From 3117d8b30dd3398a5818eef0033cf3a215b563a1 Mon Sep 17 00:00:00 2001 From: James Cole Date: Sat, 27 Jul 2024 15:27:34 +0200 Subject: [PATCH 1/3] Update dependabot.yml Remove labels. Signed-off-by: James Cole --- .github/dependabot.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8d18a78293..7e5f5b9d91 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,6 +4,7 @@ updates: # Check for updates to GitHub Actions every week - package-ecosystem: "github-actions" directory: "/" + labels: [] schedule: interval: "weekly" @@ -11,6 +12,7 @@ updates: - package-ecosystem: "composer" directory: "/" # Location of package manifests target-branch: develop + labels: [] versioning-strategy: increase schedule: interval: "weekly" @@ -18,6 +20,7 @@ updates: # yarn / JS updates - package-ecosystem: "npm" directory: "/" + labels: [] target-branch: develop versioning-strategy: increase schedule: From 427001b22315cc035a56194aa2ee537bdeb2ca53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Jul 2024 13:27:56 +0000 Subject: [PATCH 2/3] Bump github/command from 1.2.0 to 1.2.1 Bumps [github/command](https://github.com/github/command) from 1.2.0 to 1.2.1. - [Release notes](https://github.com/github/command/releases) - [Commits](https://github.com/github/command/compare/v1.2.0...v1.2.1) --- updated-dependencies: - dependency-name: github/command dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/close-duplicates.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/close-duplicates.yml b/.github/workflows/close-duplicates.yml index 3c7fa84434..ef00b418ff 100644 --- a/.github/workflows/close-duplicates.yml +++ b/.github/workflows/close-duplicates.yml @@ -13,7 +13,7 @@ jobs: close_duplicates: runs-on: ubuntu-latest steps: - - uses: github/command@v1.2.0 + - uses: github/command@v1.2.1 id: command with: allowed_contexts: "issue" From a679a1e94a72aa27fabddcc0b18807f2cce9cce8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Jul 2024 13:30:39 +0000 Subject: [PATCH 3/3] Bump postcss in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [postcss](https://github.com/postcss/postcss). Updates `postcss` from 8.4.39 to 8.4.40 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.39...8.4.40) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index e0d1b40949..6a48acd422 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8006,9 +8006,9 @@ } }, "node_modules/postcss": { - "version": "8.4.39", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.39.tgz", - "integrity": "sha512-0vzE+lAiG7hZl1/9I8yzKLx3aR9Xbof3fBHKunvMfOCYAtMhrsnccJY2iTURb9EZd5+pLuiNV9/c/GZJOHsgIw==", + "version": "8.4.40", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.40.tgz", + "integrity": "sha512-YF2kKIUzAofPMpfH6hOi2cGnv/HrUlfucspc7pDyvv7kGdqXrfj8SCl/t8owkEgKEuu8ZcRjSOxFxVLqwChZ2Q==", "dev": true, "funding": [ {