DonQueso89 / ecolheita

GNU General Public License v3.0
0 stars 0 forks source link

Bump xmldom, plist and @expo/webpack-config in /ecolheita_mobile #62

Open dependabot[bot] opened 2 years ago

dependabot[bot] commented 2 years ago

Removes xmldom. It's no longer used after updating ancestor dependencies xmldom, plist and @expo/webpack-config. These dependencies need to be updated together.

Removes xmldom

Updates plist from 3.0.1 to 3.0.6

Changelog

Sourced from plist's changelog.

3.0.5 / 2022-03-23

  • [96e2303d05] Prototype Pollution using .parse() #114 (mario-canva)
  • update browserify from 16 to 17

3.0.4 / 2021-08-27

  • inline xmldom@0.6.0 to eliminate security warning false positive (Mike Reinstein)

3.0.3 / 2021-08-04

  • update xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)
  • remove flaky saucelabs teseting badge (Mike Reinstein)

3.0.2 / 2021-03-25

  • update xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)
  • update saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)
  • remove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)
Commits


Updates @expo/webpack-config from 0.11.23 to 0.17.3

Changelog

Sourced from @​expo/webpack-config's changelog.

Changelog

This is the log of notable changes to Expo CLI and related packages.

main

🛠 Breaking changes

🎉 New features

🧹 Chores

Mon, 31 Oct 2022 14:39:49 -0700

🛠 Breaking changes

🎉 New features

  • [install-expo-modules] add sdk 47 (rn 0.70) support. (#4578)

🧹 Chores

  • update babel preset (#4580)
  • update e2e tests for export (#4579)
  • [plist] Update xmldom for security reasons (#4571)
  • [create-expo-app] Prevent Forbidden/ Conflicting app names (#4565)
  • [schemer] bump AJV, bump other deps (#3423)
  • [image-utils] Silence sharp related warnings by default (#4558)

🐛 Bug fixes

  • fix(image-utils): make jimp export buffers as png like sharp (#4576)

📦 Packages updated

  • create-expo-app@1.1.4
  • @​expo/dev-tools@​0.13.172
  • expo-cli@6.0.7
  • expo-optimize@0.2.20
  • @​expo/image-utils@​0.3.23
  • install-expo-modules@0.3.9
  • @​expo/next-adapter@​4.0.13
  • @​expo/plist@​0.0.19
  • expo-pwa@0.0.124
  • @​expo/schemer@​1.4.4
  • uri-scheme@1.0.121
  • @​expo/webpack-config@​0.17.3
  • xdl@59.2.54

Mon, 26 Sep 2022 16:10:32 -0700

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DonQueso89/ecolheita/network/alerts).