chore(deps): update actions/dependency-review-action action to v3.1.5

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/dependency-review-action	action	minor	v3.0.3 -> v3.1.5

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

v3.1.5: 3.1.5

Compare Source

What's Changed

• Smaller per_page when requesting diff by @​hmaurer in https://github.com/actions/dependency-review-action/pull/649
• Update dependencies:
  • Bump @​typescript-eslint/parser from 6.10.0 to 6.13.1 by @​dependabot in https://github.com/actions/dependency-review-action/pull/630
  • Bump prettier from 3.0.3 to 3.1.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/629
  • Bump @​types/jest from 29.5.8 to 29.5.11 by @​dependabot in https://github.com/actions/dependency-review-action/pull/637
  • Bump nodemon from 3.0.1 to 3.0.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/636
  • Replace pip -> pypi in PURL examples by @​febuiles in https://github.com/actions/dependency-review-action/pull/638
  • Bump @​typescript-eslint/eslint-plugin from 6.12.0 to 6.15.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/644
  • Bump eslint from 8.53.0 to 8.56.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/640
  • Bump @​typescript-eslint/parser from 6.13.1 to 6.16.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/645
  • Bump prettier from 3.1.0 to 3.1.1 by @​dependabot in https://github.com/actions/dependency-review-action/pull/646

Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5

v3.1.4: 3.1.4

Compare Source

What's Changed

• Fixed a bug with severity filtering when using the allow_ghsas option: https://github.com/actions/dependency-review-action/pull/623.

• Updates dependencies:

  • Bump @​types/node from 16.18.61 to 16.18.62 by @​dependabot in https://github.com/actions/dependency-review-action/pull/619
    action/pull/620
  • Bump @​typescript-eslint/eslint-plugin from 6.11.0 to 6.12.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/625
  • Bump typescript from 5.2.2 to 5.3.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/624

Full Changelog: actions/dependency-review-action@v3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

• Fixes purl "version must be percent-encoded" by @​theztefan in https://github.com/actions/dependency-review-action/pull/617

Full Changelog: actions/dependency-review-action@v3...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

• Fix a regression for setups using self-hosted runners behind HTTP proxies:@​febuiles in https://github.com/actions/dependency-review-action/pull/611

Full Changelog: actions/dependency-review-action@v3...v3.1.2

v3.1.1: 3.1.1

Compare Source

What's Changed

• Update a bunch of dependencies, including major version upgrades for octokit, @actions/github and typescript.

Full Changelog: actions/dependency-review-action@v3.1.0...v3.1.1

v3.1.0: 3.1.0

Compare Source

What's New

Added support for dependencies submitted through the dependency submission API. This includes two new configuration parameters: retry-on-snapshot-warnings and retry-on-snapshot-warnings-timeout.

What's Changed

• Fix(docs): Correct action input name by @​oerd in https://github.com/actions/dependency-review-action/pull/551

New Contributors

• @​oerd made their first contribution in https://github.com/actions/dependency-review-action/pull/551

Full Changelog: actions/dependency-review-action@v3...v3.1.0

v3.0.8: 3.0.8

Compare Source

What's Changed

Added on-failure option to comment-summary-in-pr setting by @​sgmurphy in https://github.com/actions/dependency-review-action/pull/540

Previous configuration files using true/false for comment-summary-in-pr will be mapped automatically to the new values, but we encourage you to update to always/on-failure/never.

New Contributors

• @​sgmurphy made their first contribution in https://github.com/actions/dependency-review-action/pull/540

Full Changelog: actions/dependency-review-action@v3...v3.0.8

v3.0.7: 3.0.7

Compare Source

What's Changed

• Make GHES support / setup more clear by @​rajbos in https://github.com/actions/dependency-review-action/pull/534
• Add an option to deny packages or groups of packages by @​adrienpessu in https://github.com/actions/dependency-review-action/pull/544

New Contributors

• @​rajbos made their first contribution in https://github.com/actions/dependency-review-action/pull/534
• @​adrienpessu made their first contribution in https://github.com/actions/dependency-review-action/pull/544

Full Changelog: actions/dependency-review-action@v3...v3.0.7

v3.0.6: 3.0.6

Compare Source

Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty package_url.

v3.0.5: 3.0.5

Compare Source

What's Changed

Thanks to @​theztefan, we now have a new allow-dependencies-licenses option that takes a list of dependencies that will be excluded from license checks. See the configuration options for more information on how to use it.

• Exclude dependencies from license checks by @​theztefan in https://github.com/actions/dependency-review-action/pull/423
• Documentation examples by @​theztefan in https://github.com/actions/dependency-review-action/pull/423
• Show snapshot warnings in the summary by @​juxtin in https://github.com/actions/dependency-review-action/pull/439
• Fix default values for fail-on-severity by @​febuiles in https://github.com/actions/dependency-review-action/pull/451
• Updated dependencies.

New Contributors

• @​juxtin made their first contribution in https://github.com/actions/dependency-review-action/pull/439
• @​theztefan made their first contribution in https://github.com/actions/dependency-review-action/pull/423

Full Changelog: actions/dependency-review-action@v3...v3.0.5

v3.0.4: 3.0.4

Compare Source

What's New?

The Action can now publish a comment in the pull request if the comment-summary-in-pr option is set. More information can be found in the README.

New Contributors

• @​davelosert made their first contribution in https://github.com/actions/dependency-review-action/pull/393

Changelog

• Write Summary as comment to the pull request by @​davelosert in https://github.com/actions/dependency-review-action/pull/393
• Adjust summary format by @​davelosert in https://github.com/actions/dependency-review-action/pull/416
• Security updates.

Full Changelog: actions/dependency-review-action@v3...v3.0.4

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

It has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v3.1.5). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.