Skip to content
This repository was archived by the owner on Apr 27, 2022. It is now read-only.

Bump ajv from 6.12.2 to 6.12.6#372

Closed
dependabot[bot] wants to merge 295 commits intomasterfrom
dependabot/npm_and_yarn/ajv-6.12.6
Closed

Bump ajv from 6.12.2 to 6.12.6#372
dependabot[bot] wants to merge 295 commits intomasterfrom
dependabot/npm_and_yarn/ajv-6.12.6

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Feb 13, 2022

Bumps ajv from 6.12.2 to 6.12.6.

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

Commits
  • fe59143 6.12.6
  • d580d3e Merge pull request #1298 from ajv-validator/fix-url
  • fd36389 fix: regular expression for "url" format
  • 490e34c docs: link to v7-beta branch
  • 9cd93a1 docs: note about v7 in readme
  • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
  • f1c8e45 6.12.5
  • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
  • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
  • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Andrei Arkhipov and others added 30 commits March 19, 2020 15:56
Merge pull request #48 from tigerspack/develop
d9c2db0 
#47: Updating dependencies
@awibox
#45: Docusaurus was deleted
4021b4c
Merge pull request #49 from tigerspack/develop
cdb33ea 
#45: Docusaurus was deleted
#51: css frameworks were replaced for inline styles
ffd9b78
Merge pull request #52 from tigerspack/develop
9336645 
#51: css frameworks were replaced for inline styles
@dependabot-preview
Bump webpack from 4.42.0 to 4.42.1
18ea6ca 
Bumps [webpack](https://github.com/webpack/webpack) from 4.42.0 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v4.42.0...v4.42.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump @babel/preset-react from 7.8.3 to 7.9.4
7394b8d 
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](babel/babel@v7.8.3...v7.9.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump @babel/core from 7.8.7 to 7.9.0
c5dd0d8 
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.7 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](babel/babel@v7.8.7...v7.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump react from 16.13.0 to 16.13.1
8e13942 
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.13.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump jest from 25.1.0 to 25.2.7
9d604a0 
Bumps [jest](https://github.com/facebook/jest) from 25.1.0 to 25.2.7.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](jestjs/jest@v25.1.0...v25.2.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Merge pull request #53 from tigerspack/dependabot/npm_and_yarn/webpac…
8ae3172 
…k-4.42.1

Bump webpack from 4.42.0 to 4.42.1
Merge pull request #57 from tigerspack/dependabot/npm_and_yarn/jest-2…
9a814f8 
…5.2.7

Bump jest from 25.1.0 to 25.2.7
Merge pull request #54 from tigerspack/dependabot/npm_and_yarn/babel/…
9e89aed 
…preset-react-7.9.4

Bump @babel/preset-react from 7.8.3 to 7.9.4
Merge pull request #55 from tigerspack/dependabot/npm_and_yarn/babel/…
3b27e24 
…core-7.9.0

Bump @babel/core from 7.8.7 to 7.9.0
Merge pull request #56 from tigerspack/dependabot/npm_and_yarn/react-…
2f0835e 
…16.13.1

Bump react from 16.13.0 to 16.13.1
#58: nodejs versions were added to build configuration
9447f95
#58: Nodejs version 8 was deleted from build configuration
40b358a
Merge pull request #59 from tigerspack/develop
8efff8b 
#58: nodejs versions were added to build configuration
@dependabot-preview
Bump jsdom from 16.2.1 to 16.2.2
d4692c2 
Bumps [jsdom](https://github.com/jsdom/jsdom) from 16.2.1 to 16.2.2.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](jsdom/jsdom@16.2.1...16.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump @babel/preset-env from 7.8.7 to 7.9.0
9e680dc 
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.7 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](babel/babel@v7.8.7...v7.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump eslint-plugin-import from 2.20.1 to 2.20.2
28e7def 
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.20.1 to 2.20.2.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](import-js/eslint-plugin-import@v2.20.1...v2.20.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump babel-loader from 8.0.6 to 8.1.0
34ec21d 
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](babel/babel-loader@v8.0.6...v8.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Bump coveralls from 3.0.9 to 3.0.11
4216c6c 
Bumps [coveralls](https://github.com/nickmerwin/node-coveralls) from 3.0.9 to 3.0.11.
- [Release notes](https://github.com/nickmerwin/node-coveralls/releases)
- [Commits](nickmerwin/node-coveralls@3.0.9...3.0.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
#66: Github actions were added
99649f0
Merge pull request #67 from tigerspack/develop
72542cd 
#66: Github actions were added
@dependabot-preview
Merge pull request #60 from tigerspack/dependabot/npm_and_yarn/jsdom-…
09d5b3d 
…16.2.2
Merge branch 'master' into dependabot/npm_and_yarn/babel/preset-env-7…
272b539 
….9.0
@dependabot-preview
Merge pull request #64 from tigerspack/dependabot/npm_and_yarn/babel-…
d7a9a82 
…loader-8.1.0
@dependabot-preview
Merge pull request #65 from tigerspack/dependabot/npm_and_yarn/covera…
530f40c 
…lls-3.0.11
Merge pull request #61 from tigerspack/dependabot/npm_and_yarn/babel/…
673751c 
…preset-env-7.9.0

Bump @babel/preset-env from 7.8.7 to 7.9.0
dependabot-preview Bot and others added 24 commits July 28, 2020 11:32
@dependabot-preview
Merge pull request #219 from tigerspack/dependabot/npm_and_yarn/webpa…
be49dc0 
…ck-cli-3.3.12
@dependabot-preview
Bump webpack from 4.43.0 to 4.44.0
6139798 
Bumps [webpack](https://github.com/webpack/webpack) from 4.43.0 to 4.44.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v4.43.0...v4.44.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Merge pull request #234 from tigerspack/dependabot/npm_and_yarn/webpa…
9340d9d 
…ck-4.44.0
@dependabot-preview
[Security] Bump elliptic from 6.5.2 to 6.5.3
7354d22 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. **This update includes a security fix.**
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](indutny/elliptic@v6.5.2...v6.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Merge pull request #236 from tigerspack/dependabot/npm_and_yarn/ellip…
3007542 
…tic-6.5.3
@dependabot-preview
[Security] Bump http-proxy from 1.18.0 to 1.18.1
6e62f9d 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1. **This update includes a security fix.**
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](http-party/node-http-proxy@1.18.0...1.18.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump ini from 1.3.5 to 1.3.7
7eab1d7 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. **This update includes a security fix.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump elliptic from 6.5.3 to 6.5.4
de34629 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4. **This update includes a security fix.**
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](indutny/elliptic@v6.5.3...v6.5.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump y18n from 4.0.0 to 4.0.3
0a4fd0e 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.**
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md)
- [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Merge pull request #252 from tigerspack/dependabot/npm_and_yarn/http-…
e6d1374 
…proxy-1.18.1
@dependabot-preview
[Security] Bump ssri from 6.0.1 to 6.0.2
df413f8 
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. **This update includes a security fix.**
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](npm/ssri@v6.0.1...v6.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump url-parse from 1.4.7 to 1.5.1
4c79ee8 
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1. **This update includes a security fix.**
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](unshiftio/url-parse@1.4.7...1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump lodash from 4.17.19 to 4.17.21
8b11fe1 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. **This update includes a security fix.**
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
[Security] Bump hosted-git-info from 2.8.8 to 2.8.9
27650d8 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. **This update includes a security fix.**
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.8.8...v2.8.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
Merge pull request #286 from tigerspack/dependabot/npm_and_yarn/ini-1…
8f3b597 
….3.7
Merge pull request #309 from tigerspack/dependabot/npm_and_yarn/ellip…
9ee5ded 
…tic-6.5.4

[Security] Bump elliptic from 6.5.3 to 6.5.4
Merge pull request #322 from tigerspack/dependabot/npm_and_yarn/y18n-…
30ccfd7 
…4.0.3

[Security] Bump y18n from 4.0.0 to 4.0.3
Merge pull request #327 from tigerspack/dependabot/npm_and_yarn/ssri-…
58125f4 
…6.0.2

[Security] Bump ssri from 6.0.1 to 6.0.2
Merge pull request #333 from tigerspack/dependabot/npm_and_yarn/url-p…
6c760aa 
…arse-1.5.1

[Security] Bump url-parse from 1.4.7 to 1.5.1
Merge pull request #334 from tigerspack/dependabot/npm_and_yarn/lodas…
e8d3bb1 
…h-4.17.21

[Security] Bump lodash from 4.17.19 to 4.17.21
Merge pull request #335 from tigerspack/dependabot/npm_and_yarn/hoste…
30a732a 
…d-git-info-2.8.9

[Security] Bump hosted-git-info from 2.8.8 to 2.8.9
@dependabot-preview
[Security] Bump ws from 5.2.2 to 5.2.3
db43a00 
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. **This update includes a security fix.**
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@5.2.2...5.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Merge pull request #355 from tigerspack/dependabot/npm_and_yarn/ws-5.2.3
3a1c4e0 
[Security] Bump ws from 5.2.2 to 5.2.3
@dependabot
Bump ajv from 6.12.2 to 6.12.6
d8859c4 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@coveralls
Copy link
Copy Markdown

coveralls commented Feb 13, 2022

Coverage Status

Coverage remained the same at 97.651% when pulling d8859c4 on dependabot/npm_and_yarn/ajv-6.12.6 into 3a1c4e0 on master.

@awibox awibox closed this Mar 26, 2022
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Mar 26, 2022

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/ajv-6.12.6 branch March 26, 2022 23:43
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coveralls @awibox