mirror of
https://github.com/maplibre/martin.git
synced 2024-12-21 13:51:47 +03:00
f56be44089
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.3.5 to 1.3.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v1.3.6</h2> <h2>What's Changed</h2> <ul> <li>Drop mention of "locally" by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/281">dependabot/fetch-metadata#281</a></li> <li>Don't assume <code>git pull</code> fetches all branches/tags by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/284">dependabot/fetch-metadata#284</a></li> <li>Clarify release notes slightly by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/283">dependabot/fetch-metadata#283</a></li> <li>Bump eslint-plugin-promise from 6.0.1 to 6.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/287">dependabot/fetch-metadata#287</a></li> <li>Bump <code>@typescript-eslint/parser</code> from 5.38.0 to 5.45.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/290">dependabot/fetch-metadata#290</a></li> <li>Bump yargs and <code>@types/yargs</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/286">dependabot/fetch-metadata#286</a></li> <li>Bump <code>@types/node</code> from 18.11.9 to 18.11.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/289">dependabot/fetch-metadata#289</a></li> <li>Bump decode-uri-component from 0.2.0 to 0.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/291">dependabot/fetch-metadata#291</a></li> <li>Bump yaml from 2.1.1 to 2.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/288">dependabot/fetch-metadata#288</a></li> <li>Bump <code>@types/node</code> from 18.11.10 to 18.11.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/296">dependabot/fetch-metadata#296</a></li> <li>Bump <code>@vercel/ncc</code> from 0.34.0 to 0.36.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/294">dependabot/fetch-metadata#294</a></li> <li>Bump dotenv from 16.0.2 to 16.0.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/293">dependabot/fetch-metadata#293</a></li> <li>Bump typescript from 4.8.3 to 4.9.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/295">dependabot/fetch-metadata#295</a></li> <li>Bump yaml from 2.1.3 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/292">dependabot/fetch-metadata#292</a></li> <li>Bump json5 from 1.0.1 to 1.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/297">dependabot/fetch-metadata#297</a></li> <li>Bump eslint from 8.23.1 to 8.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/303">dependabot/fetch-metadata#303</a></li> <li>Bump <code>@typescript-eslint/parser</code> from 5.45.0 to 5.48.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/300">dependabot/fetch-metadata#300</a></li> <li>Bump <code>@typescript-eslint/eslint-plugin</code> from 5.42.0 to 5.48.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/302">dependabot/fetch-metadata#302</a></li> <li>Bump eslint-plugin-import from 2.26.0 to 2.27.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/301">dependabot/fetch-metadata#301</a></li> <li>Bump nock from 13.2.9 to 13.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/299">dependabot/fetch-metadata#299</a></li> <li>Bump <code>@types/yargs</code> from 17.0.15 to 17.0.19 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/304">dependabot/fetch-metadata#304</a></li> <li>Fix parser for libraries by <a href="https://github.com/kachick"><code>@kachick</code></a> in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/224">dependabot/fetch-metadata#224</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kachick"><code>@kachick</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/pull/224">dependabot/fetch-metadata#224</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.3.6">https://github.com/dependabot/fetch-metadata/compare/v1...v1.3.6</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="4de7a6c08c
"><code>4de7a6c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/306">#306</a> from dependabot/v1.3.6-release-notes</li> <li><a href="dfa376e5c1
"><code>dfa376e</code></a> v1.3.6</li> <li><a href="2b4e1681e0
"><code>2b4e168</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/224">#224</a> from kachick/fix-get-info-for-library</li> <li><a href="0a3f18375a
"><code>0a3f183</code></a> Adjust indent style with existing code</li> <li><a href="cf0e979712
"><code>cf0e979</code></a> Merge branch 'main' into fix-get-info-for-library</li> <li><a href="6b3627f3f1
"><code>6b3627f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/304">#304</a> from dependabot/dependabot/npm_and_yarn/types/yargs-1...</li> <li><a href="b385d6219b
"><code>b385d62</code></a> Bump <code>@types/yargs</code> from 17.0.15 to 17.0.19</li> <li><a href="ab5ccc9b61
"><code>ab5ccc9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/299">#299</a> from dependabot/dependabot/npm_and_yarn/nock-13.3.0</li> <li><a href="ce0ec4e5d5
"><code>ce0ec4e</code></a> Bump nock from 13.2.9 to 13.3.0</li> <li><a href="26d146ee07
"><code>26d146e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dependabot/fetch-metadata/issues/301">#301</a> from dependabot/dependabot/npm_and_yarn/eslint-plugin...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/v1.3.5...v1.3.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.3.5&new-version=1.3.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
28 lines
944 B
YAML
28 lines
944 B
YAML
name: Dependabot auto-merge
|
|
on: pull_request
|
|
|
|
permissions: write-all
|
|
|
|
jobs:
|
|
dependabot:
|
|
runs-on: ubuntu-latest
|
|
if: ${{ github.actor == 'dependabot[bot]' }}
|
|
steps:
|
|
- name: Dependabot metadata
|
|
id: metadata
|
|
uses: dependabot/fetch-metadata@v1.3.6
|
|
with:
|
|
github-token: "${{ secrets.GITHUB_TOKEN }}"
|
|
- name: Approve Dependabot PRs
|
|
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
|
|
run: gh pr review --approve "$PR_URL"
|
|
env:
|
|
PR_URL: ${{github.event.pull_request.html_url}}
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
|
- name: Enable auto-merge for Dependabot PRs
|
|
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
|
|
run: gh pr merge --auto --squash "$PR_URL"
|
|
env:
|
|
PR_URL: ${{github.event.pull_request.html_url}}
|
|
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|