functions-framework-nodejs
functions-framework-nodejs copied to clipboard
GoogleCloudPlatform
chore(deps): update actions/dependency-review-action action to v4
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| actions/dependency-review-action | action | major | v3.1.5 -> v4.1.3 |
Release Notes
actions/dependency-review-action (actions/dependency-review-action)
v4.1.3: 4.1.3
Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see https://github.com/actions/dependency-review-action/issues/697).
Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3
v4.1.2: 4.1.2
What's Changed
- Expose dependency comment content by @jsoref in https://github.com/actions/dependency-review-action/pull/696
Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2
v4.1.1: 4.1.1
What's Changed
- Bump
undicito fix GHSA-wqq4-5wpv-mx2g - Bump @types/node from 20.11.17 to 20.11.19 by @dependabot in https://github.com/actions/dependency-review-action/pull/693
Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1
v4.1.0: 4.1.0
What's Changed
- Add
warn-onlyby @tgrall in https://github.com/actions/dependency-review-action/pull/432
Added a new configuration option (warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.
- Create stale.yaml by @jonjanego in https://github.com/actions/dependency-review-action/pull/671
- Use manual codeql config by @juxtin in https://github.com/actions/dependency-review-action/pull/678
- Multiple dependency updates (see the changelog below for more information)
New Contributors
- @jonjanego made their first contribution in https://github.com/actions/dependency-review-action/pull/671
- @tgrall made their first contribution in https://github.com/actions/dependency-review-action/pull/432
Full Changelog: https://github.com/actions/dependency-review-action/compare/v4...v4.1.0
v4.0.0
- Update action to Node 20 by @takost in https://github.com/actions/dependency-review-action/pull/639
- Dependabot updates, see the full changelog for more details.
New Contributors
- @takost made their first contribution in https://github.com/actions/dependency-review-action/pull/639
Full Changelog: https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0
Configuration
📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
