Sourced from stefanbuck/github-issue-parser's releases.

v3.0.0

3.0.0 (2022年10月19日)

Bug Fixes

• deps: bump @​actions/core from 1.9.1 to 1.10.0 (284e5eb)
• Ensure releases can be pinned to SHAs #23 (#39) (428eec3)

Features

• mitigating script injection attacks by passing issue body as env var (#42) (0b27d4a)

BREAKING CHANGES

• Add issue-body argument which is required from v3 onwards

To mitigate script injection attacks, github-issue-parser v3 will require workflow authors to pass the issue body as an argument. By doing so you will follow GitHub's Good practices for mitigating script injection attacks

- uses: stefanbuck/github-issue-parser@v3
 id: issue-parser
 with:
 issue-body: ${{ github.event.issue.body }} # required
 template-path: .github/ISSUE_TEMPLATE/bug-report.yml # optional but recommended

• New checkboxes parsing (#21) (1d341cb)

The previous checkbox output produced this:

 {
 "laravel": true,
 "svelte": true,
 }

whereas the new output will be an array like this

{
 "fav_frameworks": ["Laravel", "Svelte"]
}

... (truncated)

• b650066 build
• 3c9c1c3 build(deps-dev): bump jest from 29.1.2 to 29.2.2 (#49)
• 741688b feat: add issue-body default (#47)
• de423fc docs: Add migration section
• 0b27d4a feat: mitigating script injection attacks by passing issue body as env var (#42)
• 1d341cb feat: parse checkboxes (#21)
• 284e5eb fix(deps): bump @​actions/core from 1.9.1 to 1.10.0
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)