dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-12 18:07:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
622 Commits 8 Branches 28 Tags
fa40ff438f738170d8b581fa152ea8c7bfd6bfab
Commit Graph

622 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fetch-metadata-action-automation[bot]
fa40ff438f Merge pull request #598 from dependabot/dependabot/github_actions/actions/create-github-app-token-1.11.3 
Bump actions/create-github-app-token from 1.11.0 to 1.11.3
 2025-03-19 22:58:03 -07:00
dependabot[bot]
ae47413891 Bump actions/create-github-app-token from 1.11.0 to 1.11.3 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.0 to 1.11.3.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](5d869da34e...67e27a7eb7)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-09 16:51:46 +00:00
Nish Sinha
d7267f607e Merge pull request #543 from dependabot/bump-to-v2.3.0 
v2.3.0
v2.3.0 		2025-01-24 14:28:12 -05:00
github-actions[bot]
e3dd295a04 v2.3.0 
Release notes: https://github.com/dependabot/fetch-metadata/releases/tag/v2.3.0
 2025-01-24 13:52:22 -05:00
Nish Sinha
3da9521b8c Merge pull request #565 from CloudNStoyan/main 
Handle branch names containing dependency group
 2025-01-24 13:49:05 -05:00
Stoyan Kolev
de52f60015 update build 2025-01-24 13:48:15 -05:00
Stoyan Kolev
59d2b1fb73 fix incorrect parsing of directory when using dependency-group 2025-01-24 13:48:15 -05:00
Nish Sinha
0d27069494 Merge pull request #564 from CatChen/fixed-missing-outputs-in-action-yml 
Fixed missing outputs in action.yml
 2025-01-24 13:43:12 -05:00
Cat Chen
5a7546a6e7 Fixed missing outputs in action.yml 2024-10-23 12:38:44 -07:00
Nish Sinha
06ea45a2e4 Merge pull request #563 from CloudNStoyan/main 
fix readme action example
 2024-10-23 12:23:02 -04:00
Stoyan Kolev
bbfca7ec1c fix readme action example 2024-10-21 20:44:00 +03:00
fetch-metadata-action-automation[bot]
b0d0393a82 Merge pull request #554 from dependabot/dependabot/github_actions/actions/create-github-app-token-1.11.0 
Bump actions/create-github-app-token from 1.10.3 to 1.11.0
 2024-09-27 08:18:08 -07:00
dependabot[bot]
d664895d57 Bump actions/create-github-app-token from 1.10.3 to 1.11.0 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.10.3 to 1.11.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](31c86eb3b3...5d869da34e)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-15 16:24:34 +00:00
Jeff Widman
efb8718212 Silence audit and funding messages from npm (#550) 
While reviewing some logs, I noticed the following:
```shell
added 1 package, changed 30 packages, and audited 382 packages in 6s

58 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities
```

While I'm not against security, nor supporting OSS maintainers (I
co-maintain 10+ projects myself!), I am against noisy logs that add no
value.

So let's silence these:

1. When they appear in CI, they add no value.
1. We've got our own security tools for vulnerable deps, which we rely
   on instead of `npm audit` results.
1. When I'm skimming logs looking for debug information, these just get
   in my way.
1. There may be a speed boost if the audit/fix metadata requires an additional API call, 
   and silencing actually skips that rather than merely silencing it.

There's multiple ways to silence these: https://benjamincrozat.com/disable-packages-are-looking-for-funding

Originally I tackled this by adding `--no-audit --no-fund` flags, but
there's a lot of different entrypoints and workflows that call `npm ci`
or `npm install`. Even if I do manage to get them all, there's always a
risk someone will come along later and add another entrypoint. So that's
why I went the `.npmrc` route.

After this change, the logs are much better:
```shell
added 1 package, changed 30 packages, and audited 382 packages in 6s
```
 2024-09-04 10:46:08 -07:00
Nish Sinha
67945c0712 Merge pull request #548 from dependabot/nishnha/specify-if-conditional 
Update readme to include an if conditional
 2024-08-26 18:03:47 -04:00
Nish Sinha
46e21c91ff Add the pull_request_target permissions note 2024-08-26 17:55:25 -04:00
Nish Sinha
9e29706b9b pull_request_target -> pull_request 2024-08-26 17:49:24 -04:00
Nish Sinha
af75c3e1a2 Remove ${{ }} 2024-08-26 17:48:22 -04:00
Nish Sinha
e10dfc617d Specify if conditional 
Also update all fetch-metadata@v1 references to v2
 2024-08-26 16:47:17 -04:00
fetch-metadata-action-automation[bot]
ffa2dc8ffe Merge pull request #537 from dependabot/dependabot/github_actions/actions/create-github-app-token-1.10.3 
Bump actions/create-github-app-token from 1.10.2 to 1.10.3
 2024-07-15 08:46:23 -07:00
dependabot[bot]
910e3275e8 Bump actions/create-github-app-token from 1.10.2 to 1.10.3 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](ad38cffc07...31c86eb3b3)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-07 16:08:17 +00:00
fetch-metadata-action-automation[bot]
dbb049abf0 v2.2.0 (#520) 
Release notes: https://github.com/dependabot/fetch-metadata/releases/tag/v2.2.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
v2.2.0 		2024-07-04 16:20:39 -07:00
fetch-metadata-action-automation[bot]
36bf1f955e Merge pull request #532 from dependabot/dependabot/npm_and_yarn/braces-3.0.3 
Bump braces from 3.0.2 to 3.0.3
 2024-07-04 23:17:17 +00:00
dependabot[bot]
a3420b5aac Bump braces from 3.0.2 to 3.0.3 
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-04 23:16:46 +00:00
fetch-metadata-action-automation[bot]
006e43f8a3 Merge pull request #534 from dependabot/dependabot/github_actions/actions/create-github-app-token-1.10.2 
Bump actions/create-github-app-token from 1.10.0 to 1.10.2
 2024-07-04 16:07:04 -07:00
dependabot[bot]
9c55ebe618 Bump actions/create-github-app-token from 1.10.0 to 1.10.2 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.10.0 to 1.10.2.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](a0de6af839...ad38cffc07)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-30 16:03:41 +00:00
fetch-metadata-action-automation[bot]
325b863556 Merge pull request #523 from dependabot/dependabot/github_actions/actions/create-github-app-token-1.10.0 
Bump actions/create-github-app-token from 1.9.0 to 1.10.0
 2024-05-05 22:50:16 -07:00
dependabot[bot]
aec2f3e196 Bump actions/create-github-app-token from 1.9.0 to 1.10.0 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](f2acddfb51...a0de6af839)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-05 16:05:17 +00:00
Nish Sinha
5e5f99653a Merge pull request #518 from dependabot/bump-to-v2.1.0 
v2.1.0
v2.1.0 		2024-04-24 11:14:53 -04:00
github-actions[bot]
63415e5037 v2.1.0 
Release notes: https://github.com/dependabot/fetch-metadata/releases/tag/v2.1.0
 2024-04-24 14:30:00 +00:00
Nish Sinha
76b7fe974e Merge pull request #509 from dependabot/switch-to-monthly-release-cadence 
Switch to monthly release cadence
 2024-04-24 10:18:47 -04:00
Jeff Widman
7c323d50f1 Switch to monthly release cadence 
We'd like to start releasing monthly so that we don't fall quite so far behind... based on past commit frequency, most of these releases will only contain merged :dependabot: PR's bumping our deps, but this way we find out quickly if a dep breaks our action.
 2024-04-24 10:05:00 -04:00
Nish Sinha
5c7b450d4f Merge pull request #450 from HealthengineAU/handle-branches-with-hyphens 
Handle branch names containing hyphen separators
 2024-04-24 09:35:01 -04:00
Thomas Spencer
a44a9dfd95 Handle branch names containing hyphen separators 2024-04-24 11:56:55 +08:00
Jeff Widman
518993c026 Relax engine-strict=true (#510) 
Looking at git history, this was added in https://github.com/dependabot/fetch-metadata/pull/251 and was probably an overzealous add TBH.

I often like pinning, but here it's breaking our :dependabot: runs:
https://github.com/dependabot/fetch-metadata/issues/507

So let's relax it for now. If we later run into problems, we can always tighten the screws later.
 2024-03-21 15:54:38 -07:00
fetch-metadata-action-automation[bot]
0fb21704c1 v2.0.0 (#508) 
Release notes: https://github.com/dependabot/fetch-metadata/releases/tag/v2.0.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
v2.0.0 		2024-03-21 14:45:33 -07:00
Jeff Widman
dc2c459ae6 v2 is the new tracking tag (#506) 
We're about to cut a new major version of this action,
and we don't anticipate any further releases of the `v1`
line.

So I simply updated the automation to float the `v2` tag.

Technically we could make it so it intelligently looks at
the release number and updates the appropriate tag, but
that'd be a bit more work and we don't need that complexity
in this repo right now given our very infrequent cadence of
bumping major versions.

As explained in a [code comment](f2f0ad1522/.github/workflows/release-move-tracking-tag.yml (L11-L28)):
```
    # We have a choice - defensiveness vs convenience:
    # 1. Be defensive by filtering if the release doesn't look like a normal
    #    version, or if it's a patch release to an older version... the logic
    #    gets tricky quickly. Easiest way to be 100% sure is stop running this
    #    on `release` and instead require a human to manually run this workflow
    #    after they tag a release.
    # 2. Minimize the upfront hassle by assuming every release is a normal
    #    version release and the latest one. Today both are resoundingly true
    #    as this repo isn't that active/busy, so we don't worry about
    #    multiple release branches, pre-releases, etc.
    #
    # For now I've gone with option 2, as it is much more convenient and if we
    # typo something during a release it's easy to fix by immediately tagging a
    # correct release. And if we don't notice the typo, well, in that case
    # requiring a human to manually run the workflow wouldn't have protected us
    # either, we'd have had to filter by only things that look like versions.
    # Anyway, for now this is good enough, and if it gets to be a problem down
    # the road we increase the robustness of this.

```
 2024-03-21 14:28:04 -07:00
Nish Sinha
f2f0ad1522 Upgrade from node16 to node20 (#443) 
* Upgrade from node16 to node20

node16 is now EOL

* Ugrade node and npm versions

* Use the GitHub Actions reporter to stop failing on core.setFailure tests

* `npm >= 10` requires `node >= 20.5.0`

Co-authored-by: Paul <schuette.paul@gmail.com>

---------

Co-authored-by: Jeff Widman <jeff@jeffwidman.com>
Co-authored-by: Paul <schuette.paul@gmail.com>
 2024-03-21 10:58:45 -07:00
fetch-metadata-action-automation[bot]
8348ea7f5d v1.7.0 (#505) 
Release notes: https://github.com/dependabot/fetch-metadata/releases/tag/v1.7.0

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
v1 v1.7.0 		2024-03-21 08:42:57 -07:00
Jeff Widman
e21c9fbf3d Switch to the official action for managing app tokens (#504) 
Improve security by switching to the official GitHub action
for managing app tokens. More [details](https://github.com/tibdex/github-app-token/issues/99#issuecomment-1787602874).

The `repositories` key is safe to remove because per
the [docs](https://github.com/actions/create-github-app-token?tab=readme-ov-file#repositories):

> If owner and repositories are empty, access will be scoped to only the current repository.
 2024-03-21 01:25:10 -07:00
Jeff Widman
3e1bcb99a1 Scope app token to only this repo for security (#501) 
https://github.com/dependabot/fetch-metadata/pull/442 bumped to a new version
of this action which now supports a `"repositories"` key that scopes the token
to the designated repositories.
 2024-03-20 21:19:31 -07:00
fetch-metadata-action-automation[bot]
7187f3911e Merge pull request #442 from dependabot/dependabot/github_actions/tibdex/github-app-token-2.1.0 
Bump tibdex/github-app-token from 1.8.2 to 2.1.0
 2024-03-21 03:28:42 +00:00
dependabot[bot]
f9af96f1e7 Bump tibdex/github-app-token from 1.8.2 to 2.1.0 
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.8.2 to 2.1.0.
- [Release notes](https://github.com/tibdex/github-app-token/releases)
- [Commits](0d49dd7211...3beb63f4bd)

---
updated-dependencies:
- dependency-name: tibdex/github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 03:28:08 +00:00
fetch-metadata-action-automation[bot]
9977d7bbd8 Merge pull request #497 from dependabot/dependabot/npm_and_yarn/dev-dependencies-f2ee839a29 
Bump the dev-dependencies group with 13 updates
 2024-03-20 20:23:25 -07:00
Jeff Widman
4e1067b348 run npm build 2024-03-21 03:22:26 +00:00
dependabot[bot]
98c94fe219 Bump the dev-dependencies group with 13 updates 
Bumps the dev-dependencies group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.5` | `29.5.12` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.8.2` | `20.11.20` |
| [@types/yargs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/yargs) | `17.0.26` | `17.0.32` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `6.7.4` | `7.0.2` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.7.4` | `7.0.2` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.3.1` | `16.4.5` |
| [eslint](https://github.com/eslint/eslint) | `8.50.0` | `8.57.0` |
| [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) | `2.28.1` | `2.29.1` |
| [nock](https://github.com/nock/nock) | `13.3.3` | `13.5.3` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.1.1` | `29.1.2` |
| [ts-node](https://github.com/TypeStrong/ts-node) | `10.9.1` | `10.9.2` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.2.2` | `5.3.3` |
| [yaml](https://github.com/eemeli/yaml) | `2.3.2` | `2.4.0` |


Updates `@types/jest` from 29.5.5 to 29.5.12
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `@types/node` from 20.8.2 to 20.11.20
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/yargs` from 17.0.26 to 17.0.32
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/yargs)

Updates `@typescript-eslint/eslint-plugin` from 6.7.4 to 7.0.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.0.2/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.7.4 to 7.0.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.0.2/packages/parser)

Updates `dotenv` from 16.3.1 to 16.4.5
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](https://github.com/motdotla/dotenv/compare/v16.3.1...v16.4.5)

Updates `eslint` from 8.50.0 to 8.57.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.50.0...v8.57.0)

Updates `eslint-plugin-import` from 2.28.1 to 2.29.1
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases)
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.28.1...v2.29.1)

Updates `nock` from 13.3.3 to 13.5.3
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.3.3...v13.5.3)

Updates `ts-jest` from 29.1.1 to 29.1.2
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.1...v29.1.2)

Updates `ts-node` from 10.9.1 to 10.9.2
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Changelog](https://github.com/TypeStrong/ts-node/blob/main/development-docs/release-template.md)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v10.9.1...v10.9.2)

Updates `typescript` from 5.2.2 to 5.3.3
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.2.2...v5.3.3)

Updates `yaml` from 2.3.2 to 2.4.0
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.3.2...v2.4.0)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@types/yargs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: dotenv
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: ts-node
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: yaml
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-02-25 16:12:36 +00:00
fetch-metadata-action-automation[bot]
924483a3d7 Merge pull request #461 from dependabot/dependabot/github_actions/actions/setup-node-4 
Bump actions/setup-node from 3 to 4
 2023-11-27 23:30:56 +00:00
dependabot[bot]
5bb91d5835 Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-27 15:30:17 -08:00
fetch-metadata-action-automation[bot]
54f41ceda7 Merge pull request #462 from dependabot/dependabot/npm_and_yarn/vercel/ncc-0.38.1 
Bump @vercel/ncc from 0.38.0 to 0.38.1
 2023-11-27 23:29:18 +00:00
dependabot[bot]
92421fec80 Bump @vercel/ncc from 0.38.0 to 0.38.1 
Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.38.0 to 0.38.1.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](https://github.com/vercel/ncc/compare/0.38.0...0.38.1)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-27 15:28:40 -08:00