Upgrade: [dependabot] - bump dependabot/fetch-metadata from 2 to 3 by dependabot[bot] · Pull Request #759 · NHSDigital/eps-load-test

dependabot · 2026-04-10T18:04:07Z

Bumps dependabot/fetch-metadata from 2 to 3.

Release notes

Sourced from dependabot/fetch-metadata's releases.

v3.0.0

The breaking change is requiring Node.js version v24 as the Actions runtime.

What's Changed

feat: Parse versions from metadata links by @ppkarwasz in dependabot/fetch-metadata#632

Upgrade actions core and actions github packages by @truggeri in dependabot/fetch-metadata#649

docs: Add notes for using alert-lookup with App Token by @sue445 in dependabot/fetch-metadata#656

feat!: update Node.js version to v24 by @sturman in dependabot/fetch-metadata#671

Switch build tooling from ncc to esbuild by @truggeri in dependabot/fetch-metadata#676

Add --legal-comments=none to esbuild build commands by @jeffwidman in dependabot/fetch-metadata#679

Bump tsconfig target from es2022 to es2024 by @jeffwidman in dependabot/fetch-metadata#680

Remove vestigial outDir from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#681

Switch tsconfig module resolution to bundler by @jeffwidman in dependabot/fetch-metadata#682

Remove skipLibCheck from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#683

Add typecheck step to CI by @jeffwidman in dependabot/fetch-metadata#685

Enable noImplicitAny in tsconfig.json by @jeffwidman in dependabot/fetch-metadata#684

Upgrade @actions/core to ^3.0.0 by @truggeri in dependabot/fetch-metadata#677

Upgrade @actions/github to ^9.0.0 and @octokit/request-error to ^7.1.0 by @truggeri in dependabot/fetch-metadata#678

Bump qs from 6.14.0 to 6.14.1 by @dependabot[bot] in dependabot/fetch-metadata#651

Bump hono from 4.11.1 to 4.11.4 by @dependabot[bot] in dependabot/fetch-metadata#652

Bump hono from 4.11.4 to 4.11.7 by @dependabot[bot] in dependabot/fetch-metadata#653

Bump hono from 4.11.7 to 4.12.0 by @dependabot[bot] in dependabot/fetch-metadata#657

Bump qs from 6.14.1 to 6.14.2 by @dependabot[bot] in dependabot/fetch-metadata#655

Bump @modelcontextprotocol/sdk from 1.25.1 to 1.26.0 by @dependabot[bot] in dependabot/fetch-metadata#654

Bump @hono/node-server from 1.19.9 to 1.19.10 by @dependabot[bot] in dependabot/fetch-metadata#665

Bump hono from 4.12.2 to 4.12.5 by @dependabot[bot] in dependabot/fetch-metadata#664

Bump minimatch from 3.1.2 to 3.1.5 by @dependabot[bot] in dependabot/fetch-metadata#667

Bump hono from 4.12.5 to 4.12.7 by @dependabot[bot] in dependabot/fetch-metadata#668

Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by @dependabot[bot] in dependabot/fetch-metadata#669

Bump flatted from 3.3.3 to 3.4.2 by @dependabot[bot] in dependabot/fetch-metadata#670

build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @dependabot[bot] in dependabot/fetch-metadata#674

New Contributors

@ppkarwasz made their first contribution in dependabot/fetch-metadata#632

@truggeri made their first contribution in dependabot/fetch-metadata#649

@sue445 made their first contribution in dependabot/fetch-metadata#656

@sturman made their first contribution in dependabot/fetch-metadata#671

Full Changelog: dependabot/fetch-metadata@v2...v3.0.0

v2.5.0

What's Changed

Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot[bot] in dependabot/fetch-metadata#628

Bump the dev-dependencies group with 11 updates by @dependabot[bot] in dependabot/fetch-metadata#629

Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by @dependabot[bot] in dependabot/fetch-metadata#635

Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in dependabot/fetch-metadata#638

Bump actions/checkout from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#636

Bump actions/setup-node from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#637

Bump actions/setup-node from 5 to 6 by @dependabot[bot] in dependabot/fetch-metadata#639

Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @dependabot[bot] in dependabot/fetch-metadata#643

... (truncated)

Commits

25dd0e3 v3.1.0 (#692)
e073f50 Merge pull request #705 from dependabot/dependabot/npm_and_yarn/hono-4.12.14
0670e16 build(deps-dev): bump hono from 4.12.12 to 4.12.14
7a7fe10 Merge pull request #702 from dependabot/dependabot/npm_and_yarn/dependencies-...
5168191 Updating dist build
23882e1 build(deps): bump @actions/github in the dependencies group
1072469 Merge pull request #701 from dependabot/dependabot/github_actions/actions/cre...
43f8a00 build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1
b4d904a Merge pull request #703 from dependabot/dependabot/npm_and_yarn/globals-17.5.0
c8046bb build(deps-dev): bump globals from 17.4.0 to 17.5.0
Additional commits viewable in compare view

eps-autoapprove-dependabot · 2026-04-10T18:04:17Z

I'm not approving this PR because it includes a major update of a dependency used in production

Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2 to 3. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v2...v3) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 10, 2026

eps-autoapprove-dependabot Bot added the requires-manual-qa label Apr 10, 2026

eps-autoapprove-dependabot Bot enabled auto-merge (squash) April 10, 2026 18:04

dependabot Bot force-pushed the dependabot/github_actions/dependabot/fetch-metadata-3 branch 3 times, most recently from efff4a8 to 0f4952d Compare April 24, 2026 10:50

dependabot Bot force-pushed the dependabot/github_actions/dependabot/fetch-metadata-3 branch from 0f4952d to baf8820 Compare April 24, 2026 10:51

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade: [dependabot] - bump dependabot/fetch-metadata from 2 to 3#759

Upgrade: [dependabot] - bump dependabot/fetch-metadata from 2 to 3#759
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/dependabot/fetch-metadata-3

dependabot Bot commented on behalf of github Apr 10, 2026 •

edited

Loading

Uh oh!

eps-autoapprove-dependabot Bot commented Apr 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.0.0

What's Changed

New Contributors

v2.5.0

What's Changed

Uh oh!

eps-autoapprove-dependabot Bot commented Apr 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 10, 2026 •

edited

Loading