search

EsupPortail / esup-otp-push

Also called "Esup Auth" on Google Play Store
https://www.esup-portail.org/wiki/display/esupotp
3 stars 4 forks source link

Bump xmldom, cordova-android and plist #2

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Removes xmldom. It's no longer used after updating ancestor dependencies xmldom, cordova-android and plist. These dependencies need to be updated together.

Removes xmldom

Updates cordova-android from 6.4.0 to 11.0.0

Changelog

Sourced from cordova-android's changelog.

11.0.0 (Jul 04, 2022)

Breaking:

  • GH-1441 feat!: Android 12 splash screen
  • GH-1427 feat!: API 32 support
  • GH-1410 feat!: API 31 support
  • GH-1444 fix!: set & use ANDROID_HOME as default
  • GH-1411 chore!: Drop Node 12 support

Features:

  • GH-1448 feat: Update androidx.appcompat version
  • GH-1446 feat: Update gradle plugin version
  • GH-1447 feat: Update google services pluging
  • GH-1431 feat: support custom compileSdk setting
  • GH-1311 feat: added support for BoM imports

Fixes:

  • GH-1455 fix(prepare): destFile path separator
  • GH-1453 fix: support installing platfrom from local git checkout
  • GH-1449 fix: accept file cookies only if AndroidInsecureFileModeEnabled
  • GH-1443 fix: force hostname to lowercase
  • GH-1434 fix: restore checkReqs in prepare.js
  • GH-1154 fix: move MainActivity.java to folder that tracks the app package name (widget id)

Chores, Dependencies & CI:

  • GH-1451 chore: display warning on deprecated <splash> tag usage
  • GH-1430 chore: remove unneeded deprecated annotation
  • GH-1421 chore(npm): bump @cordova/eslint-config@^4.0.0
  • GH-1420 chore(npm): bump dependencies
  • GH-1452 dep: bump jasmine@4.2.1 w/ package-lock rebuild
  • GH-1439 ci: update github action workflow
  • GH-1424 ci: Added Node 18 to test matrix

10.1.2 (Apr 11, 2022)

Fixes:

  • GH-1372 fix(AndroidManifest): explicitly define the activity attribute android:exported
  • GH-1406 fix: detect JAVA_HOME with Java 11
  • GH-1401 fix(GH-1391): Reword minimum build tools version to make it more clear what is actually required.
  • GH-1384 fix: escape strings.xml app name

Chores:

  • GH-1413 chore: update package-lock to satisfy npm audit
  • GH-1348 chore: npmrc

... (truncated)

Commits
  • d828785 release(android-v11.0.0): updated version and RELEASENOTES.md (2)
  • e5b7e8a fix(prepare): destFile path separator (#1455)
  • f38e8eb chore: bump version 11.0.1-dev
  • 98895f7 release(android-v11.0.0): updated version and RELEASENOTES.md
  • e968cac fix: support installing platfrom from local git checkout (#1453)
  • 861fec2 dep: bump jasmine@4.2.1 w/ package-lock rebuild (#1452)
  • 273d1bd chore: display warning on deprecated <splash> tag usage (#1451)
  • 606e9c4 feat!: android 12 splash screen (#1441)
  • 2d2ad4c fix: accept file cookies only if AndroidInsecureFileModeEnabled (#1449)
  • 26b2121 feat: Update androidx.appcompat version (#1448)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by erisu, a new releaser for cordova-android since your current version.


Updates plist from 3.0.1 to 3.0.6

Changelog

Sourced from plist's changelog.

3.0.5 / 2022-03-23

  • [96e2303d05] Prototype Pollution using .parse() #114 (mario-canva)
  • update browserify from 16 to 17

3.0.4 / 2021-08-27

  • inline xmldom@0.6.0 to eliminate security warning false positive (Mike Reinstein)

3.0.3 / 2021-08-04

  • update xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)
  • remove flaky saucelabs teseting badge (Mike Reinstein)

3.0.2 / 2021-03-25

  • update xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)
  • update saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)
  • remove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EsupPortail/esup-otp-push/network/alerts).
dependabot[bot] commented 1 year ago

Looks like these dependencies are no longer a dependency, so this is no longer needed.