Skip to content

Bump Afterlife-Guide/SemVer.Action from 1.3.3.19 to 1.3.4.20#733

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/github_actions/Afterlife-Guide/SemVer.Action-1.3.4.20
Closed

Bump Afterlife-Guide/SemVer.Action from 1.3.3.19 to 1.3.4.20#733
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/github_actions/Afterlife-Guide/SemVer.Action-1.3.4.20

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 13, 2026

Bumps Afterlife-Guide/SemVer.Action from 1.3.3.19 to 1.3.4.20.

Changelog

Sourced from Afterlife-Guide/SemVer.Action's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[1.3.4.20] - 2026-03-12

[1.3.3.19] - 2026-02-12

[1.3.2.18] - 2026-01-16

[1.3.1.17] - 2025-12-10

Fixed

  • Bug with deployment (#306)

Security

  • Fixed command injection vulnerabilities in GitHub Actions workflows by moving user-controlled data to environment variables instead of using them directly in run blocks (#300)

[1.3.0.15] - 2025-11-18

Changed

  • Upgraded all projects and CI/CD pipelines to .NET 10 (#288)

[1.2.2.14] - 2025-11-07

[1.2.1.19] - 2025-09-09

Changed

  • Reverted Docker non-root (#240)

[1.2.0.13] - 2025-09-08

Fixed

  • Fixed security vulnerability by preventing direct use of user-controlled data in workflow run blocks to prevent command injection

Changed

  • Migrated from thomaseizinger/keep-a-changelog-new-release to baynezy/ChangeLogger.Action (#210)
  • Added GH_TOKEN environment variable to all GitHub Action workflows for consistent token access (#215)
  • Set up copilot environment (#225)

... (truncated)

Commits
  • 3fc0d7f Merge pull request #358 from Afterlife-Guide/release/1.3.4.20
  • 37da20c Prepare release 1.3.4.20
  • 0ed2338 Merge pull request #356 from Afterlife-Guide/dependabot/nuget/src/SemVer.Json...
  • 113e1db Bump Microsoft.Extensions.DependencyInjection and Microsoft.Extensions.Hosting
  • 6d1f690 Merge pull request #354 from Afterlife-Guide/dependabot/github_actions/docker...
  • d101667 Bump docker/build-push-action from 6.19.2 to 7.0.0
  • 45fca4b Merge pull request #353 from Afterlife-Guide/dependabot/github_actions/action...
  • 938617a Bump actions/setup-dotnet from 5.1.0 to 5.2.0
  • bc420f5 Merge pull request #351 from Afterlife-Guide/dependabot/github_actions/baynez...
  • 13e3ae9 Merge pull request #352 from Afterlife-Guide/dependabot/github_actions/docker...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump Afterlife-Guide/SemVer.Action from 1.3.3.19 to 1.3.4.20
dce984a 
Bumps [Afterlife-Guide/SemVer.Action](https://github.com/afterlife-guide/semver.action) from 1.3.3.19 to 1.3.4.20.
- [Release notes](https://github.com/afterlife-guide/semver.action/releases)
- [Changelog](https://github.com/Afterlife-Guide/SemVer.Action/blob/develop/CHANGELOG.md)
- [Commits](Afterlife-Guide/SemVer.Action@650ef55...3fc0d7f)

---
updated-dependencies:
- dependency-name: Afterlife-Guide/SemVer.Action
  dependency-version: 1.3.4.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 13, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 17, 2026

Superseded by #734.

@dependabot dependabot bot closed this Mar 17, 2026
@dependabot dependabot bot deleted the dependabot/github_actions/Afterlife-Guide/SemVer.Action-1.3.4.20 branch March 17, 2026 01:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1 min review dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants