dependency-review-action

actions/dependency-review-action

Fork 0

6fad417932 Merge pull request #978 from actions/ljones140/make-ruby-code-scannable Lewis Jones 2025-08-29 10:39:17 +01:00
e86e9692ad Update scripts/scan_pr_lib.rb Lewis Jones 2025-08-28 16:24:02 +01:00
85c8e53ab7 Scan ruby Lewis Jones 2025-08-28 16:12:23 +01:00
c6a7eb7252 Extract ruby code Lewis Jones 2025-08-28 16:11:56 +01:00
595b5aeba7 Update package version (#975) Claire Song 2025-08-26 16:00:34 -04:00
fc5fd661aa Claire153/fix spamming mentioned issue (#974) Claire Song 2025-08-26 15:46:02 -04:00
d38d1a4f40 Merge pull request #965 from actions/dependabot/npm_and_yarn/multi-c22e25d29b Ashely Tenesaca 2025-08-20 17:40:22 -04:00
8d420b827c Merge branch 'main' into dependabot/npm_and_yarn/multi-c22e25d29b Ashely Tenesaca 2025-08-20 17:28:38 -04:00
bde01290d3 Merge pull request #966 from actions/ashelytc/add-permissions Ashely Tenesaca 2025-08-20 09:33:56 -04:00
ab524903e8 remove ruby Ashely Tenesaca 2025-08-19 17:11:41 -04:00
ef00a0afbb add permissions to workflows Ashely Tenesaca 2025-08-19 20:55:24 +00:00
74c8179d39 Bump brace-expansion dependabot[bot] 2025-08-18 22:33:26 +00:00
bc41886e18 Cut 4.7.2 version release (#964) Claire Song 2025-08-18 14:17:54 -04:00
1c73553e36 Merge pull request #960 from ahpook/ahpook/address-docs-dashes Kevin Dangoor 2025-08-18 14:02:19 -04:00
fac3d41a58 Bump the minor-updates group across 1 directory with 5 updates (#956) dependabot[bot] 2025-08-18 10:31:31 -07:00
d8073c4b76 Merge pull request #958 from actions/claire153/deprecate-deny-lists Claire Song 2025-08-18 12:33:17 -04:00
77184c6339 Fix tests Claire Song 2025-08-18 15:10:48 +00:00
5558c35bb3 Address discrepancy between docs and reality Eric Sorenson 2025-08-15 17:16:55 -07:00
e85d57a50e Remove test code Claire Song 2025-08-15 16:15:02 +00:00
3eb62794c5 Re-add test package. Only show warning in summary if option is used. Update copy. Claire Song 2025-08-15 15:49:35 +00:00
7cf33ac2f2 Remove test deny list Claire Song 2025-08-14 17:58:31 +00:00
493bee0560 Remove test package Claire Song 2025-08-14 17:46:53 +00:00
659a1e1bd0 Update copy and styling Claire Song 2025-08-14 17:44:34 +00:00
6e80be31cd Add one more line break Claire Song 2025-08-14 16:39:53 +00:00
3fb5c613f0 Add one more line break Claire Song 2025-08-14 16:32:20 +00:00
7d16ba5d7e Add one more line break Claire Song 2025-08-14 15:43:03 +00:00
a92a9da9c8 Add one more line break Claire Song 2025-08-14 15:39:37 +00:00
c1fa9df06b Build Claire Song 2025-08-14 14:43:45 +00:00
6e2bbef080 Add deprecation warning, fix lint issues Claire Song 2025-08-14 14:25:52 +00:00
9ca24b6906 Add new package Claire Song 2025-08-13 21:22:20 +00:00
70e1d26338 Test deny list Claire Song 2025-08-13 21:07:58 +00:00
89c7383074 Merge pull request #946 from actions/dependabot/npm_and_yarn/minor-updates-9b599382cb Roman Iakovlev 2025-07-22 16:15:34 +02:00
40f2ab01b7 Update dist Roman Iakovlev 2025-07-22 14:06:49 +00:00
2bedf4a221 Update dist Roman Iakovlev 2025-07-22 14:01:55 +00:00
87052cdc7b Bump the minor-updates group across 1 directory with 10 updates dependabot[bot] 2025-07-14 01:52:01 +00:00
47d790678f Merge pull request #934 from actions/dependabot/npm_and_yarn/undici-5.29.0 Roman Iakovlev 2025-07-21 19:12:52 +02:00
1e946feb37 Update dist Roman Iakovlev 2025-07-21 13:53:37 +00:00
8a1ad91c0a Merge pull request #945 from KyFaSt/patch-1 Kevin Dangoor 2025-07-11 13:47:35 -04:00
8296deda21 Add Missing Languages to CodeQL Advanced Configuration Kylie Stradley 2025-07-10 09:22:28 -04:00
733ef0ab01 Bump undici from 5.28.5 to 5.29.0 dependabot[bot] 2025-05-15 16:32:05 +00:00
da24556b54 Merge pull request #933 from actions/dangoor/471-release Kevin Dangoor 2025-05-13 12:46:37 -04:00
9af0caf0e5 Bump version number for 4.7.1 Kevin Dangoor 2025-05-13 11:20:20 -04:00
d8f2df20d5 Merge pull request #932 from actions/907-disallow-expression Kevin Dangoor 2025-05-13 10:28:49 -04:00
6e9307a3d4 Discard allow list entries that are not SPDX IDs Kevin Dangoor 2025-05-12 18:58:58 -04:00
8805179dc9 Merge pull request #930 from actions/889-allow-no-license Kevin Dangoor 2025-05-08 17:38:03 -04:00
014300b08c Update build Kevin Dangoor 2025-05-08 17:19:56 -04:00
34486f306e Check namespaces when excluding license checks Kevin Dangoor 2025-05-08 17:17:08 -04:00
9b155d6432 Update build Kevin Dangoor 2025-05-08 16:37:11 -04:00
f199659a6a Allowing dependencies works with no licenses Kevin Dangoor 2025-05-08 16:31:46 -04:00
38ecb5b593 Merge pull request #929 from actions/dangoor/4.7-release Kevin Dangoor 2025-05-08 14:14:35 -04:00
0e9e935cc8 Version 4.7.0 release Kevin Dangoor 2025-05-08 13:58:56 -04:00
69d2faa365 Merge pull request #926 from dangoor/dangoor/replace-other Kevin Dangoor 2025-05-07 13:25:04 -04:00
7e14978e0e Merge branch 'actions:main' into dangoor/replace-other Kevin Dangoor 2025-05-07 13:08:00 -04:00
8477905b0e Merge pull request #927 from dangoor/dangoor/multilicense Kevin Dangoor 2025-05-07 13:06:06 -04:00
f3ff3564fa Update dist Kevin Dangoor 2025-05-06 12:26:28 -04:00
c7565d44ec Fix tests and respond to review feedback Kevin Dangoor 2025-05-06 12:25:30 -04:00
82299c3bbe Replace OTHER with a LicenseRef Kevin Dangoor 2025-05-06 11:22:50 -04:00
2013ccccfe Update type definition for spdx-satisfies Kevin Dangoor 2025-05-06 11:02:54 -04:00
3a2b68706a Handle complex licenses (e.g. X AND Y) Kevin Dangoor 2025-05-05 19:06:50 -04:00
a87294d992 Revert "Merge pull request #916 from jebeaudet/spdx-support" Kevin Dangoor 2025-05-05 18:43:46 -04:00
5a5d4df8ad Merge pull request #916 from jebeaudet/spdx-support Ashely Tenesaca 2025-04-15 11:33:49 -04:00
4eb8182aba Support SPDX expressions in allow/deny lists Jacques-Etienne Beaudet 2025-04-07 14:07:49 -04:00
67d4f4bd7a Merge pull request #911 from actions/brrygrdn/handle-spdx-updates-as-priority Barry Gordon 2025-04-04 13:00:44 +01:00
d2e453a37e Handle any SPDX dependencies as a priority PR Barry Gordon 2025-04-01 12:33:06 +01:00
ce3cf9537a Merge pull request #910 from actions/brrygrdn/4.6.0-release-candidate Barry Gordon 2025-04-01 12:33:27 +01:00
479b69732e Prepare 4.6.0 Barry Gordon 2025-04-01 12:11:10 +01:00
aee95908ea Merge pull request #902 from Pantelis-Santorinios/patch-1 Barry Gordon 2025-04-01 11:40:30 +01:00
080ada6281 Merge pull request #883 from fabasoad/fix/ci Barry Gordon 2025-04-01 11:36:38 +01:00
430e5f0bbf Merge pull request #884 from fabasoad/fix/863 Barry Gordon 2025-04-01 11:35:58 +01:00
51699b6461 Merge pull request #855 from ailox/ailox/fix/invalid-new-licenses Barry Gordon 2025-04-01 11:33:12 +01:00
ac9b193beb Merge pull request #899 from actions/dependabot/npm_and_yarn/octokit/plugin-paginate-rest-9.2.2 Roman Iakovlev 2025-03-13 15:37:55 +01:00
d630451aa0 Pin @octokit/types version for compatibility Roman Iakovlev 2025-03-13 14:34:23 +00:00
c8dafca32b Add dist for @octokit/plugin-paginate-rest version bump Roman Iakovlev 2025-03-12 16:55:30 +00:00
bc858b5649 Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 dependabot[bot] 2025-02-26 20:54:09 +00:00
cd1541ea8d Merge pull request #905 from actions/dependabot/npm_and_yarn/babel/helpers-7.26.10 Roman Iakovlev 2025-03-12 15:43:04 +01:00
7bce095f93 Bump @babel/helpers from 7.23.2 to 7.26.10 dependabot[bot] 2025-03-12 11:42:46 +00:00
195b0c2e88 Merge pull request #904 from actions/roman/upd Roman Iakovlev 2025-03-12 12:41:41 +01:00
cdee0bc8c3 Bump octokit and related dependencies Roman Iakovlev 2025-03-12 10:57:15 +00:00
0e562a634b Merge pull request #900 from actions/dependabot/npm_and_yarn/esbuild-0.25.0 Lewis Jones 2025-03-07 11:49:50 +00:00
3d00aed36d Update README.md Pantelis 2025-03-06 14:43:51 +01:00
2c5ec1eea8 Bump esbuild from 0.19.5 to 0.25.0 dependabot[bot] 2025-02-26 20:54:18 +00:00
bf0431a342 Merge pull request #893 from omahs/patch-1 Eric Sorenson 2025-02-07 14:27:22 -08:00
c26b132baa fix typos omahs 2025-02-07 13:22:20 +01:00
3ffdd4d73e fix typos omahs 2025-02-07 13:20:46 +01:00
ea2cae5127 Merge pull request #888 from ellenfieldn/allow-deny-package-removal Ashely Tenesaca 2025-02-06 17:18:15 -05:00
dfe560420d fix formatting and dist Nathan Ellenfield 2025-02-05 15:50:50 -05:00
e4033dcc29 Merge remote-tracking branch 'origin/main' into allow-deny-package-removal Nathan Ellenfield 2025-02-04 13:33:03 -05:00
92129e58e4 Merge pull request #891 from actions/ashelytc/server-url-fix Ashely Tenesaca 2025-02-03 14:46:11 -05:00
bf9bc3f2a6 generate dist code Ashely Tenesaca 2025-02-03 17:25:46 +00:00
d703cf58c3 replace server url with variable Ashely Tenesaca 2025-02-03 15:57:21 +00:00
c80eb9894b fixit Nathan Ellenfield 2025-01-27 16:01:10 -05:00
5e7a6ffc7d fix: Allow removal denied packages Nathan Ellenfield 2025-01-27 15:54:27 -05:00
c665328b35 Make 'None' to be a text instead of list fabasoad 2025-01-26 22:36:42 +09:00
5370d75f36 To not print OpenSSF Scorecard section if no dependencies scanned fabasoad 2025-01-25 23:28:54 +09:00
7f3cd87ec0 Fix usage of this action in dependency-review.yml fabasoad 2025-01-25 23:11:35 +09:00
67ca5cc413 Merge pull request #877 from actions/dependabot/npm_and_yarn/undici-5.28.5 Ahmed ElMallah 2025-01-24 12:04:24 -08:00
8992b0e1c7 updating dist code Ahmed ElMallah 2025-01-24 20:01:21 +00:00
5e9a56c6de Merge pull request #878 from actions/dependabot/github_actions/actions/stale-9.1.0 Ahmed ElMallah 2025-01-24 11:58:00 -08:00
9cd1f01f7f Bump actions/stale from 9.0.0 to 9.1.0 dependabot[bot] 2025-01-24 19:52:48 +00:00
a0be92bfc2 Merge pull request #876 from actions/ahmed3lmallah/dependabot-updates Ahmed ElMallah 2025-01-24 11:52:11 -08:00

Commit Graph Select branches Hide Pull Requests main Mono Color

Commit Graph

Select branches

Hide Pull Requests

main