new-dependencies-action
new-dependencies-action copied to clipboard
hiwelo
GitHub Action adding a comment with information about new NPM dependencies detected in a pull request
When I'm using this action, I get the next warning: > Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: lirantal/github-action-new-dependencies-advisor@06912df98836c8698a9e7525795612b439ff7612. For more information see:...
Bumps [json5](https://github.com/json5/json5) from 2.1.3 to 2.2.3. Release notes Sourced from json5's releases. v2.2.3 Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299) v2.2.2 Fix: Properties...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
Action does not return any result when run on github at the moment. Is this action still working in github? The workflow I am trying to fix is at [this...
Thanks for creation of this action. I am very happy to use it. I feel like this package is missing a minor thing. When ever a dependency had been up-...
Lerna / Yarn can have dependencies that are local to a monorepo, which it resolves automatically. This action will fail / break the CI build when those are added as...
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.6 to 1.9.1. Changelog Sourced from @actions/core's changelog. 1.9.1 Randomize delimiter when calling core.exportVariable 1.9.0 Added toPosixPath, toWin32Path and toPlatformPath utilities #1102 1.8.2 Update to v2.0.1 of...
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@ChALkeR). Fix boolean schemas with strictKeywords...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...