Files
Stirling-PDF/.github/workflows
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9fc174d12d Bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#3519)
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<ul>
<li>Handle complex license expressions (e.g. <code>MIT AND
GPL-2.0</code>) in allow lists (fixes <a
href="https://redirect.github.com/actions/dependency-review-action/issues/809">#809</a>
and probably others)</li>
<li>Replace <code>OTHER</code> in package licenses with
<code>LicenseRef-clearlydefined-OTHER</code> so that parsing passes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/38ecb5b593bf0eb19e335c03f97670f792489a8b"><code>38ecb5b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/929">#929</a>
from actions/dangoor/4.7-release</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/0e9e935cc870609b60e95f0ca9c5439df6c5a001"><code>0e9e935</code></a>
Version 4.7.0 release</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/69d2faa36575aaf6f3b6e83344dccafd1434b31e"><code>69d2faa</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/926">#926</a>
from dangoor/dangoor/replace-other</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/7e14978e0e6d56c5c368d665cfe64859530ae43e"><code>7e14978</code></a>
Merge branch 'actions:main' into dangoor/replace-other</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/8477905b0e5eb937fce8d6d92309aee88f4a4295"><code>8477905</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/927">#927</a>
from dangoor/dangoor/multilicense</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/f3ff3564fad5f71b84386e8dd99dcdd5f25b6e9e"><code>f3ff356</code></a>
Update dist</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/c7565d44ece013dd49742989a6bd8f2042aed16a"><code>c7565d4</code></a>
Fix tests and respond to review feedback</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/82299c3bbe54c01331889c2b0f62af249dfb0ee8"><code>82299c3</code></a>
Replace OTHER with a LicenseRef</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/2013ccccfe108a74501d552608b81853e407307a"><code>2013ccc</code></a>
Update type definition for spdx-satisfies</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/3a2b68706a35b3507491b524adfe1c822821e706"><code>3a2b687</code></a>
Handle complex licenses (e.g. X AND Y)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/ce3cf9537a52e8119d91fd484ab5b8a807627bf8...38ecb5b593bf0eb19e335c03f97670f792489a8b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-13 23:04:45 +01:00
..