Commit Graph

153 Commits

Author SHA1 Message Date
Kevin Dangoor fe8d4d650a Merge pull request #113 from advanced-security/dangoor/413
Bump version number to 4.1.3
2025-05-19 17:51:44 -04:00
Kevin Dangoor 05a8a347d6 Bump version number to 4.1.3 2025-05-19 17:09:37 -04:00
Kevin Dangoor 5d790318e6 Merge pull request #112 from advanced-security/workflow-permissions
Set workflow permissions
2025-05-19 13:05:25 -04:00
Kevin Dangoor 66812695c4 Set workflow permissions 2025-05-16 17:30:56 -04:00
Kevin Dangoor 4b6fc92adc Merge pull request #111 from advanced-security/dependabot/npm_and_yarn/npm_and_yarn-06dd3a6abc
Bump the npm_and_yarn group across 1 directory with 4 updates
2025-05-16 17:23:24 -04:00
dependabot[bot] a82c97775c Bump the npm_and_yarn group across 1 directory with 4 updates
Bumps the npm_and_yarn group with 2 updates in the / directory: [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) and [undici](https://github.com/nodejs/undici).


Updates `vitest` from 1.6.1 to 3.1.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.1.3/packages/vitest)

Updates `esbuild` from 0.21.5 to 0.25.4
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.25.4)

Updates `undici` from 5.28.4 to 5.29.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.29.0)

Updates `vite` from 5.4.16 to 6.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.5/packages/vite)

---
updated-dependencies:
- dependency-name: vitest
  dependency-version: 3.1.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.25.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-version: 5.29.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.3.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-16 21:21:46 +00:00
Kevin Dangoor fd44dd789a Merge pull request #101 from advanced-security/dependabot/npm_and_yarn/octokit/request-8.4.1
Bump @octokit/request from 8.4.0 to 8.4.1
2025-05-16 17:20:05 -04:00
Kevin Dangoor b08977e686 Merge pull request #100 from advanced-security/dependabot/npm_and_yarn/octokit/request-error-5.1.1
Bump @octokit/request-error from 5.1.0 to 5.1.1
2025-05-16 17:19:33 -04:00
Kevin Dangoor 0fdf861094 Merge pull request #98 from advanced-security/dependabot/npm_and_yarn/octokit/endpoint-9.0.6
Bump @octokit/endpoint from 9.0.5 to 9.0.6
2025-05-16 17:19:11 -04:00
Kevin Dangoor dc41d4a792 Merge pull request #97 from advanced-security/dependabot/npm_and_yarn/tar-fs-2.1.2
Bump tar-fs from 2.1.1 to 2.1.2
2025-05-16 17:18:45 -04:00
Kevin Dangoor 1f5918021f Merge pull request #95 from advanced-security/dependabot/npm_and_yarn/octokit/plugin-paginate-rest-9.2.2
Bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2
2025-05-16 17:18:20 -04:00
Justin Holguín 4bf8a28b00 Merge pull request #108 from advanced-security/juxtin/release-docs
Update release docs to include release artifacts
2025-04-07 09:32:51 -07:00
Justin Holguín e457a508a1 Update release docs to include release artifacts 2025-04-07 16:25:07 +00:00
Justin Holguín aeab9f8852 Merge pull request #106 from advanced-security/juxtin/prep-412
Update version to 4.1.2 and update release instructions
2025-04-04 13:01:39 -07:00
Justin Holguín bc43a53a41 Update step numbers 2025-04-04 17:52:50 +00:00
Justin Holguín 8ec6a0b12e Add note about running npm build 2025-04-04 17:52:04 +00:00
Justin Holguín 8c8c37cf51 Merge branch 'main' into juxtin/prep-412 2025-04-04 10:49:59 -07:00
Justin Holguín 4ccf7bf0a3 Update version to 4.1.2 and update release instructions 2025-04-04 17:45:46 +00:00
Paul Hodgkinson 517058e819 Merge branch 'main' into dependabot/npm_and_yarn/octokit/endpoint-9.0.6 2025-04-04 18:33:33 +01:00
Paul Hodgkinson 88fbf083ed Merge branch 'main' into dependabot/npm_and_yarn/octokit/request-error-5.1.1 2025-04-04 18:33:19 +01:00
Paul Hodgkinson d5e8c459a7 Merge branch 'main' into dependabot/npm_and_yarn/octokit/request-8.4.1 2025-04-04 18:33:06 +01:00
Paul Hodgkinson fd85cdd6fc Merge branch 'main' into dependabot/npm_and_yarn/octokit/plugin-paginate-rest-9.2.2 2025-04-04 18:32:56 +01:00
Paul Hodgkinson 5736c58c85 Merge branch 'main' into dependabot/npm_and_yarn/tar-fs-2.1.2 2025-04-04 18:32:20 +01:00
Justin Holguín 973a8cf442 Merge pull request #104 from advanced-security/juxtin/prep-412
Prep for next release
2025-04-04 08:32:05 -07:00
Justin Holguín 48f232b0d1 Update dist files 2025-04-03 22:03:26 +00:00
Justin Holguín 769e1e8558 Prepare for 4.1.2 release 2025-04-03 18:34:20 +00:00
Justin Holguín 298a804769 Upgrade version of Maven plugin
See https://github.com/ferstl/depgraph-maven-plugin
2025-04-03 18:33:47 +00:00
Justin Holguín 29fd39885e Merge pull request #103 from advanced-security/juxtin/handle-cycles
Add cycle safety for transitive dependencies
2025-04-03 11:29:17 -07:00
Justin Holguín 595d586c88 Simplify test data and refactor 2025-04-03 16:59:49 +00:00
Justin Holguín 9e875aadac Add cycle safety for transitive dependencies 2025-04-02 22:45:08 +00:00
Kevin Dangoor 17ef6767ae Merge pull request #102 from advanced-security/GeekMasher-patch-1
Create CODEOWNERS
2025-04-02 14:01:23 -04:00
Mathew Payne 266293e200 feat: Create CODEOWNERS 2025-04-01 16:00:01 +01:00
dependabot[bot] 97bb06c6ff Bump @octokit/request from 8.4.0 to 8.4.1
Bumps [@octokit/request](https://github.com/octokit/request.js) from 8.4.0 to 8.4.1.
- [Release notes](https://github.com/octokit/request.js/releases)
- [Commits](https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1)

---
updated-dependencies:
- dependency-name: "@octokit/request"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:48:29 +00:00
dependabot[bot] 5bf0dc7e83 Bump @octokit/request-error from 5.1.0 to 5.1.1
Bumps [@octokit/request-error](https://github.com/octokit/request-error.js) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1)

---
updated-dependencies:
- dependency-name: "@octokit/request-error"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:48:10 +00:00
dependabot[bot] e42d5157d9 Bump @octokit/endpoint from 9.0.5 to 9.0.6
Bumps [@octokit/endpoint](https://github.com/octokit/endpoint.js) from 9.0.5 to 9.0.6.
- [Release notes](https://github.com/octokit/endpoint.js/releases)
- [Commits](https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6)

---
updated-dependencies:
- dependency-name: "@octokit/endpoint"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:48:01 +00:00
dependabot[bot] 5dc9268511 Bump tar-fs from 2.1.1 to 2.1.2
Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 2.1.1 to 2.1.2.
- [Commits](https://github.com/mafintosh/tar-fs/compare/v2.1.1...v2.1.2)

---
updated-dependencies:
- dependency-name: tar-fs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:47:54 +00:00
dependabot[bot] 66fe395b94 Bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2
Bumps [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) from 9.2.1 to 9.2.2.
- [Release notes](https://github.com/octokit/plugin-paginate-rest.js/releases)
- [Commits](https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2)

---
updated-dependencies:
- dependency-name: "@octokit/plugin-paginate-rest"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:47:44 +00:00
Mathew Payne 499642b4a1 Merge pull request #94 from advanced-security/dependabot/npm_and_yarn/vitest-1.6.1
Bump vitest from 1.5.2 to 1.6.1
2025-04-01 15:46:33 +01:00
dependabot[bot] e8e224050e Bump vitest from 1.5.2 to 1.6.1
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 1.5.2 to 1.6.1.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest)

---
updated-dependencies:
- dependency-name: vitest
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-01 14:42:10 +00:00
Jon Janego 49866fead7 Merge pull request #90 from advanced-security/jonjanego-patch-2
Update README.md
2024-09-24 16:58:59 -05:00
Jon Janego f5f71df9a0 Update README.md
Dependency submission is no longer in beta
2024-09-23 17:21:52 -05:00
github-actions 4f64ddab9d chore: Updating release files 2024-08-07 14:33:45 +00:00
github-actions dba3dacedd 4.1.1 2024-08-07 14:33:28 +00:00
Henri Maurer 4883574ccf Merge pull request #89 from david-wiggs/hotfix/fix-test
Remove reference to undefined function
2024-08-07 15:31:23 +01:00
David Wiggs 33e1d3d801 Remove reference to undefined function 2024-08-07 14:29:22 +00:00
Henri Maurer 4b85c77703 Merge pull request #88 from david-wiggs/unique-job-matrix
Distinguish between multiple dependency snapshots of the same type
2024-08-07 15:10:49 +01:00
David Wiggs 73d9d97f9f Update src/snapshot-generator.test.ts
Co-authored-by: Mitchell Rysavy <mitchell.rysavy@gmail.com>
2024-07-29 10:08:09 -05:00
David Wiggs 967455e178 No need to import getMavenSettingsFile when testing 2024-07-24 12:59:25 +00:00
David Wiggs 7592e88109 Use supplied correlator without concatenation 2024-07-23 22:33:11 +00:00
David Wiggs 2ba839e04b Add some tests 2024-07-22 23:27:03 +00:00