[PR #198] [MERGED] build(deps): Bump actions/dependency-review-action from 4.5.0 to 4.6.0 #200

New issue

Closed

opened 2026-02-26 18:33:44 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 18:33:44 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/decke/smtprelay/pull/198
Author: @dependabot[bot]
Created: 4/2/2025
Status: ✅ Merged
Merged: 4/6/2025
Merged by: @decke

Base: master ← Head: dependabot/github_actions/actions/dependency-review-action-4.6.0

📝 Commits (1)

dec4c2e build(deps): Bump actions/dependency-review-action from 4.5.0 to 4.6.0

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/dependency-review.yml (+1 -1)

📄 Description

Bumps actions/dependency-review-action from 4.5.0 to 4.6.0.

Release notes

Sourced from actions/dependency-review-action's releases.

v4.6.0

What's Changed

Updating multiple dependency versions by @Ahmed3lmallah in actions/dependency-review-action#870

Grouping minor and patch dependabot updates to lessen the number of PRs by @Ahmed3lmallah in actions/dependency-review-action#876

Bump actions/stale from 9.0.0 to 9.1.0 by @dependabot in actions/dependency-review-action#878

Bump undici from 5.28.4 to 5.28.5 by @dependabot in actions/dependency-review-action#877

DR Action should link to the proxima stamp when appropriate in error messages by @AshelyTC in actions/dependency-review-action#891

Allow deny package removal by @ellenfieldn in actions/dependency-review-action#888

Fix typos by @omahs in actions/dependency-review-action#893

Bump esbuild from 0.19.5 to 0.25.0 by @dependabot in actions/dependency-review-action#900

Bump octokit and related dependencies by @RomanIakovlev in actions/dependency-review-action#904

Bump @babel/helpers from 7.23.2 to 7.26.10 by @dependabot in actions/dependency-review-action#905

Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 by @dependabot in actions/dependency-review-action#899

Update transitive dependency spdx-license-ids by @ailox in actions/dependency-review-action#855

To not print OpenSSF Scorecard section if no dependencies scanned by @fabasoad in actions/dependency-review-action#884

Improve usage of this action in dependency-review.yml by @fabasoad in actions/dependency-review-action#883

Clarify comment-summary-in-pr behaviour by @Pantelis-Santorinios in actions/dependency-review-action#902

Prepare 4.6.0 Release candidate by @brrygrdn in actions/dependency-review-action#910

New Contributors

@AshelyTC made their first contribution in actions/dependency-review-action#891

@ellenfieldn made their first contribution in actions/dependency-review-action#888

@omahs made their first contribution in actions/dependency-review-action#893

@RomanIakovlev made their first contribution in actions/dependency-review-action#904

@ailox made their first contribution in actions/dependency-review-action#855

@fabasoad made their first contribution in actions/dependency-review-action#884

@Pantelis-Santorinios made their first contribution in actions/dependency-review-action#902

@brrygrdn made their first contribution in actions/dependency-review-action#910

Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0

Commits

ce3cf95 Merge pull request #910 from actions/brrygrdn/4.6.0-release-candidate
479b697 Prepare 4.6.0
aee9590 Merge pull request #902 from Pantelis-Santorinios/patch-1
080ada6 Merge pull request #883 from fabasoad/fix/ci
430e5f0 Merge pull request #884 from fabasoad/fix/863
51699b6 Merge pull request #855 from ailox/ailox/fix/invalid-new-licenses
ac9b193 Merge pull request #899 from actions/dependabot/npm_and_yarn/octokit/plugin-p...
d630451 Pin @octokit/types version for compatibility
c8dafca Add dist for @octokit/plugin-paginate-rest version bump
bc858b5 Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/decke/smtprelay/pull/198 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 4/2/2025 **Status:** ✅ Merged **Merged:** 4/6/2025 **Merged by:** [@decke](https://github.com/decke) **Base:** `master` ← **Head:** `dependabot/github_actions/actions/dependency-review-action-4.6.0` --- ### 📝 Commits (1) - [`dec4c2e`](https://github.com/decke/smtprelay/commit/dec4c2e774e772cbc7dd76ea478d0da4878d21cf) build(deps): Bump actions/dependency-review-action from 4.5.0 to 4.6.0 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/dependency-review.yml` (+1 -1) </details> ### 📄 Description Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.5.0 to 4.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Updating multiple dependency versions by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/870">actions/dependency-review-action#870</a></li> <li>Grouping minor and patch dependabot updates to lessen the number of PRs by <a href="https://github.com/Ahmed3lmallah"><code>@Ahmed3lmallah</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/876">actions/dependency-review-action#876</a></li> <li>Bump actions/stale from 9.0.0 to 9.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/878">actions/dependency-review-action#878</a></li> <li>Bump undici from 5.28.4 to 5.28.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/877">actions/dependency-review-action#877</a></li> <li>DR Action should link to the proxima stamp when appropriate in error messages by <a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li>Allow deny package removal by <a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li>Fix typos by <a href="https://github.com/omahs"><code>@omahs</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li>Bump esbuild from 0.19.5 to 0.25.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/900">actions/dependency-review-action#900</a></li> <li>Bump octokit and related dependencies by <a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li>Bump <code>@babel/helpers</code> from 7.23.2 to 7.26.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/905">actions/dependency-review-action#905</a></li> <li>Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/899">actions/dependency-review-action#899</a></li> <li>Update transitive dependency spdx-license-ids by <a href="https://github.com/ailox"><code>@ailox</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li>To not print OpenSSF Scorecard section if no dependencies scanned by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li>Improve usage of this action in dependency-review.yml by <a href="https://github.com/fabasoad"><code>@fabasoad</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/883">actions/dependency-review-action#883</a></li> <li>Clarify comment-summary-in-pr behaviour by <a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li>Prepare 4.6.0 Release candidate by <a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/AshelyTC"><code>@AshelyTC</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/891">actions/dependency-review-action#891</a></li> <li><a href="https://github.com/ellenfieldn"><code>@ellenfieldn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/888">actions/dependency-review-action#888</a></li> <li><a href="https://github.com/omahs"><code>@omahs</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/893">actions/dependency-review-action#893</a></li> <li><a href="https://github.com/RomanIakovlev"><code>@RomanIakovlev</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/904">actions/dependency-review-action#904</a></li> <li><a href="https://github.com/ailox"><code>@ailox</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/855">actions/dependency-review-action#855</a></li> <li><a href="https://github.com/fabasoad"><code>@fabasoad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/884">actions/dependency-review-action#884</a></li> <li><a href="https://github.com/Pantelis-Santorinios"><code>@Pantelis-Santorinios</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/902">actions/dependency-review-action#902</a></li> <li><a href="https://github.com/brrygrdn"><code>@brrygrdn</code></a> made their first contribution in <a href="https://redirect.github.com/actions/dependency-review-action/pull/910">actions/dependency-review-action#910</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0">https://github.com/actions/dependency-review-action/compare/v4.5.0...v4.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/dependency-review-action/commit/ce3cf9537a52e8119d91fd484ab5b8a807627bf8"><code>ce3cf95</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/910">#910</a> from actions/brrygrdn/4.6.0-release-candidate</li> <li><a href="https://github.com/actions/dependency-review-action/commit/479b69732e832663bc5bcaf0bdba115749c8a9bd"><code>479b697</code></a> Prepare 4.6.0</li> <li><a href="https://github.com/actions/dependency-review-action/commit/aee95908eac366b40b414329f8ba60a3bfc71d5d"><code>aee9590</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/902">#902</a> from Pantelis-Santorinios/patch-1</li> <li><a href="https://github.com/actions/dependency-review-action/commit/080ada628110c1782e56d699fdba17f860641e49"><code>080ada6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/883">#883</a> from fabasoad/fix/ci</li> <li><a href="https://github.com/actions/dependency-review-action/commit/430e5f0bbfde79de0a811466e75d015791b742f4"><code>430e5f0</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/884">#884</a> from fabasoad/fix/863</li> <li><a href="https://github.com/actions/dependency-review-action/commit/51699b6461ee529b8c1e077ff5e7de2dbed5e1ac"><code>51699b6</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/855">#855</a> from ailox/ailox/fix/invalid-new-licenses</li> <li><a href="https://github.com/actions/dependency-review-action/commit/ac9b193bebc6a308717bebfeaedd0204c20b693c"><code>ac9b193</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/899">#899</a> from actions/dependabot/npm_and_yarn/octokit/plugin-p...</li> <li><a href="https://github.com/actions/dependency-review-action/commit/d630451aa0e2431936e97ac48fe650bd35af14ae"><code>d630451</code></a> Pin <code>@octokit/types</code> version for compatibility</li> <li><a href="https://github.com/actions/dependency-review-action/commit/c8dafca32b571835e7a3cf7200e7810364ce7b95"><code>c8dafca</code></a> Add dist for <code>@octokit/plugin-paginate-rest</code> version bump</li> <li><a href="https://github.com/actions/dependency-review-action/commit/bc858b56499582a4d424a0d3a9cc9917dcb9345d"><code>bc858b5</code></a> Bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2</li> <li>Additional commits viewable in <a href="https://github.com/actions/dependency-review-action/compare/3b139cfc5fae8b618d3eae3675e383bb1769c019...ce3cf9537a52e8119d91fd484ab5b8a807627bf8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.5.0&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>