20ccab13f3
Merge pull request #749 from github/more-version-bump
...
Update version in other places
2024-10-04 16:33:42 -04:00
d829a13e3d
Update version in other places
2024-10-04 20:25:33 +00:00
a082555f6b
Merge pull request #748 from github/5.0.0
...
Update changelog for 5.0.0.
2024-10-04 16:05:35 -04:00
179b9009d8
Update changelog for 5.0.0.
2024-10-04 19:33:54 +00:00
323554187c
Merge pull request #747 from github/upgrade-nokogiri
...
Upgrade nokogiri to 1.16.5 to address CVE-2024-34459
2024-10-04 09:58:58 -04:00
1fb7b24aff
Merge pull request #743 from github/dependabot/bundler/thor-1.3.2
...
Bump thor from 1.3.1 to 1.3.2
2024-10-03 12:59:25 -04:00
ae2e08ca34
Update licensed cache for thor
2024-10-03 16:54:10 +00:00
29f28612eb
Merge pull request #746 from github/dependabot/github_actions/actions/setup-java-4.4.0
...
Bump actions/setup-java from 4.2.2 to 4.4.0
2024-10-03 12:51:44 -04:00
543c491bf0
Set required Ruby version to 3.0.0 in gemspec
2024-10-03 16:11:12 +00:00
e744fa55b0
Drop Ruby 2.7 support
2024-10-03 14:24:47 +00:00
cf3b27a6b3
Upgrade nokogiri to 1.16.5 to address CVE-2024-34459
...
This upgrade is not critical, because it addresses and xmllint issue
and nokogiri doesn't expose xmllint to us.
Fixes https://github.com/github/licensed/security/dependabot/11
2024-10-03 14:17:23 +00:00
2b1e6af011
Bump actions/setup-java from 4.2.2 to 4.4.0
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from 4.2.2 to 4.4.0.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v4.2.2...v4.4.0 )
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-25 09:13:22 +00:00
3a67264bc8
Bump thor from 1.3.1 to 1.3.2
...
Bumps [thor](https://github.com/rails/thor ) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/rails/thor/releases )
- [Commits](https://github.com/rails/thor/compare/v1.3.1...v1.3.2 )
---
updated-dependencies:
- dependency-name: thor
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-02 09:48:22 +00:00
0a5d84d6b3
Merge pull request #742 from github/dependabot/bundler/bundler-6e3bc67060
...
Bump rexml from 3.3.3 to 3.3.6 in the bundler group
2024-08-30 18:13:45 -04:00
bd0b178b6d
Bump minitest from 5.24.1 to 5.25.1 ( #740 )
...
Bumps [minitest](https://github.com/minitest/minitest ) from 5.24.1 to 5.25.1.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/minitest/minitest/compare/v5.24.1...v5.25.1 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-30 18:13:05 -04:00
8dad647f64
Merge branch 'main' into dependabot/bundler/minitest-5.25.1
2024-08-30 18:02:17 -04:00
b4a343bdc4
Bump minitest-hooks from 1.5.1 to 1.5.2 ( #739 )
...
Bumps [minitest-hooks](https://github.com/jeremyevans/minitest-hooks ) from 1.5.1 to 1.5.2.
- [Changelog](https://github.com/jeremyevans/minitest-hooks/blob/master/CHANGELOG )
- [Commits](https://github.com/jeremyevans/minitest-hooks/compare/1.5.1...1.5.2 )
---
updated-dependencies:
- dependency-name: minitest-hooks
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-30 18:01:39 -04:00
debbb421ed
Bump parallel from 1.26.2 to 1.26.3 ( #738 )
...
* Bump parallel from 1.26.2 to 1.26.3
Bumps [parallel](https://github.com/grosser/parallel ) from 1.26.2 to 1.26.3.
- [Commits](https://github.com/grosser/parallel/compare/v1.26.2...v1.26.3 )
---
updated-dependencies:
- dependency-name: parallel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update licensed cache
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-30 17:59:14 -04:00
ec848ba19e
Bump rexml from 3.3.3 to 3.3.6 in the bundler group
...
Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml ).
Updates `rexml` from 3.3.3 to 3.3.6
- [Release notes](https://github.com/ruby/rexml/releases )
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md )
- [Commits](https://github.com/ruby/rexml/compare/v3.3.3...v3.3.6 )
---
updated-dependencies:
- dependency-name: rexml
dependency-type: indirect
dependency-group: bundler
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 20:48:22 +00:00
0defc0e41d
Bump minitest from 5.24.1 to 5.25.1
...
Bumps [minitest](https://github.com/minitest/minitest ) from 5.24.1 to 5.25.1.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/minitest/minitest/compare/v5.24.1...v5.25.1 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 09:41:02 +00:00
d43366816f
Ensure that we don't have a vulnerability from cabal ( #737 )
...
* Ensure that we don't have a vulnerability from cabal
This makes sure we don't get a homepage URL from cabal that's too
long and causes a performance issue leading to a denial of service.
Fixes https://github.com/github/licensed/security/code-scanning/1
2024-08-13 13:37:05 -04:00
ce7794fd88
Bump parallel from 1.25.1 to 1.26.2 ( #736 )
...
* Bump parallel from 1.25.1 to 1.26.2
Bumps [parallel](https://github.com/grosser/parallel ) from 1.25.1 to 1.26.2.
- [Commits](https://github.com/grosser/parallel/compare/v1.25.1...v1.26.2 )
---
updated-dependencies:
- dependency-name: parallel
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update licensed cache
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-13 13:28:08 -04:00
1d77e9ddb0
Update changelog for 4.5 ( #735 )
...
* Update changelog for 4.5
* Update README with instructions for releases.
Looks like the right way to do a release is on GitHub itself and not
on the command line.
2024-08-13 13:27:45 -04:00
b83dac625d
Bump actions/setup-java from 4.2.1 to 4.2.2 ( #734 )
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v4.2.1...v4.2.2 )
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-06 09:35:15 -04:00
1bc9dbdff6
Bump version to 4.5 ( #730 )
2024-08-06 09:34:47 -04:00
efe0c3541e
Bump mocha from 2.1.0 to 2.4.5 ( #731 )
...
Bumps [mocha](https://github.com/freerange/mocha ) from 2.1.0 to 2.4.5.
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md )
- [Commits](https://github.com/freerange/mocha/compare/v2.1.0...v2.4.5 )
---
updated-dependencies:
- dependency-name: mocha
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 20:55:11 -04:00
54d3c13a57
Bump minitest from 5.22.3 to 5.24.1 ( #732 )
...
Bumps [minitest](https://github.com/minitest/minitest ) from 5.22.3 to 5.24.1.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/minitest/minitest/compare/v5.22.3...v5.24.1 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 20:54:30 -04:00
37bd2e340b
Bump actions/setup-dotnet from 4.0.0 to 4.0.1 ( #733 )
...
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-dotnet/releases )
- [Commits](https://github.com/actions/setup-dotnet/compare/v4.0.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: actions/setup-dotnet
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 20:54:07 -04:00
faa1c84f53
Bump pathname-common_prefix from 0.0.1 to 0.0.2 ( #709 )
...
* Bump pathname-common_prefix from 0.0.1 to 0.0.2
Bumps [pathname-common_prefix](https://gitlab.com/KitaitiMakoto/pathname-common_prefix ) from 0.0.1 to 0.0.2.
- [Commits](https://gitlab.com/KitaitiMakoto/pathname-common_prefix/compare/v0.0.1...v0.0.2 )
---
updated-dependencies:
- dependency-name: pathname-common_prefix
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update pathname-common_prefix licensed cache
* Reviewed the license change. It was a typo fix.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-02 16:15:17 -04:00
6958e96774
Bump parallel from 1.23.0 to 1.25.1 ( #724 )
...
* Bump parallel from 1.23.0 to 1.25.1
Bumps [parallel](https://github.com/grosser/parallel ) from 1.23.0 to 1.25.1.
- [Commits](https://github.com/grosser/parallel/compare/v1.23.0...v1.25.1 )
---
updated-dependencies:
- dependency-name: parallel
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update licensed cache for parallel
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-02 16:12:31 -04:00
2d3bceebb1
Bump pnpm/action-setup from 2 to 4 ( #721 )
...
Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup ) from 2 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases )
- [Commits](https://github.com/pnpm/action-setup/compare/v2...v4 )
---
updated-dependencies:
- dependency-name: pnpm/action-setup
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-02 16:11:34 -04:00
242aced953
Bump json from 2.6.3 to 2.7.2 ( #715 )
...
* Bump json from 2.6.3 to 2.7.2
Bumps [json](https://github.com/flori/json ) from 2.6.3 to 2.7.2.
- [Release notes](https://github.com/flori/json/releases )
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md )
- [Commits](https://github.com/flori/json/compare/v2.6.3...v2.7.2 )
---
updated-dependencies:
- dependency-name: json
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update licensed cache for json
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-02 16:08:42 -04:00
13897e9831
Bump thor from 1.2.2 to 1.3.1 ( #698 )
...
* Bump thor from 1.2.2 to 1.3.1
Bumps [thor](https://github.com/rails/thor ) from 1.2.2 to 1.3.1.
- [Release notes](https://github.com/rails/thor/releases )
- [Commits](https://github.com/rails/thor/compare/v1.2.2...v1.3.1 )
---
updated-dependencies:
- dependency-name: thor
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update licensed cache for Thor
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kevin Dangoor <dangoor@github.com>
2024-08-02 15:59:10 -04:00
b1a4e1c7bd
Merge pull request #729 from github/dependabot/bundler/bundler-d88a561098
...
Bump rexml from 3.2.8 to 3.3.3 in the bundler group
2024-08-02 15:19:21 -04:00
4a15b44bc4
Merge pull request #714 from github/dependabot/bundler/rake-13.2.1
...
Bump rake from 13.0.6 to 13.2.1
2024-08-02 14:51:31 -04:00
7b112aced6
Merge pull request #728 from github/dependabot/github_actions/gradle/gradle-build-action-3.5.0
...
Bump gradle/gradle-build-action from 3.1.0 to 3.5.0
2024-08-02 14:50:42 -04:00
3fadcf8378
Merge pull request #705 from github/dependabot/github_actions/swift-actions/setup-swift-2
...
Bump swift-actions/setup-swift from 1 to 2
2024-08-02 14:50:15 -04:00
f8fc4a6dcf
Merge pull request #707 from github/dependabot/github_actions/actions/setup-go-5
...
Bump actions/setup-go from 4 to 5
2024-08-02 14:49:44 -04:00
67bb16f03c
Merge pull request #708 from github/dependabot/github_actions/actions/cache-4
...
Bump actions/cache from 3 to 4
2024-08-02 14:49:18 -04:00
032b508c8d
Bump rexml from 3.2.8 to 3.3.3 in the bundler group
...
Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml ).
Updates `rexml` from 3.2.8 to 3.3.3
- [Release notes](https://github.com/ruby/rexml/releases )
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md )
- [Commits](https://github.com/ruby/rexml/compare/v3.2.8...v3.3.3 )
---
updated-dependencies:
- dependency-name: rexml
dependency-type: indirect
dependency-group: bundler
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-02 02:00:03 +00:00
239b383816
Bump gradle/gradle-build-action from 3.1.0 to 3.5.0
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 3.1.0 to 3.5.0.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v3.1.0...v3.5.0 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-16 09:13:45 +00:00
145f3335a9
Merge pull request #722 from github/dependabot/bundler/rexml-3.2.8
...
Bump rexml from 3.2.5 to 3.2.8
2024-06-05 15:46:28 -07:00
e70ef63b8f
Bump rexml from 3.2.5 to 3.2.8
...
Bumps [rexml](https://github.com/ruby/rexml ) from 3.2.5 to 3.2.8.
- [Release notes](https://github.com/ruby/rexml/releases )
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md )
- [Commits](https://github.com/ruby/rexml/compare/v3.2.5...v3.2.8 )
---
updated-dependencies:
- dependency-name: rexml
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-16 20:24:11 +00:00
0ee3435730
Bump rake from 13.0.6 to 13.2.1
...
Bumps [rake](https://github.com/ruby/rake ) from 13.0.6 to 13.2.1.
- [Release notes](https://github.com/ruby/rake/releases )
- [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc )
- [Commits](https://github.com/ruby/rake/compare/v13.0.6...v13.2.1 )
---
updated-dependencies:
- dependency-name: rake
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 09:16:08 +00:00
883bb19b70
Bump actions/cache from 3 to 4
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 09:45:51 +00:00
0f8d2866e0
Bump actions/setup-go from 4 to 5
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 09:45:49 +00:00
13a3ce8ddb
Bump swift-actions/setup-swift from 1 to 2
...
Bumps [swift-actions/setup-swift](https://github.com/swift-actions/setup-swift ) from 1 to 2.
- [Release notes](https://github.com/swift-actions/setup-swift/releases )
- [Commits](https://github.com/swift-actions/setup-swift/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: swift-actions/setup-swift
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 09:45:45 +00:00
a7e5a84ab2
Merge pull request #702 from github/dependabot/bundler/minitest-5.22.3
...
Bump minitest from 5.18.0 to 5.22.3
2024-03-19 09:55:51 +01:00
cc46dd72ff
Bump minitest from 5.18.0 to 5.22.3
...
Bumps [minitest](https://github.com/minitest/minitest ) from 5.18.0 to 5.22.3.
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc )
- [Commits](https://github.com/minitest/minitest/compare/v5.18.0...v5.22.3 )
---
updated-dependencies:
- dependency-name: minitest
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 07:55:48 +00:00
0c4fc77a5f
Merge pull request #671 from github/dependabot/bundler/minitest-hooks-1.5.1
...
Bump minitest-hooks from 1.5.0 to 1.5.1
2024-03-19 08:54:50 +01:00
Kevin Dangoor
dependabot[bot]
Zack Koppert
Lukas Spieß