Bump karma from 6.3.8 to 6.3.15 in /build #39764
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [karma](https://github.com/karma-runner/karma) from 6.3.8 to 6.3.15. - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.3.8...v6.3.15) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
|
Needs the changelog edited:https://github.com/owncloud/core/blob/master/changelog/unreleased/JSdependencies202201onward @micbar @janackermann @JammingBen what are we doing these days about keeping JS dependencies up-to-date? CI is passing, so there is no obvious "traditional" web UI regression. |
|
Note: PR #39763 is related and probably requires this PR being merged first. |
I don't see a reason why we shouldn't upgrade these. It's just a patch release, and CI is green -> I think we're good here. |
|
I will add the changelog, and then merge... |
delete-merged-branch
bot
deleted the
dependabot/npm_and_yarn/build/karma-6.3.15
branch
Bumps karma from 6.3.8 to 6.3.15.
Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
Commits
c1befa0chore(release): 6.3.15 [skip ci]d9dade2fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762ci: prevent duplicate CI tasks on creating a PRc97e562chore(release): 6.3.14 [skip ci]91d5acdfix: remove string template from client code69cfc76fix: warn whensingleRunandautoWatcharefalse839578cfix(security): remove XSS vulnerability inreturnUrlquery paramdb53785chore(release): 6.3.13 [skip ci]5bf2df3fix(deps): bump log4js to resolve security issue36ad678chore(release): 6.3.12 [skip ci]Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)