Update packages, node.js version and Dockerfile #84
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…set WORKDIR first and RUN commands relative to current dir
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.8) Signed-off-by: dependabot[bot] <support@github.com>
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.17.21) Signed-off-by: dependabot[bot] <support@github.com>
…-4.17.21 Bump lodash from 4.17.15 to 4.17.21
Bump ini from 1.3.5 to 1.3.8
…eprecation warning
Also delete the package-lock.json since I can't regenerate it at the moment
SRVUC-40: Solve issues with webhook bridge on newer Matrix Synapse versions
Bumps [css-what](https://github.com/fb55/css-what) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/fb55/css-what/releases) - [Commits](fb55/css-what@v5.0.0...v5.0.1) --- updated-dependencies: - dependency-name: css-what dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [matrix-appservice-bridge](https://github.com/matrix-org/matrix-appservice-bridge) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/matrix-org/matrix-appservice-bridge/releases) - [Changelog](https://github.com/matrix-org/matrix-appservice-bridge/blob/2.6.1/CHANGELOG.md) - [Commits](matrix-org/matrix-appservice-bridge@2.6.0...2.6.1) --- updated-dependencies: - dependency-name: matrix-appservice-bridge dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.13...v4.4.19) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [nth-check](https://github.com/fb55/nth-check) from 2.0.0 to 2.0.1. - [Release notes](https://github.com/fb55/nth-check/releases) - [Commits](fb55/nth-check@v2.0.0...v2.0.1) --- updated-dependencies: - dependency-name: nth-check dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [i](https://github.com/pksunkara/inflect) from 0.3.6 to 0.3.7. - [Release notes](https://github.com/pksunkara/inflect/releases) - [Commits](pksunkara/inflect@v0.3.6...v0.3.7) --- updated-dependencies: - dependency-name: i dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Snyk has created this PR to upgrade db-migrate-sqlite3 from 0.3.1 to 0.4.0. See this package in npm: https://www.npmjs.com/package/db-migrate-sqlite3 See this project in Snyk: https://app.snyk.io/org/netresearch/project/836184be-d734-4cc5-9692-acedcd0d888f?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade mime from 2.5.2 to 2.6.0. See this package in npm: https://www.npmjs.com/package/mime See this project in Snyk: https://app.snyk.io/org/netresearch/project/836184be-d734-4cc5-9692-acedcd0d888f?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade node-emoji from 1.10.0 to 1.11.0. See this package in npm: https://www.npmjs.com/package/node-emoji See this project in Snyk: https://app.snyk.io/org/netresearch/project/836184be-d734-4cc5-9692-acedcd0d888f?utm_source=github&utm_medium=referral&page=upgrade-pr
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/ljharb/qs/releases) - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) --- updated-dependencies: - dependency-name: qs dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [moment-timezone](https://github.com/moment/moment-timezone) from 0.5.33 to 0.5.40. - [Release notes](https://github.com/moment/moment-timezone/releases) - [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md) - [Commits](moment/moment-timezone@0.5.33...0.5.40) --- updated-dependencies: - dependency-name: moment-timezone dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.17.3. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.17.3) --- updated-dependencies: - dependency-name: express dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. - [Release notes](https://github.com/isaacs/minimatch/releases) - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Removes [matrix-js-sdk](https://github.com/matrix-org/matrix-js-sdk). It's no longer used after updating ancestor dependency [matrix-appservice-bridge](https://github.com/matrix-org/matrix-appservice-bridge). These dependencies need to be updated together. Removes `matrix-js-sdk` Updates `matrix-appservice-bridge` from 2.6.1 to 8.0.0 - [Release notes](https://github.com/matrix-org/matrix-appservice-bridge/releases) - [Changelog](https://github.com/matrix-org/matrix-appservice-bridge/blob/develop/CHANGELOG.md) - [Commits](matrix-org/matrix-appservice-bridge@2.6.1...8.0.0) --- updated-dependencies: - dependency-name: matrix-js-sdk dependency-type: indirect - dependency-name: matrix-appservice-bridge dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.7. - [Release notes](https://github.com/minimistjs/minimist/releases) - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.7) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) --- updated-dependencies: - dependency-name: ansi-regex dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [json-schema](https://github.com/kriszyp/json-schema) and [jsprim](https://github.com/joyent/node-jsprim). These dependencies needed to be updated together. Updates `json-schema` from 0.2.3 to 0.4.0 - [Release notes](https://github.com/kriszyp/json-schema/releases) - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/joyent/node-jsprim/releases) - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) --- updated-dependencies: - dependency-name: json-schema dependency-type: indirect - dependency-name: jsprim dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ssh2](https://github.com/mscdex/ssh2) and [tunnel-ssh](https://github.com/agebrock/tunnel-ssh). These dependencies needed to be updated together. Updates `ssh2` from 0.5.4 to 1.4.0 - [Release notes](https://github.com/mscdex/ssh2/releases) - [Commits](mscdex/ssh2@v0.5.4...v1.4.0) Updates `tunnel-ssh` from 4.1.4 to 4.1.6 - [Release notes](https://github.com/agebrock/tunnel-ssh/releases) - [Commits](https://github.com/agebrock/tunnel-ssh/commits) --- updated-dependencies: - dependency-name: ssh2 dependency-type: indirect - dependency-name: tunnel-ssh dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [validator](https://github.com/validatorjs/validator.js) to 13.7.0 and updates ancestor dependency [sequelize](https://github.com/sequelize/sequelize). These dependencies need to be updated together. Updates `validator` from 10.11.0 to 13.7.0 - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](validatorjs/validator.js@10.11.0...13.7.0) Updates `sequelize` from 4.44.4 to 6.28.0 - [Release notes](https://github.com/sequelize/sequelize/releases) - [Commits](sequelize/sequelize@v4.44.4...v6.28.0) --- updated-dependencies: - dependency-name: validator dependency-type: indirect - dependency-name: sequelize dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/kornelski/http-cache-semantics/releases) - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: http-cache-semantics dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sequelize](https://github.com/sequelize/sequelize) from 6.28.0 to 6.29.0. - [Release notes](https://github.com/sequelize/sequelize/releases) - [Commits](sequelize/sequelize@v6.28.0...v6.29.0) --- updated-dependencies: - dependency-name: sequelize dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sqlite3](https://github.com/TryGhost/node-sqlite3) from 5.0.3 to 5.1.5. - [Release notes](https://github.com/TryGhost/node-sqlite3/releases) - [Commits](TryGhost/node-sqlite3@v5.0.3...v5.1.5) --- updated-dependencies: - dependency-name: sqlite3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [dottie](https://github.com/mickhansen/dottie.js) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/mickhansen/dottie.js/releases) - [Commits](mickhansen/dottie.js@v2.0.3...v2.0.4) --- updated-dependencies: - dependency-name: dottie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.20 to 8.4.31. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.20...8.4.31) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ip](https://github.com/indutny/node-ip) from 2.0.0 to 2.0.1. - [Commits](indutny/node-ip@v2.0.0...v2.0.1) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tar](https://github.com/isaacs/node-tar) to 6.2.1 and updates ancestor dependency [db-migrate-sqlite3](https://github.com/db-migrate/sqlite). These dependencies need to be updated together. Updates `tar` from 6.1.13 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.13...v6.2.1) Updates `db-migrate-sqlite3` from 0.4.0 to 0.5.0 - [Changelog](https://github.com/db-migrate/sqlite/blob/master/CHANGELOG.md) - [Commits](db-migrate/sqlite@v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: tar dependency-type: indirect - dependency-name: db-migrate-sqlite3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [express](https://github.com/expressjs/express) from 4.17.3 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.3...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sanitize-html](https://github.com/apostrophecms/sanitize-html) from 2.8.0 to 2.12.1. - [Changelog](https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md) - [Commits](apostrophecms/sanitize-html@2.8.0...2.12.1) --- updated-dependencies: - dependency-name: sanitize-html dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [qs](https://github.com/ljharb/qs) to 6.11.0 and updates ancestor dependency [body-parser](https://github.com/expressjs/body-parser). These dependencies need to be updated together. Updates `qs` from 6.7.0 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.11.0) Updates `body-parser` from 1.19.0 to 1.20.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.2) --- updated-dependencies: - dependency-name: qs dependency-type: indirect - dependency-name: body-parser dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Since this repository is not being maintained, we had a look into it and updated some packages as well as optimized the Dockerfile
and updated to NODE.JS v12.
Misc: