Bump actions/dependency-review-action from 4.7.2 to 4.7.3
Merged
Number: #25930
Type: Pull Request
State: Merged
Type: Pull Request
State: Merged
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Contributor
Comments: 2
dependabot[bot]Association: Contributor
Comments: 2
Created:
August 27, 2025 at 07:37 PM UTC
(10 months ago)
(10 months ago)
Updated:
August 29, 2025 at 11:45 PM UTC
(10 months ago)
(10 months ago)
Merged:
August 29, 2025 at 11:45 PM UTC
(10 months ago)
by TravisEz13
(10 months ago)
by TravisEz13
Time to Close:
2 days
Labels:
CL-BuildPackaging
CL-BuildPackaging
Description:
Bumps actions/dependency-review-action from 4.7.2 to 4.7.3.
Release notes
Sourced from actions/dependency-review-action's releases.
4.7.3
What's Changed
- Add explicit permissions to workflow files by
@AshelyTCin actions/dependency-review-action#966- Claire153/fix spamming mentioned issue by
@claire153in actions/dependency-review-action#974Full Changelog: https://github.com/actions/dependency-review-action/compare/v4...v4.7.3
Commits
595b5aeUpdate package version (#975)fc5fd66Claire153/fix spamming mentioned issue (#974)d38d1a4Merge pull request #965 from actions/dependabot/npm_and_yarn/multi-c22e25d29b8d420b8Merge branch 'main' into dependabot/npm_and_yarn/multi-c22e25d29bbde0129Merge pull request #966 from actions/ashelytc/add-permissionsab52490remove rubyef00a0aadd permissions to workflows74c8179Bump brace-expansion- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request Statistics
Commits:
1
1
Files Changed:
1
1
Additions:
+1
+1
Deletions:
-1
-1
Package Dependencies
Package:
actions/dependency-review-action
Ecosystem:
actions
actions
Version Change:
4.7.2 → 4.7.3
Update Type:
Patch
Patch
Technical Details
| ID: | 5885332 |
| UUID: | 2779431476 |
| Node ID: | PR_kwDOAvT7bc6lqsI0 |
| Host: | GitHub |
| Repository: | PowerShell/PowerShell |
| Merge State: | Unknown |