Graphite-Docs / graphite

Encrypted, secure, user-owned productivity suite
https://graphitedocs.com
GNU General Public License v3.0
591 stars 92 forks source link

Bump fast-json-patch and swagger-client #207

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps fast-json-patch and swagger-client. These dependencies needed to be updated together. Updates fast-json-patch from 2.1.0 to 3.1.1

Release notes

Sourced from fast-json-patch's releases.

3.1.1

Security Fix for Prototype Pollution - huntr.dev #262

Bug fixes and ES6 modules

Use ES6 Modules

  • package now exports non-bundled ES module Starcounter-Jack/JSON-Patch#232
  • main still points to CommonJS module for backward compatibility
  • README recommends use of named ES imports

List of changes https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0

Use ES6 Modules

  • package now exports non-bundled ES module Starcounter-Jack/JSON-Patch#232
  • main still points to CommonJS module for backward compatibility
  • README recommends use of named ES imports

Full list of changes https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0

Fix default import

This patch release fixes a regression introduced in 2.2.0, namely: the default import using ES6 with Webpack/Babel stopped working (Starcounter-Jack/JSON-Patch#233).

This version fixes the problem by adding an explicit default import.

Generate invertible test operations

New feature:

  • Ability to generate test operations for original values in the first object, also known as "invertible" operations. Search fro the word invertible in README.md for details about usage (PR #228, PR #226).

Code quality:

  • Replace deep-equal with fast-deep-equal (PR #227)
  • Remove traces for support for legacy browsers which were broken since v2.0.7 (PR #229)
  • Fix testing framework
Commits
Maintainer changes

This version was pushed to npm by mountain-jack, a new releaser for fast-json-patch since your current version.


Updates swagger-client from 3.9.0 to 3.18.5

Release notes

Sourced from swagger-client's releases.

v3.18.5

3.18.5 (2022-05-06)

Bug Fixes

  • use isomorphic solution for base64 encoding (#2526) (4832f32)

v3.18.4

3.18.4 (2022-02-02)

Bug Fixes

v3.18.3

3.18.3 (2022-01-25)

Bug Fixes

v3.18.2

3.18.2 (2022-01-19)

Bug Fixes

  • normalizeSwagger: fix regression in swagger normalization (1f9db2b)

v3.18.1

3.18.1 (2022-01-14)

Bug Fixes

  • specmap: fix deep merging when applying patch (#2324) (65fcd22)

v3.18.0

3.18.0 (2021-12-21)

Features

  • add support aborting requests in tags interface (7b6bdc2), closes #2349

v3.17.0

3.17.0 (2021-10-14)

... (truncated)

Commits
  • 935a9b3 chore(release): cut the 3.18.5 release [skip ci]
  • 4832f32 fix: use isomorphic solution for base64 encoding (#2526)
  • 0959c66 chore(deps-dev): bump @​babel/cli from 7.17.6 to 7.17.10 (#2523)
  • 6dbfc74 chore(deps-dev): bump @​babel/core from 7.17.9 to 7.17.10 (#2524)
  • e5d51e9 chore(deps-dev): bump @​babel/plugin-transform-runtime (#2525)
  • 4455689 chore(deps-dev): bump @​babel/preset-env from 7.16.11 to 7.17.10 (#2522)
  • de772fa chore(deps-dev): bump @​commitlint/config-conventional (#2520)
  • 82c1264 chore(deps-dev): bump @​commitlint/cli from 16.2.3 to 16.2.4 (#2519)
  • 180b0d4 chore(deps-dev): bump lint-staged from 12.4.0 to 12.4.1 (#2516)
  • 87b1c4d chore(deps-dev): bump glob from 7.2.0 to 8.0.1 (#2506)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Graphite-Docs/graphite/network/alerts).