Merge pull request #848 from nextcloud-libraries/dependabot/npm_and_y…

…arn/dompurify-3.2.4 chore(deps): Bump dompurify from 3.2.3 to 3.2.4
nextcloud-libraries · Feb 1, 2025 · 8e712a3 · 8e712a3
2 parents 7619bf9 + a7a9dad
commit 8e712a3
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 9 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,5 +1,6 @@
-# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: GPL-3.0-or-later
+# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: CC0-1.0
+
 version: 2
 updates:
 - package-ecosystem: npm
@@ -9,5 +10,7 @@ updates:
     day: saturday
     time: "03:00"
     timezone: Europe/Paris
+  labels:
+    - "type: dependencies"
   open-pull-requests-limit: 10
-  versioning-strategy: increase
+  versioning-strategy: increase
diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
@@ -25,7 +25,7 @@ concurrency:
 jobs:
   auto-approve-merge:
     if: github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'renovate[bot]'
-    runs-on: ubuntu-latest-low
+    runs-on: ubuntu-latest
     permissions:
       # for hmarr/auto-approve-action to approve PRs
       pull-requests: write

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -42,7 +42,7 @@
     "@nextcloud/typings": "^1.9.1",
     "@types/dompurify": "^3.2.0",
     "@types/escape-html": "^1.0.4",
-    "dompurify": "^3.2.3",
+    "dompurify": "^3.2.4",
     "escape-html": "^1.0.3",
     "node-gettext": "^3.0.0"
   },