Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all non-major dependencies #371

Merged
merged 1 commit into from
Mar 31, 2024
Merged

Update all non-major dependencies #371

merged 1 commit into from
Mar 31, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 13, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@swc/core (source) 1.4.7 -> 1.4.11 age adoption passing confidence devDependencies patch
@tsconfig/strictest (source) 2.0.3 -> 2.0.5 age adoption passing confidence devDependencies patch
@vitest/coverage-v8 (source) 1.3.1 -> 1.4.0 age adoption passing confidence devDependencies minor
actions/create-github-app-token v1.9.0 -> v1.9.1 age adoption passing confidence action patch
argocd 2.10.2 -> 2.10.5 age adoption passing confidence patch
cloudflare (source) 4.26.0 -> 4.28.0 age adoption passing confidence required_provider minor
hashicorp/terraform 1.7.4 -> 1.7.5 age adoption passing confidence required_version patch
kubectl 1.29.2 -> 1.29.3 age adoption passing confidence patch
node 20.11.1-bookworm-slim -> 20.12.0-bookworm-slim age adoption passing confidence final minor
node 20.11.1-bookworm -> 20.12.0-bookworm age adoption passing confidence stage minor
node (source) 20.11.1 -> 20.12.0 age adoption passing confidence minor
pnpm (source) 8.15.4 -> 8.15.5 age adoption passing confidence patch
typescript (source) 5.4.2 -> 5.4.3 age adoption passing confidence devDependencies patch
typescript-eslint (source) 7.2.0 -> 7.4.0 age adoption passing confidence devDependencies minor
vite (source) 5.1.6 -> 5.2.7 age adoption passing confidence resolutions minor
vitest (source) 1.3.1 -> 1.4.0 age adoption passing confidence devDependencies minor

Release Notes

swc-project/swc (@​swc/core)

v1.4.11

Compare Source

v1.4.8

Compare Source

Bug Fixes
  • (es/module) Fix regression of resolving relative modules (#​8748) (f988b66)

  • (es/parser) Allow export after decorators when valid (#​8739) (663261b)

Miscellaneous Tasks
tsconfig/bases (@​tsconfig/strictest)

v2.0.5

Compare Source

v2.0.4

Compare Source

vitest-dev/vitest (@​vitest/coverage-v8)

v1.4.0

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub
actions/create-github-app-token (actions/create-github-app-token)

v1.9.1

Compare Source

Bug Fixes
argoproj/argo-cd (argocd)

v2.10.5

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.5/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.5/manifests/ha/install.yaml

Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Full Changelog: argoproj/argo-cd@v2.10.4...v2.10.5

v2.10.4

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.4/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.4/manifests/ha/install.yaml

Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Full Changelog: argoproj/argo-cd@v2.10.3...v2.10.4

v2.10.3

Compare Source

Quick Start

Non-HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.3/manifests/install.yaml
HA:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.10.3/manifests/ha/install.yaml

Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Full Changelog: argoproj/argo-cd@v2.10.2...v2.10.3

cloudflare/terraform-provider-cloudflare (cloudflare)

v4.28.0

Compare Source

ENHANCEMENTS:

  • resource/cloudflare_access_application: adds saml_attribute_transform_jsonata` to SaaS applications (#​3187)
  • resource/cloudflare_device_posture_rule: update support for new fields for crowdstrike_s2s posture rule. (#​3216)
  • resource/cloudflare_ipsec_tunnel: Adds IPsec tunnel health_check_direction & health_check_rate parameters (#​3112)

DEPENDENCIES:

  • provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.8 to 1.27.9 (#​3207)
  • provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.8 to 1.17.9 (#​3207)
  • provider: bump github.com/cloudflare/cloudflare-go from 0.90.0 to 0.91.0 (#​3208)
  • provider: bump github.com/cloudflare/cloudflare-go from 0.91.0 to 0.92.0 (#​3218)

v4.27.0

Compare Source

FEATURES:

  • New Resource: cloudflare_access_mutual_tls_hostname_settings (#​3173)
  • New Resource: cloudflare_hyperdrive_config (#​3111)

ENHANCEMENTS:

  • resource/cloudflare_dlp_profile: Added support for context_awareness field to profiles (#​3158)
  • resource/cloudflare_logpush_job: Add output_options parameter (#​3171)
  • resource/cloudflare_notification_policy: Implement the airport_code filter (#​3183)
  • resource/cloudflare_worker_script: Add dispatch_namespace to support uploading to a Workers for Platforms namespace (#​3154)
  • resource/cloudflare_worker_script: Add tags to support tagging Workers for Platforms Workers (#​3154)

BUG FIXES:

  • resource/cloudflare_access_application: Add Sensitive to oidc client_secret and preserve client_secret across apply (#​3168)
  • resource/cloudflare_list_item: fix id parsing for imports (#​3191)
  • resource/cloudflare_logpush_job: only set the value in state when it is defined (#​3188)

DEPENDENCIES:

  • provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.6 to 1.27.7 (#​3172)
  • provider: bump github.com/aws/aws-sdk-go-v2/config from 1.27.7 to 1.27.8 (#​3197)
  • provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.6 to 1.17.7 (#​3172)
  • provider: bump github.com/aws/aws-sdk-go-v2/credentials from 1.17.7 to 1.17.8 (#​3197)
  • provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.3 to 1.51.4 (#​3172)
  • provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.4 to 1.52.0 (#​3182)
  • provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.52.0 to 1.52.1 (#​3190)
  • provider: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.52.1 to 1.53.0 (#​3197)
  • provider: bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.25.3 (#​3172)
  • provider: bump github.com/aws/aws-sdk-go-v2 from 1.25.3 to 1.26.0 (#​3197)
  • provider: bump github.com/cloudflare/cloudflare-go from 0.89.0 to 0.90.0 (#​3178)
  • provider: bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /tools (#​3180)
  • provider: bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#​3181)
hashicorp/terraform (hashicorp/terraform)

v1.7.5

Compare Source

1.7.5 (March 13, 2024)

BUG FIXES:

  • backend/s3: When using s3 backend and encountering a network issue, the retry code would fail with "failed to rewind transport stream for retry". Now the retry should be successful. (#​34796)
kubernetes/kubernetes (kubectl)

v1.29.3: Kubernetes v1.29.3

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

nodejs/node (node)

v20.12.0: 2024-03-26, Version 20.12.0 'Iron' (LTS), @​richardlau

Compare Source

Notable Changes
crypto: implement crypto.hash()

This patch introduces a helper crypto.hash() that computes
a digest from the input at one shot. This can be 1.2-2x faster
than the object-based createHash() for smaller inputs (<= 5MB)
that are readily available (not streamed) and incur less memory
overhead since no intermediate objects will be created.

const crypto = require('node:crypto');

// Hashing a string and return the result as a hex-encoded string.
const string = 'Node.js';
// 10b3493287f831e81a438811a1ffba01f8cec4b7
console.log(crypto.hash('sha1', string));

Contributed by Joyee Cheung in #​51044.

Loading and parsing environment variables
  • process.loadEnvFile(path):

    • Use this function to load the .env file. If no path is specified, it automatically loads the .env file in the current directory. Example: process.loadEnvFile().
    • Load a specific .env file by specifying its path. Example: process.loadEnvFile('./development.env').
  • util.parseEnv(content):

    • Use this function to parse an existing string containing environment variable assignments.
    • Example usage: require('node:util').parseEnv('HELLO=world').

Contributed by Yagiz Nizipli in #​51476.

New connection attempt events

Three new events were added in the net.createConnection flow:

  • connectionAttempt: Emitted when a new connection attempt is established. In case of Happy Eyeballs, this might emitted multiple times.
  • connectionAttemptFailed: Emitted when a connection attempt failed. In case of Happy Eyeballs, this might emitted multiple times.
  • connectionAttemptTimeout: Emitted when a connection attempt timed out. In case of Happy Eyeballs, this will not be emitted for the last attempt. This is not emitted at all if Happy Eyeballs is not used.

Additionally, a previous bug has been fixed where a new connection attempt could have been started after a previous one failed and after the connection was destroyed by the user.
This led to a failed assertion.

Contributed by Paolo Insogna in #​51045.

Permission Model changes

Node.js 20.12.0 comes with several fixes for the experimental permission model and two new semver-minor commits.
We're adding a new flag --allow-addons to enable addon usage when using the Permission Model.

$ node --experimental-permission --allow-addons

Contributed by Rafael Gonzaga in #​51183

And relative paths are now supported through the --allow-fs-* flags.
Therefore, with this release one can use:

$ node --experimental-permission --allow-fs-read=./index.js

To give only read access to the entrypoint of the application.

Contributed by Rafael Gonzaga and Carlos Espa in #​50758.

sea: support embedding assets

Users can now include assets by adding a key-path dictionary
to the configuration as the assets field. At build time, Node.js
would read the assets from the specified paths and bundle them into
the preparation blob. In the generated executable, users can retrieve
the assets using the sea.getAsset() and sea.getAssetAsBlob() API.

{
  "main": "/path/to/bundled/script.js",
  "output": "/path/to/write/the/generated/blob.blob",
  "assets": {
    "a.jpg": "/path/to/a.jpg",
    "b.txt": "/path/to/b.txt"
  }
}

The single-executable application can access the assets as follows:

const { getAsset } = require('node:sea');
// Returns a copy of the data in an ArrayBuffer
const image = getAsset('a.jpg');
// Returns a string decoded from the asset as UTF8.
const text = getAsset('b.txt', 'utf8');
// Returns a Blob containing the asset without copying.
const blob = getAssetAsBlob('a.jpg');

Contributed by Joyee Cheung in #​50960.

Support configurable snapshot through --build-snapshot-config flag

We are adding a new flag --build-snapshot-config to configure snapshots through a custom JSON configuration file.

$ node --build-snapshot-config=/path/to/myconfig.json

When using this flag, additional script files provided on the command line will
not be executed and instead be interpreted as regular command line arguments.

These changes were contributed by Joyee Cheung and Anna Henningsen in #​50453

Text Styling
  • util.styleText(format, text): This function returns a formatted text considering the format passed.

A new API has been created to format text based on util.inspect.colors, enabling you to style text in different colors (such as red, blue, ...) and emphasis (italic, bold, ...).

const { styleText } = require('node:util');
const errorMessage = styleText('red', 'Error! Error!');
console.log(errorMessage);

Contributed by Rafael Gonzaga in #​51850.

vm: support using the default loader to handle dynamic import()

This patch adds support for using vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER as the
importModuleDynamically option in all vm APIs that take this option except vm.SourceTextModule. This allows users to have a shortcut to support dynamic import() in the compiled code without missing the compilation cache if they don't need customization of the loading process. We emit an experimental warning when the import() is actually handled by the default loader through this option instead of requiring --experimental-vm-modules.

const { Script, constants } = require('node:vm');
const { resolve } = require('node:path');
const { writeFileSync } = require('node:fs');

// Write test.js and test.txt to the directory where the current script
// being run is located.
writeFileSync(resolve(__dirname, 'test.mjs'),
              'export const filename = "./test.json";');
writeFileSync(resolve(__dirname, 'test.json'),
              '{"hello": "world"}');

// Compile a script that loads test.mjs and then test.json
// as if the script is placed in the same directory.
const script = new Script(
  `(async function() {
    const { filename } = await import('./test.mjs');
    return import(filename, { with: { type: 'json' } })
  })();`,
  {
    filename: resolve(__dirname, 'test-with-default.js'),
    importModuleDynamically: constants.USE_MAIN_CONTEXT_DEFAULT_LOADER,
  });

// { default: { hello: 'world' } }
script.runInThisContext().then(console.log);

Contributed by Joyee Cheung in #​51244.

Root certificates updated to NSS 3.98

Certificates added:

  • Telekom Security TLS ECC Root 2020
  • Telekom Security TLS RSA Root 2023

Certificates removed:

  • Security Communication Root CA
Updated dependencies
  • acorn updated to 8.11.3.
  • ada updated to 2.7.6.
  • base64 updated to 0.5.2.
  • brotli updated to 1.1.0.
  • c-ares updated to 1.27.0.
  • corepack updated to 0.25.2.
  • ICU updated to 74.2. Includes CLDR 44.1 and Unicode 15.1.
  • nghttp2 updated to 1.60.0.
  • npm updated to 10.5.0. Fixes a regression in signals not being passed onto child processes.
  • simdutf8 updated to 4.0.8.
  • Timezone updated to 2024a.
  • zlib updated to 1.3.0.1-motley-40e35a7.
Other notable changes
Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@2na2-p 2na2-p bot enabled auto-merge March 13, 2024 23:30
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 11 times, most recently from fe6024c to f480dd5 Compare March 20, 2024 23:10
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 13 times, most recently from 646fc37 to 5a2bfea Compare March 28, 2024 20:44
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 5a2bfea to 235d6d9 Compare March 29, 2024 10:54
@2na2-p 2na2-p bot merged commit 861fd2e into main Mar 31, 2024
8 checks passed
@2na2-p 2na2-p bot deleted the renovate/all-minor-patch branch March 31, 2024 22:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant