Skip to content

chore(deps): bump alstr/todo-to-issue-action from 4 to 5#617

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/alstr/todo-to-issue-action-5
Open

chore(deps): bump alstr/todo-to-issue-action from 4 to 5#617
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/alstr/todo-to-issue-action-5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps alstr/todo-to-issue-action from 4 to 5.

Release notes

Sourced from alstr/todo-to-issue-action's releases.

v5

Targets the latest v5 release.

v4.13.3

Add PureScript and Agda support.

v4.13.2

Extend TSX support.

v4.13.1

Add Liquid support.

v4.13

Add support for extensionless files.

Thanks to @​AingeruAlvarezSanchez for the contribution.

v4.12.3

Add Cuda support.

v4.12.2

Set ace_mode for custom languages.

v4.12.1

Fix case sensitivity.

v4.12

Add support for custom languages.

Thanks to @​Christoph-Koschel for the PR, and @​drkameleon for the initial idea and exploratory work.

v4.11.1

Fix URL to line.

v4.11

  • Enable issue escaping.
  • Remove requirement for space after comment marker.

Thanks to @​Christoph-Koschel.

v4.10.2

Add RMarkdown support.

v4.10.1

  • Add support for Starlark and JSON with Comments.
  • Rework README.
  • Fix URL to line for enterprise.

v4.10

Add support for GHES with new API URL input.

... (truncated)

Commits
  • 64aca8f Bump version
  • d1f79f2 Merge pull request #281 from soraxas/fix/unbounded-var
  • 82dd9d3 actually fallback to default dict
  • 62a4dd1 Merge pull request #279 from yonasBSD/chore/upgrade-actions-checkout
  • db0ad8b chore: Upgrade to actions/checkout@v6.
  • 71b3037 Update ace_mode values used in tests
  • cdddfe1 Merge pull request #277 from Christian-Schou/feature/chs-add-al-code
  • 1e495ff ♻️ Update expected line number in test_url_insertion
  • d14fc87 📝 Add AL to supported languages list in README
  • 399f21a ✅ Add AL codeunit test cases and update text issue counts
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [alstr/todo-to-issue-action](https://github.com/alstr/todo-to-issue-action) from 4 to 5.
- [Release notes](https://github.com/alstr/todo-to-issue-action/releases)
- [Commits](alstr/todo-to-issue-action@v4...v5)

---
updated-dependencies:
- dependency-name: alstr/todo-to-issue-action
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added 📦 Dependencies Pull requests that update a dependency file 🚀 CI/CD Indicates the change is related to CI/CD workflows labels Jul 2, 2026
@dependabot
dependabot Bot requested a review from AlbertHernandez as a code owner July 2, 2026 11:52
@dependabot dependabot Bot added 🚀 CI/CD Indicates the change is related to CI/CD workflows 📦 Dependencies Pull requests that update a dependency file labels Jul 2, 2026
@github-actions github-actions Bot added the ignore-for-release Ignore pull request for a new release label Jul 2, 2026
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/todo-to-issue.yml

PackageVersionLicenseIssue Type
alstr/todo-to-issue-action5.*.*NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/alstr/todo-to-issue-action 5.*.* 🟢 3.3
Details
CheckScoreReason
Code-Review🟢 4Found 7/17 approved changesets -- score normalized to 4
Maintained⚠️ 10 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • .github/workflows/todo-to-issue.yml

@github-actions github-actions Bot removed the 📦 Dependencies Pull requests that update a dependency file label Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

🚀 CI/CD Indicates the change is related to CI/CD workflows ignore-for-release Ignore pull request for a new release

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants