action-dependabot-auto-merge
action-dependabot-auto-merge copied to clipboard
chore(deps): bump dependabot/fetch-metadata from 1.3.6 to 1.5.1
Bumps dependabot/fetch-metadata from 1.3.6 to 1.5.1.
Release notes
Sourced from dependabot/fetch-metadata's releases.
v1.5.1
What's Changed
Bugfix:
- Fix library parser to trim trailing LF by
@kachick
in dependabot/fetch-metadata#380Dep bumps that are trivial so decided to keep this a patch release:
- Bump yargs from 17.7.1 to 17.7.2 by
@dependabot
in dependabot/fetch-metadata#379- Bump
@types/node
from 20.2.1 to 20.2.3 by@dependabot
in dependabot/fetch-metadata#382Internal-facing infra changes:
- Group :dependabot: PR's for
eslint
-related deps by@jeffwidman
in dependabot/fetch-metadata#374- Bump the eslint-dependencies group with 3 updates by
@dependabot
in dependabot/fetch-metadata#375- Bump the eslint-dependencies group with 2 updates by
@dependabot
in dependabot/fetch-metadata#378- Switch to using an app token instead of a PAT by
@jeffwidman
in dependabot/fetch-metadata#362- v1.5.1 by
@fetch-metadata-action-automation
in dependabot/fetch-metadata#384Full Changelog: https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.1
v1.5.0
What's Changed
New Features:
- Added flag if "Maintainer changes" appears in the PR body by
@mwaddell
in dependabot/fetch-metadata#174Bumped Deps:
- Bump
@types/node
from 18.15.11 to 20.2.1 by@dependabot
in dependabot/fetch-metadata#364- Bump nock from 13.3.0 to 13.3.1 by
@dependabot
in dependabot/fetch-metadata#366Docs:
- Add minimum permissions to usage example by
@jablko
in dependabot/fetch-metadata#343- Document verification overrides in readme by
@jeffwidman
in dependabot/fetch-metadata#345Code cleanup:
- Simplify the release process by linking to release notes instead of copy/pasting them by
@jeffwidman
in dependabot/fetch-metadata#347- Use the full email for the GitHub Actions bot by
@jeffwidman
in dependabot/fetch-metadata#354- Inline the PR URL by
@jeffwidman
in dependabot/fetch-metadata#359- No need to request escalated permissions for
GITHUB_TOKEN
by@jeffwidman
in dependabot/fetch-metadata#357- Remove unused step by
@jeffwidman
in dependabot/fetch-metadata#358- Simplify
bin/bump-version
by@jeffwidman
in dependabot/fetch-metadata#368- Add a deeplink for tagging releases to the Readme by
@jeffwidman
in dependabot/fetch-metadata#369- Stop using deprecated
set-output
by@jeffwidman
in dependabot/fetch-metadata#370- Add workflow for creating release PR's by
@jeffwidman
in dependabot/fetch-metadata#360- Add workflow for floating the
v1
tag to the latest release by@jeffwidman
in dependabot/fetch-metadata#361
... (truncated)
Commits
cd6e996
v1.5.1 (#384)64bd9b8
Fix library parser to trim trailing LF (#380)0908fa1
Merge pull request #382 from dependabot/dependabot/npm_and_yarn/types/node-20...2624edc
Bump@types/node
from 20.2.1 to 20.2.3d1defa4
Switch to using an app token instead of a PAT (#362)cb17c9e
Merge pull request #379 from dependabot/dependabot/npm_and_yarn/yargs-17.7.2c6f9c16
Bump yargs from 17.7.1 to 17.7.20f53327
Merge pull request #378 from dependabot/dependabot/npm_and_yarn/eslint-depend...398ed41
Bump the eslint-dependencies group with 2 updates801acab
Merge pull request #375 from dependabot/dependabot/npm_and_yarn/eslint-depend...- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)