Skip to content

Bump metcalfc/changelog-generator from 4.6.2 to 4.7.0#15

Merged
HSGamer merged 1 commit intomasterfrom
dependabot/github_actions/metcalfc/changelog-generator-4.7.0
Mar 26, 2026
Merged

Bump metcalfc/changelog-generator from 4.6.2 to 4.7.0#15
HSGamer merged 1 commit intomasterfrom
dependabot/github_actions/metcalfc/changelog-generator-4.7.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps metcalfc/changelog-generator from 4.6.2 to 4.7.0.

Release notes

Sourced from metcalfc/changelog-generator's releases.

Release v4.7.0

  • 0440d09 - 4.7.0
  • b86feab - fix: drop abandoned replace package, use sed instead
  • 045501a - fix: add build provenance attestation to release workflow
  • 2be9bc1 - feat: upgrade to node24, bump deps, and fix remaining vulnerabilities
  • 250ea21 - fix: override undici to >=6.23.0 to resolve resource exhaustion vulnerability
  • 17d8ad0 - fix: override minimatch to >=3.1.3 to resolve ReDoS vulnerability
  • aab575c - build(deps): bump actions/stale from 10.1.0 to 10.2.0
  • 9e6e620 - Bump @​eslint/js from 9.39.1 to 10.0.1 (#388)
  • 588e748 - Bump eslint from 9.39.1 to 10.0.0 (#389)
  • dfc08c5 - Bump isexe from 3.1.1 to 4.0.0 (#391)
  • 686de53 - Bump globals from 17.0.0 to 17.3.0 (#386)
  • 364c6d6 - Bump prettier from 3.7.3 to 3.8.1 (#376)
  • 0ff00c4 - Bump actions/checkout from 6.0.0 to 6.0.2 (#377)
  • 3e69b75 - Bump @​actions/github from 7.0.0 to 9.0.0 (#385)
  • 39f8612 - Bump @​actions/exec from 2.0.0 to 3.0.0 (#384)
  • d347780 - Bump @​actions/core from 2.0.2 to 3.0.0 (#383)
  • b592e8d - Merge pull request #367 from metcalfc/dependabot/npm_and_yarn/actions/exec-2.0.0
  • 13741ca - Bump @​actions/exec from 1.1.1 to 2.0.0
  • 0845166 - Merge pull request #373 from metcalfc/dependabot/npm_and_yarn/actions/core-2.0.2
  • c74c8e7 - Bump @​actions/core from 2.0.1 to 2.0.2
  • 2d92ae4 - Merge pull request #372 from metcalfc/dependabot/npm_and_yarn/globals-17.0.0
  • a9e4c3f - Bump globals from 16.5.0 to 17.0.0
  • 033e372 - Merge pull request #374 from metcalfc/dependabot/npm_and_yarn/actions/github-7.0.0
  • b6aca99 - Bump @​actions/github from 6.0.1 to 7.0.0
  • 7ce1518 - Merge pull request #368 from metcalfc/dependabot/npm_and_yarn/actions/core-2.0.1
  • 89e58fd - Bump @​actions/core from 1.11.1 to 2.0.1
  • e5a31a2 - Merge pull request #362 from metcalfc/dependabot/npm_and_yarn/prettier-3.7.3
  • 585c493 - Merge pull request #357 from metcalfc/dependabot/npm_and_yarn/js-yaml-4.1.1
  • 76c95d4 - Merge pull request #359 from metcalfc/dependabot/github_actions/actions/checkout-6.0.0
  • 5d2cf68 - Bump prettier from 3.6.1 to 3.7.3
  • 17cd2df - Bump actions/checkout from 5.0.0 to 6.0.0
  • 6d41509 - Bump js-yaml from 4.1.0 to 4.1.1
  • 2003f41 - Merge pull request #355 from metcalfc/dependabot/npm_and_yarn/eslint-9.39.1
  • 40a9ac2 - Bump eslint from 9.39.0 to 9.39.1
  • e4f374d - Merge pull request #352 from metcalfc/dependabot/npm_and_yarn/globals-16.5.0
  • 191bf39 - Merge pull request #353 from metcalfc/dependabot/npm_and_yarn/eslint/js-9.39.0
  • 34e79d8 - Merge pull request #351 from metcalfc/dependabot/npm_and_yarn/eslint-9.39.0
  • 62bd44b - Bump @​eslint/js from 9.38.0 to 9.39.0
  • e522eba - Bump globals from 16.4.0 to 16.5.0
  • a3bac20 - Bump eslint from 9.38.0 to 9.39.0
  • 8cd6286 - Merge pull request #350 from metcalfc/dependabot/npm_and_yarn/eslint-9.38.0
  • ad21991 - Bump eslint from 9.37.0 to 9.38.0
  • 0afbc99 - Merge pull request #348 from metcalfc/fix/codeql-permissions
  • 1c146da - fix: add security-events write permission to CodeQL workflow
  • ee94deb - Merge pull request #347 from metcalfc/fix/codeql-push-trigger
  • 09b9c07 - fix: add push trigger to CodeQL workflow for default branch scanning
  • 5114e96 - Merge pull request #346 from metcalfc/alert-autofix-9
  • c33398f - Merge pull request #345 from metcalfc/alert-autofix-7
  • 0d2907a - Potential fix for code scanning alert no. 9: Workflow does not contain permissions

... (truncated)

Commits
  • 0440d09 4.7.0
  • b86feab fix: drop abandoned replace package, use sed instead
  • 045501a fix: add build provenance attestation to release workflow
  • 2be9bc1 feat: upgrade to node24, bump deps, and fix remaining vulnerabilities
  • 250ea21 fix: override undici to >=6.23.0 to resolve resource exhaustion vulnerability
  • 17d8ad0 fix: override minimatch to >=3.1.3 to resolve ReDoS vulnerability
  • aab575c build(deps): bump actions/stale from 10.1.0 to 10.2.0
  • 9e6e620 Bump @​eslint/js from 9.39.1 to 10.0.1 (#388)
  • 588e748 Bump eslint from 9.39.1 to 10.0.0 (#389)
  • dfc08c5 Bump isexe from 3.1.1 to 4.0.0 (#391)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump metcalfc/changelog-generator from 4.6.2 to 4.7.0
dd94ee2 
Bumps [metcalfc/changelog-generator](https://github.com/metcalfc/changelog-generator) from 4.6.2 to 4.7.0.
- [Release notes](https://github.com/metcalfc/changelog-generator/releases)
- [Changelog](https://github.com/metcalfc/changelog-generator/blob/main/release-notes.png)
- [Commits](metcalfc/changelog-generator@v4.6.2...v4.7.0)

---
updated-dependencies:
- dependency-name: metcalfc/changelog-generator
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 26, 2026
@HSGamer HSGamer merged commit 6e6555d into master Mar 26, 2026
1 check passed
@HSGamer HSGamer deleted the dependabot/github_actions/metcalfc/changelog-generator-4.7.0 branch March 26, 2026 16:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@HSGamer