Bump dependency_validator from 4.0.0 to 4.1.0

[dependabot]

Bumps dependency_validator from 4.0.0 to 4.1.0.

Release notes

Sourced from dependency_validator's releases.

4.1.0

Info

Build: (waiting for build to complete) Skynet Results: (waiting for Skynet results) Pipeline: (waiting for pipeline to start) This minor release includes the following changes:

Miscellaneous

• #114 v4 Changelog update

• #115 FEA-3685: Reverted non-dev bin import usage errors

  • FEA-3685 Reverted non-dev bin import usage errors

• #116 Revert "FEA-3685: Reverted non-dev bin import usage errors"

  • FEA-3685 Reverted non-dev bin import usage errors

• #117 Update analyzer constraint

• #120 Fixed broken GHA and updated installation instructions

• #121 Add dependabot.yml

• #122 GHA: Bump actions/checkout from 2 to 4 in the gha-dependencies group

• #123 RM-256973 Release dependency_validator 4.1.0

  • RM-256973 RELEASE dependency_validator 4.1.0

Notes created on Monday, June 03 05:25 PM UTC

Changelog

Sourced from dependency_validator's changelog.

4.1.0

• Update specified analyzer range to support v6.0.0+. This supports dependency_validator running on dart 3 better

Commits

• 2efe17c Merge pull request #123 from Workiva/release_dependency_validator_4.1.0
• 7abe7c0 dependency_validator_4.1.0
• e5c500e Merge pull request #117 from Funky-Food/update-analyzer
• a510821 Merge branch 'Workiva:master' into update-analyzer
• c7d6ba6 Merge pull request #122 from Workiva/dependabot/github_actions/master/gha-dep...
• 8da2ea7 GHA: Bump actions/checkout from 2 to 4 in the gha-dependencies group
• 04efce1 Merge pull request #121 from Workiva/add_dependabot
• 7b0473a Add dependabot.yml
• 1f18697 Merge pull request #120 from Workiva/readme_updates
• 79e1e6c only upload sbom for 2.19.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[aviary2-wf]

Security Insights

No security relevant content was detected by automated scans.

Action Items

• Review PR for security impact; comment "security review required" if needed or unsure
• Verify aviary.yaml coverage of security relevant code

---

Questions or Comments? Reach out on Slack: #support-infosec.

[matthewnitschke-wk]

QA +1

• CI does indeed pass

🚀 @Workiva/release-management-p 🚢

[rmconsole-wf]

+1 from RM