Bump dependabot/fetch-metadata from 1.6.0 to 1.7.0

[dependabot]

Bumps dependabot/fetch-metadata from 1.6.0 to 1.7.0.

Release notes

Sourced from dependabot/fetch-metadata's releases.

v1.7.0

What's Changed

• Bump dotenv from 16.0.3 to 16.3.1 by @​dependabot in dependabot/fetch-metadata#404
• Bump @​types/node from 20.2.3 to 20.3.3 by @​dependabot in dependabot/fetch-metadata#407
• Bump the eslint-dependencies group with 4 updates by @​dependabot in dependabot/fetch-metadata#409
• Update dependabot.yml by @​bdragon in dependabot/fetch-metadata#410
• Bump @​types/node from 20.3.3 to 20.4.0 by @​dependabot in dependabot/fetch-metadata#411
• Bump yaml from 2.2.1 to 2.3.1 by @​dependabot in dependabot/fetch-metadata#390
• Bump tough-cookie from 4.0.0 to 4.1.3 by @​dependabot in dependabot/fetch-metadata#412
• Bump @​types/node from 20.4.0 to 20.4.1 by @​dependabot in dependabot/fetch-metadata#413
• Generate Dependabot PRs on Sundays weekly by @​abdulapopoola in dependabot/fetch-metadata#417
• Aggressively group prod and dev dependencies for NPM by @​abdulapopoola in dependabot/fetch-metadata#420
• Update .nvmrc to latest node 16 LTS version by @​abdulapopoola in dependabot/fetch-metadata#422
• Bump the dev-dependencies group with 9 updates by @​dependabot in dependabot/fetch-metadata#421
• Bump the dev-dependencies group with 1 update by @​dependabot in dependabot/fetch-metadata#423
• Check for uncommitted files beyond the diff directory by @​jeffwidman in dependabot/fetch-metadata#278
• Bump the dev-dependencies group with 6 updates by @​dependabot in dependabot/fetch-metadata#424
• Bump the dev-dependencies group with 3 updates by @​dependabot in dependabot/fetch-metadata#425
• Bump the dev-dependencies group with 6 updates by @​dependabot in dependabot/fetch-metadata#428
• Bump the dev-dependencies group with 7 updates by @​dependabot in dependabot/fetch-metadata#429
• Bump tibdex/github-app-token from 1.8.0 to 1.8.2 by @​dependabot in dependabot/fetch-metadata#430
• Bump the dev-dependencies group with 4 updates by @​dependabot in dependabot/fetch-metadata#432
• Bump actions/checkout from 3 to 4 by @​dependabot in dependabot/fetch-metadata#436
• Bump the dev-dependencies group with 6 updates by @​dependabot in dependabot/fetch-metadata#440
• Change actions/checkout@v3 to v4 in readme by @​Nishnha in dependabot/fetch-metadata#444
• Bump the dev-dependencies group with 4 updates by @​dependabot in dependabot/fetch-metadata#445
• Bump @​vercel/ncc from 0.36.1 to 0.38.0 by @​dependabot in dependabot/fetch-metadata#435
• Bump the dev-dependencies group with 4 updates by @​dependabot in dependabot/fetch-metadata#447
• Bump the dev-dependencies group with 3 updates by @​dependabot in dependabot/fetch-metadata#448
• Bump @​babel/traverse from 7.22.8 to 7.23.2 by @​dependabot in dependabot/fetch-metadata#457
• Add blurbs about using a PAT to the readme by @​Nishnha in dependabot/fetch-metadata#466
• Bump @​vercel/ncc from 0.38.0 to 0.38.1 by @​dependabot in dependabot/fetch-metadata#462
• Bump actions/setup-node from 3 to 4 by @​dependabot in dependabot/fetch-metadata#461
• Bump the dev-dependencies group with 13 updates by @​dependabot in dependabot/fetch-metadata#497
• Bump tibdex/github-app-token from 1.8.2 to 2.1.0 by @​dependabot in dependabot/fetch-metadata#442
• Scope app token to only this repo for security by @​jeffwidman in dependabot/fetch-metadata#501
• Switch to the official action for managing app tokens by @​jeffwidman in dependabot/fetch-metadata#504
• v1.7.0 by @​fetch-metadata-action-automation in dependabot/fetch-metadata#505

New Contributors

• @​bdragon made their first contribution in dependabot/fetch-metadata#410
• @​abdulapopoola made their first contribution in dependabot/fetch-metadata#417

Full Changelog: dependabot/fetch-metadata@v1.6.0...v1.7.0

Commits

• 8348ea7 v1.7.0 (#505)
• e21c9fb Switch to the official action for managing app tokens (#504)
• 3e1bcb9 Scope app token to only this repo for security (#501)
• 7187f39 Merge pull request #442 from dependabot/dependabot/github_actions/tibdex/gith...
• f9af96f Bump tibdex/github-app-token from 1.8.2 to 2.1.0
• 9977d7b Merge pull request #497 from dependabot/dependabot/npm_and_yarn/dev-dependenc...
• 4e1067b run npm build
• 98c94fe Bump the dev-dependencies group with 13 updates
• 924483a Merge pull request #461 from dependabot/dependabot/github_actions/actions/set...
• 5bb91d5 Bump actions/setup-node from 3 to 4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud