actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,957 Commits 1 Branch 0 Tags
main
Commit Graph

36 Commits

Author SHA1 Message Date
Eric Sorenson
4038a34c4b Merge pull request #1021 from actions/dependabot/github_actions/actions/checkout-6 
Bump actions/checkout from 4 to 6
 2026-03-02 16:00:21 -08:00
dependabot[bot]
17d14c08d9 Bump actions/stale from 10.1.0 to 10.2.0 
Bumps [actions/stale](https://github.com/actions/stale) from 10.1.0 to 10.2.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v10.1.0...v10.2.0)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 01:42:33 +00:00
dependabot[bot]
1d60e0d095 Bump actions/checkout from 4 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-27 18:20:43 +00:00
Barry Gordon
35ccfd2548 Merge pull request #1005 from actions/dependabot/github_actions/actions/setup-node-6 
Bump actions/setup-node from 4 to 6
 2025-11-27 18:19:46 +00:00
Barry Gordon
a2014a181b Merge pull request #1003 from actions/dependabot/github_actions/github/codeql-action-4 
Bump github/codeql-action from 3 to 4
 2025-11-27 18:19:21 +00:00
Barry Gordon
1a0268586f Merge pull request #995 from actions/dependabot/github_actions/actions/stale-10.1.0 
Bump actions/stale from 9.1.0 to 10.1.0
 2025-11-27 18:18:38 +00:00
dependabot[bot]
805c0b2856 Bump actions/setup-node from 4 to 6 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-11 00:20:49 +00:00
Kevin Dangoor
289863a7c4 GitHub Actions can't push to our protected main 
Our main branch is protected, which means that our Actions workflow
cannot push changes directly to main. This removes the non-functional
workflow.
 2025-11-10 17:46:39 -05:00
Kevin Dangoor
9b42b7e9a9 Remove bad token reference 2025-11-05 20:29:51 -05:00
Kevin Dangoor
94004c3444 Remove dist directory change blocking 
We don't really need to prevent changes to the dist directory
being committed. If someone does push a change to the dist directory,
they'd be able to test with that. Plus the files will be regenerated
on main, so that we know the final dist files are correct.

This also fixes up some paths in the ci-update-dist.yml workflow
which generates the dist files on main.
 2025-11-05 18:04:42 -05:00
Kevin Dangoor
75e65b4d81 Generate dist files on main branch 
This adapts an approach taken by the Gradle actions in order to
generate the dist files on the main branch rather than having
every contributor need to generate them. (In fact, people will no
longer be able to submit PRs with the dist files updated). This
change is important because the current approach means that
people encounter merge conflicts all the time and will need to
keep regenerating the dist files in order to land their change.
 2025-11-05 17:30:02 -05:00
dependabot[bot]
0f943b29ae Bump github/codeql-action from 3 to 4 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-13 01:01:57 +00:00
dependabot[bot]
2440f520c8 Bump actions/stale from 9.1.0 to 10.1.0 
Bumps [actions/stale](https://github.com/actions/stale) from 9.1.0 to 10.1.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v9.1.0...v10.1.0)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: 10.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-06 01:01:54 +00:00
Lewis Jones
85c8e53ab7 Scan ruby 2025-08-28 16:12:23 +01:00
Ashely Tenesaca
ab524903e8 remove ruby 2025-08-19 17:11:41 -04:00
Ashely Tenesaca
ef00a0afbb add permissions to workflows 2025-08-19 20:55:24 +00:00
Kylie Stradley
8296deda21 Add Missing Languages to CodeQL Advanced Configuration 2025-07-10 09:22:28 -04:00
fabasoad
7f3cd87ec0 Fix usage of this action in dependency-review.yml 2025-01-25 23:11:35 +09:00
dependabot[bot]
9cd1f01f7f Bump actions/stale from 9.0.0 to 9.1.0 
Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v9.0.0...v9.1.0)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-24 19:52:48 +00:00
Jon Janego
14b94f8fbc Update stale.yaml 
adding closure messages
 2024-09-26 11:47:03 -05:00
Jon Janego
3b70c9966e Update stale.yaml 
fixing some comments, adding a keep label for issues, explicitly defining labeling behavior for issues
 2024-03-14 14:43:08 -05:00
Jon Janego
a1be843151 Update stale.yaml 
Adding stale checks to issues
 2024-02-20 10:25:09 -06:00
Justin Holguín
0812876f7c Update codeql.yml 2024-01-31 13:44:54 -08:00
Justin Holguín
4f37a60d4f Create codeql.yml 2024-01-31 13:36:31 -08:00
Jon Janego
56991330a3 Update stale.yaml 
assigning explicit permissions
 2024-01-26 09:15:48 -06:00
Jon Janego
a824acd5d7 Create stale.yaml 2024-01-25 13:49:10 -06:00
Federico Builes
dbf82a4a5e Merge pull request #639 from takost/takost/update-to-node-20 
Update action to node20
 2024-01-18 13:52:05 +01:00
dependabot[bot]
5ccb7d478c Bump actions/upload-artifact from 3 to 4 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 01:54:59 +00:00
Tatyana Kostromskaya
1c9a424cbc . 2023-12-14 15:06:21 +00:00
dependabot[bot]
7314a0c1f5 Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-30 01:40:15 +00:00
dependabot[bot]
7095391667 Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-11 01:14:30 +00:00
Jongwoo Han
86e4c38e88 Use cache in check-dist.yml 
Signed-off-by: jongwooo <jongwooo.han@gmail.com>
 2022-12-20 03:17:46 +09:00
cnagadya
43c5083e6c Node 18 2022-10-28 10:13:58 +00:00
Kenichi Kamiya
40346e9340 Run test and linter in CI 2022-07-04 20:12:07 +09:00
dependabot[bot]
52530a057c Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-11 01:39:43 +00:00
Federico Builes
3f943b86c9 initial commit 2022-03-31 18:31:39 +02:00