Bump tj-actions/changed-files from 44.5.5 to 44.5.6

[dependabot]

Bumps tj-actions/changed-files from 44.5.5 to 44.5.6.

Release notes

Sourced from tj-actions/changed-files's releases.

v44.5.6

What's Changed

• chore(deps): update typescript-eslint monorepo to v7.14.1 by @​renovate in tj-actions/changed-files#2169
• Upgraded to v44.5.5 by @​tj-actions-bot in tj-actions/changed-files#2168
• chore(deps): update dependency @​types/node to v20.14.9 by @​renovate in tj-actions/changed-files#2170
• chore(deps): update dependency @​types/micromatch to v4.0.8 by @​renovate in tj-actions/changed-files#2171
• chore(deps): update dependency @​types/lodash to v4.17.6 by @​renovate in tj-actions/changed-files#2172
• chore(deps): update actions/checkout action to v3 by @​renovate in tj-actions/changed-files#2173
• chore(deps): update actions/checkout action to v4 by @​renovate in tj-actions/changed-files#2174
• chore(deps): update dependency @​types/micromatch to v4.0.9 by @​renovate in tj-actions/changed-files#2175
• chore(deps-dev): bump @​typescript-eslint/parser from 7.14.1 to 7.15.0 by @​dependabot in tj-actions/changed-files#2181
• chore(deps): update dependency @​typescript-eslint/eslint-plugin to v7.15.0 by @​renovate in tj-actions/changed-files#2178
• chore(deps): update dependency @​types/node to v20.14.10 by @​renovate in tj-actions/changed-files#2182
• chore(deps): update dependency ts-jest to v29.2.0 by @​renovate in tj-actions/changed-files#2184
• chore(deps): update typescript-eslint monorepo to v7.16.0 by @​renovate in tj-actions/changed-files#2185
• chore(deps): update actions/setup-node action to v4.0.3 by @​renovate in tj-actions/changed-files#2188
• chore(deps): update dependency ts-jest to v29.2.1 by @​renovate in tj-actions/changed-files#2189
• chore(deps): update dependency ts-jest to v29.2.2 by @​renovate in tj-actions/changed-files#2190
• chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.2 by @​renovate in tj-actions/changed-files#2191
• chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.4 by @​renovate in tj-actions/changed-files#2192
• chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.5 by @​renovate in tj-actions/changed-files#2193
• chore(deps): update dependency prettier to v3.3.3 by @​renovate in tj-actions/changed-files#2194
• chore(deps): update typescript-eslint monorepo to v7.16.1 by @​renovate in tj-actions/changed-files#2196
• chore(deps): update dependency @​types/lodash to v4.17.7 by @​renovate in tj-actions/changed-files#2197
• chore(deps): update dependency @​types/node to v20.14.11 by @​renovate in tj-actions/changed-files#2198
• fix(deps): update dependency @​octokit/rest to v21.0.1 by @​renovate in tj-actions/changed-files#2199
• chore(deps): update dependency eslint-plugin-prettier to v5.2.1 by @​renovate in tj-actions/changed-files#2200
• chore(deps): update dependency ts-jest to v29.2.3 by @​renovate in tj-actions/changed-files#2203
• fix: remove unused code by @​jackton1 in tj-actions/changed-files#2202

Full Changelog: tj-actions/changed-files@v44...v44.5.6

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

44.5.6 - (2024-07-18)

🐛 Bug Fixes

• Remove unused code (#2202) (6b2903b) - (Tonye Jack)
• deps: Update dependency @​octokit/rest to v21.0.1 (56b5e13) - (renovate[bot])

⚙️ Miscellaneous Tasks

• deps: Update dependency ts-jest to v29.2.3 (dc82617) - (renovate[bot])
• deps: Update dependency eslint-plugin-prettier to v5.2.1 (1797e9a) - (renovate[bot])
• deps: Update dependency @​types/node to v20.14.11 (9e63ef5) - (renovate[bot])
• deps: Update dependency @​types/lodash to v4.17.7 (f1afcac) - (renovate[bot])
• deps: Update typescript-eslint monorepo to v7.16.1 (e42a3d1) - (renovate[bot])
• deps: Update dependency prettier to v3.3.3 (f0eedff) - (renovate[bot])
• deps: Update codacy/codacy-analysis-cli-action action to v4.4.5 (f6d7b72) - (renovate[bot])
• deps: Update codacy/codacy-analysis-cli-action action to v4.4.4 (6f59461) - (renovate[bot])
• deps: Update codacy/codacy-analysis-cli-action action to v4.4.2 (443dcaf) - (renovate[bot])
• deps: Update dependency ts-jest to v29.2.2 (6f8dfa8) - (renovate[bot])
• deps: Update dependency ts-jest to v29.2.1 (df7dd40) - (renovate[bot])
• deps: Update actions/setup-node action to v4.0.3 (07a5a99) - (renovate[bot])
• deps: Update typescript-eslint monorepo to v7.16.0 (02a0746) - (renovate[bot])
• deps: Update dependency ts-jest to v29.2.0 (75ed46d) - (renovate[bot])
• deps: Update dependency @​types/node to v20.14.10 (c8c9e91) - (renovate[bot])
• deps: Update dependency @​typescript-eslint/eslint-plugin to v7.15.0 (8ead8a4) - (renovate[bot])
• deps-dev: Bump @​typescript-eslint/parser from 7.14.1 to 7.15.0 (#2181) (0f83d09) - (dependabot[bot])
• deps: Update dependency @​types/micromatch to v4.0.9 (c3dcd3e) - (renovate[bot])
• deps: Update actions/checkout action to v4 (#2174) (0e9a58e) - (renovate[bot])
• deps: Update actions/checkout action to v3 (2295558) - (renovate[bot])
• deps: Update dependency @​types/lodash to v4.17.6 (6844796) - (renovate[bot])
• deps: Update dependency @​types/micromatch to v4.0.8 (00518ab) - (renovate[bot])
• deps: Update dependency @​types/node to v20.14.9 (2c2260e) - (renovate[bot])
• deps: Update typescript-eslint monorepo to v7.14.1 (d1d479f) - (renovate[bot])

⬆️ Upgrades

• Upgraded to v44.5.5 (#2168)

Co-authored-by: jackton1 [email protected] (9adb915) - (tj-actions[bot])

44.5.5 - (2024-06-24)

⚙️ Miscellaneous Tasks

• Remove debug lines (#2166) (cc73385) - (Tonye Jack)

⬆️ Upgrades

... (truncated)

Commits

• 6b2903b fix: remove unused code (#2202)
• dc82617 chore(deps): update dependency ts-jest to v29.2.3
• 1797e9a chore(deps): update dependency eslint-plugin-prettier to v5.2.1
• 56b5e13 fix(deps): update dependency @​octokit/rest to v21.0.1
• 9e63ef5 chore(deps): update dependency @​types/node to v20.14.11
• f1afcac chore(deps): update dependency @​types/lodash to v4.17.7
• e42a3d1 chore(deps): update typescript-eslint monorepo to v7.16.1
• f0eedff chore(deps): update dependency prettier to v3.3.3
• f6d7b72 chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.5
• 6f59461 chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coveralls]

coverage: 90.951%. remained the same
when pulling 3975fea on dependabot/github_actions/tj-actions/changed-files-44.5.6
into d3db14f on mainline.

[AJGranowski]

The Dependency Review failure seems related to #dependency-review-action/676. I think it's because we're pinning to a SHA instead of a semver version.

[AJGranowski]

@dependabot recreate

[AJGranowski]

Dependency Review false positive. GHSL-2023-271 affects < 41 and is patched in 41. This change bumps the version from 44.5.5 to 44.5.6.

Additionally, this vulnerability never impacted this repo. Dependabot alert #5 was dismissed 4 months ago.

[AJGranowski]

For the record, this was the Dependency Review output:

Run actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c
  with:
    repo-token: ***
Dependency review did not detect any denied packages
Vulnerabilities
  .github/workflows/ci.yml » tj-actions/changed-files@6b2903bdce6310cfbddd87c418f253cf29b2dec9 – tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271) (high severity)
    ↪ https://github.com/advisories/GHSA-mcph-m25j-8j63
  Error: Dependency review detected vulnerable packages.
Licenses
Denied
Scorecard
  actions/tj-actions/changed-files: OpenSSF Scorecard Score: 6.3
Dependency Changes
  File: .github/workflows/ci.yml
  + tj-actions/changed-files@6b2903bdce6310cfbddd87c418f253cf29b2dec9
  - tj-actions/changed-files@cc733854b1f224978ef800d29e4709d5ee2883e4

Dependency Review

The following issues were found:

• ❌ 1 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

.github/workflows/ci.yml

Name	Version	Vulnerability	Severity
tj-actions/changed-files	6b2903bdce6310cfbddd87c418f253cf29b2dec9	tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271)	high