Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Dependencies]: Bump actions/dependency-review-action from 3.1.3 to 3…
….1.4 (#390) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.3 to 3.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>3.1.4</h2> <h2>What's Changed</h2> <ul> <li> <p>Fixed a <a href="https://redirect.github.com/actions/dependency-review-action/issues/618">bug</a> with severity filtering when using the <code>allow_ghsas</code> option: <a href="https://redirect.github.com/actions/dependency-review-action/pull/623">actions/dependency-review-action#623</a>.</p> </li> <li> <p>Updates dependencies:</p> <ul> <li>Bump <code>@types/node</code> from 16.18.61 to 16.18.62 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/619">actions/dependency-review-action#619</a> action/pull/620</li> <li>Bump <code>@typescript-eslint/eslint-plugin</code> from 6.11.0 to 6.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/625">actions/dependency-review-action#625</a></li> <li>Bump typescript from 5.2.2 to 5.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/624">actions/dependency-review-action#624</a></li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/dependency-review-action/compare/v3...v3.1.4">https://github.com/actions/dependency-review-action/compare/v3...v3.1.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/01bc87099ba56df1e897b6874784491ea6309bc4"><code>01bc870</code></a> bumping version</li> <li><a href="https://github.com/actions/dependency-review-action/commit/4b4f0de8e1620c4be18d0da90012ccdf44131e85"><code>4b4f0de</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/623">#623</a> from actions/fix-advisory-filters</li> <li><a href="https://github.com/actions/dependency-review-action/commit/a93fa86c777e155ebd266bf2304bbaa1f1441f7b"><code>a93fa86</code></a> Fixing test name.</li> <li><a href="https://github.com/actions/dependency-review-action/commit/550520e2c57532fa895b3d4b6885b0344137a2fb"><code>550520e</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/624">#624</a> from actions/dependabot/npm_and_yarn/typescript-5.3.2</li> <li><a href="https://github.com/actions/dependency-review-action/commit/2d0fb60634ec35c35a1356b4631acc2f646d4dda"><code>2d0fb60</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/625">#625</a> from actions/dependabot/npm_and_yarn/typescript-eslin...</li> <li><a href="https://github.com/actions/dependency-review-action/commit/c07c2375ed277b1af382ec0ef5c93e260159b4c8"><code>c07c237</code></a> Bump <code>@typescript-eslint/eslint-plugin</code> from 6.11.0 to 6.12.0</li> <li><a href="https://github.com/actions/dependency-review-action/commit/4d842d754e57748932288daa14ee5f0de38bef2e"><code>4d842d7</code></a> Bump typescript from 5.2.2 to 5.3.2</li> <li><a href="https://github.com/actions/dependency-review-action/commit/a6d46863160cf427c41af940d53b8d32b289fe40"><code>a6d4686</code></a> adding dist</li> <li><a href="https://github.com/actions/dependency-review-action/commit/4366dbae42c015a363c2238839de69e3a20d4270"><code>4366dba</code></a> Advisory filters should not drop entire dependencies.</li> <li><a href="https://github.com/actions/dependency-review-action/commit/50dafeb5e4cbe3f213edd5b171daba2de1d469a1"><code>50dafeb</code></a> Tiny logic refactor.</li> <li>Additional commits viewable in <a href="https://github.com/actions/dependency-review-action/compare/v3.1.3...v3.1.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Loading branch information