mirror of
https://github.com/maplibre/martin.git
synced 2024-12-19 21:01:45 +03:00
chore(deps): Bump dependabot/fetch-metadata from 1.5.0 to 1.5.1 (#676)
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.5.0 to 1.5.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v1.5.1</h2> <h2>What's Changed</h2> <p>Bugfix:</p> <ul> <li>Fix library parser to trim trailing LF by <a href="https://github.com/kachick"><code>@kachick</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/380">dependabot/fetch-metadata#380</a></li> </ul> <p>Dep bumps that are trivial so decided to keep this a patch release:</p> <ul> <li>Bump yargs from 17.7.1 to 17.7.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/379">dependabot/fetch-metadata#379</a></li> <li>Bump <code>@types/node</code> from 20.2.1 to 20.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/382">dependabot/fetch-metadata#382</a></li> </ul> <p>Internal-facing infra changes:</p> <ul> <li>Group :dependabot: PR's for <code>eslint</code>-related deps by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/374">dependabot/fetch-metadata#374</a></li> <li>Bump the eslint-dependencies group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/375">dependabot/fetch-metadata#375</a></li> <li>Bump the eslint-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/378">dependabot/fetch-metadata#378</a></li> <li>Switch to using an app token instead of a PAT by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/362">dependabot/fetch-metadata#362</a></li> <li>v1.5.1 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/384">dependabot/fetch-metadata#384</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.1">https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="cd6e996708
"><code>cd6e996</code></a> v1.5.1 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/384">#384</a>)</li> <li><a href="64bd9b825f
"><code>64bd9b8</code></a> Fix library parser to trim trailing LF (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/380">#380</a>)</li> <li><a href="0908fa19ff
"><code>0908fa1</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/382">#382</a> from dependabot/dependabot/npm_and_yarn/types/node-20...</li> <li><a href="2624edc352
"><code>2624edc</code></a> Bump <code>@types/node</code> from 20.2.1 to 20.2.3</li> <li><a href="d1defa4769
"><code>d1defa4</code></a> Switch to using an app token instead of a PAT (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/362">#362</a>)</li> <li><a href="cb17c9e1eb
"><code>cb17c9e</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/379">#379</a> from dependabot/dependabot/npm_and_yarn/yargs-17.7.2</li> <li><a href="c6f9c16b9f
"><code>c6f9c16</code></a> Bump yargs from 17.7.1 to 17.7.2</li> <li><a href="0f533276d7
"><code>0f53327</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/378">#378</a> from dependabot/dependabot/npm_and_yarn/eslint-depend...</li> <li><a href="398ed41843
"><code>398ed41</code></a> Bump the eslint-dependencies group with 2 updates</li> <li><a href="801acabef1
"><code>801acab</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/375">#375</a> from dependabot/dependabot/npm_and_yarn/eslint-depend...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/v1.5.0...v1.5.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.5.0&new-version=1.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
parent
8f020aa6f6
commit
9b969d58a1
2
.github/workflows/dependabot.yml
vendored
2
.github/workflows/dependabot.yml
vendored
@ -10,7 +10,7 @@ jobs:
|
||||
steps:
|
||||
- name: Dependabot metadata
|
||||
id: metadata
|
||||
uses: dependabot/fetch-metadata@v1.5.0
|
||||
uses: dependabot/fetch-metadata@v1.5.1
|
||||
with:
|
||||
github-token: "${{ secrets.GITHUB_TOKEN }}"
|
||||
- name: Approve Dependabot PRs
|
||||
|
Loading…
Reference in New Issue
Block a user