Sourced from actions/dependency-review-action's releases.
v4.3.2
What's Changed
- Fix package-url parsing for allow-dependencies-licenses by
@juxtin
in actions/dependency-review-action#761Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2
v4.3.1
What's Changed
This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See actions/dependency-review-action#753.
Full Changelog: https://github.com/actions/dependency-review-action/compare/V4.3.0...v4.3.1
v4.3.0
New Features
- The
deny-packages
option can now be used without a version number to exclude all versions of a package.What's Changed
- Fix action variable name for scorecard by
@lukehinds
in actions/dependency-review-action#735- Fix extra https:// in summary by
@jhutchings1
in actions/dependency-review-action#748- Bump typescript from 5.3.3 to 5.4.5 by
@dependabot
in actions/dependency-review-action#744- Bump eslint-plugin-github from 4.10.1 to 4.10.2 by
@dependabot
in actions/dependency-review-action#737- Show denied packages with red X by
@juxtin
in actions/dependency-review-action#750- deny-packages configuration option can deny specified version or all packages by
@febuiles
and@bteng22
in actions/dependency-review-action#733New Contributors
@bteng22
made their first contribution in actions/dependency-review-action#733@lukehinds
made their first contribution in actions/dependency-review-action#735Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.2.5...V4.3.0
0c155c5
Merge pull request #762
from actions/juxtin/prepare-4.3.2f3dac32
Merge pull request #761
from actions/juxtin/fix-allow-dependencies-licensesd0d5cc3
Update version number to 4.3.249fbbe0
Fix package-url parsing for allow-dependencies-licensese58c696
Merge pull request #758
from actions/juxtin/prepare-4.3.19b7c72d
Change version to 4.3.17dcfabf
Merge pull request #753
from actions/juxtin/debug-purl5f0808f
Validate that deny-packages purls are completefcc66c2
Refine purl parsing and tests1dd418b
Basic tests for PURL validation in config