Skip to content

Commit

Permalink
Bump dependabot/fetch-metadata from 1.4.0 to 1.5.0 (#39)
Browse files Browse the repository at this point in the history 
Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 1.4.0 to 1.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v1.5.0</h2>
<h2>What's Changed</h2>
<p>New Features:</p>
<ul>
<li>Added flag if &quot;Maintainer changes&quot; appears in the PR body
by <a href="https://github.com/mwaddell"><code>@​mwaddell</code></a> in
<a
href="https://github.com/dependabot/fetch-metadata/pull/174">dependabot/fetch-metadata#174</a></li>
</ul>
<p>Bumped Deps:</p>
<ul>
<li>Bump <code>@​types/node</code> from 18.15.11 to 20.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/364">dependabot/fetch-metadata#364</a></li>
<li>Bump nock from 13.3.0 to 13.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/366">dependabot/fetch-metadata#366</a></li>
</ul>
<p>Docs:</p>
<ul>
<li>Add minimum permissions to usage example by <a
href="https://github.com/jablko"><code>@​jablko</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/343">dependabot/fetch-metadata#343</a></li>
<li>Document verification overrides in readme by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/345">dependabot/fetch-metadata#345</a></li>
</ul>
<p>Code cleanup:</p>
<ul>
<li>Simplify the release process by linking to release notes instead of
copy/pasting them by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/347">dependabot/fetch-metadata#347</a></li>
<li>Use the full email for the GitHub Actions bot by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/354">dependabot/fetch-metadata#354</a></li>
<li>Inline the PR URL by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/359">dependabot/fetch-metadata#359</a></li>
<li>No need to request escalated permissions for
<code>GITHUB_TOKEN</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/357">dependabot/fetch-metadata#357</a></li>
<li>Remove unused step by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/358">dependabot/fetch-metadata#358</a></li>
<li>Simplify <code>bin/bump-version</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/368">dependabot/fetch-metadata#368</a></li>
<li>Add a deeplink for tagging releases to the Readme by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/369">dependabot/fetch-metadata#369</a></li>
<li>Stop using deprecated <code>set-output</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/370">dependabot/fetch-metadata#370</a></li>
<li>Add workflow for creating release PR's by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/360">dependabot/fetch-metadata#360</a></li>
<li>Add workflow for floating the <code>v1</code> tag to the latest
release by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github.com/dependabot/fetch-metadata/pull/361">dependabot/fetch-metadata#361</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.0">https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/28a846a1194a2665a2eea75dd4556c91e43af857"><code>28a846a</code></a>
v1.5.0 (<a
href="https://github.com/dependabot/fetch-metadata/issues/372">#372</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/a2a3a43b4aacd26a656ce1cbf5adcb7c12acda1e"><code>a2a3a43</code></a>
Add workflow for floating the <code>v1</code> tag to the latest release
(<a
href="https://github.com/dependabot/fetch-metadata/issues/361">#361</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/6c5b8c2d48cffd5e2b19366e907318c77a649cd0"><code>6c5b8c2</code></a>
Add workflow for creating release PR's (<a
href="https://github.com/dependabot/fetch-metadata/issues/360">#360</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/c40140bc51e29fc87519f16aed72c5c39e1a4a2a"><code>c40140b</code></a>
Stop using deprecated <code>set-output</code> (<a
href="https://github.com/dependabot/fetch-metadata/issues/370">#370</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/042f8db0bc895269a538b291faadee63e2a060df"><code>042f8db</code></a>
Add a deeplink for tagging releases to the Readme (<a
href="https://github.com/dependabot/fetch-metadata/issues/369">#369</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/fd7c300f7c9a6c4cf0a873d81f38cb826be5ae80"><code>fd7c300</code></a>
Simplify <code>bin/bump-version</code> (<a
href="https://github.com/dependabot/fetch-metadata/issues/368">#368</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/9cc71e706fedba9f0661ae95d0acde71bf8b4c30"><code>9cc71e7</code></a>
Merge pull request <a
href="https://github.com/dependabot/fetch-metadata/issues/366">#366</a>
from dependabot/dependabot/npm_and_yarn/nock-13.3.1</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/f29558c5b5cdcf1fb2bd4ff3433ff407078c8d30"><code>f29558c</code></a>
Bump nock from 13.3.0 to 13.3.1</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/ec762ddf3ef9da2658f5b09d740f0d430158d4eb"><code>ec762dd</code></a>
Merge pull request <a
href="https://github.com/dependabot/fetch-metadata/issues/364">#364</a>
from dependabot/dependabot/npm_and_yarn/types/node-20...</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/e79c5ea20c6cf0077d088368ba5ddd1f5f894d4f"><code>e79c5ea</code></a>
Bump <code>@​types/node</code> from 18.15.11 to 20.2.1</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/v1.4.0...v1.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.4.0&new-version=1.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
  • Loading branch information
@github-actions
github-actions[bot] committed May 22, 2023
2 parents ca6525d + 9d46e8d commit abefcda
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/dependabot_updates.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:

- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.4.0
uses: dependabot/fetch-metadata@v1.5.0

- name: Enable auto-merge for Dependabot PRs
run: gh pr merge --auto --merge "$PR_URL"
Expand Down

0 comments on commit abefcda

Please sign in to comment.