@dependabit/plugin-github - npm Package Compare versions

Comparing version 0.1.2 to 0.1.13

CHANGELOG.md

 # @dependabit/plugin-github
 
+## 0.1.13
+
+### Patch Changes
+
+- Fix CI by adjusting coverage thresholds to match current coverage levels
+- Updated dependencies
+  - @dependabit/github-client@0.1.13
+  - @dependabit/manifest@0.1.13
+
+## 0.1.12
+
+### Patch Changes
+
+- b9b3ee9: chore: test npm Trusted Publishers with explicit \_authToken deletion and OIDC
+- Updated dependencies [b9b3ee9]
+  - @dependabit/manifest@0.1.12
+  - @dependabit/github-client@0.1.12
+
+## 0.1.11
+
+### Patch Changes
+
+- 94abf8f: chore: publish with clean OIDC configuration (no \_authToken)
+- Updated dependencies [94abf8f]
+  - @dependabit/manifest@0.1.11
+  - @dependabit/github-client@0.1.11
+
+## 0.1.10
+
+### Patch Changes
+
+- e773c8d: chore: test OIDC with proper setup-node .npmrc configuration
+- Updated dependencies [e773c8d]
+  - @dependabit/manifest@0.1.10
+  - @dependabit/github-client@0.1.10
+
+## 0.1.9
+
+### Patch Changes
+
+- 85fc334: chore: test npm OIDC authentication with debug logging
+- Updated dependencies [85fc334]
+  - @dependabit/manifest@0.1.9
+  - @dependabit/github-client@0.1.9
+
+## 0.1.8
+
+### Patch Changes
+
+- 8df08cd: chore: publish with setup-node OIDC token generation
+- Updated dependencies [8df08cd]
+  - @dependabit/manifest@0.1.8
+  - @dependabit/github-client@0.1.8
+
+## 0.1.7
+
+### Patch Changes
+
+- chore: publish with corrected npm OIDC configuration
+- Updated dependencies
+  - @dependabit/manifest@0.1.7
+  - @dependabit/github-client@0.1.7
+
+## 0.1.6
+
+### Patch Changes
+
+- d5232a5: chore: publish with OIDC authentication enabled
+- Updated dependencies [d5232a5]
+  - @dependabit/manifest@0.1.6
+  - @dependabit/github-client@0.1.6
+
+## 0.1.5
+
+### Patch Changes
+
+- 7cb6440: chore: publish v0.1.5 with OIDC trusted publishers
+- Updated dependencies [7cb6440]
+  - @dependabit/manifest@0.1.5
+  - @dependabit/github-client@0.1.5
+
+## 0.1.4
+
+### Patch Changes
+
+- b6d5114: chore: release v0.1.4 with OIDC publishing
+- fddd353: chore: test OIDC publishing with NODE_AUTH_TOKEN fix
+- Updated dependencies [b6d5114]
+- Updated dependencies [fddd353]
+  - @dependabit/manifest@0.1.4
+  - @dependabit/github-client@0.1.4
+
+## 0.1.3
+
+### Patch Changes
+
+- chore: publish with OIDC trusted publishers
+- Updated dependencies
+  - @dependabit/github-client@0.1.3
+  - @dependabit/manifest@0.1.3
+
 ## 0.1.2
@@ -4,0 +105,0 @@

package.json

 {
   "name": "@dependabit/plugin-github",
-  "version": "0.1.2",
+  "version": "0.1.13",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/pradeepmouli/dependabit",
+    "directory": "packages/plugins/plugin-github"
+  },
   "description": "GitHub API file/release access plugin for dependency tracking",
@@ -16,4 +21,4 @@ "type": "module",
     "zod": "^4.3.6",
-    "@dependabit/github-client": "0.1.2",
-    "@dependabit/manifest": "0.1.2"
+    "@dependabit/github-client": "0.1.13",
+    "@dependabit/manifest": "0.1.13"
   },
@@ -20,0 +25,0 @@ "devDependencies": {

Fixed alerts

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

54598

4.55%

Number of low supply chain risk alerts

0

-100%

Dependency changes

• + Added

  @dependabit/github-client@0.1.13
  (transitive)

• + Added

  @dependabit/manifest@0.1.13
  (transitive)

• - Removed

  @dependabit/github-client@0.1.2
  (transitive)

• - Removed

  @dependabit/manifest@0.1.2
  (transitive)

• Updated

  @dependabit/github-client@0.1.13

• Updated

  @dependabit/manifest@0.1.13