Skip to content

build(deps)(deps): bump european-parliament-mcp-server from 1.3.36 to 1.3.37 in the production-dependencies group#2502

Merged
pethers merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-09876d660c
Jul 8, 2026
Merged

build(deps)(deps): bump european-parliament-mcp-server from 1.3.36 to 1.3.37 in the production-dependencies group#2502
pethers merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-09876d660c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 1 update: european-parliament-mcp-server.

Updates european-parliament-mcp-server from 1.3.36 to 1.3.37

Release notes

Sourced from european-parliament-mcp-server's releases.

European Parliament MCP Server v1.3.37

Highlights

🏗️ Infrastructure & Performance

  • chore(deps): bump step-security/harden-runner from 2.19.4 to 2.20.0 @dependabot[bot] (#570)
  • chore(deps-dev): bump knip from 6.24.0 to 6.25.0 in the development-dependencies group @dependabot[bot] (#571)
  • chore(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#569)

🔒 Security & Compliance

📦 Dependencies

  • chore(deps): bump step-security/harden-runner from 2.19.4 to 2.20.0 @dependabot[bot] (#570)
  • chore(deps-dev): bump knip from 6.24.0 to 6.25.0 in the development-dependencies group @dependabot[bot] (#571)
  • chore(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#569)

🏛️ European Parliament MCP Server Enhancements

Changes in this release continue to enhance the European Parliament MCP Server's capabilities for providing AI assistants with structured access to parliamentary datasets, including:

  • Model Context Protocol (MCP) tools, resources, and prompts
  • European Parliament API integration and data access
  • Security-first architecture with GDPR compliance
  • High-performance caching and rate limiting
  • Comprehensive TypeScript typing and runtime validation

📊 Quality Metrics & Documentation

Test Coverage Unit Tests E2E Tests API Docs Documentation Portal

🔐 Security & Compliance

OpenSSF Scorecard SLSA 3 SBOM SBOM Quality Attestations

🛡️ Hack23 ISMS Compliance

Information Security Policy Open Source Policy ISO 27001 NIST CSF 2.0 CIS Controls v8.1 GDPR

This release maintains compliance with Hack23 AB's Information Security Management System (ISMS):

  • ISO 27001:2022 - Information security management

... (truncated)

Commits
  • b02f721 chore(release): bump version to v1.3.37
  • 95cea29 Merge pull request #570 from Hack23/dependabot/github_actions/step-security/h...
  • e336e90 Merge branch 'main' into dependabot/github_actions/step-security/harden-runne...
  • 5089484 Merge pull request #571 from Hack23/dependabot/npm_and_yarn/development-depen...
  • e4ab5f1 chore(deps-dev): bump knip in the development-dependencies group
  • 86a6321 chore(deps): bump step-security/harden-runner from 2.19.4 to 2.20.0
  • 371c3bb Merge pull request #569 from Hack23/dependabot/npm_and_yarn/development-depen...
  • 98e9d23 chore(deps-dev): bump the development-dependencies group with 3 updates
  • 52089ec docs: update documentation for v1.3.36
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 1 update: [european-parliament-mcp-server](https://github.com/Hack23/European-Parliament-MCP-Server).


Updates `european-parliament-mcp-server` from 1.3.36 to 1.3.37
- [Release notes](https://github.com/Hack23/European-Parliament-MCP-Server/releases)
- [Changelog](https://github.com/Hack23/European-Parliament-MCP-Server/blob/main/CHANGELOG.md)
- [Commits](Hack23/European-Parliament-MCP-Server@v1.3.36...v1.3.37)

---
updated-dependencies:
- dependency-name: european-parliament-mcp-server
  dependency-version: 1.3.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript dependencies labels Jul 8, 2026
Copilot AI review requested due to automatic review settings July 8, 2026 08:54
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript dependencies labels Jul 8, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@github-actions github-actions Bot added the infrastructure CI/CD and build infrastructure label Jul 8, 2026
@pethers pethers merged commit 23800b9 into main Jul 8, 2026
15 checks passed
@pethers pethers deleted the dependabot/npm_and_yarn/production-dependencies-09876d660c branch July 8, 2026 09:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates infrastructure CI/CD and build infrastructure javascript JavaScript dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants