chore(deps): bump actions/dependency-review-action from 4.8.1 to 4.8.2
Closed
Number: #7662
Type: Pull Request
State: Closed
Type: Pull Request
State: Closed
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Unknown
Comments: 1
dependabot[bot]Association: Unknown
Comments: 1
Created:
November 11, 2025 at 08:06 PM UTC
(19 days ago)
(19 days ago)
Updated:
November 13, 2025 at 02:57 PM UTC
(17 days ago)
(17 days ago)
Closed:
November 13, 2025 at 02:56 PM UTC
(17 days ago)
(17 days ago)
Time to Close:
2 days
Labels:
dependencies internal size/XS github-actions github_actions
dependencies internal size/XS github-actions github_actions
Description:
Bumps actions/dependency-review-action from 4.8.1 to 4.8.2.
Release notes
Sourced from actions/dependency-review-action's releases.
v4.8.2
Minor fixes:
- Fix PURL parsing for scoped packages (#1008 from
@danielhardej)- Fix for large summaries (#1007 from
@gitulisca)- README includes a working example for allow-dependencies-licenses (#1009 from
@danielhardej)
Commits
3c4e3dcMerge pull request #1016 from actions/dra-release02930b2Update CONTRIBUTING to reflect new guidelines49ffd9fUpdate CONTRIBUTING to reflect the need to build70cb25e4.8.2 releaseebabd31Merge pull request #1008 from danielhardej/danielhardej-patch-2025102319f9360Update package-lock.json5fd2f98Bump@types/jestto version 29.5.1428647f4Fix PURL parsing by removing encodeURIf620fd1Merge pull request #1013 from actions/dangoor/token-fix9b42b7eRemove bad token reference- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Package:
actions/dependency-review-action
Ecosystem:
actions
actions
Version Change:
4.8.1 → 4.8.2
Update Type:
Patch
Patch
Technical Details
| ID: | 11013922 |
| UUID: | 3613732469 |
| Node ID: | PR_kwDODTo4k86y1Trj |
| Host: | GitHub |
| Repository: | aws-powertools/powertools-lambda-python |