Compare commits

...

89 Commits

Author SHA1 Message Date
Federico Builes c77673abe0 Merge branch 'main' into fix-request-error-handling 2023-01-09 08:07:02 +01:00
Federico Builes efd78809f9 Merge pull request #375 from actions/dependabot/npm_and_yarn/octokit-2.0.11
Bump octokit from 2.0.10 to 2.0.11
2023-01-09 08:02:36 +01:00
Federico Builes e91b527bcb add json5 too 2023-01-09 08:02:24 +01:00
Federico Builes f508195cbc Merge pull request #374 from actions/dependabot/npm_and_yarn/prettier-2.8.2
Bump prettier from 2.8.1 to 2.8.2
2023-01-09 08:00:58 +01:00
Federico Builes ef8bfcec89 linter suggestions 2023-01-09 07:59:55 +01:00
Federico Builes 31cb4e05f7 Merge branch 'main' into dependabot/npm_and_yarn/prettier-2.8.2 2023-01-09 07:57:09 +01:00
Federico Builes 7920884bc8 Merge pull request #373 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.2.1
Bump eslint-plugin-jest from 27.1.7 to 27.2.1
2023-01-09 07:56:01 +01:00
dependabot[bot] aae0422a7f Bump eslint-plugin-jest from 27.1.7 to 27.2.1
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 27.1.7 to 27.2.1.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.7...v27.2.1)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 06:55:47 +00:00
Federico Builes 46d2ba8805 Merge pull request #372 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.48.0
Bump @typescript-eslint/parser from 5.47.1 to 5.48.0
2023-01-09 07:55:20 +01:00
Federico Builes 7c07c1da42 Merge pull request #371 from actions/dependabot/npm_and_yarn/eslint-8.31.0
Bump eslint from 8.30.0 to 8.31.0
2023-01-09 07:54:56 +01:00
dependabot[bot] 6e3a1cfe9e Bump octokit from 2.0.10 to 2.0.11
Bumps [octokit](https://github.com/octokit/octokit.js) from 2.0.10 to 2.0.11.
- [Release notes](https://github.com/octokit/octokit.js/releases)
- [Commits](https://github.com/octokit/octokit.js/compare/v2.0.10...v2.0.11)

---
updated-dependencies:
- dependency-name: octokit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 01:43:52 +00:00
dependabot[bot] 3190101729 Bump prettier from 2.8.1 to 2.8.2
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.1...2.8.2)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 01:42:48 +00:00
dependabot[bot] 3576f26c76 Bump @typescript-eslint/parser from 5.47.1 to 5.48.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.47.1 to 5.48.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.48.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 01:41:54 +00:00
dependabot[bot] 97fef8f979 Bump eslint from 8.30.0 to 8.31.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.30.0 to 8.31.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.30.0...v8.31.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 01:41:16 +00:00
Chad Bentz 60e20b95c9 npm run build && npm run package 2023-01-05 17:41:37 +00:00
Chad Bentz e6aba92fb0 Enhance failure message to include GHAS note 2023-01-05 17:26:46 +00:00
Chad Bentz 4b2cf01947 integration test to ensure RequestError catch 2023-01-05 17:22:27 +00:00
Chad Bentz 33b11b63b3 downgrade octokit/request-error to ^2.1.0
- supported by actions/core ^1.10.0
2023-01-04 20:55:58 +00:00
Federico Builes 90014ebf46 Merge pull request #368 from actions/dependabot/npm_and_yarn/yaml-2.2.1
Bump yaml from 2.1.3 to 2.2.1
2023-01-02 05:36:29 -05:00
Federico Builes c0fcb40fb5 dist 2023-01-02 11:35:30 +01:00
Federico Builes 6213daabf8 Merge branch 'main' into dependabot/npm_and_yarn/yaml-2.2.1 2023-01-02 11:34:56 +01:00
Federico Builes 6c62d64ea3 Merge pull request #366 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.47.1
Bump @typescript-eslint/eslint-plugin from 5.45.0 to 5.47.1
2023-01-02 05:32:26 -05:00
Federico Builes 6154af02da updating dist files 2023-01-02 11:23:18 +01:00
Federico Builes df40ce1edc fixing package.json conflict 2023-01-02 11:21:05 +01:00
dependabot[bot] a033837e12 Bump yaml from 2.1.3 to 2.2.1
Bumps [yaml](https://github.com/eemeli/yaml) from 2.1.3 to 2.2.1.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.3...v2.2.1)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 10:20:01 +00:00
Federico Builes d79457303f adding dist 2023-01-02 11:19:49 +01:00
Federico Builes b2f83f35c7 adding dist 2023-01-02 11:17:39 +01:00
Federico Builes 389b38eb1a Merge pull request #367 from actions/dependabot/npm_and_yarn/zod-3.20.2
Bump zod from 3.19.1 to 3.20.2
2023-01-02 05:17:04 -05:00
Federico Builes e3926a59f5 adding dist 2023-01-02 11:16:52 +01:00
Federico Builes 54656aadd8 Merge pull request #365 from actions/dependabot/npm_and_yarn/esbuild-register-3.4.2
Bump esbuild-register from 3.4.1 to 3.4.2
2023-01-02 05:13:23 -05:00
Federico Builes f02b9fb886 Merge pull request #364 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.47.1
Bump @typescript-eslint/parser from 5.47.0 to 5.47.1
2023-01-02 05:12:50 -05:00
dependabot[bot] 6587f9feee Bump zod from 3.19.1 to 3.20.2
Bumps [zod](https://github.com/colinhacks/zod) from 3.19.1 to 3.20.2.
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colinhacks/zod/compare/v3.19.1...v3.20.2)

---
updated-dependencies:
- dependency-name: zod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 01:18:52 +00:00
dependabot[bot] cab2d5f36f Bump @typescript-eslint/eslint-plugin from 5.45.0 to 5.47.1
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.45.0 to 5.47.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 01:18:14 +00:00
dependabot[bot] ef411f3a4c Bump esbuild-register from 3.4.1 to 3.4.2
Bumps esbuild-register from 3.4.1 to 3.4.2.

---
updated-dependencies:
- dependency-name: esbuild-register
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 01:17:15 +00:00
dependabot[bot] 589f46e5a2 Bump @typescript-eslint/parser from 5.47.0 to 5.47.1
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.47.0 to 5.47.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 01:16:48 +00:00
Federico Builes a482eabd84 Merge pull request #362 from actions/dependabot/npm_and_yarn/types/node-16.18.11
Bump @types/node from 16.18.8 to 16.18.11
2022-12-27 09:42:24 -05:00
Federico Builes c63a70f2bb Merge pull request #358 from actions/dependabot/npm_and_yarn/typescript-4.9.4
Bump typescript from 4.9.3 to 4.9.4
2022-12-27 09:41:58 -05:00
Federico Builes ea081cab93 Merge pull request #357 from actions/dependabot/npm_and_yarn/eslint-8.30.0
Bump eslint from 8.29.0 to 8.30.0
2022-12-27 09:41:47 -05:00
dependabot[bot] 78231376d4 Bump typescript from 4.9.3 to 4.9.4
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.9.3 to 4.9.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.9.3...v4.9.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-27 14:40:46 +00:00
Federico Builes ea38797bf9 Merge pull request #359 from jongwooo/chore/use-cache-in-check-dist
Use cache in check-dist.yml
2022-12-27 09:40:44 -05:00
dependabot[bot] 383b34b013 Bump eslint from 8.29.0 to 8.30.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.29.0 to 8.30.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.29.0...v8.30.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-27 14:40:20 +00:00
Federico Builes 234f1c3e6b Merge pull request #355 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.7
Bump eslint-plugin-jest from 27.1.6 to 27.1.7
2022-12-27 09:39:34 -05:00
dependabot[bot] 1aca439347 Bump @types/node from 16.18.8 to 16.18.11
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.18.8 to 16.18.11.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-27 14:37:29 +00:00
Federico Builes f5231a7139 Merge pull request #361 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.47.0
Bump @typescript-eslint/parser from 5.46.0 to 5.47.0
2022-12-27 09:36:32 -05:00
dependabot[bot] 872c5e3689 Bump @typescript-eslint/parser from 5.46.0 to 5.47.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.46.0 to 5.47.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-26 01:43:00 +00:00
Jongwoo Han 86e4c38e88 Use cache in check-dist.yml
Signed-off-by: jongwooo <jongwooo.han@gmail.com>
2022-12-20 03:17:46 +09:00
dependabot[bot] 70a13ae7e3 Bump eslint-plugin-jest from 27.1.6 to 27.1.7
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 27.1.6 to 27.1.7.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.6...v27.1.7)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 01:42:28 +00:00
cnagadya 0ff3da6f81 3.0.2 patch release 2022-12-16 13:45:58 +00:00
cnagadya 6d88398316 Merge pull request #350 from actions/dependabot/npm_and_yarn/types/node-16.18.8
Bump @types/node from 16.18.4 to 16.18.8
2022-12-16 14:09:01 +01:00
cnagadya 29022577bf Merge pull request #352 from actions/dependabot/npm_and_yarn/eslint-plugin-github-4.6.0
Bump eslint-plugin-github from 4.4.1 to 4.6.0
2022-12-12 11:35:37 +01:00
dependabot[bot] a4bf690c47 Bump eslint-plugin-github from 4.4.1 to 4.6.0
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github) from 4.4.1 to 4.6.0.
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.4.1...v4.6.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 09:22:23 +00:00
cnagadya 3f67248108 Merge pull request #351 from actions/dependabot/npm_and_yarn/vercel/ncc-0.36.0
Bump @vercel/ncc from 0.34.0 to 0.36.0
2022-12-12 10:19:33 +01:00
cnagadya e82e9497cb Fix dist 2022-12-12 09:14:19 +00:00
dependabot[bot] 945cb4d00a Bump @types/node from 16.18.4 to 16.18.8
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.18.4 to 16.18.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 08:35:38 +00:00
dependabot[bot] 459b39211c Bump @vercel/ncc from 0.34.0 to 0.36.0
Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.34.0 to 0.36.0.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](https://github.com/vercel/ncc/compare/0.34.0...0.36.0)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 08:35:37 +00:00
cnagadya c109d3f46d Merge pull request #349 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.46.0
Bump @typescript-eslint/parser from 5.45.0 to 5.46.0
2022-12-12 09:34:54 +01:00
cnagadya 706aa54d76 Merge pull request #353 from actions/dependabot/npm_and_yarn/prettier-2.8.1
Bump prettier from 2.8.0 to 2.8.1
2022-12-12 09:34:29 +01:00
dependabot[bot] 12cfe866a8 Bump prettier from 2.8.0 to 2.8.1
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 01:24:53 +00:00
dependabot[bot] 0caa632377 Bump @typescript-eslint/parser from 5.45.0 to 5.46.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.45.0 to 5.46.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 01:23:08 +00:00
Eli Reisman df02ee7d42 Merge pull request #348 from jsoref/spelling
Spelling
2022-12-09 13:23:18 -08:00
Josh Soref 38e9237630 Update dist/ 2022-12-08 20:03:56 -05:00
Josh Soref 03c7962be5 spelling: vulnerabilities
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-12-08 11:04:05 -05:00
Josh Soref cff3674e25 spelling: the
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-12-08 11:04:05 -05:00
Josh Soref a184554be2 spelling: minimum
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-12-08 11:04:05 -05:00
Josh Soref 660812709b spelling: github
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-12-08 11:04:05 -05:00
cnagadya d8b4cd80d5 Merge pull request #345 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.45.0
Bump @typescript-eslint/parser from 5.44.0 to 5.45.0
2022-12-05 11:01:36 +01:00
dependabot[bot] 8e5d487bb8 Bump @typescript-eslint/parser from 5.44.0 to 5.45.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.44.0 to 5.45.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-05 09:58:32 +00:00
cnagadya 3e6e055a26 Merge pull request #344 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.45.0
Bump @typescript-eslint/eslint-plugin from 5.44.0 to 5.45.0
2022-12-05 10:57:43 +01:00
dependabot[bot] 1f8d096c90 Bump @typescript-eslint/eslint-plugin from 5.44.0 to 5.45.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.44.0 to 5.45.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-05 09:56:10 +00:00
cnagadya 0247f51a25 Merge pull request #346 from actions/dependabot/npm_and_yarn/types/node-16.18.4
Bump @types/node from 16.18.3 to 16.18.4
2022-12-05 10:55:16 +01:00
cnagadya f599dc7887 Merge pull request #347 from actions/dependabot/npm_and_yarn/eslint-8.29.0
Bump eslint from 8.28.0 to 8.29.0
2022-12-05 10:54:24 +01:00
dependabot[bot] 6919a4885f Bump eslint from 8.28.0 to 8.29.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-05 01:44:27 +00:00
dependabot[bot] 8f97494d2e Bump @types/node from 16.18.3 to 16.18.4
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 16.18.3 to 16.18.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-05 01:44:05 +00:00
Federico Builes 08ec176670 Merge pull request #341 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.6
Bump eslint-plugin-jest from 27.1.5 to 27.1.6
2022-11-28 17:40:48 +01:00
dependabot[bot] 40a9da4614 Bump eslint-plugin-jest from 27.1.5 to 27.1.6
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 27.1.5 to 27.1.6.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.5...v27.1.6)

---
updated-dependencies:
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 01:45:07 +00:00
Federico Builes 9ad1f84ed2 Dependabot Updates should only happen once a week. 2022-11-24 10:57:01 +01:00
Federico Builes 464e6ac735 Merge pull request #337 from actions/dependabot/npm_and_yarn/prettier-2.8.0
Bump prettier from 2.7.1 to 2.8.0
2022-11-24 06:57:46 +01:00
dependabot[bot] 141e2dae22 Bump prettier from 2.7.1 to 2.8.0
Bumps [prettier](https://github.com/prettier/prettier) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.1...2.8.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-24 01:05:35 +00:00
Federico Builes 37bb7a46dd Merge pull request #336 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.44.0
Bump @typescript-eslint/parser from 5.43.0 to 5.44.0
2022-11-23 08:13:04 +01:00
dependabot[bot] 5abb42a215 Bump @typescript-eslint/parser from 5.43.0 to 5.44.0
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.43.0 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-23 07:08:38 +00:00
Federico Builes 5aafbe4a32 Merge pull request #335 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.44.0
Bump @typescript-eslint/eslint-plugin from 5.43.0 to 5.44.0
2022-11-23 08:07:40 +01:00
dependabot[bot] d623612924 Bump @typescript-eslint/eslint-plugin from 5.43.0 to 5.44.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.43.0 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-23 01:36:15 +00:00
Federico Builes 08fe899167 Merge pull request #334 from actions/dependabot/npm_and_yarn/eslint-8.28.0
Bump eslint from 8.27.0 to 8.28.0
2022-11-21 07:16:29 +01:00
dependabot[bot] 067e030d27 Bump eslint from 8.27.0 to 8.28.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.27.0 to 8.28.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.27.0...v8.28.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 01:51:38 +00:00
Federico Builes 6b47d2662b Merge pull request #333 from actions/dependabot/npm_and_yarn/got-12.5.3
Bump got from 12.5.2 to 12.5.3
2022-11-17 07:17:03 +01:00
dependabot[bot] 290634fe98 Bump got from 12.5.2 to 12.5.3
Bumps [got](https://github.com/sindresorhus/got) from 12.5.2 to 12.5.3.
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](https://github.com/sindresorhus/got/compare/v12.5.2...v12.5.3)

---
updated-dependencies:
- dependency-name: got
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-17 01:14:38 +00:00
Federico Builes 352f50a80e Update contribution instructions with v3 for easier copy/pasting. 2022-11-16 11:36:08 +01:00
Federico Builes 11310527b4 bumping version 2022-11-16 11:31:19 +01:00
Federico Builes ea0f46928b Merge pull request #330 from actions/errors-for-external-configs
Improve error messages for external config files
2022-11-16 11:26:15 +01:00
14 changed files with 21324 additions and 4913 deletions
+2 -2
View File
@@ -3,12 +3,12 @@ updates:
- package-ecosystem: github-actions
directory: /
schedule:
interval: daily
interval: weekly
- package-ecosystem: npm
directory: /
schedule:
interval: daily
interval: weekly
ignore:
- dependency-name: '@types/node'
update-types: ['version-update:semver-major']
+1
View File
@@ -27,6 +27,7 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: 18.x
cache: npm
- name: Install dependencies
run: npm ci
+2 -2
View File
@@ -112,8 +112,8 @@ minor/patch updates.
To do this just checkout `main`, force-create a new annotated tag, and push it:
```
git tag -fa v2 -m "Updating v2 to 2.3.4"
git push origin v2 --force
git tag -fa v3 -m "Updating v3 to 3.0.1"
git push origin v3 --force
```
## Resources
+1 -1
View File
@@ -111,7 +111,7 @@ test('it reads an external config file', async () => {
expect(config.allow_licenses).toEqual(['BSD', 'GPL 2'])
})
test('raises an error when the the config file was not found', async () => {
test('raises an error when the config file was not found', async () => {
setInput('config-file', 'fixtures/i-dont-exist')
await expect(readConfig()).rejects.toThrow(/Unable to fetch/)
})
+29
View File
@@ -0,0 +1,29 @@
import {RequestError} from '@octokit/request-error'
import * as dependencyGraph from '../src/dependency-graph'
import * as core from '@actions/core'
// mock call to core.getInput('repo-token'.. to avoid environment setup - Input required and not supplied: repo-token
jest.mock('@actions/core', () => ({
getInput: (input: string) => {
if (input === 'repo-token') {
return 'gh_testtoken'
}
}
}))
test('it properly catches RequestError type', async () => {
const token = core.getInput('repo-token', {required: true})
expect(token).toBe('gh_testtoken')
//Integration test to make an API request using current dependencies and ensure response can parse into RequestError
try {
await dependencyGraph.compare({
owner: 'actions',
repo: 'dependency-review-action',
baseRef: 'refs/heads/master',
headRef: 'refs/heads/master'
})
} catch (error) {
expect(error).toBeInstanceOf(RequestError)
}
})
+1 -1
View File
@@ -30,7 +30,7 @@ inputs:
description: Comma-separated list of forbidden licenses (e.g. "MIT, GPL 3.0, BSD 2 Clause")
required: false
allow-ghsas:
description: Comma-separated list of allowed Github Advisory IDs (e.g. "GHSA-abcd-1234-5679, GHSA-efgh-1234-5679")
description: Comma-separated list of allowed GitHub Advisory IDs (e.g. "GHSA-abcd-1234-5679, GHSA-efgh-1234-5679")
required: false
external-repo-token:
description: A token for fetching external configuration file if it lives in another repository. It is required if the repository is private
Generated Vendored
+20671 -3707
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
Generated Vendored
+3 -234
View File
@@ -1175,240 +1175,9 @@ FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TOR
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
lodash.includes
lodash
MIT
Copyright jQuery Foundation and other contributors <https://jquery.org/>
Based on Underscore.js, copyright Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
This software consists of voluntary contributions made by many
individuals. For exact contribution history, see the revision history
available at https://github.com/lodash/lodash
The following license applies to all parts of this software except as
documented below:
====
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
====
Copyright and related rights for sample code are waived via CC0. Sample
code is defined as all source code displayed within the prose of the
documentation.
CC0: http://creativecommons.org/publicdomain/zero/1.0/
====
Files located in the node_modules and vendor directories are externally
maintained libraries used by this software which have their own
licenses; we recommend you read them, as their terms may differ from the
terms above.
lodash.isboolean
MIT
Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
Based on Underscore.js, copyright 2009-2016 Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
lodash.isinteger
MIT
Copyright jQuery Foundation and other contributors <https://jquery.org/>
Based on Underscore.js, copyright Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
This software consists of voluntary contributions made by many
individuals. For exact contribution history, see the revision history
available at https://github.com/lodash/lodash
The following license applies to all parts of this software except as
documented below:
====
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
====
Copyright and related rights for sample code are waived via CC0. Sample
code is defined as all source code displayed within the prose of the
documentation.
CC0: http://creativecommons.org/publicdomain/zero/1.0/
====
Files located in the node_modules and vendor directories are externally
maintained libraries used by this software which have their own
licenses; we recommend you read them, as their terms may differ from the
terms above.
lodash.isnumber
MIT
Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
Based on Underscore.js, copyright 2009-2016 Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
lodash.isplainobject
MIT
Copyright jQuery Foundation and other contributors <https://jquery.org/>
Based on Underscore.js, copyright Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
This software consists of voluntary contributions made by many
individuals. For exact contribution history, see the revision history
available at https://github.com/lodash/lodash
The following license applies to all parts of this software except as
documented below:
====
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
====
Copyright and related rights for sample code are waived via CC0. Sample
code is defined as all source code displayed within the prose of the
documentation.
CC0: http://creativecommons.org/publicdomain/zero/1.0/
====
Files located in the node_modules and vendor directories are externally
maintained libraries used by this software which have their own
licenses; we recommend you read them, as their terms may differ from the
terms above.
lodash.isstring
MIT
Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
Based on Underscore.js, copyright 2009-2016 Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
lodash.once
MIT
Copyright jQuery Foundation and other contributors <https://jquery.org/>
Copyright OpenJS Foundation and other contributors <https://openjsf.org/>
Based on Underscore.js, copyright Jeremy Ashkenas,
DocumentCloud and Investigative Reporters & Editors <http://underscorejs.org/>
@@ -1531,7 +1300,7 @@ octokit
MIT
The MIT License
Copyright (c) 2018 Octokit contributors
Copyright (c) 2023 Octokit contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
+592 -946
View File
File diff suppressed because it is too large Load Diff
+18 -16
View File
@@ -1,6 +1,6 @@
{
"name": "dependency-review-action",
"version": "3.0.0",
"version": "3.0.2",
"private": true,
"description": "A GitHub Action for Dependency Review",
"main": "lib/main.js",
@@ -28,33 +28,35 @@
"@actions/core": "^1.10.0",
"@actions/github": "^5.1.1",
"@octokit/plugin-retry": "^4.0.3",
"@octokit/request-error": "^3.0.2",
"@octokit/request-error": "^2.1.0",
"ansi-styles": "^6.2.1",
"got": "^12.5.2",
"got": "^12.5.3",
"nodemon": "^2.0.20",
"octokit": "^2.0.10",
"octokit": "^2.0.11",
"spdx-expression-parse": "^3.0.1",
"spdx-satisfies": "^5.0.1",
"yaml": "^2.1.3",
"zod": "^3.19.1"
"yaml": "^2.2.1",
"zod": "^3.20.2"
},
"devDependencies": {
"@types/jest": "^27.5.2",
"@types/node": "^16.18.3",
"@typescript-eslint/eslint-plugin": "^5.43.0",
"@typescript-eslint/parser": "^5.43.0",
"@types/node": "^16.18.11",
"@typescript-eslint/eslint-plugin": "^5.45.0",
"@typescript-eslint/parser": "^5.48.0",
"@types/spdx-expression-parse": "^3.0.2",
"@types/spdx-satisfies": "^0.1.0",
"@vercel/ncc": "^0.34.0",
"esbuild-register": "^3.4.1",
"eslint": "^8.27.0",
"eslint-plugin-github": "^4.4.1",
"eslint-plugin-jest": "^27.1.5",
"@typescript-eslint/eslint-plugin": "^5.45.0",
"@typescript-eslint/parser": "^5.47.1",
"@vercel/ncc": "^0.36.0",
"esbuild-register": "^3.4.2",
"eslint": "^8.31.0",
"eslint-plugin-github": "^4.6.0",
"eslint-plugin-jest": "^27.2.1",
"jest": "^27.5.1",
"js-yaml": "^4.1.0",
"nodemon": "^2.0.20",
"prettier": "2.7.1",
"prettier": "2.8.2",
"ts-jest": "^27.1.4",
"typescript": "^4.9.3"
"typescript": "^4.9.4"
}
}
+1 -1
View File
@@ -76,7 +76,7 @@ async function run(): Promise<void> {
)
} else if (error instanceof RequestError && error.status === 403) {
core.setFailed(
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled, see https://github.com/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled along with GitHub Advanced Security on private repositories, see https://github.com/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
)
} else {
if (error instanceof Error) {
+1 -1
View File
@@ -77,4 +77,4 @@ export type Change = z.infer<typeof ChangeSchema>
export type Changes = z.infer<typeof ChangesSchema>
export type ConfigurationOptions = z.infer<typeof ConfigurationOptionsSchema>
export type Severity = z.infer<typeof SeveritySchema>
export type Scope = typeof SCOPES[number]
export type Scope = (typeof SCOPES)[number]
+1 -1
View File
@@ -35,7 +35,7 @@ export function addChangeVulnerabilitiesToSummary(
core.summary
.addHeading('Vulnerabilities')
.addQuote(
`Vulnerabilites were filtered by mininum severity <strong>${severity}</strong>.`
`Vulnerabilities were filtered by minimum severity <strong>${severity}</strong>.`
)
if (addedPackages.length === 0) {