Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump dependabot/fetch-metadata from 1 to 2 #508

Open
wants to merge 259 commits into
base: main
Choose a base branch
from
Open

Bump dependabot/fetch-metadata from 1 to 2 #508

wants to merge 259 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 28, 2024
edited
Loading

Bumps dependabot/fetch-metadata from 1 to 2.

Release notes

Sourced from dependabot/fetch-metadata's releases.

v2.0.0 - Switch to node20

What's Changed

Full Changelog: dependabot/fetch-metadata@v1.7.0...v2.0.0

v1.7.0

What's Changed

New Contributors

... (truncated)

Commits
  • dbb049a v2.2.0 (#520)
  • 36bf1f9 Merge pull request #532 from dependabot/dependabot/npm_and_yarn/braces-3.0.3
  • a3420b5 Bump braces from 3.0.2 to 3.0.3
  • 006e43f Merge pull request #534 from dependabot/dependabot/github_actions/actions/cre...
  • 9c55ebe Bump actions/create-github-app-token from 1.10.0 to 1.10.2
  • 325b863 Merge pull request #523 from dependabot/dependabot/github_actions/actions/cre...
  • aec2f3e Bump actions/create-github-app-token from 1.9.0 to 1.10.0
  • 5e5f996 Merge pull request #518 from dependabot/bump-to-v2.1.0
  • 63415e5 v2.1.0
  • 76b7fe9 Merge pull request #509 from dependabot/switch-to-monthly-release-cadence
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by Sourcery

Build:

  • Update the GitHub Actions workflow to use dependabot/fetch-metadata version 2.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 28, 2024
@sourcery-ai Sourcery AI
Copy link

sourcery-ai bot commented Oct 28, 2024
edited
Loading

Reviewer's Guide by Sourcery

This PR updates the dependabot/fetch-metadata GitHub Action from version 1 to version 2. The main change in v2 is the upgrade from node16 to node20 runtime, which could potentially affect workflows that have specific Node.js version dependencies.

Architecture diagram for GitHub Action update

graph TD;
    A[GitHub Action Workflow] -->|uses| B[dependabot/fetch-metadata@v1];
    B -->|updated to| C[dependabot/fetch-metadata@v2];
    C -->|runs on| D[node20];
    B -->|runs on| E[node16];
Loading

File-Level Changes

Change Details Files
Update Dependabot metadata fetch action version
  • Upgrade dependabot/fetch-metadata action from v1 to v2
  • Switch runtime from node16 to node20
 .github/workflows/dep-auto-merge.yml
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Oct 28, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

@dependabot dependabot bot changed the base branch from main to NxPKG-patch-1 October 31, 2024 23:43
@dependabot dependabot bot changed the base branch from NxPKG-patch-1 to main October 31, 2024 23:51
@dependabot dependabot bot force-pushed the dependabot/github_actions/dependabot/fetch-metadata-2 branch from 9caeaef to 6e8c51f Compare October 31, 2024 23:51
github-actions and others added 30 commits November 15, 2024 06:33
Ingest OSV - Cloud Storage
f1fd044
Assign IDs
8bd6216
Ingest OSV - Cloud Storage
8e6f6ca
Assign IDs
5f30731
Ingest OSV - Cloud Storage
d83ba4a
Assign IDs
f1cf59e
Ingest OSV - Cloud Storage
d002a79
Assign IDs
0b1c0ac
Ingest OSV - Cloud Storage
19973c5
Assign IDs
17579b9
Ingest OSV - Cloud Storage
45e33d6
Assign IDs
8967b00
Ingest OSV - Cloud Storage
128d9ad
Assign IDs
535ff75
Ingest OSV - Cloud Storage
2e92ae4
Assign IDs
2712149
Ingest OSV - Cloud Storage
e08e4db
Assign IDs
aebddc4
Ingest OSV - Cloud Storage
5f2a06e
Assign IDs
63f022c
Ingest OSV - Cloud Storage
4c31380
Assign IDs
8ff1233
Ingest OSV - Cloud Storage
9d6e27c
Assign IDs
04f3b98
Ingest OSV - Cloud Storage
8cfc68c
Assign IDs
347e7ff
Ingest OSV - Cloud Storage
d9e3f92
Assign IDs
4700340
@renovate-bot @khulnasoft-bot
Update module cloud.google.com/go/storage to v1.47.0 (#515)
1e70bff 
Co-authored-by: KhulnaSoft bot <[email protected]>
@gitworkflows
Merge branch 'main' into dependabot/github_actions/dependabot/fetch-m…
6241358 
…etadata-2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@renovate-bot @gitworkflows