Skip to content

ci: bump oke-py/npm-audit-action from 2 to 4#1837

Closed
dependabot[bot] wants to merge 1 commit intoana/aap-52843-mergifyfrom
dependabot/github_actions/ana/aap-52843-mergify/oke-py/npm-audit-action-4
Closed

ci: bump oke-py/npm-audit-action from 2 to 4#1837
dependabot[bot] wants to merge 1 commit intoana/aap-52843-mergifyfrom
dependabot/github_actions/ana/aap-52843-mergify/oke-py/npm-audit-action-4

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 10, 2026

Bumps oke-py/npm-audit-action from 2 to 4.

Release notes

Sourced from oke-py/npm-audit-action's releases.

v4.0.0

Summary

  • major release v4.0.0
  • update runtime from node20 to node24
  • update dependencies

Changes

  • version bump to 4.0.0
  • update README and workflows to use v4

v3.0.0

npm-audit-action v3.0.0 Release Notes

Major Changes

Runtime Environment

  • Node.js 20 Support: Updated minimum Node.js version from 16 to 20
  • ES Modules Migration: Converted codebase from CommonJS to ES Modules
  • Modern JavaScript: Modernized code to ES2020 standards

Development Infrastructure

  • Testing Framework: Migrated from Jest to Vitest
  • Linting: Upgraded to ESLint 9 with updated configurations
  • Build Process: Updated TypeScript configuration and build pipeline

Dependencies

  • Core Dependencies:
    • Updated @​actions/core from 1.10.1 to 1.11.1
    • Updated @​actions/github to v6.0.0
    • Updated @​octokit/rest to v21.1.1
    • Replaced axios calls with Octokit
    • Updated strip-ansi to v7.1.0

GitHub Actions

  • Action Dependencies:
    • Bumped actions/checkout from v3 to v4
    • Bumped actions/setup-node from v3 to v4
    • Bumped stefanzweifel/git-auto-commit-action from v4 to v5

Breaking Changes

The upgrade to Node.js 20 may require users to update their GitHub Actions workflows if they're currently pinned to older Node.js versions. Update your workflow files to use a compatible runner that supports Node.js 20.

How to Upgrade

Update your GitHub Actions workflow to use the new version:

- uses: oke-py/npm-audit-action@v3
  with:
</tr></table>

... (truncated)

Commits
  • f02a3cf Merge pull request #318 from oke-py/chore/release-flow
  • ec06595 docs: unify release process
  • 3caf7bb chore(release): drop PR label bump and set v4.0.1
  • c121642 Merge pull request #317 from oke-py/chore/husky-biome
  • 69ef773 fix(deps): dedupe husky and lint-staged
  • 11ac110 chore: add husky hooks for biome and tests
  • b74e8be chore: update dist [skip ci]
  • 7ed8760 Merge pull request #316 from oke-py/chore/issue-handler
  • 34b44fd refactor(issue): extract issue handling
  • f5aee93 chore: update dist [skip ci]
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
ci: bump oke-py/npm-audit-action from 2 to 4
b1951ff 
Bumps [oke-py/npm-audit-action](https://github.com/oke-py/npm-audit-action) from 2 to 4.
- [Release notes](https://github.com/oke-py/npm-audit-action/releases)
- [Commits](oke-py/npm-audit-action@v2...v4)

---
updated-dependencies:
- dependency-name: oke-py/npm-audit-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Feb 10, 2026

Labels

The following labels could not be found: github-actions, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 10, 2026
@acosferreira
Copy link
Contributor

acosferreira commented Feb 11, 2026

@mergify queue

@mergify
Copy link

mergify bot commented Feb 11, 2026
edited
Loading

Merge Queue Status

Rule: ansible-ai-connect-service

This pull request spent 23 minutes 56 seconds in the queue, with no time running CI.

Reason

Pull request #1837 has been dequeued by a dequeue command

Hint

If you want to requeue this pull request, you can post a @mergifyio requeue comment.

@mergify mergify bot added the queued label Feb 11, 2026
mergify bot added a commit that referenced this pull request Feb 11, 2026
@mergify
Merge of #1837
e9691b6
@mergify mergify bot mentioned this pull request Feb 11, 2026
Closed
4 tasks
@mergify mergify bot added the queued label Feb 11, 2026
@acosferreira
Copy link
Contributor

acosferreira commented Feb 11, 2026

@mergify unqueue

@mergify mergify bot added dequeued and removed queued labels Feb 11, 2026
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Feb 12, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/github_actions/ana/aap-52843-mergify/oke-py/npm-audit-action-4 branch February 12, 2026 15:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file dequeued github-actions

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@acosferreira

Comments