From 2e3d6da508cf74aabb1c2c497ec63596d1b70a1e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 11 May 2021 12:10:04 +0000
Subject: [PATCH 1/3] Bump lodash from 4.17.19 to 4.17.21

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 28bf54c..4e56384 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7846,9 +7846,9 @@
       }
     },
     "lodash": {
-      "version": "4.17.19",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
-      "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==",
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
       "dev": true
     },
     "lodash.memoize": {

From 4db8255e70a22a94e2ae16f87d2594b19dd9aea3 Mon Sep 17 00:00:00 2001
From: Jason Gross <jasongross9@gmail.com>
Date: Sun, 23 May 2021 08:33:18 -0400
Subject: [PATCH 2/3] Fix the grammar in a warning message

---
 src/upload-artifact.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/upload-artifact.ts b/src/upload-artifact.ts
index 3add259..d78e069 100644
--- a/src/upload-artifact.ts
+++ b/src/upload-artifact.ts
@@ -39,7 +39,7 @@ async function run(): Promise<void> {
 
       if (searchResult.filesToUpload.length > 10000) {
         core.warning(
-          `There are over 10,000 files in this artifact, consider create an archive before upload to improve the upload performance.`
+          `There are over 10,000 files in this artifact, consider creating an archive before upload to improve the upload performance.`
         )
       }
 

From 85076876532a28367eb508944031234ac9ec350b Mon Sep 17 00:00:00 2001
From: Brian Cristante <33549821+brcrista@users.noreply.github.com>
Date: Wed, 16 Jun 2021 10:05:05 -0400
Subject: [PATCH 3/3] avoid triggering push for Dependabot branches

---
 .github/workflows/codeql-analysis.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7ec02d9..699cb4b 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -2,6 +2,7 @@ name: "Code scanning - action"
 
 on:
   push:
+    branches-ignore: "dependabot/*"
   pull_request:
     paths-ignore:
       - '**.md'