Skip to content

chore(deps): update actions/dependency-review-action action to v5#80

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/actions-dependency-review-action-5.x
Open

chore(deps): update actions/dependency-review-action action to v5#80
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/actions-dependency-review-action-5.x

Conversation

@renovate

@renovate renovate Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
actions/dependency-review-action action major v4.9.0v5.0.0

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

v5.0.0: 5.0.0

Compare Source

This is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version v2.327.1 to run.

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4.9.0...v5.0.0


Configuration

📅 Schedule: (in timezone America/Boise)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 4, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs
aerealith 9548626 Jul 04 2026, 05:28 PM

@github-code-quality

Copy link
Copy Markdown

Code Coverage Overview

Languages: JavaScript

JavaScript / code-coverage/vitest

The overall coverage remains at 86%, unchanged from the branch.


Code Coverage is in Public Preview. Learn more and provide us with your feedback.

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Coverage Report for Aerealith Vitest Coverage (.)

Status Category Percentage Covered / Total
🔵 Lines 85.61% 833 / 973
🔵 Statements 85.64% 835 / 975
🔵 Functions 73.46% 227 / 309
🔵 Branches 68.55% 316 / 461
File CoverageNo changed files found.
Generated in workflow #103 for commit 9548626 by the Vitest Coverage Report Action

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/dependency-review-action a1d282b36b6f3519aa1f3fc636f609c47dddb294 🟢 7.7
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 1015 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 9security policy file detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
SAST🟢 9SAST tool detected but not run on all commits

Scanned Files

  • .github/workflows/06-dependency-review.yaml

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Bundle Report

Bundle size has no change ✅

@github-actions github-actions Bot added type: ci GitHub Actions, continuous integration, or workflow automation. automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. labels Jul 4, 2026
@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Aerealith CI

Overall result: ❌ Failed
Run: #103

Check Result
Dependency install ✅ Passed
Nx installation ✅ Passed
Nx workspace reset ✅ Passed
Git comparison range ✅ Passed
Nx affected validation ❌ Failed
MegaLinter ✅ Passed

Cache

  • pnpm store: hit
  • Nx task cache: managed by Nx Cloud when configured for this workspace.
Run details
  • Base SHA: 255485f7eac3305483f1936f5df67656b686a63b
  • Head SHA: 9548626e8d484e198771f989007749ec4de6d684
  • Validation targets: lint, typecheck, test, build
  • Logs: download the ci-logs artifact from the workflow run.

Warning

Nx affected validation failed. Download the ci-logs artifact and inspect nx-affected-validation.log.
If the project graph reports Vite or Vitest plugin-worker failures, repair the affected Nx/Vite/Vitest configuration before rerunning CI.

@sonarqubecloud

sonarqubecloud Bot commented Jul 4, 2026

Copy link
Copy Markdown

@Sinless777 Sinless777 moved this to Inbox in Aerealith Delivery Jul 5, 2026
@Sinless777 Sinless777 moved this from Inbox to In Review in Aerealith Delivery Jul 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. type: ci GitHub Actions, continuous integration, or workflow automation.

Projects

Status: In Review

Development

Successfully merging this pull request may close these issues.

1 participant