dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-13 18:17:13 -04:00
Code Issues Packages Projects Releases Wiki Activity
267 Commits 8 Branches 28 Tags
e9af75210a7be64b6b00e1c6c1e4633c8a7016bc
Commit Graph

267 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Barry Gordon
e9af75210a Merge pull request #202 from dependabot/dependabot/npm_and_yarn/typescript-eslint/parser-5.20.0 
Bump @typescript-eslint/parser from 5.17.0 to 5.20.0
 2022-04-19 18:06:23 +01:00
Barry Gordon
5cabe32e9b Merge pull request #199 from dependabot/dependabot/npm_and_yarn/yargs-17.4.1 
Bump yargs from 17.3.1 to 17.4.1
 2022-04-19 18:05:46 +01:00
dependabot[bot]
406bb904f1 Bump yargs from 17.3.1 to 17.4.1 
Bumps [yargs](https://github.com/yargs/yargs) from 17.3.1 to 17.4.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v17.3.1...v17.4.1)

---
updated-dependencies:
- dependency-name: yargs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:44:48 +00:00
Barry Gordon
c87d153abb Merge pull request #204 from dependabot/dependabot/npm_and_yarn/minimist-1.2.6 
Bump minimist from 1.2.5 to 1.2.6
 2022-04-19 17:44:22 +01:00
Barry Gordon
facf13a3ea Merge pull request #193 from dependabot/dependabot/npm_and_yarn/typescript-4.6.3 
Bump typescript from 4.5.5 to 4.6.3
 2022-04-19 17:43:24 +01:00
dependabot[bot]
1a9a6fe293 Bump minimist from 1.2.5 to 1.2.6 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:38:09 +00:00
Barry Gordon
7399a0b09a Bump dist/ 2022-04-19 17:37:24 +01:00
dependabot[bot]
2442986b84 Bump typescript from 4.5.5 to 4.6.3 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.5.5 to 4.6.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.5.5...v4.6.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:32:03 +00:00
dependabot[bot]
012b3f8bbb Bump @typescript-eslint/parser from 5.17.0 to 5.20.0 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.17.0 to 5.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.20.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-19 16:31:47 +00:00
Barry Gordon
f504fed8a9 Merge pull request #198 from dependabot/dependabot/npm_and_yarn/eslint-8.13.0 
Bump eslint from 8.12.0 to 8.13.0
 2022-04-19 17:31:10 +01:00
dependabot[bot]
3eb7c244c3 Bump eslint from 8.12.0 to 8.13.0 
Bumps [eslint](https://github.com/eslint/eslint) from 8.12.0 to 8.13.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.12.0...v8.13.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-11 12:13:38 +00:00
Barry Gordon
ea96e5ff32 Merge pull request #196 from dependabot/dependabot/npm_and_yarn/ts-node-10.7.0 
Bump ts-node from 10.5.0 to 10.7.0
 2022-03-30 15:39:43 +01:00
Barry Gordon
697e512f0d Merge pull request #190 from dependabot/dependabot/npm_and_yarn/eslint-8.12.0 
Bump eslint from 8.9.0 to 8.12.0
 2022-03-30 15:24:40 +01:00
dependabot[bot]
a07276c6c1 Bump ts-node from 10.5.0 to 10.7.0 
Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 10.5.0 to 10.7.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v10.5.0...v10.7.0)

---
updated-dependencies:
- dependency-name: ts-node
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:20:38 +00:00
dependabot[bot]
6eca589517 Bump eslint from 8.9.0 to 8.12.0 
Bumps [eslint](https://github.com/eslint/eslint) from 8.9.0 to 8.12.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.9.0...v8.12.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:20:13 +00:00
Barry Gordon
468c720ccd Merge pull request #194 from dependabot/dependabot/npm_and_yarn/typescript-eslint/parser-5.17.0 
Bump @typescript-eslint/parser from 5.12.1 to 5.17.0
 2022-03-30 14:18:44 +01:00
dependabot[bot]
935fa80e0e Bump @typescript-eslint/parser from 5.12.1 to 5.17.0 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.12.1 to 5.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.17.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:16:12 +00:00
Barry Gordon
b199518f91 Merge pull request #181 from dependabot/dependabot/npm_and_yarn/types/yargs-17.0.10 
Bump @types/yargs from 17.0.8 to 17.0.10
 2022-03-30 14:15:07 +01:00
Barry Gordon
7e50846bfd Merge pull request #186 from SalimBensiali/fix-incorrect-vulnerable-manifest-path-check 
Fix incorrect vulnerable manifest path check
 2022-03-30 14:14:03 +01:00
dependabot[bot]
70cadf40c8 Bump @types/yargs from 17.0.8 to 17.0.10 
Bumps [@types/yargs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/yargs) from 17.0.8 to 17.0.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/yargs)

---
updated-dependencies:
- dependency-name: "@types/yargs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 13:13:23 +00:00
Barry Gordon
e79f0f25a3 Merge pull request #168 from dependabot/dependabot/npm_and_yarn/types/jest-27.4.1 
Bump @types/jest from 27.4.0 to 27.4.1
 2022-03-30 14:12:22 +01:00
dependabot[bot]
c87d439f92 Bump @types/jest from 27.4.0 to 27.4.1 
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 27.4.0 to 27.4.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-30 10:10:20 +00:00
Barry Gordon
8463d1018f Merge pull request #191 from dependabot/dependabot/npm_and_yarn/types/node-17.0.23 
Bump @types/node from 17.0.19 to 17.0.23
 2022-03-30 11:09:26 +01:00
Salim Bensiali
aa4ffba345 Update dist 2022-03-30 05:12:13 +10:00
Barry Gordon
d76b431805 Merge pull request #188 from pangaeatech/autoApprove 
Updated auto approve example to minimizing notifications
 2022-03-29 15:27:04 +01:00
dependabot[bot]
3d1a6e74c9 Bump @types/node from 17.0.19 to 17.0.23 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 17.0.19 to 17.0.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-28 12:10:06 +00:00
Michael Waddell
fb30fa3b5d minimizing auto approve notifications 2022-03-26 22:16:33 -05:00
Salim Bensiali
50776e5524 Call trimSlashes on the computed manifest path instead of on just 
`directory`
 2022-03-24 07:20:42 +00:00
Salim Bensiali
b31caa4279 Add failing tests for verified_commits.ts\'s getAlert function 2022-03-24 07:18:36 +00:00
Barry Gordon
ba6223c5ba Merge pull request #183 from pangaeatech/readme-token 
Updated readme to explain when you need to use a PAT
 2022-03-23 11:25:00 +00:00
Michael Waddell
a70ed12cac put those back to be more explicit 2022-03-22 13:58:58 -05:00
Michael Waddell
9f1a0a2d59 Updated readme for when you need to use a PAT 2022-03-22 13:55:33 -05:00
Barry Gordon
d960673041 Merge pull request #173 from pangaeatech/update_type_fix 
If the `update-type` is missing for some reason, calculate it
 2022-03-22 17:09:31 +00:00
Michael Waddell
84741a1a63 If the update-type is missing for some reason, calculate it from the versions 2022-03-04 22:40:59 -06:00
Barry Gordon
a96c30f6ac Merge pull request #170 from dependabot/v1.3.0-release-notes 
V1.3.0 release notes
v1.3.0 		2022-03-01 14:10:02 +00:00
Barry Gordon
11d3bb752a v1.3.0 2022-02-28 18:32:53 +00:00
Barry Gordon
0ca01a5553 Merge pull request #146 from pangaeatech/get_compat_score 
Return compatibility score
 2022-02-28 18:10:37 +00:00
Barry Gordon
f4b2d0d26d Merge pull request #83 from jablko/patch-1 
Default github-token
 2022-02-28 17:12:17 +00:00
Barry Gordon
26e18ca119 Merge branch 'main' into patch-1 2022-02-28 17:10:27 +00:00
Barry Gordon
a30bbbb91c Merge pull request #166 from pangaeatech/allow-other-commits 
Allow fetch-metadata to run on a PR even if it has additional commits…
 2022-02-28 17:09:01 +00:00
Michael Waddell
9a3daafb32 linting 2022-02-26 13:46:10 -06:00
Michael Waddell
4a8756595b Allow fetch-metadata to run on a PR even if it has additional commits, as long as the 0th one was added by dependabot and is verified. 2022-02-26 13:40:40 -06:00
Barry Gordon
749688a11e Merge pull request #165 from pangaeatech/update_readme 
Updated README to reference correct version
 2022-02-26 14:17:14 +00:00
Michael Waddell
592101e995 Updated README to reference correct version 2022-02-25 22:08:27 -06:00
Jack Bates
0caf82fe41 Default github-token 2022-02-23 09:57:53 -07:00
Barry Gordon
4f2f2769b5 Merge pull request #163 from pangaeatech/bump-version-README 
Updated `bump-version` to update README.md as well
 2022-02-23 11:38:00 +00:00
Michael Waddell
b321c80e57 Updating README.md as well 2022-02-22 14:09:18 -06:00
Barry Gordon
e35f7edd9f Merge pull request #144 from pangaeatech/flag-security-alerts 
Flag security alerts and pass versions through
 2022-02-22 19:47:39 +00:00
Barry Gordon
2354b3f276 Merge pull request #161 from dependabot/v1.2.1-release-notes 
V1.2.1 release notes
v1.2.1 		2022-02-22 19:39:17 +00:00
Barry Gordon
8e0cbe5b18 Merge pull request #162 from dependabot/brrygrdn/automerge-as-someone-else 
Execute automerges using a PAT
 2022-02-22 18:28:23 +00:00