dependency-review-action

actions/dependency-review-action

Fork 0

43c5083e6c Node 18 cnagadya 2022-10-28 09:40:46 +00:00
fa62a0febc Merge pull request #294 from actions/cn/spdx-licenses Federico Builes 2022-10-28 11:27:18 +02:00
e897e8ebdd Add dist folder cnagadya 2022-10-28 09:25:16 +00:00
216fafaed5 PR feedback cnagadya 2022-10-28 11:23:05 +02:00
0144419c8e Format violations area cnagadya 2022-10-27 16:43:45 +00:00
7b16bd0b54 Add unvalidated changes to summary cnagadya 2022-10-27 16:24:30 +00:00
4525a8c091 Format summary findings cnagadya 2022-10-27 15:41:19 +00:00
72273c9a36 Update dist folder cnagadya 2022-10-27 15:22:00 +00:00
562a2f3c0a Improve summary formatting cnagadya 2022-10-27 15:19:32 +00:00
c82c183029 Resolve package-lock conflicts cnagadya 2022-10-27 14:37:08 +00:00
26be1f407e Merge pull request #309 from actions/codespace-actions-dependency-review-action-p79j7j9pxqrh669p cnagadya 2022-10-27 15:43:28 +02:00
022ea02fbb Add unresolved licenses section cnagadya 2022-10-27 13:09:37 +00:00
d6e28cdfae Merge pull request #307 from actions/dependabot/npm_and_yarn/types/node-16.18.2 Federico Builes 2022-10-27 07:34:11 +02:00
da3d8af3e3 Bump @types/node from 16.18.0 to 16.18.2 dependabot[bot] 2022-10-27 01:26:35 +00:00
52fa73c086 Update readme licenses sections cnagadya 2022-10-26 10:54:12 +00:00
3baea959cf Fix license test failures cnagadya 2022-10-26 09:05:22 +00:00
782c57b17e Fix config test failures cnagadya 2022-10-21 13:51:02 +00:00
ac5ed8754d Use SPDX license expressions cnagadya 2022-10-26 09:01:43 +00:00
024a5a6342 Merge pull request #305 from actions/dependabot/npm_and_yarn/octokit-2.0.10 Federico Builes 2022-10-26 08:49:12 +02:00
b2fc686406 Resolving merge conflicts Federico Builes 2022-10-26 08:47:43 +02:00
4ec1d46392 Bump octokit from 2.0.9 to 2.0.10 dependabot[bot] 2022-10-26 06:46:16 +00:00
cfef8bfe29 Merge pull request #304 from actions/dependabot/npm_and_yarn/octokit/plugin-retry-4.0.3 Federico Builes 2022-10-26 08:45:28 +02:00
bd43b8d1e2 updating dist Federico Builes 2022-10-26 08:45:18 +02:00
fced408b87 Bump @octokit/plugin-retry from 3.0.9 to 4.0.3 dependabot[bot] 2022-10-26 01:51:57 +00:00
65f9f50468 Merge pull request #303 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.41.0 Federico Builes 2022-10-25 07:57:41 +02:00
a393c83ce5 Bump @typescript-eslint/parser from 5.40.1 to 5.41.0 dependabot[bot] 2022-10-25 05:56:55 +00:00
56163c5659 Merge pull request #302 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.41.0 Federico Builes 2022-10-25 07:56:10 +02:00
5dc2e6e4bb Bump @typescript-eslint/eslint-plugin from 5.40.1 to 5.41.0 dependabot[bot] 2022-10-25 01:44:33 +00:00
0efb1d1d84 bumping to 2.5.1 Federico Builes 2022-10-24 17:03:38 +02:00
d4f6425aa4 Merge pull request #290 from actions/cn/scan_pr Federico Builes 2022-10-24 16:55:54 +02:00
49a61bd9bd Update scripts/scan_pr Federico Builes 2022-10-24 16:54:03 +02:00
06c01e11e8 Update scripts/scan_pr Federico Builes 2022-10-24 16:53:56 +02:00
4538b29c27 Merge pull request #300 from actions/dependabot/npm_and_yarn/eslint-8.26.0 Federico Builes 2022-10-24 07:14:08 +02:00
4153ec555a Merge pull request #299 from actions/dependabot/npm_and_yarn/types/node-16.18.0 Federico Builes 2022-10-24 07:13:59 +02:00
7c8d0843f9 Bump eslint from 8.25.0 to 8.26.0 dependabot[bot] 2022-10-24 01:47:43 +00:00
fc00198e43 Bump @types/node from 16.11.68 to 16.18.0 dependabot[bot] 2022-10-24 01:47:19 +00:00
9760f87258 Fix config-file description in action.yml Federico Builes 2022-10-21 17:38:18 +02:00
74c047086c Adding README and action.yml for external config files. Federico Builes 2022-10-21 17:34:20 +02:00
80e573b784 Fixing whitespace. Federico Builes 2022-10-21 14:03:17 +02:00
b5c3d1e723 Update scan_pr to support loading an external config YAML file. Federico Builes 2022-10-21 14:00:52 +02:00
7fd272118a Updating scan_pr to support a config file option. Federico Builes 2022-10-21 13:55:52 +02:00
3c9a31f5a0 Updating CONTRIBUTING.md Federico Builes 2022-10-21 13:36:00 +02:00
d8fba3fdc1 Remove hardcode file from .gitignore Federico Builes 2022-10-21 13:33:24 +02:00
e805dd89e8 Merge branch 'main' into cn/scan_pr Federico Builes 2022-10-21 13:27:09 +02:00
32276cb73d Merge pull request #298 from actions/dependabot/npm_and_yarn/types/node-16.11.68 Federico Builes 2022-10-19 07:49:08 +02:00
fe226ac019 Merge pull request #297 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.3 Federico Builes 2022-10-19 07:48:52 +02:00
b759175bdb Bump @types/node from 16.11.66 to 16.11.68 dependabot[bot] 2022-10-19 01:34:58 +00:00
6af054f363 Bump eslint-plugin-jest from 27.1.2 to 27.1.3 dependabot[bot] 2022-10-19 01:34:46 +00:00
6f32cb0afd Merge pull request #296 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.40.1 Federico Builes 2022-10-18 10:05:25 +02:00
2791afab72 Bump @typescript-eslint/parser from 5.40.0 to 5.40.1 dependabot[bot] 2022-10-18 06:54:19 +00:00
a8b5c8c24e Merge pull request #295 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.40.1 Federico Builes 2022-10-18 08:53:31 +02:00
12a250de95 Bump @typescript-eslint/eslint-plugin from 5.40.0 to 5.40.1 dependabot[bot] 2022-10-18 01:26:32 +00:00
917e5af203 Merge pull request #291 from actions/dependabot/npm_and_yarn/types/node-16.11.66 Federico Builes 2022-10-17 07:28:53 +02:00
ba6dba6225 Merge pull request #292 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-27.1.2 Federico Builes 2022-10-17 07:26:25 +02:00
63154658bc Bump eslint-plugin-jest from 27.1.1 to 27.1.2 dependabot[bot] 2022-10-17 01:51:39 +00:00
f84c5813e5 Bump @types/node from 16.11.65 to 16.11.66 dependabot[bot] 2022-10-17 01:51:15 +00:00
228a6404a2 Remove untracked dev-config.yml cnagadya 2022-10-14 13:07:46 +00:00
c84947f64b Ignore dev-config file cnagadya 2022-10-14 12:31:49 +00:00
71dbf10e60 Add configuration instruction to docs cnagadya 2022-10-14 12:31:17 +00:00
f9deefc2e9 Retrieve config file values for local testing cnagadya 2022-10-14 09:26:12 +00:00
0e5d083be1 Merge pull request #289 from actions/dependabot/npm_and_yarn/octokit-2.0.9 Federico Builes 2022-10-14 09:09:30 +02:00
2f428eec67 adding dist Federico Builes 2022-10-14 09:03:58 +02:00
dff2fdff0f Bump octokit from 2.0.7 to 2.0.9 dependabot[bot] 2022-10-14 06:56:20 +00:00
12a171cf96 Merge pull request #288 from actions/dependabot/npm_and_yarn/octokit/request-error-3.0.2 Federico Builes 2022-10-14 08:55:30 +02:00
3156cf8998 Bump @octokit/request-error from 3.0.1 to 3.0.2 dependabot[bot] 2022-10-14 01:25:21 +00:00
fd675ced9c v2.5.0 release Co-authored-by: Henri Maurer <hmaurer@github.com> Co-authored-by: Federico Builes <febuiles@github.com> cnagadya 2022-10-13 14:58:37 +00:00
f7d03d8b76 Merge pull request #284 from actions/cn/license-api-fallback Federico Builes 2022-10-13 16:54:33 +02:00
7e41a6f1ee Removing unnecessary beforeAll block Federico Builes 2022-10-13 16:52:54 +02:00
4c0961eff6 Add tests for GitHub License API fallback cnagadya 2022-10-13 11:57:38 +00:00
d1e9a12830 Resolve conflicts cnagadya 2022-10-13 11:06:40 +00:00
2e3713aab8 Optimise setGHLicenses cnagadya 2022-10-11 10:44:55 +00:00
ba9d7c1389 Retrieve null licenses from licenses API cnagadya 2022-10-11 10:40:12 +00:00
0cd2781117 Merge pull request #286 from actions/dependabot/npm_and_yarn/ansi-styles-6.2.1 Federico Builes 2022-10-13 12:28:39 +02:00
129f0ad973 adding dist Federico Builes 2022-10-13 12:26:58 +02:00
0a88a4704b Bump ansi-styles from 6.2.0 to 6.2.1 dependabot[bot] 2022-10-13 06:12:45 +00:00
18069caed8 Merge pull request #287 from actions/dependabot/npm_and_yarn/got-12.5.2 Federico Builes 2022-10-13 08:12:07 +02:00
61cee4b12b Bump got from 12.5.1 to 12.5.2 dependabot[bot] 2022-10-13 01:25:32 +00:00
94670a1af8 Merge pull request #282 from actions/dependabot/npm_and_yarn/eslint-plugin-github-4.4.0 Federico Builes 2022-10-12 08:05:50 +02:00
577d9714ad Merge pull request #283 from actions/dependabot/npm_and_yarn/ansi-styles-6.2.0 Federico Builes 2022-10-12 08:02:05 +02:00
9ce6cb532b adding dist Federico Builes 2022-10-12 08:01:53 +02:00
0b980b1ccd Bump ansi-styles from 6.1.1 to 6.2.0 dependabot[bot] 2022-10-12 01:41:51 +00:00
bc5f6c2f39 Bump eslint-plugin-github from 4.3.7 to 4.4.0 dependabot[bot] 2022-10-12 01:41:43 +00:00
9c96258789 Update to 2.4.1 cnagadya 2022-10-11 13:42:40 +00:00
f076f221f4 Merge pull request #280 from actions/format-bugs Federico Builes 2022-10-11 15:22:44 +02:00
88b817ec8d adding dist Federico Builes 2022-10-11 15:20:02 +02:00
2dd6c6a3d7 Fixing a bug with GHSA filtering. Federico Builes 2022-10-11 15:17:34 +02:00
1d9bfbbddf Document the behavior of the GHSA filtering function. Federico Builes 2022-10-11 15:09:58 +02:00
f632f5f79d adding dist Federico Builes 2022-10-11 14:51:27 +02:00
ee42a6512f Show the dependency name instead of the manifest. Federico Builes 2022-10-11 14:50:55 +02:00
6f58092362 Merge pull request #278 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.40.0 Federico Builes 2022-10-11 12:11:26 +02:00
b81bfe53ce Bump @typescript-eslint/eslint-plugin from 5.39.0 to 5.40.0 dependabot[bot] 2022-10-11 10:10:06 +00:00
5679c0f8be Merge pull request #277 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.40.0 Federico Builes 2022-10-11 12:09:15 +02:00
2018b3e66f Bump @typescript-eslint/parser from 5.39.0 to 5.40.0 dependabot[bot] 2022-10-11 08:50:56 +00:00
463890c1ed Merge pull request #276 from actions/dependabot/npm_and_yarn/types/node-16.11.65 Federico Builes 2022-10-11 10:50:05 +02:00
c9b9d23e75 Bump @types/node from 16.11.64 to 16.11.65 dependabot[bot] 2022-10-11 01:32:53 +00:00
4c14cfe593 Merge pull request #275 from actions/dependabot/npm_and_yarn/eslint-8.25.0 Federico Builes 2022-10-10 08:24:07 +02:00
5b70fe08e7 Bump eslint from 8.24.0 to 8.25.0 dependabot[bot] 2022-10-10 01:52:29 +00:00
81216f689b Merge pull request #274 from actions/dependabot/npm_and_yarn/yaml-2.1.3 Federico Builes 2022-10-06 14:43:54 +02:00
afbc15c97f updating dist files Federico Builes 2022-10-06 14:41:07 +02:00
8d974c4ee8 Bump yaml from 2.1.2 to 2.1.3 dependabot[bot] 2022-10-06 11:19:30 +00:00

Commit Graph Select branches Hide Pull Requests main Mono Color

Commit Graph

Select branches

Hide Pull Requests

main