Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump minimist and lerna in /frontend #17

Merged
merged 1 commit into from
Jun 7, 2023
Merged

build(deps): bump minimist and lerna in /frontend #17

merged 1 commit into from
Jun 7, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 7, 2023

Bumps minimist to 1.2.6 and updates ancestor dependency lerna. These dependencies need to be updated together.

Updates minimist from 0.1.0 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

  • security notice 4cf1354
  • additional test for constructor prototype pollution 1043d21

v1.2.3 - 2020-03-10

Commits

  • more failing proto pollution tests 13c01a5
  • even more aggressive checks for protocol pollution 38a4d1c

v1.2.2 - 2020-03-10

Commits

v1.2.1 - 2020-03-10

Merged

Commits

v1.2.0 - 2015-08-24

Commits

... (truncated)

Commits

Updates lerna from 2.11.0 to 6.6.2

Release notes

Sourced from lerna's releases.

6.6.2

6.6.2 (2023-05-04)

Bug Fixes

  • deps: bump pacote to latest to remove install warning (#3624) (7c34521)
  • remove non-functional schema properties starting with "no" (#3645) (43c2a48)
  • run: only use run-one when not passing multiple scripts (#3620) (9db1572)

Features

  • publish: support npm provenance (9c8bb4e)

6.6.1

6.6.1 (2023-03-24)

Bug Fixes

  • build-metadata reference in lerna schema (e2349ad)
  • deps: update to rimraf v4, remove path-exists (#3616) (2f2ee2a)
  • ensure rimraf bin dir can always be resolved (#3614) (0fe5faf)
  • handle trailing commas and comments in lerna.json files (#3603) (b826398)
  • lerna schema type for contents should be string (1625757)
  • publish: use updated version with pnpm workspaces (#3606) (cd7ad21)

6.6.0

6.6.0 (2023-03-23)

Bug Fixes

  • correct links to command docs (#3598) (b90b684)
  • publish: ensure zero exit code when EWORKINGTREE warning occurs (#3327) (9c00a33)
  • update troubleshooting.md typo (#3581) (a174cd7)
  • update arborist package to get rid of deprecated warning (#3559) (aff38a7)
  • version: handle deps property missing due to outdated lockfile (#3549) (fdbbab9)
  • version: update yarn lock for versions of yarn >= 2.0.0 (#3555) (ce2ceca)

Features

  • add @​lerna/legacy-package-management package (#3602) (4a03dd5)
  • version: add user-defined build metadata to bumped packages (#2880) (0b0e2a6)

6.5.1

6.5.1 (2023-02-14)

... (truncated)

Changelog

Sourced from lerna's changelog.

6.6.2 (2023-05-04)

Bug Fixes

  • deps: bump pacote to latest to remove install warning (#3624) (7c34521)
  • remove non-functional schema properties starting with "no" (#3645) (43c2a48)

6.6.1 (2023-03-24)

Bug Fixes

  • build-metadata reference in lerna schema (e2349ad)
  • deps: update to rimraf v4, remove path-exists (#3616) (2f2ee2a)
  • lerna schema type for contents should be string (1625757)

6.6.0 (2023-03-23)

Bug Fixes

  • update arborist package to get rid of deprecated warning (#3559) (aff38a7)

Features

  • add @​lerna/legacy-package-management package (#3602) (4a03dd5)
  • version: add user-defined build metadata to bumped packages (#2880) (0b0e2a6)

6.5.1 (2023-02-14)

Bug Fixes

  • add missing dependency on js-yaml (187f480)

6.5.0 (2023-02-13)

Features

  • publish: add --include-private option for testing private packages (#3503) (fa1f490)

6.4.1 (2023-01-12)

Bug Fixes

6.4.0 (2023-01-05)

Features

... (truncated)

Commits
  • 9b04bcf chore(misc): publish 6.6.2
  • 9bd24a5 chore: workflow updates (#3674)
  • 43c2a48 fix: remove non-functional schema properties starting with "no" (#3645)
  • 7c34521 fix(deps): bump pacote to latest to remove install warning (#3624)
  • dbc6df8 chore(misc): publish 6.6.1
  • 2f2ee2a fix(deps): update to rimraf v4, remove path-exists (#3616)
  • 1625757 fix: lerna schema type for contents should be string
  • e2349ad fix: build-metadata reference in lerna schema
  • 43afbf8 chore(misc): publish 6.6.0
  • 4a03dd5 feat: add @​lerna/legacy-package-management package (#3602)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jameshenry, a new releaser for lerna since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump minimist and lerna in /frontend
77aea12 
Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.6 and updates ancestor dependency [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna). These dependencies need to be updated together.


Updates `minimist` from 0.1.0 to 1.2.6
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v0.1.0...v1.2.6)

Updates `lerna` from 2.11.0 to 6.6.2
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/6.6.2/packages/lerna)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: lerna
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 7, 2023
@wojtekzyla wojtekzyla merged commit 38755f8 into main Jun 7, 2023
0 of 2 checks passed
@wojtekzyla wojtekzyla deleted the dependabot/npm_and_yarn/frontend/minimist-and-lerna-1.2.6 branch June 7, 2023 14:40
@srv-rr-github-token
Copy link
Contributor

🎉 This PR is included in version 1.0.0-beta.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@srv-rr-github-token
Copy link
Contributor

🎉 This PR is included in version 1.0.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wojtekzyla wojtekzyla wojtekzyla approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code released on @beta released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@srv-rr-github-token @wojtekzyla