Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the production-dependencies group with 4 updates #191

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the production-dependencies group with 4 updates #191

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2023

Bumps the production-dependencies group with 4 updates: async, nconf, shell-quote and winston.

Updates async from 3.2.4 to 3.2.5

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)
Commits

Updates nconf from 0.12.0 to 0.12.1

Release notes

Sourced from nconf's releases.

v0.12.1

0.12.1 (2023-10-23)

Bug Fixes

Changelog

Sourced from nconf's changelog.

0.12.1 (2023-10-23)

Bug Fixes

v0.11.0 / Mon, 23 Nov 2020

  • 4122731 0.11.0 (Matt Hamann)
  • 56794d1 chore: upgrade deps to fix security vulns (Matt Hamann)

v0.10.0 / Mon, 18 Dec 2017

v0.9.1 / Fri, 3 Nov 2017

  • bac910a 0.9.1 (Matt Hamann)
  • 2bdf7e1 Clean Argv Store options (#290) (Adrien Becchis)
  • b9321b2 transformer can now return an undefined key (#289) (Adrien Becchis)
  • 81ce0be Update changelog (Matt Hamann)

0.9.0 / Tue, 31 Oct 2017

  • b1ee63c fix error in transform function when dealing with dropped entries (#287) (Augusto Franzoia)
  • 9f70ba1 [doc] Update changelog (Matt Hamann)
  • 8afcf99 [dist] Version bump. 0.9.0 (Matt Hamann)
  • b41c505 Save conf to dedicated file (#283) (Adrien Becchis)
  • 52e0a35 Update changelog (Matt Hamann)
  • fa215a4 add tests for the normal configuration of yargs via argv (AdrieanKhisbe)
  • 802a8d6 test for yargs custom instance (more flexible check isYargs) (AdrieanKhisbe)
  • 3e26bb2 Add posibility to pass a yargs instance to argv() method (Nicolas Deveaud)
  • 856fdf8 First pass at transform functions (#279) (Matt Hamann)
  • b9c345b Fix parseValues option name (Matt Hamann)
  • 35088a3 Added nconf.any method (#278) (Matt Hamann)
  • ca10d0e Add basic linting rules (Matt Hamann)
  • bfb0220 Remove unused module (#277) (Brian Harrington)
  • 532ac9c Support parsing simple values from env/argv strings (#273) (Matt Hamann)
  • b8402d4 Enable support for parsing JSON environment variables (#272) (Matt Hamann)

v0.8.5 / Tue, 15 Aug 2017

  • f46c449 0.8.5 (Matt Hamann)
  • 552300a [doc] Document lowerCase option in .env(options) (#268) (Matt Hamann)
  • 5e8a34d enable use with webpack by removing unnecessary fs call (#252) (evoye)
  • 608b607 Add test for merging with defaults (#255) (Chris Manson)
  • d70b6a0 Fixed some issues with code escaping (Charter Jacobson)

... (truncated)

Commits

Updates shell-quote from 1.7.3 to 1.8.1

Changelog

Sourced from shell-quote's changelog.

v1.8.1 - 2023-04-07

Fixed

Commits

  • [Refactor] parse: hoist getVar to module level b42ac73
  • [Refactor] hoist some vars to module level 8f0c5c3
  • [Refactor] parse: use slice over substr, cache some values fcb2e1a
  • [Refactor] parse: a bit of cleanup 6780ec5
  • [Refactor] parse: tweak the regex to not match nothing 227d474
  • [Tests] increase coverage a66de94
  • [Refactor] parse: avoid shadowing a function arg 1d58679

v1.8.0 - 2023-01-30

Commits

  • [New] extract parse and quote to their own deep imports 553fdfc
  • [Tests] add nyc coverage fd7ddcd
  • [New] Add support for here strings (<<<) 9802fb3
  • [New] parse: Add syntax support for duplicating input file descriptors 216b198
  • [Dev Deps] update @ljharb/eslint-config, aud, tape 85f8e31
  • [Tests] add evalmd c5549fc
  • [actions] update checkout action 62e9b49

v1.7.4 - 2022-10-12

Merged

Commits

  • [eslint] fix indentation and whitespace aaa9d1f
  • [eslint] additional cleanup 397cb62
  • [meta] add auto-changelog 497fca5
  • [actions] add reusable workflows 4763c36
  • [eslint] add eslint 6ee1437
  • [readme] rename, add badges 7eb5134
  • [meta] update URLs 67381b6
  • [meta] create FUNDING.yml; add funding in package.json 8641572
  • [meta] use npmignore to autogenerate an npmignore file 2e2007a
  • Only apps should have lockfiles f97411e
  • [Dev Deps] update tape 051f608
  • [meta] add safe-publish-latest 18cadf9
  • [Tests] add aud in posttest dc1cc12

... (truncated)

Commits
  • da8a3ab v1.8.1
  • a66de94 [Tests] increase coverage
  • b42ac73 [Refactor] parse: hoist getVar to module level
  • fcb2e1a [Refactor] parse: use slice over substr, cache some values
  • ecf2a60 [Fix] parse: preserve whitespace in comments
  • 1d58679 [Refactor] parse: avoid shadowing a function arg
  • 6780ec5 [Refactor] parse: a bit of cleanup
  • 227d474 [Refactor] parse: tweak the regex to not match nothing
  • 7bcd90e [Fix] properly support the escape option
  • 8f0c5c3 [Refactor] hoist some vars to module level
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.


Updates winston from 3.8.2 to 3.11.0

Release notes

Sourced from winston's releases.

v3.11.0

  • Bump split2 from 4.1.0 to 4.2.0 (#2336) 37f4282
  • Bump actions/checkout from 3 to 4 (#2346) fdcc893
  • Bump @​colors/colors packgae to 1.6.0 (#2353) dcbec34
  • Bump rimraf from 3.0.2 to 5.0.5 (#2357) aaaa4c0
  • feat: add guardrails to the instantiation of a Profiler (#2226) 914b846
  • Bump @​types/node from 20.3.1 to 20.4.2 (#2329) 23cb80c
  • Bug Fix: FileTransportOptions type missing lazy:boolean option (#2334) 1c43f7b

winstonjs/winston@v3.10.0...v3.11.0

v3.10.0

  • Avoid potential github issues - relax engines node requirement in package.json fc9c83d
  • Export Logger class (#2181) eda40ef
  • Added Lazy option to file transport (#2317) f7e7f2f
  • Bump eslint from 8.32.0 to 8.44.0 (#2321) de2e887
  • docs(#2319): Syntax error on README.md (#2320) fcc69ec
  • fix(types): Allow any object to be passed as meta to logger.profile (#2314) 9d6001a
  • Bump @​types/node from 18.11.18 to 20.3.1 (#2313) 06e3165
  • Update supported Node versions and run npm audit fix (#2315) 61e2f5b
  • Bump @​babel/core from 7.20.12 to 7.22.1 (#2309) 7643ad6

winstonjs/winston@v3.9.0...v3.10.0

v3.9.0

Functionality changes

Dependency updates by @​dependabot + CI autotesting

Documentation changes

Build Infrastructure changes

Changelog

Sourced from winston's changelog.

CHANGELOG

v3.9.0

Functionality changes

Dependency updates by @​dependabot + CI autotesting

Documentation changes

Build Infrastructure changes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the production-dependencies group with 4 updates
a5a055a 
Bumps the production-dependencies group with 4 updates: [async](https://github.com/caolan/async), [nconf](https://github.com/flatiron/nconf), [shell-quote](https://github.com/ljharb/shell-quote) and [winston](https://github.com/winstonjs/winston).


Updates `async` from 3.2.4 to 3.2.5
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.4...v3.2.5)

Updates `nconf` from 0.12.0 to 0.12.1
- [Release notes](https://github.com/flatiron/nconf/releases)
- [Changelog](https://github.com/indexzero/nconf/blob/v0.12.1/CHANGELOG.md)
- [Commits](indexzero/nconf@v0.12.0...v0.12.1)

Updates `shell-quote` from 1.7.3 to 1.8.1
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.7.3...v1.8.1)

Updates `winston` from 3.8.2 to 3.11.0
- [Release notes](https://github.com/winstonjs/winston/releases)
- [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston@v3.8.2...v3.11.0)

---
updated-dependencies:
- dependency-name: async
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: nconf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: shell-quote
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: winston
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 20, 2023
@dependabot dependabot bot mentioned this pull request Nov 20, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants