forked from github/dependabot-action
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[pull] main from github:main #5
Open
pull
wants to merge
934
commits into
ConnectionMaster:main
Choose a base branch
from
github:main
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pull
bot
added
⤵️ pull
and removed
🔍 Ready for Review
Pull Request is not reviewed yet
labels
Oct 4, 2022
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20231006011356 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20230921204854 to v2.0.20231006011356 in /docker
Bumps the dependabot-core-images group in /docker with 16 updates: | Package | From | To | | --- | --- | --- | | [dependabot/dependabot-updater-bundler](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-cargo](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-composer](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-docker](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-elm](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-github-actions](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-gitsubmodule](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-gomod](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-gradle](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-maven](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-mix](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-npm](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-nuget](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-pip](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-pub](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | | [dependabot/dependabot-updater-terraform](https://github.com/dependabot/dependabot-core) | `v2.0.20230926124455` | `v2.0.20231005235833` | Updates `dependabot/dependabot-updater-bundler` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-cargo` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-composer` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-docker` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-elm` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-github-actions` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-gitsubmodule` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-gomod` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-gradle` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-maven` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-mix` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-npm` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-nuget` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-pip` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-pub` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) Updates `dependabot/dependabot-updater-terraform` from v2.0.20230926124455 to v2.0.20231005235833 - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](https://github.com/dependabot/dependabot-core/commits) --- updated-dependencies: - dependency-name: dependabot/dependabot-updater-bundler dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-cargo dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-composer dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-docker dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-elm dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-github-actions dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-gitsubmodule dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-gomod dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-gradle dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-maven dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-mix dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-npm dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-nuget dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-pip dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-pub dependency-type: direct:production dependency-group: dependabot-core-images - dependency-name: dependabot/dependabot-updater-terraform dependency-type: direct:production dependency-group: dependabot-core-images ... Signed-off-by: dependabot[bot] <support@github.com>
…bot-core-images-62860e0b7a Bump the dependabot-core-images group in /docker with 16 updates
Bumps the dev-dependencies group with 12 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.5.9` | `20.8.7` | | [@types/node-forge](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node-forge) | `1.3.4` | `1.3.8` | | [@vercel/ncc](https://github.com/vercel/ncc) | `0.36.1` | `0.38.1` | | [eslint](https://github.com/eslint/eslint) | `8.48.0` | `8.52.0` | | [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | `3.6.0` | `3.6.1` | | [eslint-plugin-github](https://github.com/github/eslint-plugin-github) | `4.10.0` | `4.10.1` | | [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `27.2.3` | `27.4.3` | | [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) | `5.0.0` | `5.0.1` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.6.4` | `29.7.0` | | [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.4` | `29.5.6` | | [json-server](https://github.com/typicode/json-server) | `0.17.3` | `0.17.4` | | [wait-port](https://github.com/dwmkerr/wait-port) | `1.0.4` | `1.1.0` | Updates `@types/node` from 20.5.9 to 20.8.7 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/node-forge` from 1.3.4 to 1.3.8 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node-forge) Updates `@vercel/ncc` from 0.36.1 to 0.38.1 - [Release notes](https://github.com/vercel/ncc/releases) - [Commits](vercel/ncc@0.36.1...0.38.1) Updates `eslint` from 8.48.0 to 8.52.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v8.48.0...v8.52.0) Updates `eslint-import-resolver-typescript` from 3.6.0 to 3.6.1 - [Release notes](https://github.com/import-js/eslint-import-resolver-typescript/releases) - [Changelog](https://github.com/import-js/eslint-import-resolver-typescript/blob/master/CHANGELOG.md) - [Commits](import-js/eslint-import-resolver-typescript@v3.6.0...v3.6.1) Updates `eslint-plugin-github` from 4.10.0 to 4.10.1 - [Release notes](https://github.com/github/eslint-plugin-github/releases) - [Commits](github/eslint-plugin-github@v4.10.0...v4.10.1) Updates `eslint-plugin-jest` from 27.2.3 to 27.4.3 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](jest-community/eslint-plugin-jest@v27.2.3...v27.4.3) Updates `eslint-plugin-prettier` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases) - [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md) - [Commits](prettier/eslint-plugin-prettier@v5.0.0...v5.0.1) Updates `jest` from 29.6.4 to 29.7.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest) Updates `@types/jest` from 29.5.4 to 29.5.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) Updates `json-server` from 0.17.3 to 0.17.4 - [Release notes](https://github.com/typicode/json-server/releases) - [Changelog](https://github.com/typicode/json-server/blob/master/CHANGELOG.md) - [Commits](typicode/json-server@v0.17.3...v0.17.4) Updates `wait-port` from 1.0.4 to 1.1.0 - [Release notes](https://github.com/dwmkerr/wait-port/releases) - [Changelog](https://github.com/dwmkerr/wait-port/blob/main/CHANGELOG.md) - [Commits](dwmkerr/wait-port@v1.0.4...v1.1.0) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/node-forge" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@vercel/ncc" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint-import-resolver-typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eslint-plugin-github dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eslint-plugin-jest dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint-plugin-prettier dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: jest dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/jest" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: json-server dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: wait-port dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…ndencies-3f937b5bb9 Bump the dev-dependencies group with 12 updates
Add prod dependency group for npm
Bumps the prod-dependencies group with 3 updates: [axios](https://github.com/axios/axios), [axios-retry](https://github.com/softonic/axios-retry) and [commander](https://github.com/tj/commander.js). Updates `axios` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.5.0...v1.6.0) Updates `axios-retry` from 3.7.0 to 3.8.1 - [Changelog](https://github.com/softonic/axios-retry/blob/master/CHANGELOG.md) - [Commits](softonic/axios-retry@v3.7.0...v3.8.1) Updates `commander` from 11.0.0 to 11.1.0 - [Release notes](https://github.com/tj/commander.js/releases) - [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md) - [Commits](tj/commander.js@v11.0.0...v11.1.0) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: axios-retry dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: commander dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…endencies-add0117929 Bump the prod-dependencies group with 3 updates
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.14.2 to 7.23.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
…averse-7.23.2 Bump @babel/traverse from 7.14.2 to 7.23.2
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 14.0.1 to 15.0.2. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/master/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v14.0.1...v15.0.2) --- updated-dependencies: - dependency-name: lint-staged dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ged-15.0.2 Bump lint-staged from 14.0.1 to 15.0.2
Bumps [dockerode](https://github.com/apocas/dockerode) from 3.3.5 to 4.0.0. - [Release notes](https://github.com/apocas/dockerode/releases) - [Commits](apocas/dockerode@v3.3.5...v4.0.0) --- updated-dependencies: - dependency-name: dockerode dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…e-4.0.0 Bump dockerode from 3.3.5 to 4.0.0
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240715162325 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240703205819 to v2.0.20240715162325 in /docker
* Added support for swift package-ecosystem * Run package build * Rebuild dist * Rebuild dist --------- Co-authored-by: Goncalves Pedro <gop2ovr@bosch.com> Co-authored-by: Ubuntu <eet2@betamanagement-app-terraform-test-vm.qsqjlcp1ygdublmvgmfkqrkiza.ax.internal.cloudapp.net> Co-authored-by: Rob Aiken <robaiken@github.com>
Bumps the prod-dependencies group with 1 update: [@octokit/webhooks-types](https://github.com/octokit/webhooks). Updates `@octokit/webhooks-types` from 7.5.0 to 7.5.1 - [Release notes](https://github.com/octokit/webhooks/releases) - [Commits](octokit/webhooks@v7.5.0...v7.5.1) --- updated-dependencies: - dependency-name: "@octokit/webhooks-types" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…endencies-d5c603e64c Bump @octokit/webhooks-types from 7.5.0 to 7.5.1 in the prod-dependencies group
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240715162325 to v2.0.20240717195146. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240717195146 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240715162325 to v2.0.20240717195146 in /docker
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240815143114 to v2.0.20240816194904. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240816194904 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240815143114 to v2.0.20240816194904 in /docker
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240816194904 to v2.0.20240820230105. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240820230105 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240816194904 to v2.0.20240820230105 in /docker
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240820230105 to v2.0.20240822164746. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240822164746 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240820230105 to v2.0.20240822164746 in /docker
* log the actor if it is not dependabot[bot] * update the broken test
.node-version is symlink to .nvmrc to keep a single source of truth
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240822164746 to v2.0.20240823173836. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240823173836 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240822164746 to v2.0.20240823173836 in /docker
While reviewing some logs, I noticed the following: ```shell added 1 package, changed 30 packages, and audited 382 packages in 6s 58 packages are looking for funding run `npm fund` for details found 0 vulnerabilities ``` While I'm not against security, nor supporting OSS maintainers (I co-maintain 10+ projects myself!), I am against noisy logs that add no value. So let's silence these: 1. When they appear in CI, they add no value. 1. We've got our own security tools for vulnerable deps, which we rely on instead of `npm audit` results. 1. When I'm skimming logs looking for debug information, these just get in my way. 1. There may be a speed boost if the audit/fix metadata requires an additional API call, and silencing actually skips that rather than merely silencing it. There's multiple ways to silence these: https://benjamincrozat.com/disable-packages-are-looking-for-funding Originally I tackled this by adding `--no-audit --no-fund` flags, but there's a lot of different entrypoints and workflows that call `npm ci` or `npm install`. Even if I do manage to get them all, there's always a risk someone will come along later and add another entrypoint. So that's why I went the `.npmrc` route. After this change, the logs are much better: ```shell added 1 package, changed 30 packages, and audited 382 packages in 6s ```
Bumps [github/dependabot-update-job-proxy/dependabot-update-job-proxy](https://github.com/github/dependabot-update-job-proxy) from v2.0.20240823173836 to v2.0.20240919194919. - [Commits](https://github.com/github/dependabot-update-job-proxy/commits) --- updated-dependencies: - dependency-name: github/dependabot-update-job-proxy/dependabot-update-job-proxy dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…dependabot-update-job-proxy/dependabot-update-job-proxy-v2.0.20240919194919 Bump github/dependabot-update-job-proxy/dependabot-update-job-proxy from v2.0.20240823173836 to v2.0.20240919194919 in /docker
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )