Federico Builes
77a34f96cc
Fixing typo in config.test.ts.
2022-10-31 07:46:08 +01:00
Eric Cornelissen
f095b5a541
Build and package
2022-10-28 22:25:06 +02:00
Eric Cornelissen
f54a1f3b74
Document the license-check & vulnerability-check config options
...
Include the license-check and vulnerability-check options in the config
documentation in the README.
Also fix a typo in the README ("configuraton" -> "configuration").
2022-10-28 22:23:33 +02:00
Eric Cornelissen
84921e5e4a
Simplify Summary summary based on license-check and vulnerability-check
...
Omit details related to the license check of vulnerability check from
the GitHub Actions Summary's summary if the respective check is disabled
from the configuration.
2022-10-28 22:15:44 +02:00
Eric Cornelissen
c5af7ff272
Prevent disabling all checks
...
Prevent users from disabling both the license and vulnerability check by
checking if both are set to `false` and throwing if that's the case.
2022-10-28 22:08:55 +02:00
Eric Cornelissen
31279d265a
Add license-check and vulnerability-check inputs
...
Add support for two new inputs, named `license-check` and
`vulnerability-check`, to disable the license checks or vulnerability
checks performed by this action. By default, both are enabled.
2022-10-28 22:06:05 +02:00
Federico Builes
2532504548
Merge pull request #310 from actions/cn/node-18
...
Upgrade to Node 18
2022-10-28 13:46:26 +02:00
cnagadya
cc6d251652
Update contributing guide
2022-10-28 10:13:58 +00:00
cnagadya
516e8497ac
Add codespace defaults
2022-10-28 10:13:58 +00:00
cnagadya
43c5083e6c
Node 18
2022-10-28 10:13:58 +00:00
Federico Builes
fa62a0febc
Merge pull request #294 from actions/cn/spdx-licenses
...
Add support for SPDX expressions
2022-10-28 11:27:18 +02:00
cnagadya
e897e8ebdd
Add dist folder
2022-10-28 09:25:16 +00:00
cnagadya
216fafaed5
PR feedback
...
Co-authored-by: Federico Builes <febuiles@github.com >
2022-10-28 11:23:05 +02:00
cnagadya
0144419c8e
Format violations area
2022-10-27 16:43:45 +00:00
cnagadya
7b16bd0b54
Add unvalidated changes to summary
2022-10-27 16:24:30 +00:00
cnagadya
4525a8c091
Format summary findings
2022-10-27 15:41:19 +00:00
cnagadya
72273c9a36
Update dist folder
2022-10-27 15:22:00 +00:00
cnagadya
562a2f3c0a
Improve summary formatting
2022-10-27 15:19:32 +00:00
cnagadya
c82c183029
Resolve package-lock conflicts
2022-10-27 14:37:08 +00:00
cnagadya
26be1f407e
Merge pull request #309 from actions/codespace-actions-dependency-review-action-p79j7j9pxqrh669p
...
Add unresolved licenses section
2022-10-27 15:43:28 +02:00
cnagadya
022ea02fbb
Add unresolved licenses section
2022-10-27 13:09:37 +00:00
Federico Builes
d6e28cdfae
Merge pull request #307 from actions/dependabot/npm_and_yarn/types/node-16.18.2
...
Bump @types/node from 16.18.0 to 16.18.2
2022-10-27 07:34:11 +02:00
dependabot[bot]
da3d8af3e3
Bump @types/node from 16.18.0 to 16.18.2
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.18.0 to 16.18.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-27 01:26:35 +00:00
cnagadya
52fa73c086
Update readme licenses sections
2022-10-26 10:54:12 +00:00
cnagadya
3baea959cf
Fix license test failures
2022-10-26 09:58:00 +00:00
cnagadya
782c57b17e
Fix config test failures
2022-10-26 09:57:02 +00:00
cnagadya
ac5ed8754d
Use SPDX license expressions
2022-10-26 09:56:34 +00:00
Federico Builes
024a5a6342
Merge pull request #305 from actions/dependabot/npm_and_yarn/octokit-2.0.10
...
Bump octokit from 2.0.9 to 2.0.10
2022-10-26 08:49:12 +02:00
Federico Builes
b2fc686406
Resolving merge conflicts
2022-10-26 08:47:43 +02:00
dependabot[bot]
4ec1d46392
Bump octokit from 2.0.9 to 2.0.10
...
Bumps [octokit](https://github.com/octokit/octokit.js ) from 2.0.9 to 2.0.10.
- [Release notes](https://github.com/octokit/octokit.js/releases )
- [Commits](https://github.com/octokit/octokit.js/compare/v2.0.9...v2.0.10 )
---
updated-dependencies:
- dependency-name: octokit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-26 06:46:16 +00:00
Federico Builes
cfef8bfe29
Merge pull request #304 from actions/dependabot/npm_and_yarn/octokit/plugin-retry-4.0.3
...
Bump @octokit/plugin-retry from 3.0.9 to 4.0.3
2022-10-26 08:45:28 +02:00
Federico Builes
bd43b8d1e2
updating dist
2022-10-26 08:45:18 +02:00
dependabot[bot]
fced408b87
Bump @octokit/plugin-retry from 3.0.9 to 4.0.3
...
Bumps [@octokit/plugin-retry](https://github.com/octokit/plugin-retry.js ) from 3.0.9 to 4.0.3.
- [Release notes](https://github.com/octokit/plugin-retry.js/releases )
- [Commits](https://github.com/octokit/plugin-retry.js/compare/v3.0.9...v4.0.3 )
---
updated-dependencies:
- dependency-name: "@octokit/plugin-retry"
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-26 01:51:57 +00:00
Federico Builes
65f9f50468
Merge pull request #303 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.41.0
...
Bump @typescript-eslint/parser from 5.40.1 to 5.41.0
2022-10-25 07:57:41 +02:00
dependabot[bot]
a393c83ce5
Bump @typescript-eslint/parser from 5.40.1 to 5.41.0
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.40.1 to 5.41.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.41.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-25 05:56:55 +00:00
Federico Builes
56163c5659
Merge pull request #302 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.41.0
...
Bump @typescript-eslint/eslint-plugin from 5.40.1 to 5.41.0
2022-10-25 07:56:10 +02:00
dependabot[bot]
5dc2e6e4bb
Bump @typescript-eslint/eslint-plugin from 5.40.1 to 5.41.0
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.40.1 to 5.41.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.41.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-25 01:44:33 +00:00
Federico Builes
0efb1d1d84
bumping to 2.5.1
2022-10-24 17:03:38 +02:00
Federico Builes
d4f6425aa4
Merge pull request #290 from actions/cn/scan_pr
...
Enable setting configuration options for local testing
2022-10-24 16:55:54 +02:00
Federico Builes
49a61bd9bd
Update scripts/scan_pr
...
Co-authored-by: cnagadya <cnagadya@github.com >
2022-10-24 16:54:03 +02:00
Federico Builes
06c01e11e8
Update scripts/scan_pr
...
Co-authored-by: cnagadya <cnagadya@github.com >
2022-10-24 16:53:56 +02:00
Federico Builes
4538b29c27
Merge pull request #300 from actions/dependabot/npm_and_yarn/eslint-8.26.0
...
Bump eslint from 8.25.0 to 8.26.0
2022-10-24 07:14:08 +02:00
Federico Builes
4153ec555a
Merge pull request #299 from actions/dependabot/npm_and_yarn/types/node-16.18.0
...
Bump @types/node from 16.11.68 to 16.18.0
2022-10-24 07:13:59 +02:00
dependabot[bot]
7c8d0843f9
Bump eslint from 8.25.0 to 8.26.0
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.25.0 to 8.26.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.25.0...v8.26.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-24 01:47:43 +00:00
dependabot[bot]
fc00198e43
Bump @types/node from 16.11.68 to 16.18.0
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.68 to 16.18.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-24 01:47:19 +00:00
Federico Builes
80e573b784
Fixing whitespace.
2022-10-21 14:03:17 +02:00
Federico Builes
b5c3d1e723
Update scan_pr to support loading an external config YAML file.
2022-10-21 14:00:52 +02:00
Federico Builes
7fd272118a
Updating scan_pr to support a config file option.
2022-10-21 13:55:52 +02:00
Federico Builes
3c9a31f5a0
Updating CONTRIBUTING.md
2022-10-21 13:36:00 +02:00
Federico Builes
d8fba3fdc1
Remove hardcode file from .gitignore
2022-10-21 13:33:24 +02:00
Federico Builes
e805dd89e8
Merge branch 'main' into cn/scan_pr
2022-10-21 13:27:09 +02:00
Federico Builes
32276cb73d
Merge pull request #298 from actions/dependabot/npm_and_yarn/types/node-16.11.68
...
Bump @types/node from 16.11.66 to 16.11.68
2022-10-19 07:49:08 +02:00
Federico Builes
fe226ac019
Merge pull request #297 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.3
...
Bump eslint-plugin-jest from 27.1.2 to 27.1.3
2022-10-19 07:48:52 +02:00
dependabot[bot]
b759175bdb
Bump @types/node from 16.11.66 to 16.11.68
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.66 to 16.11.68.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-19 01:34:58 +00:00
dependabot[bot]
6af054f363
Bump eslint-plugin-jest from 27.1.2 to 27.1.3
...
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest ) from 27.1.2 to 27.1.3.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases )
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.2...v27.1.3 )
---
updated-dependencies:
- dependency-name: eslint-plugin-jest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-19 01:34:46 +00:00
Federico Builes
6f32cb0afd
Merge pull request #296 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.40.1
...
Bump @typescript-eslint/parser from 5.40.0 to 5.40.1
2022-10-18 10:05:25 +02:00
dependabot[bot]
2791afab72
Bump @typescript-eslint/parser from 5.40.0 to 5.40.1
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.40.0 to 5.40.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.40.1/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-18 06:54:19 +00:00
Federico Builes
a8b5c8c24e
Merge pull request #295 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.40.1
...
Bump @typescript-eslint/eslint-plugin from 5.40.0 to 5.40.1
2022-10-18 08:53:31 +02:00
dependabot[bot]
12a250de95
Bump @typescript-eslint/eslint-plugin from 5.40.0 to 5.40.1
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.40.0 to 5.40.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.40.1/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-18 01:26:32 +00:00
Federico Builes
917e5af203
Merge pull request #291 from actions/dependabot/npm_and_yarn/types/node-16.11.66
...
Bump @types/node from 16.11.65 to 16.11.66
2022-10-17 07:28:53 +02:00
Federico Builes
ba6dba6225
Merge pull request #292 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.2
...
Bump eslint-plugin-jest from 27.1.1 to 27.1.2
2022-10-17 07:26:25 +02:00
dependabot[bot]
63154658bc
Bump eslint-plugin-jest from 27.1.1 to 27.1.2
...
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest ) from 27.1.1 to 27.1.2.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases )
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.1...v27.1.2 )
---
updated-dependencies:
- dependency-name: eslint-plugin-jest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-17 01:51:39 +00:00
dependabot[bot]
f84c5813e5
Bump @types/node from 16.11.65 to 16.11.66
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.65 to 16.11.66.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-17 01:51:15 +00:00
cnagadya
228a6404a2
Remove untracked dev-config.yml
2022-10-14 13:07:46 +00:00
cnagadya
c84947f64b
Ignore dev-config file
2022-10-14 12:31:49 +00:00
cnagadya
71dbf10e60
Add configuration instruction to docs
2022-10-14 12:31:17 +00:00
cnagadya
f9deefc2e9
Retrieve config file values for local testing
2022-10-14 09:26:12 +00:00
Federico Builes
0e5d083be1
Merge pull request #289 from actions/dependabot/npm_and_yarn/octokit-2.0.9
...
Bump octokit from 2.0.7 to 2.0.9
2022-10-14 09:09:30 +02:00
Federico Builes
2f428eec67
adding dist
2022-10-14 09:03:58 +02:00
dependabot[bot]
dff2fdff0f
Bump octokit from 2.0.7 to 2.0.9
...
Bumps [octokit](https://github.com/octokit/octokit.js ) from 2.0.7 to 2.0.9.
- [Release notes](https://github.com/octokit/octokit.js/releases )
- [Commits](https://github.com/octokit/octokit.js/compare/v2.0.7...v2.0.9 )
---
updated-dependencies:
- dependency-name: octokit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-14 06:56:20 +00:00
Federico Builes
12a171cf96
Merge pull request #288 from actions/dependabot/npm_and_yarn/octokit/request-error-3.0.2
...
Bump @octokit/request-error from 3.0.1 to 3.0.2
2022-10-14 08:55:30 +02:00
dependabot[bot]
3156cf8998
Bump @octokit/request-error from 3.0.1 to 3.0.2
...
Bumps [@octokit/request-error](https://github.com/octokit/request-error.js ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/octokit/request-error.js/releases )
- [Commits](https://github.com/octokit/request-error.js/compare/v3.0.1...v3.0.2 )
---
updated-dependencies:
- dependency-name: "@octokit/request-error"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-14 01:25:21 +00:00
cnagadya
fd675ced9c
v2.5.0 release
...
Co-authored-by: Henri Maurer <hmaurer@github.com >
Co-authored-by: Federico Builes <febuiles@github.com >
2022-10-13 15:00:15 +00:00
Federico Builes
f7d03d8b76
Merge pull request #284 from actions/cn/license-api-fallback
...
Use GH Licenses API to retrieve null licenses
2022-10-13 16:54:33 +02:00
Federico Builes
7e41a6f1ee
Removing unnecessary beforeAll block
...
Mocks are removed in Jest automatically due to our
Jest config file.
Co-authored-by: Christine Nagadya <cnagadya@github.com >
Co-authored-by: Henri Maurer <hmaurer@github.com >
2022-10-13 16:52:54 +02:00
cnagadya
4c0961eff6
Add tests for GitHub License API fallback
2022-10-13 11:57:38 +00:00
cnagadya
d1e9a12830
Resolve conflicts
2022-10-13 11:06:40 +00:00
cnagadya
2e3713aab8
Optimise setGHLicenses
...
Co-authored-by: Henri Maurer <hmaurer@github.com >
Co-authored-by: Federico Builes <febuiles@github.com >
2022-10-13 11:03:34 +00:00
cnagadya
ba9d7c1389
Retrieve null licenses from licenses API
2022-10-13 11:03:34 +00:00
Federico Builes
0cd2781117
Merge pull request #286 from actions/dependabot/npm_and_yarn/ansi-styles-6.2.1
...
Bump ansi-styles from 6.2.0 to 6.2.1
2022-10-13 12:28:39 +02:00
Federico Builes
129f0ad973
adding dist
2022-10-13 12:26:58 +02:00
dependabot[bot]
0a88a4704b
Bump ansi-styles from 6.2.0 to 6.2.1
...
Bumps [ansi-styles](https://github.com/chalk/ansi-styles ) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/chalk/ansi-styles/releases )
- [Commits](https://github.com/chalk/ansi-styles/compare/v6.2.0...v6.2.1 )
---
updated-dependencies:
- dependency-name: ansi-styles
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-13 06:12:45 +00:00
Federico Builes
18069caed8
Merge pull request #287 from actions/dependabot/npm_and_yarn/got-12.5.2
...
Bump got from 12.5.1 to 12.5.2
2022-10-13 08:12:07 +02:00
dependabot[bot]
61cee4b12b
Bump got from 12.5.1 to 12.5.2
...
Bumps [got](https://github.com/sindresorhus/got ) from 12.5.1 to 12.5.2.
- [Release notes](https://github.com/sindresorhus/got/releases )
- [Commits](https://github.com/sindresorhus/got/compare/v12.5.1...v12.5.2 )
---
updated-dependencies:
- dependency-name: got
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-13 01:25:32 +00:00
Federico Builes
94670a1af8
Merge pull request #282 from actions/dependabot/npm_and_yarn/eslint-plugin-github-4.4.0
...
Bump eslint-plugin-github from 4.3.7 to 4.4.0
2022-10-12 08:05:50 +02:00
Federico Builes
577d9714ad
Merge pull request #283 from actions/dependabot/npm_and_yarn/ansi-styles-6.2.0
...
Bump ansi-styles from 6.1.1 to 6.2.0
2022-10-12 08:02:05 +02:00
Federico Builes
9ce6cb532b
adding dist
2022-10-12 08:01:53 +02:00
dependabot[bot]
0b980b1ccd
Bump ansi-styles from 6.1.1 to 6.2.0
...
Bumps [ansi-styles](https://github.com/chalk/ansi-styles ) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/chalk/ansi-styles/releases )
- [Commits](https://github.com/chalk/ansi-styles/compare/v6.1.1...v6.2.0 )
---
updated-dependencies:
- dependency-name: ansi-styles
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-12 01:41:51 +00:00
dependabot[bot]
bc5f6c2f39
Bump eslint-plugin-github from 4.3.7 to 4.4.0
...
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github ) from 4.3.7 to 4.4.0.
- [Release notes](https://github.com/github/eslint-plugin-github/releases )
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.3.7...v4.4.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-github
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-12 01:41:43 +00:00
cnagadya
9c96258789
Update to 2.4.1
2022-10-11 13:42:40 +00:00
Federico Builes
f076f221f4
Merge pull request #280 from actions/format-bugs
...
Fix display issues with versions and GHSAs
2022-10-11 15:22:44 +02:00
Federico Builes
88b817ec8d
adding dist
2022-10-11 15:20:02 +02:00
Federico Builes
2dd6c6a3d7
Fixing a bug with GHSA filtering.
...
Co-authored-by: Christine Nagadya <cnagadya@github.com >
2022-10-11 15:17:34 +02:00
Federico Builes
1d9bfbbddf
Document the behavior of the GHSA filtering function.
2022-10-11 15:09:58 +02:00
Federico Builes
f632f5f79d
adding dist
2022-10-11 14:51:27 +02:00
Federico Builes
ee42a6512f
Show the dependency name instead of the manifest.
2022-10-11 14:50:55 +02:00
Federico Builes
6f58092362
Merge pull request #278 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.40.0
...
Bump @typescript-eslint/eslint-plugin from 5.39.0 to 5.40.0
2022-10-11 12:11:26 +02:00
dependabot[bot]
b81bfe53ce
Bump @typescript-eslint/eslint-plugin from 5.39.0 to 5.40.0
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.39.0 to 5.40.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.40.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-11 10:10:06 +00:00
Federico Builes
5679c0f8be
Merge pull request #277 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.40.0
...
Bump @typescript-eslint/parser from 5.39.0 to 5.40.0
2022-10-11 12:09:15 +02:00
dependabot[bot]
2018b3e66f
Bump @typescript-eslint/parser from 5.39.0 to 5.40.0
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.39.0 to 5.40.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.40.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-11 08:50:56 +00:00
Federico Builes
463890c1ed
Merge pull request #276 from actions/dependabot/npm_and_yarn/types/node-16.11.65
...
Bump @types/node from 16.11.64 to 16.11.65
2022-10-11 10:50:05 +02:00
dependabot[bot]
c9b9d23e75
Bump @types/node from 16.11.64 to 16.11.65
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.64 to 16.11.65.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-11 01:32:53 +00:00
Federico Builes
4c14cfe593
Merge pull request #275 from actions/dependabot/npm_and_yarn/eslint-8.25.0
...
Bump eslint from 8.24.0 to 8.25.0
2022-10-10 08:24:07 +02:00
dependabot[bot]
5b70fe08e7
Bump eslint from 8.24.0 to 8.25.0
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.24.0 to 8.25.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.24.0...v8.25.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-10 01:52:29 +00:00
Federico Builes
81216f689b
Merge pull request #274 from actions/dependabot/npm_and_yarn/yaml-2.1.3
...
Bump yaml from 2.1.2 to 2.1.3
2022-10-06 14:43:54 +02:00
Federico Builes
afbc15c97f
updating dist files
2022-10-06 14:41:07 +02:00
dependabot[bot]
8d974c4ee8
Bump yaml from 2.1.2 to 2.1.3
...
Bumps [yaml](https://github.com/eemeli/yaml ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/eemeli/yaml/releases )
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.2...v2.1.3 )
---
updated-dependencies:
- dependency-name: yaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-06 11:19:30 +00:00
Federico Builes
cdad98596a
Merge pull request #273 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.1
...
Bump eslint-plugin-jest from 27.1.0 to 27.1.1
2022-10-06 13:18:40 +02:00
dependabot[bot]
0a0eb39992
Bump eslint-plugin-jest from 27.1.0 to 27.1.1
...
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest ) from 27.1.0 to 27.1.1.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases )
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.1.0...v27.1.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-jest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-06 01:41:12 +00:00
Federico Builes
df3ceaf7f0
Merge pull request #269 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.39.0
...
Bump @typescript-eslint/eslint-plugin from 5.38.1 to 5.39.0
2022-10-05 13:17:37 +02:00
dependabot[bot]
1997789b86
Bump @typescript-eslint/eslint-plugin from 5.38.1 to 5.39.0
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.38.1 to 5.39.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.39.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-05 11:01:03 +00:00
Federico Builes
584e620d09
Merge pull request #270 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.39.0
...
Bump @typescript-eslint/parser from 5.38.1 to 5.39.0
2022-10-05 13:00:23 +02:00
Federico Builes
1fa34689ad
Merge pull request #271 from actions/dependabot/npm_and_yarn/types/node-16.11.64
...
Bump @types/node from 16.11.63 to 16.11.64
2022-10-05 13:00:15 +02:00
Federico Builes
de2814d20e
Merge pull request #272 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.0
...
Bump eslint-plugin-jest from 27.0.4 to 27.1.0
2022-10-05 08:17:58 +02:00
dependabot[bot]
eabc27054f
Bump eslint-plugin-jest from 27.0.4 to 27.1.0
...
Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest ) from 27.0.4 to 27.1.0.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases )
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.0.4...v27.1.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-jest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-05 01:54:54 +00:00
dependabot[bot]
b486e073e9
Bump @types/node from 16.11.63 to 16.11.64
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.63 to 16.11.64.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-05 01:54:43 +00:00
dependabot[bot]
03321307df
Bump @typescript-eslint/parser from 5.38.1 to 5.39.0
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.38.1 to 5.39.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.39.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-05 01:51:49 +00:00
Federico Builes
cc2a6ab32f
Merge pull request #268 from actions/dependabot/npm_and_yarn/yaml-2.1.2
...
Bump yaml from 2.1.1 to 2.1.2
2022-10-03 11:32:30 +02:00
Federico Builes
5de8be4c40
Merge branch 'main' into dependabot/npm_and_yarn/yaml-2.1.2
...
# Conflicts:
# dist/index.js.map
2022-10-03 11:31:02 +02:00
Federico Builes
1b8bd021a3
adding dist
2022-10-03 11:29:46 +02:00
Federico Builes
65d8cd176f
Merge pull request #267 from actions/dependabot/npm_and_yarn/types/node-16.11.63
...
Bump @types/node from 16.11.62 to 16.11.63
2022-10-03 11:29:23 +02:00
Federico Builes
6d500ff869
Merge pull request #266 from actions/dependabot/npm_and_yarn/actions/github-5.1.1
...
Bump @actions/github from 5.1.0 to 5.1.1
2022-10-03 11:29:14 +02:00
Federico Builes
0259ed8420
add dist
2022-10-03 11:28:16 +02:00
dependabot[bot]
ec636f3d19
Bump yaml from 2.1.1 to 2.1.2
...
Bumps [yaml](https://github.com/eemeli/yaml ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/eemeli/yaml/releases )
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.1...v2.1.2 )
---
updated-dependencies:
- dependency-name: yaml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-03 02:06:25 +00:00
dependabot[bot]
367e85631b
Bump @types/node from 16.11.62 to 16.11.63
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.62 to 16.11.63.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-03 02:05:36 +00:00
dependabot[bot]
abf7b5a775
Bump @actions/github from 5.1.0 to 5.1.1
...
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github ) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/actions/toolkit/releases )
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github )
---
updated-dependencies:
- dependency-name: "@actions/github"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-10-03 02:05:00 +00:00
Federico Builes
ba85772f4b
Merge pull request #265 from actions/dependabot/npm_and_yarn/actions/core-1.10.0
...
Bump @actions/core from 1.9.1 to 1.10.0
2022-09-30 09:09:00 +02:00
Federico Builes
8d812df813
adding dist
2022-09-30 09:07:38 +02:00
dependabot[bot]
63e12b21ed
Bump @actions/core from 1.9.1 to 1.10.0
...
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core ) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/actions/toolkit/releases )
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core )
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-30 01:45:02 +00:00
Federico Builes
0385b5b162
Merge pull request #248 from actions/add-scanned-deps
...
Add scanned deps
2022-09-28 10:53:37 +02:00
Federico Builes
8e053e0f5e
Merge pull request #262 from actions/dependabot/npm_and_yarn/typescript-4.8.4
...
Bump typescript from 4.8.3 to 4.8.4
2022-09-28 08:04:35 +02:00
Federico Builes
e0ff0cf732
Merge pull request #261 from actions/dependabot/npm_and_yarn/got-12.5.1
...
Bump got from 12.5.0 to 12.5.1
2022-09-28 08:04:26 +02:00
dependabot[bot]
ea65cbfc18
Bump typescript from 4.8.3 to 4.8.4
...
Bumps [typescript](https://github.com/Microsoft/TypeScript ) from 4.8.3 to 4.8.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases )
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.8.3...v4.8.4 )
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-28 01:29:19 +00:00
dependabot[bot]
5bf43a89cd
Bump got from 12.5.0 to 12.5.1
...
Bumps [got](https://github.com/sindresorhus/got ) from 12.5.0 to 12.5.1.
- [Release notes](https://github.com/sindresorhus/got/releases )
- [Commits](https://github.com/sindresorhus/got/compare/v12.5.0...v12.5.1 )
---
updated-dependencies:
- dependency-name: got
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-28 01:29:03 +00:00
Federico Builes
468485fc8e
Clean up the main script a bit.
2022-09-27 12:25:12 +02:00
Federico Builes
46c9f79a1f
Create utils.ts file for helper functions.
2022-09-27 12:23:05 +02:00
Federico Builes
cd3f55e8f9
Add all the dependencies to the review summary too.
2022-09-27 11:52:15 +02:00
Federico Builes
f832351766
Merge pull request #258 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.38.1
...
Bump @typescript-eslint/eslint-plugin from 5.38.0 to 5.38.1
2022-09-27 08:10:02 +02:00
dependabot[bot]
f96ed229f4
Bump @typescript-eslint/eslint-plugin from 5.38.0 to 5.38.1
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.38.0 to 5.38.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.38.1/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-27 06:08:27 +00:00
Federico Builes
629703a27b
Merge pull request #260 from actions/dependabot/npm_and_yarn/types/node-16.11.62
...
Bump @types/node from 16.11.60 to 16.11.62
2022-09-27 08:08:06 +02:00
Federico Builes
d05bfb69a5
Merge pull request #259 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.38.1
...
Bump @typescript-eslint/parser from 5.38.0 to 5.38.1
2022-09-27 08:07:40 +02:00
dependabot[bot]
02bcebdd6e
Bump @types/node from 16.11.60 to 16.11.62
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.60 to 16.11.62.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-27 01:30:25 +00:00
dependabot[bot]
fbeabf7e29
Bump @typescript-eslint/parser from 5.38.0 to 5.38.1
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.38.0 to 5.38.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.38.1/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-27 01:30:16 +00:00
Federico Builes
0515f5cb39
Adding a skeleton for scanned dependencies in the summary.
2022-09-26 19:14:04 +02:00
Federico Builes
2d1d679f58
Move manifest grouping outside main.ts
2022-09-26 19:13:25 +02:00
Federico Builes
a3563a05bc
Use a set instead of raw JS objects.
2022-09-26 12:41:16 +02:00
Federico Builes
8a20ddbf25
try adding 3 sections
2022-09-26 12:21:24 +02:00
Federico Builes
2a646668d9
adding dist
2022-09-26 12:03:34 +02:00
Federico Builes
60be833ffd
Update manifest formatting in output.
2022-09-26 12:01:39 +02:00
Federico Builes
edc501a219
adding dist
2022-09-26 11:41:40 +02:00
Federico Builes
000837f2ac
Don't nest groups.
2022-09-26 11:41:02 +02:00
Federico Builes
89f99d150a
adding colors to the dep output
2022-09-26 11:35:05 +02:00
Federico Builes
0ed41eff02
Merge branch 'main' into add-scanned-deps
2022-09-26 11:34:43 +02:00
Federico Builes
dbe70eb550
updating gitignore
2022-09-26 11:29:22 +02:00
Federico Builes
78c7c01396
Merge branch 'main' into add-scanned-deps
...
# Conflicts:
# dist/index.js.map
2022-09-26 08:47:23 +02:00
Federico Builes
89a5c76329
Merge pull request #254 from actions/dependabot/npm_and_yarn/actions/github-5.1.0
...
Bump @actions/github from 5.0.3 to 5.1.0
2022-09-26 08:46:18 +02:00
Federico Builes
4a6d691283
adding dist
2022-09-26 08:45:09 +02:00
Federico Builes
b58d457243
Merge pull request #253 from actions/dependabot/npm_and_yarn/types/node-16.11.60
...
Bump @types/node from 16.11.59 to 16.11.60
2022-09-26 08:42:47 +02:00
Federico Builes
cc033856be
Merge pull request #255 from actions/dependabot/npm_and_yarn/eslint-8.24.0
...
Bump eslint from 8.23.1 to 8.24.0
2022-09-26 08:04:38 +02:00
dependabot[bot]
8595e805a5
Bump eslint from 8.23.1 to 8.24.0
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.23.1 to 8.24.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.23.1...v8.24.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-26 01:55:41 +00:00
dependabot[bot]
fa10a7f0d6
Bump @actions/github from 5.0.3 to 5.1.0
...
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github ) from 5.0.3 to 5.1.0.
- [Release notes](https://github.com/actions/toolkit/releases )
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github )
---
updated-dependencies:
- dependency-name: "@actions/github"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-26 01:54:35 +00:00
dependabot[bot]
6755d8aa71
Bump @types/node from 16.11.59 to 16.11.60
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 16.11.59 to 16.11.60.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-26 01:54:19 +00:00
Sarah Aladetan
375c537008
Updating to 2.4.0
2022-09-23 13:07:20 -07:00
Sarah Aladetan
98f28ebe06
Merge pull request #251 from actions/sarahkemi/ghsa-allowlist
...
Filter by vulnerability allow-list
2022-09-23 13:06:41 -07:00
Sarah Aladetan
716b322ec9
add allow-ghsas input to action.yml
2022-09-23 19:59:39 +00:00
Sarah Aladetan
12ae1bd550
Update wording in README.md
...
Co-authored-by: Federico Builes <febuiles@github.com >
2022-09-23 12:32:46 -07:00
Sarah Aladetan
bcb52636bd
build and package allow-ghsas
2022-09-22 22:58:43 +00:00
Sarah Aladetan
241ff73141
add doc on allow-ghsas to readme
2022-09-22 22:44:17 +00:00
Sarah Aladetan
062b749663
revise ghsa filter
2022-09-22 22:36:34 +00:00
Sarah Aladetan
4f00b72b84
filter allowed ghsas in action flow
2022-09-22 22:25:21 +00:00
Sarah Aladetan
602f968ea2
create a filter for vulns that are on the allowlist
2022-09-22 21:36:26 +00:00
Sarah Aladetan
bd61ea0d9e
create config option for ghsa allowlist
2022-09-22 21:34:18 +00:00
Federico Builes
8ec13c1f01
adding dist
2022-09-22 16:52:03 +02:00
Federico Builes
723ec8c0d3
Try showing information about the scanned dependencies.
2022-09-22 16:49:45 +02:00
Federico Builes
2843194510
Updating version.
2022-09-22 14:27:24 +02:00
Federico Builes
6944531f76
Update README.md
2022-09-22 14:26:27 +02:00
Federico Builes
29cdbbed37
Merge pull request #228 from actions/external-config
...
Add external configuration file
2022-09-22 14:22:39 +02:00