chore(deps): bump dependabot/fetch-metadata from 1.3.4 to 1.3.5 ()

Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 1.3.4 to 1.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v1.3.5</h2>
<h2>What's Changed</h2>
<ul>
<li>v1.3.4 Release Notes by <a
href="https://github.com/Nishnha"><code>@​Nishnha</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/267">dependabot/fetch-metadata#267</a></li>
<li>docs: fix auto-merge example by <a
href="https://github.com/rribeiro1"><code>@​rribeiro1</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/250">dependabot/fetch-metadata#250</a></li>
<li>Bump <code>@​types/node</code> from 18.7.18 to 18.11.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/275">dependabot/fetch-metadata#275</a></li>
<li>Fix object-shorthand linter warnings by <a
href="https://github.com/mattt"><code>@​mattt</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/276">dependabot/fetch-metadata#276</a></li>
<li>Bump <code>@​actions/core</code> from 1.9.1 to 1.10.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/272">dependabot/fetch-metadata#272</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.38.0 to
5.42.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/274">dependabot/fetch-metadata#274</a></li>
<li>Bump <code>@​actions/github</code> from 5.0.3 to 5.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/271">dependabot/fetch-metadata#271</a></li>
<li>Bump yargs and <code>@​types/yargs</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/273">dependabot/fetch-metadata#273</a></li>
<li>Document steps for cutting a new release by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/252">dependabot/fetch-metadata#252</a></li>
<li>Don't bump pin versions in <code>README.md</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/280">dependabot/fetch-metadata#280</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Nishnha"><code>@​Nishnha</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/267">dependabot/fetch-metadata#267</a></li>
<li><a href="https://github.com/rribeiro1"><code>@​rribeiro1</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/250">dependabot/fetch-metadata#250</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.3.5">https://github.com/dependabot/fetch-metadata/compare/v1...v1.3.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ef0018793"><code>5ef0018</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/282">#282</a>
from dependabot/v1.3.5-release-notes</li>
<li><a
href="a9380d24b2"><code>a9380d2</code></a>
v1.3.5</li>
<li><a
href="404ba25b3f"><code>404ba25</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/280">#280</a>
from dependabot/drop-readme-from-bump-script</li>
<li><a
href="f40d4c77c9"><code>f40d4c7</code></a>
Don't bump pin versions in <code>README.md</code></li>
<li><a
href="7db64c379f"><code>7db64c3</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/252">#252</a>
from dependabot/document-release-steps</li>
<li><a
href="daa85e7aee"><code>daa85e7</code></a>
Add mention of <code>npm run build</code> if dev deps need
updating.</li>
<li><a
href="b768c4033e"><code>b768c40</code></a>
Document steps for cutting a new release</li>
<li><a
href="9833f74bfb"><code>9833f74</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/273">#273</a>
from dependabot/dependabot/npm_and_yarn/yargs-and-typ...</li>
<li><a
href="32b7ed324b"><code>32b7ed3</code></a>
Bump yargs and <code>@​types/yargs</code></li>
<li><a
href="7942397165"><code>7942397</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/271">#271</a>
from dependabot/dependabot/npm_and_yarn/actions/githu...</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/v1.3.4...v1.3.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.3.4&new-version=1.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot] 2022-11-07 22:15:28 +00:00 committed by GitHub
parent 6b114cc7f1
commit aabc31e067
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -10,7 +10,7 @@ jobs:
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.3.4
uses: dependabot/fetch-metadata@v1.3.5
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve Dependabot PRs