Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependabots/22 01 2025 #1035

Closed
wants to merge 7 commits into from
Closed

Conversation

Copy link

github-actions bot commented Jan 28, 2025

Dependency Review

The following issues were found:

  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
  • ⚠️ 13 packages with OpenSSF Scorecard issues.

View full job summary

@ronaldsg20 ronaldsg20 changed the base branch from main to feature/2.4 February 3, 2025 17:05
dependabot bot and others added 6 commits February 3, 2025 12:06
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.6 to 3.28.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@aa57810...f6091c0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps node from `c65ab33` to `3b73c4b`.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [@types/chai](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chai) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chai)

---
updated-dependencies:
- dependency-name: "@types/chai"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [send](https://github.com/pillarjs/send) and [expo](https://github.com/expo/expo/tree/HEAD/packages/expo). These dependencies needed to be updated together.

Updates `send` from 0.18.0 to 0.19.1
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](https://github.com/pillarjs/send/commits)

Updates `expo` from 51.0.5 to 52.0.27
- [Changelog](https://github.com/expo/expo/blob/main/packages/expo/CHANGELOG.md)
- [Commits](https://github.com/expo/expo/commits/HEAD/packages/expo)

---
updated-dependencies:
- dependency-name: send
  dependency-type: indirect
- dependency-name: expo
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@39370e3...1d0ff46)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@ronaldsg20 ronaldsg20 force-pushed the dependabots/22-01-2025 branch from 486d623 to 524b4c5 Compare February 3, 2025 17:06
Copy link

sonarqubecloud bot commented Feb 3, 2025

Base automatically changed from feature/2.4 to main February 24, 2025 18:59
@ronaldsg20 ronaldsg20 changed the base branch from main to feature/2.5 February 26, 2025 05:36
@lserra-iov lserra-iov closed this Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants