Skip to content

Commit

Permalink
Bump dependabot/fetch-metadata from 1.5.0 to 1.6.0 (#45)
Browse files Browse the repository at this point in the history 
Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 1.5.0 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v1.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>.vscode</code> folder to <code>.gitignore</code> by <a
href="https://github.com/timothy-humphrey"><code>@​timothy-humphrey</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/385">dependabot/fetch-metadata#385</a></li>
<li>Support for Grouped Updates by <a
href="https://github.com/Nishnha"><code>@​Nishnha</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/396">dependabot/fetch-metadata#396</a></li>
<li>v1.6.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/403">dependabot/fetch-metadata#403</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/timothy-humphrey"><code>@​timothy-humphrey</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/385">dependabot/fetch-metadata#385</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.6.0">https://github.com/dependabot/fetch-metadata/compare/v1...v1.6.0</a></p>
<h2>v1.5.1</h2>
<h2>What's Changed</h2>
<p>Bugfix:</p>
<ul>
<li>Fix library parser to trim trailing LF by <a
href="https://github.com/kachick"><code>@​kachick</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/380">dependabot/fetch-metadata#380</a></li>
</ul>
<p>Dep bumps that are trivial so decided to keep this a patch
release:</p>
<ul>
<li>Bump yargs from 17.7.1 to 17.7.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/379">dependabot/fetch-metadata#379</a></li>
<li>Bump <code>@​types/node</code> from 20.2.1 to 20.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/382">dependabot/fetch-metadata#382</a></li>
</ul>
<p>Internal-facing infra changes:</p>
<ul>
<li>Group :dependabot: PR's for <code>eslint</code>-related deps by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/374">dependabot/fetch-metadata#374</a></li>
<li>Bump the eslint-dependencies group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/375">dependabot/fetch-metadata#375</a></li>
<li>Bump the eslint-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/378">dependabot/fetch-metadata#378</a></li>
<li>Switch to using an app token instead of a PAT by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/362">dependabot/fetch-metadata#362</a></li>
<li>v1.5.1 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/384">dependabot/fetch-metadata#384</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.1">https://github.com/dependabot/fetch-metadata/compare/v1...v1.5.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/c9c4182bf1b97f5224aee3906fd373f6b61b4526"><code>c9c4182</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/403">#403</a>
from dependabot/bump-to-v1.6.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/aa6ff64b72d79c8898ba437585d858cedbdff4b7"><code>aa6ff64</code></a>
v1.6.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/62c4c8daf6001bfb53981d26a48963905e44da12"><code>62c4c8d</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/396">#396</a>
from dependabot/nishnha/grouped-updates-support</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/11c0ea46b84ffe4f9b29d1e1742ba1604045b2a5"><code>11c0ea4</code></a>
build</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b8e8f8c79b53f5dff2baa6697bc5ff9a9cd133ae"><code>b8e8f8c</code></a>
Pull the group name from commit metadata</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b534cb5e81bd66664f33772f7d740d370980104d"><code>b534cb5</code></a>
FIXME: prevVersion and newVersion are blank for grouped updates</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/9e8fb5b31bffc46285ed71aef2a5e7d878ad4f10"><code>9e8fb5b</code></a>
Add tests for grouped updates</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b3648a31bdf3be13e26ccd15deac77954f1dd3b1"><code>b3648a3</code></a>
Use commit data to infer dependency groups instead of the PR body</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/cfab22f69939bf74599938bd77e77c4d80b9f59f"><code>cfab22f</code></a>
Add dependency group metadata</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/73e8a46e9eb58d059b586e1a7254233f262eafb6"><code>73e8a46</code></a>
Add <code>.vscode</code> folder to <code>.gitignore</code> (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/385">#385</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/v1.5.0...v1.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=1.5.0&new-version=1.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Monty Bot <[email protected]>
  • Loading branch information
@dependabot @monty-bot
dependabot[bot] and monty-bot authored Oct 26, 2023
1 parent 44fc546 commit 506a9d3
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
run: pip install continuous-delivery-scripts && pip list
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.5.0
uses: dependabot/fetch-metadata@v1.6.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Add a label
Expand Down
1 change: 1 addition & 0 deletions changes/20231026105857.bugfix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Dependency upgrade: fetch-metadata-1.6.0

0 comments on commit 506a9d3

Please sign in to comment.