Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates #2088

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates #2088

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 14, 2024

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package From To
axios 1.6.2 1.6.3
recharts 2.1.12 2.12.7
postcss 8.4.31 8.4.32
@adobe/css-tools 4.3.1 4.4.0
d3-color 2.0.0 3.1.0
express 4.18.2 4.19.2
follow-redirects 1.15.3 1.15.6
webpack-dev-middleware 5.3.3 5.3.4

Updates axios from 1.6.2 to 1.6.3

Release notes

Sourced from axios's releases.

Release v1.6.3

Release notes:

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Commits

Updates recharts from 2.1.12 to 2.12.7

Release notes

Sourced from recharts's releases.

v2.12.7

Whats changed

Fix

  • Area: re-add calculated area points to the areaDot callback props when it is a function. This was accidentally removed in v2.3. Fixes #4480
  • Brush: guard against undefined property access error when an ariaLabel is not specified. Follow up from recharts/recharts#2093

Full Changelog: recharts/recharts@v2.12.6...v2.12.7

v2.12.6

What's Changed

Fix

Chore

Full Changelog: recharts/recharts@v2.12.5...v2.12.6

v2.12.5

Small fixes while working on v3 continued...

What's Changed

Feat

Fix

Address recharts/recharts#4382

A recent release of @types/react broke some builds because they removed certain (unused) events from common event handler attributes. recharts was unknowingly enumerating keys of SVGProps in the Layer component with the old types and causing a type error on tsc with skipLibCheck: false

  • typescript - Layer: use SVGAttributes instead of SVGProps in forwardRef components by @​ckifer in recharts/recharts#4413
  • typescript - Pie: fix Pie ref which was cast to HTMLElement when the ref is actually referring to SVGGElement. This gave false information to whoever is using ref on the Pie component

Full Changelog: recharts/recharts@v2.12.4...v2.12.5

v2.12.4

What's Changed

Small fixes while working on v3 continued...

... (truncated)

Changelog

Sourced from recharts's changelog.

⚠️ Next versions change notes are available only on the GitHub Releases page ⚠️

2.2.0 (Dec 8, 2022)

feat

  • Support keyboard navigation in pie chart (#2923)
  • Allow reversing the tooltip direction (#3056)

fix

  • fix rounding leading to hairline gaps (#3075)
  • fix: do not override zero brush end index (#3076)
  • fix: allow dragging brush when the mouse is outside (#3072)
  • fix: add label type to line props (#3068)
  • Ensure LabelList generic extends Data interface (#2954)

2.1.16 (Oct 29, 2022)

fix

  • Fix incorrect date in CHAGELOG (#3016)
  • Let formatter function run even when value is falsy (#3026)
  • Fix(Sankey): update tooltip active state by trigger type(hover/click) (#3021)
  • Fix Area's baseValue prop (#3013)

2.1.15 (Oct 12, 2022)

fix

  • Fix scroll on hover
  • DefaultTooltipContent.tsx Solving type error for entry.value and entry.name

chore

  • Revert D3 version

2.1.14 (Sep 7, 2022)

fix

  • Add inactiveShape prop to Pie component (#2900)
  • Revert "chore: move type deps into devDependencies (#2843)" (#2942)
  • Fix typing of default tooltip formatter (#2924)
  • Take letter-spacing and font-size into consideration while rendering ticks (#2898)
  • Add formatter function type to tooltip props (#2916)
  • doc: Update CHANGELOG.md about d3 7.x (#2919)

2.1.13 (Jul 26, 2022)

fix

  • set animate flag before chart data update (#2911)
  • Error bar domain fix (#2863)
  • fix: fix "recharts@… doesn't provide prop-types, requested by react-smooth" warning (#2895)

chore

... (truncated)

Commits
  • 2074e2e 2.12.7
  • 1e9e032 fix: guard against accidental undefined access in Brush
  • 239b3ae fix(area-dot): regressionon in parameters passed to custom area dot
  • 22064ed 2.12.6
  • 504518d Added js suffix to main module and jsnext:main paths in package json (#4431)
  • a705024 fix: The box size of the Tooltip is 0 at the first rendering of TooltipBoundi...
  • bdad6ec 2.12.5
  • ed95633 fix(layer-types): use SVGAttributes instead of SVGProps in forwardRef compone...
  • 3d2e8b9 feat(BarChart): support percentage for barSize. Fixes #3640 (#4407)
  • 981eb8f 2.12.4
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ckifer, a new releaser for recharts since your current version.


Updates postcss from 8.4.31 to 8.4.32

Release notes

Sourced from postcss's releases.

8.4.32

Changelog

Sourced from postcss's changelog.

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).
Commits

Updates @adobe/css-tools from 4.3.1 to 4.4.0

Changelog

Sourced from @​adobe/css-tools's changelog.

4.4.0 / 2024-06-05

4.3.3 / 2024-01-24

  • Update export property #271

4.3.2 / 2023-11-28

  • Fix redos vulnerability with specific crafted css string - CVE-2023-48631
  • Fix Problem parsing with :is() and nested :nth-child() #211
Commits

Updates d3-color from 2.0.0 to 3.1.0

Release notes

Sourced from d3-color's releases.

v3.1.0

v3.0.1

  • Make build reproducible.

v3.0.0

  • Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

Commits

Updates d3-interpolate from 2.0.1 to 3.0.1

Release notes

Sourced from d3-interpolate's releases.

v3.0.1

  • Update dependencies.
  • Make build reproducible.

v3.0.0

  • Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

Commits

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

Commits
  • 04bc627 4.19.2
  • da4d763 Improved fix for open redirect allow list bypass
  • 4f0f6cc 4.19.1
  • a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
  • a1fa90f fixed un-edited version in history.md for 4.19.0
  • 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
  • 084e365 4.19.0
  • 0867302 Prevent open redirect allow list bypass due to encodeurl
  • 567c9c6 Add note on how to update docs for new release (#5541)
  • 69a4cf2 deps: [email protected]
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates follow-redirects from 1.15.3 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates webpack-dev-middleware from 5.3.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)
Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 9 up…
def7de9 
…dates

Bumps the npm_and_yarn group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.6.2` | `1.6.3` |
| [recharts](https://github.com/recharts/recharts) | `2.1.12` | `2.12.7` |
| [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.32` |
| [@adobe/css-tools](https://github.com/adobe/css-tools) | `4.3.1` | `4.4.0` |
| [d3-color](https://github.com/d3/d3-color) | `2.0.0` | `3.1.0` |
| [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.3` | `1.15.6` |
| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |



Updates `axios` from 1.6.2 to 1.6.3
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.2...v1.6.3)

Updates `recharts` from 2.1.12 to 2.12.7
- [Release notes](https://github.com/recharts/recharts/releases)
- [Changelog](https://github.com/recharts/recharts/blob/3.x/CHANGELOG.md)
- [Commits](recharts/recharts@v2.1.12...v2.12.7)

Updates `postcss` from 8.4.31 to 8.4.32
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.31...8.4.32)

Updates `@adobe/css-tools` from 4.3.1 to 4.4.0
- [Changelog](https://github.com/adobe/css-tools/blob/main/History.md)
- [Commits](https://github.com/adobe/css-tools/commits)

Updates `d3-color` from 2.0.0 to 3.1.0
- [Release notes](https://github.com/d3/d3-color/releases)
- [Commits](d3/d3-color@v2.0.0...v3.1.0)

Updates `d3-interpolate` from 2.0.1 to 3.0.1
- [Release notes](https://github.com/d3/d3-interpolate/releases)
- [Commits](d3/d3-interpolate@v2.0.1...v3.0.1)

Updates `express` from 4.18.2 to 4.19.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

Updates `follow-redirects` from 1.15.3 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.3...v1.15.6)

Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: recharts
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@adobe/css-tools"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: d3-color
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: d3-interpolate
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 14, 2024
@vercel Vercel
Copy link

vercel bot commented Jul 14, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
aws-preview ✅ Ready (Inspect) Visit Preview Jul 14, 2024 3:07pm
flanksource-ui ✅ Ready (Inspect) Visit Preview Jul 14, 2024 3:07pm

@dependabot dependabot bot mentioned this pull request Jul 14, 2024
Closed
@netlify Netlify
Copy link

netlify bot commented Jul 14, 2024
edited
Loading

Deploy Preview for goofy-euclid-75956c ready!

Name Link
🔨 Latest commit def7de9
🔍 Latest deploy log https://app.netlify.com/sites/goofy-euclid-75956c/deploys/6693e814fa474c0008736d41
😎 Deploy Preview https://deploy-preview-2088--goofy-euclid-75956c.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Jul 14, 2024
edited
Loading

Deploy Preview for flanksource-demo-stable ready!

Name Link
🔨 Latest commit def7de9
🔍 Latest deploy log https://app.netlify.com/sites/flanksource-demo-stable/deploys/6693e81498564500082fc5df
😎 Deploy Preview https://deploy-preview-2088--flanksource-demo-stable.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented Jul 14, 2024
edited
Loading

Deploy Preview for clerk-saas-ui ready!

Name Link
🔨 Latest commit def7de9
🔍 Latest deploy log https://app.netlify.com/sites/clerk-saas-ui/deploys/6693e81487480d00085d6c94
😎 Deploy Preview https://deploy-preview-2088--clerk-saas-ui.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 15, 2024

Superseded by #2091.

@dependabot dependabot bot closed this Jul 15, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-c673d7663d branch July 15, 2024 09:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants