescript-eslint/eslint-plugin from 5.12.1 to 5.20.0 
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.12.1 to 5.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.20.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 17:07:22 +00:00
Barry Gordon
e9af75210a Merge pull request #202 from dependabot/dependabot/npm_and_yarn/typescript-eslint/parser-5.20.0 
Bump @typescript-eslint/parser from 5.17.0 to 5.20.0
 2022-04-19 18:06:23 +01:00
Barry Gordon
5cabe32e9b Merge pull request #199 from dependabot/dependabot/npm_and_yarn/yargs-17.4.1 
Bump yargs from 17.3.1 to 17.4.1
 2022-04-19 18:05:46 +01:00
dependabot[bot]
406bb904f1 Bump yargs from 17.3.1 to 17.4.1 
Bumps [yargs](https://github.com/yargs/yargs) from 17.3.1 to 17.4.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v17.3.1...v17.4.1)

---
updated-dependencies:
- dependency-name: yargs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:44:48 +00:00
Barry Gordon
c87d153abb Merge pull request #204 from dependabot/dependabot/npm_and_yarn/minimist-1.2.6 
Bump minimist from 1.2.5 to 1.2.6
 2022-04-19 17:44:22 +01:00
Barry Gordon
facf13a3ea Merge pull request #193 from dependabot/dependabot/npm_and_yarn/typescript-4.6.3 
Bump typescript from 4.5.5 to 4.6.3
 2022-04-19 17:43:24 +01:00
dependabot[bot]
1a9a6fe293 Bump minimist from 1.2.5 to 1.2.6 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:38:09 +00:00
Barry Gordon
7399a0b09a Bump dist/ 2022-04-19 17:37:24 +01:00
dependabot[bot]
2442986b84 Bump typescript from 4.5.5 to 4.6.3 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.5.5 to 4.6.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.5.5...v4.6.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:32:03 +00:00
dependabot[bot]
012b3f8bbb Bump @typescript-eslint/parser from 5.17.0 to 5.20.0 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.17.0 to 5.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.20.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:31:47 +00:00
Barry Gordon
f504fed8a9 Merge pull request #198 from dependabot/dependabot/npm_and_yarn/eslint-8.13.0 
Bump eslint from 8.12.0 to 8.13.0
 2022-04-19 17:31:10 +01:00
dependabot[bot]
3eb7c244c3 Bump eslint from 8.12.0 to 8.13.0 
Bumps [eslint](https://github.com/eslint/eslint) from 8.12.0 to 8.13.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.12.0...v8.13.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-11 12:13:38 +00:00
Barry Gordon
ea96e5ff32 Merge pull request #196 from dependabot/dependabot/npm_and_yarn/ts-node-10.7.0 
Bump ts-node from 10.5.0 to 10.7.0
 2022-03-30 15:39:43 +01:00
Barry Gordon
697e512f0d Merge pull request #190 from dependabot/dependabot/npm_and_yarn/eslint-8.12.0 
Bump eslint from 8.9.0 to 8.12.0
 2022-03-30 15:24:40 +01:00
dependabot[bot]
a07276c6c1 Bump ts-node from 10.5.0 to 10.7.0 
Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 10.5.0 to 10.7.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v10.5.0...v10.7.0)

---
updated-dependencies:
- dependency-name: ts-node
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:20:38 +00:00
dependabot[bot]
6eca589517 Bump eslint from 8.9.0 to 8.12.0 
Bumps [eslint](https://github.com/eslint/eslint) from 8.9.0 to 8.12.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.9.0...v8.12.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:20:13 +00:00
Barry Gordon
468c720ccd Merge pull request #194 from dependabot/dependabot/npm_and_yarn/typescript-eslint/parser-5.17.0 
Bump @typescript-eslint/parser from 5.12.1 to 5.17.0
 2022-03-30 14:18:44 +01:00
dependabot[bot]
935fa80e0e Bump @typescript-eslint/parser from 5.12.1 to 5.17.0 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.12.1 to 5.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.17.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:16:12 +00:00
Barry Gordon
b199518f91 Merge pull request #181 from dependabot/dependabot/npm_and_yarn/types/yargs-17.0.10 
Bump @types/yargs from 17.0.8 to 17.0.10
 2022-03-30 14:15:07 +01:00
Barry Gordon
7e50846bfd Merge pull request #186 from SalimBensiali/fix-incorrect-vulnerable-manifest-path-check 
Fix incorrect vulnerable manifest path check
 2022-03-30 14:14:03 +01:00
dependabot[bot]
70cadf40c8 Bump @types/yargs from 17.0.8 to 17.0.10 
Bumps [@types/yargs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/yargs) from 17.0.8 to 17.0.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/yargs)

---
updated-dependencies:
- dependency-name: "@types/yargs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:13:23 +00:00
Barry Gordon
e79f0f25a3 Merge pull request #168 from dependabot/dependabot/npm_and_yarn/types/jest-27.4.1 
Bump @types/jest from 27.4.0 to 27.4.1
 2022-03-30 14:12:22 +01:00
dependabot[bot]
c87d439f92 Bump @types/jest from 27.4.0 to 27.4.1 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 27.4.0 to 27.4.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 10:10:20 +00:00
Barry Gordon
8463d1018f Merge pull request #191 from dependabot/dependabot/npm_and_yarn/types/node-17.0.23 
Bump @types/node from 17.0.19 to 17.0.23
 2022-03-30 11:09:26 +01:00
Salim Bensiali
aa4ffba345 Update dist 2022-03-30 05:12:13 +10:00
Barry Gordon
d76b431805 Merge pull request #188 from pangaeatech/autoApprove 
Updated auto approve example to minimizing notifications
 2022-03-29 15:27:04 +01:00
dependabot[bot]
3d1a6e74c9 Bump @types/node from 17.0.19 to 17.0.23 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 17.0.19 to 17.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-28 12:10:06 +00:00
Michael Waddell
fb30fa3b5d minimizing auto approve notifications 2022-03-26 22:16:33 -05:00
Salim Bensiali
50776e5524 Call trimSlashes on the computed manifest path instead of on just 
`directory`
 2022-03-24 07:20:42 +00:00
Salim Bensiali
b31caa4279 Add failing tests for verified_commits.ts\'s getAlert function 2022-03-24 07:18:36 +00:00
Barry Gordon
ba6223c5ba Merge pull request #183 from pangaeatech/readme-token 
Updated readme to explain when you need to use a PAT
 2022-03-23 11:25:00 +00:00
Michael Waddell
a70ed12cac put those back to be more explicit 2022-03-22 13:58:58 -05:00
Michael Waddell
9f1a0a2d59 Updated readme for when you need to use a PAT 2022-03-22 13:55:33 -05:00
Barry Gordon
d960673041 Merge pull request #173 from pangaeatech/update_type_fix 
If the `update-type` is missing for some reason, calculate it
 2022-03-22 17:09:31 +00:00
Michael Waddell
84741a1a63 If the update-type is missing for some reason, calculate it from the versions 2022-03-04 22:40:59 -06:00
Barry Gordon
a96c30f6ac Merge pull request #170 from dependabot/v1.3.0-release-notes 
V1.3.0 release notes
v1.3.0 		2022-03-01 14:10:02 +00:00