Upgrade: [dependabot] - bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#156)

dependabot[bot] · web-flow · commit b4a2329f8b50 · 2026-04-30T18:51:54.000Z
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Add permissions to all workflows by <a href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/687">dependabot/fetch-metadata#687</a></li> <li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/690">dependabot/fetch-metadata#690</a></li> <li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/693">dependabot/fetch-metadata#693</a></li> <li>build(deps-dev): bump <code>@​hono/node-server</code> from 1.19.10 to 1.19.13 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/694">dependabot/fetch-metadata#694</a></li> <li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/695">dependabot/fetch-metadata#695</a></li> <li>Dynamically update the tracking tag in action by <a href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/696">dependabot/fetch-metadata#696</a></li> <li>fix: handle duplicate dependency names in parseMetadataLinks by <a href="https://github.com/devantler"><code>@​devantler</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li> <li>fix: remove $ anchor from updateFragment regex to handle pip directory suffixes by <a href="https://github.com/devantler"><code>@​devantler</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/698">dependabot/fetch-metadata#698</a></li> <li>Updates to README for permissions clarification by <a href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/697">dependabot/fetch-metadata#697</a></li> <li>fix: resolve update-type null for Python, Composer, and Terraform PRs by <a href="https://github.com/vitorsdcs"><code>@​vitorsdcs</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li> <li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/703">dependabot/fetch-metadata#703</a></li> <li>build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/701">dependabot/fetch-metadata#701</a></li> <li>build(deps): bump <code>@​actions/github</code> from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/702">dependabot/fetch-metadata#702</a></li> <li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/705">dependabot/fetch-metadata#705</a></li> <li>v3.1.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/692">dependabot/fetch-metadata#692</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/devantler"><code>@​devantler</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li> <li><a href="https://github.com/vitorsdcs"><code>@​vitorsdcs</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98"><code>25dd0e3</code></a> v3.1.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/692">#692</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9"><code>e073f50</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/705">#705</a> from dependabot/dependabot/npm_and_yarn/hono-4.12.14</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674"><code>0670e16</code></a> build(deps-dev): bump hono from 4.12.12 to 4.12.14</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1"><code>7a7fe10</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/702">#702</a> from dependabot/dependabot/npm_and_yarn/dependencies-...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d"><code>5168191</code></a> Updating dist build</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504"><code>23882e1</code></a> build(deps): bump <code>@​actions/github</code> in the dependencies group</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7"><code>1072469</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/701">#701</a> from dependabot/dependabot/github_actions/actions/cre...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752"><code>43f8a00</code></a> build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1"><code>b4d904a</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/703">#703</a> from dependabot/dependabot/npm_and_yarn/globals-17.5.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82"><code>c8046bb</code></a> build(deps-dev): bump globals from 17.4.0 to 17.5.0</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36...25dd0e34f4fe68f24cc83900b1fe3fe149efef98">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/dependabot-auto-approve-and-merge.yml b/.github/workflows/dependabot-auto-approve-and-merge.yml
@@ -26,7 +26,7 @@ jobs:
 
             - name: Dependabot metadata
               id: dependabot-metadata
-              uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36
+              uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98
               with:
                   github-token: "${{ secrets.GITHUB_TOKEN }}"
 
