chore(deps): Bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#1830)

mirror of https://github.com/maputnik/editor.git synced 2026-05-07 08:40:01 +00:00

Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 3.0.0 to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add permissions to all workflows by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/687">dependabot/fetch-metadata#687</a></li>
<li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/690">dependabot/fetch-metadata#690</a></li>
<li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/693">dependabot/fetch-metadata#693</a></li>
<li>build(deps-dev): bump <code>@hono/node-server</code> from 1.19.10
to 1.19.13 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/694">dependabot/fetch-metadata#694</a></li>
<li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/695">dependabot/fetch-metadata#695</a></li>
<li>Dynamically update the tracking tag in action by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/696">dependabot/fetch-metadata#696</a></li>
<li>fix: handle duplicate dependency names in parseMetadataLinks by <a
href="https://github.com/devantler"><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li>fix: remove $ anchor from updateFragment regex to handle pip
directory suffixes by <a
href="https://github.com/devantler"><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/698">dependabot/fetch-metadata#698</a></li>
<li>Updates to README for permissions clarification by <a
href="https://github.com/truggeri"><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/697">dependabot/fetch-metadata#697</a></li>
<li>fix: resolve update-type null for Python, Composer, and Terraform
PRs by <a
href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
<li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/703">dependabot/fetch-metadata#703</a></li>
<li>build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/701">dependabot/fetch-metadata#701</a></li>
<li>build(deps): bump <code>@actions/github</code> from 9.0.0 to 9.1.0
in the dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/702">dependabot/fetch-metadata#702</a></li>
<li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/705">dependabot/fetch-metadata#705</a></li>
<li>v3.1.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/692">dependabot/fetch-metadata#692</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/devantler"><code>@devantler</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li><a href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="25dd0e34f4"><code>25dd0e3</code></a>
v3.1.0 (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/692">#692</a>)</li>
<li><a
href="e073f50d73"><code>e073f50</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/705">#705</a>
from dependabot/dependabot/npm_and_yarn/hono-4.12.14</li>
<li><a
href="0670e167df"><code>0670e16</code></a>
build(deps-dev): bump hono from 4.12.12 to 4.12.14</li>
<li><a
href="7a7fe10a42"><code>7a7fe10</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/702">#702</a>
from dependabot/dependabot/npm_and_yarn/dependencies-...</li>
<li><a
href="5168191cea"><code>5168191</code></a>
Updating dist build</li>
<li><a
href="23882e175b"><code>23882e1</code></a>
build(deps): bump <code>@actions/github</code> in the dependencies
group</li>
<li><a
href="1072469591"><code>1072469</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/701">#701</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="43f8a0055c"><code>43f8a00</code></a>
build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1</li>
<li><a
href="b4d904a509"><code>b4d904a</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/703">#703</a>
from dependabot/dependabot/npm_and_yarn/globals-17.5.0</li>
<li><a
href="c8046bb877"><code>c8046bb</code></a>
build(deps-dev): bump globals from 17.4.0 to 17.5.0</li>
<li>Additional commits viewable in <a
href="ffa630c65f...25dd0e34f4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This commit is contained in:

dependabot[bot]

2026-04-22 13:59:34 +00:00

committed by

GitHub

parent 6f0213cb98

commit 8cbff8cc38

1 changed files with 1 additions and 1 deletions

									
										2

.github/workflows/auto-merge-dependabot.yml
									
										vendored
									
												View File
												
				@@ -11,7 +11,7 @@ jobs:

				    steps:

				      - name: Dependabot metadata

				        id: metadata

				        uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36 # v3.0.0

				        uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0

				        with:

				          github-token: "${{ secrets.GITHUB_TOKEN }}"

				      - name: Approve Dependabot PRs

chore(deps): Bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#1830)

2 .github/workflows/auto-merge-dependabot.yml vendored Unescape Escape View File

2

.github/workflows/auto-merge-dependabot.yml vendored

View File