search

HugoGresse / open-feedback

Open Feedback is an opened SaaS platform destined to organisers to gather feedback from users. OpenFeedback
https://openfeedback.io
GNU Affero General Public License v3.0
101 stars 16 forks source link

Bump the npm_and_yarn group across 3 directories with 19 updates #1631

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps the npm_and_yarn group with 9 updates in the / directory:

Package From To
firebase-tools 13.9.0 13.13.3
vite 5.2.4 5.2.6
d3-color 2.0.0 3.1.0
d3-interpolate 2.0.1 3.0.1
ws 7.5.9 7.5.10
braces 3.0.2 3.0.3
express 4.19.1 4.19.2
undici 5.28.3 5.28.4
firebase 10.9.0 10.12.4

Bumps the npm_and_yarn group with 13 updates in the /functions directory:

Package From To
firebase-tools 13.5.2 13.6.0
semver 5.7.1 5.7.2
minimatch 3.0.4 3.1.2
node-fetch 2.7.0 3.3.2
@grpc/grpc-js 1.8.21 1.8.22
ws 7.4.6 7.5.10
braces 3.0.2 3.0.3
express 4.18.1 4.19.2
json5 1.0.1 1.0.2
word-wrap 1.2.3 1.2.5
sharp 0.30.3 0.33.4
decode-uri-component 0.2.0 0.2.2
ts-deepmerge 2.0.1 2.0.7

Bumps the npm_and_yarn group with 2 updates in the /scripts directory: semver and @grpc/grpc-js.

Updates firebase-tools from 13.9.0 to 13.13.3

Release notes

Sourced from firebase-tools's releases.

v13.13.3

  • Fix an issue where refresh_tokens would be used before checking whether they were expired. (#7442)

v13.13.2

  • Fixes an issue where old access_token would be used after expiry. (#7429)

v13.13.1

  • Pass down functions.ignore values in firebase.json to functions emulator so that supposedly ignored directories/files will not trigger reload. (#7414)
  • Fixes bug where secret values provided in env files were parsed as list (#7422)
  • Update the Firebase Data Connect emulator to v1.2.4, which includes a fix for web SDK generation on Windows and a change for the local Vertex AI client to pick up application default credentials automatically (#7424)

v13.13.0

  • Fixes framework support for Nuxt ^3.12 by correctly calling loadNuxtConfig() (#7375)
  • Add a default for firebase init dataconnect:sdk (#7406)
  • Bump Firebase Data Connect emulator to v1.2.3, which adds support for @index on tables, @auth(level: USER_ANON/USER_EMAIL_VERIFIED), and key: {uid_expr: "auth.uid"}, and fixes some issues related to SDK generation (#7409)

v13.12.0

  • Moved dataconnect.location key in firebase.json to dataconnect.yaml.
  • Fixes issue where files were not properly being discovered and deployed to Firebase Hosting (#7363, #7378)
  • Added new command init dataconnect:sdk, which interactively configures a generated SDK for a Data Connect connector.

v13.11.4

  • Data Connect emulator now reuses existing instances if they are emulating the same service.
  • Fixes issue where deploy --only dataconnect would error out with cannot read property undefined.
  • Fixes compatibility issue when uploading native symbols to Crashlytics on Intel-based Macs.

v13.11.3

  • Fixes issue where storage emulator throws an error due to non-standard whitespaces in filenames (#6834).
  • Fixes issue where some emulators would fail to start when their path contained a whitespace (#7313)
  • Adds prompt for Postgres connection string to setup:emulators:dataconnect.
  • Updates Data Connect emulator to v1.2.2, which includes support for generating Swift SDKs and a number of bug fixes.

v13.11.2

  • Adds a warning to firebase dataconnect:sdk:generate when no generated SDKs are configured.
  • Fixes some cases where firebase init dataconnect did not write project files correctly.

v13.11.1

  • firebase init dataconnect no longer waits for Cloud SQL instance provisioning (#7275).
  • Fixes an issue where the Data Connect emulator would not start up correctly.

v13.11.0

  • Releases firestore emulator 1.19.7, which adds support for withAuthContext function triggers (#7037).
  • Fixes some cases where Firebase Data Connect deployment fails to pretty-print errors (#7230).
  • Updated Pub/Sub emulator to v0.8.14 (#7197).
  • Updates default resource names and template during firebase init dataconnect.
  • Improved handling of 'fresh from Console' services during init dataconnect.
  • Add support for node22 in function deployments (#7252).
  • Update to Firebase Data Connect Emulator v1.2.0, which adds support for Postgres 16 and creates the Postgres database specified in dataconnect.yaml or .firebaserc if it does not already exist.
  • Update to the latest version of the Crashlytics buildtools, v3.
  • Support deployment of an Angular app using legacy browser builder (#7264)

... (truncated)

Commits
  • 4367a7e 13.13.3
  • f60b41b Dont try to use expired refresh tokens (#7445)
  • 2f130b0 [firebase-release] Removed change log and reset repo after 13.13.2 release
  • 6a4209a 13.13.2
  • eb766f9 Changelog for #7433 (#7434)
  • c6622ca Fixing an issue where old access_tokens would be used intead of requesting ne...
  • 743e8a8 Add new framework for dataconect e2e test (#7309)
  • ea2bfff [firebase-release] Removed change log and reset repo after 13.13.1 release
  • 213813f 13.13.1
  • 2338127 make connections list location scoped (#7421)
  • Additional commits viewable in compare view


Updates vite from 5.2.4 to 5.2.6

Changelog

Sourced from vite's changelog.

5.2.6 (2024-03-24)

5.2.5 (2024-03-24)

Commits


Updates @grpc/grpc-js from 1.8.21 to 1.9.14

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.8.22

  • Avoid buffering significantly more than grpc.max_receive_message_size per received message.
Commits
  • a8a0203 Merge pull request from GHSA-7v5v-9h63-cj86
  • 3b110cd grpc-js: Bump to 1.8.22
  • 8e62222 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
  • 9d83947 Merge pull request #2742 from sergiitk/backport-1.8-psm-interop-common-prod-t...
  • 00f348c Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
  • 36d105b Merge pull request #2737 from murgatroid99/backport-1.8-grpc-js_linkify-it_fix
  • 969e305 Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
  • d78216f Merge pull request #2715 from sergiitk/backport-1.8-psm-interop-pkg-dev
  • f38966a Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
  • ffefff2 Merge pull request #2640 from XuanWang-Amos/backport-1.8-psm-interop-shared-b...
  • Additional commits viewable in compare view


Updates d3-color from 2.0.0 to 3.1.0

Release notes

Sourced from d3-color's releases.

v3.1.0

v3.0.1

  • Make build reproducible.

v3.0.0

  • Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

Commits


Updates d3-interpolate from 2.0.1 to 3.0.1

Release notes

Sourced from d3-interpolate's releases.

v3.0.1

  • Update dependencies.
  • Make build reproducible.

v3.0.0

  • Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

Commits


Updates ws from 7.5.9 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits


Updates braces from 3.0.2 to 3.0.3

Commits


Updates express from 4.19.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass
Commits


Updates undici from 5.28.3 to 5.28.4

Release notes

Sourced from undici's releases.

v5.28.4

:warning: Security Release :warning:

Full Changelog: https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4

Commits
  • fb98306 Bumped v5.28.4
  • 2b39440 Merge pull request from GHSA-9qxr-qj54-h672
  • 64e3402 Merge pull request from GHSA-m4v8-wqvr-p9f7
  • 723c4e7 Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"
  • 0e9d54b skip failing test due to Node.js changes
  • See full diff in compare view


Updates firebase from 10.9.0 to 10.12.4

Release notes

Sourced from firebase's releases.

firebase@10.12.4

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/analytics@​0.10.6

Patch Changes

@​firebase/analytics-compat@​0.2.12

Patch Changes

@​firebase/app@​0.10.7

Patch Changes

  • Update SDK_VERSION.

@​firebase/app-check@​0.8.6

Patch Changes

@​firebase/app-check-compat@​0.3.13

Patch Changes

@​firebase/app-compat@​0.2.37

Patch Changes

  • Updated dependencies []:
  • @​firebase/app@​0.10.7

firebase@10.12.4

Patch Changes

... (truncated)

Commits


Updates firebase-tools from 13.5.2 to 13.6.0

Release notes

Sourced from firebase-tools's releases.

v13.13.3

  • Fix an issue where refresh_tokens would be used before checking whether they were expired. (#7442)

v13.13.2

  • Fixes an issue where old access_token would be used after expiry. (#7429)

v13.13.1

  • Pass down functions.ignore values in firebase.json to functions emulator so that supposedly ignored directories/files will not trigger reload. (#7414)
  • Fixes bug where secret values provided in env files were parsed as list (#7422)
  • Update the Firebase Data Connect emulator to v1.2.4, which includes a fix for web SDK generation on Windows and a change for the local Vertex AI client to pick up application default credentials automatically (#7424)

v13.13.0

  • Fixes framework support for Nuxt ^3.12 by correctly calling loadNuxtConfig() (#7375)
  • Add a default for firebase init dataconnect:sdk (#7406)
  • Bump Firebase Data Connect emulator to v1.2.3, which adds support for @index on tables, @auth(level: USER_ANON/USER_EMAIL_VERIFIED), and key: {uid_expr: "auth.uid"}, and fixes some issues related to SDK generation (#7409)

v13.12.0

  • Moved dataconnect.location key in firebase.json to dataconnect.yaml.
  • Fixes issue where files were not properly being discovered and deployed to Firebase Hosting (#7363, #7378)
  • Added new command init dataconnect:sdk, which interactively configures a generated SDK for a Data Connect connector.

v13.11.4

  • Data Connect emulator now reuses existing instances if they are emulating the same service.
  • Fixes issue where deploy --only dataconnect would error out with cannot read property undefined.
  • Fixes compatibility issue when uploading native symbols to Crashlytics on Intel-based Macs.

v13.11.3

  • Fixes issue where storage emulator throws an error due to non-standard whitespaces in filenames (#6834).
  • Fixes issue where some emulators would fail to start when their path contained a whitespace (#7313)
  • Adds prompt for Postgres connection string to setup:emulators:dataconnect.
  • Updates Data Connect emulator to v1.2.2, which includes support for generating Swift SDKs and a number of bug fixes.

v13.11.2

  • Adds a warning to firebase dataconnect:sdk:generate when no generated SDKs are configured.
  • Fixes some cases where firebase init dataconnect did not write project files correctly.

v13.11.1

  • firebase init dataconnect no longer waits for Cloud SQL instance provisioning (#7275).
  • Fixes an issue where the Data Connect emulator would not start up correctly.

v13.11.0

  • Releases firestore emulator 1.19.7, which adds support for withAuthContext function triggers (#7037).
  • Fixes some cases where Firebase Data Connect deployment fails to pretty-print errors (#7230).
  • Updated Pub/Sub emulator to v0.8.14 (#7197).
  • Updates default resource names and template during firebase init dataconnect.
  • Improved handling of 'fresh from Console' services during init dataconnect.
  • Add support for node22 in function deployments (#7252).
  • Update to Firebase Data Connect Emulator v1.2.0, which adds support for Postgres 16 and creates the Postgres database specified in dataconnect.yaml or .firebaserc if it does not already exist.
  • Update to the latest version of the Crashlytics buildtools, v3.
  • Support deployment of an Angular app using legacy browser builder (#7264)

... (truncated)

Commits
  • 4367a7e 13.13.3
  • f60b41b Dont try to use expired refresh tokens (#7445)
  • 2f130b0 [firebase-release] Removed change log and reset repo after 13.13.2 release
  • 6a4209a 13.13.2
  • eb766f9 Changelog for #7433 (#7434)
  • c6622ca Fixing an issue where old access_tokens would be used intead of requesting ne...
  • 743e8a8 Add new framework for dataconect e2e test (#7309)
  • ea2bfff [firebase-release] Removed change log and reset repo after 13.13.1 release
  • 213813f 13.13.1
  • 2338127 make connections list location scoped (#7421)
  • Additional commits viewable in compare view


Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates qs from 6.7.0 to 6.10.3

Changelog

Sourced from qs's changelog.

6.10.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [actions] reuse common workflows
  • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

  • [Fix] stringify: actually fix cyclic references (#426)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [actions] update codecov uploader
  • [actions] update workflows
  • [Tests] clean up stringify tests slightly
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

  • [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

  • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
  • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
  • [meta] fix README.md (#399)
  • [meta] only run npm run dist in publish, not install
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
  • [Tests] fix tests on node v0.6
  • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
  • [Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [Tests] clean up stringify tests slightly
  • [meta] fix README.md (#399)
  • Revert "[meta] ignore eclint transitive audit warning"
  • [actions] backport actions from main
  • [Dev Deps] backport updates from main

6.9.6

  • [Fix] restore dist dir; mistakenly removed in d4f6c32

6.9.5

  • [Fix] stringify: do not encode parens for RFC1738
  • [Fix] stringify: fix arrayFormat comma with empty array/objects (#350)
  • [Refactor] format: remove util.assign call
  • [meta] add "Allow Edits" workflow; update rebase workflow
  • [actions] switch Automatic Rebase workflow to pull_request_target event

... (truncated)

Commits
  • f92ddb5 v6.10.3
  • d9e9529 [Dev Deps] update eslint
  • 8b4cc14 [Fix] parse: ignore __proto__ keys
  • ad63d36 [actions] reuse common workflows
  • c028385 [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape
  • 0a1d3e8 [Robustness] stringify: avoid relying on a global undefined
  • 408ff95 v6.10.2
  • 3cea04d [Dev Deps] update @ljharb/eslint-config
  • 28fba8f [Dev Deps] update eslint, @ljharb/eslint-config, tape
  • 9aee773 [Fix] stringify: actually fix cyclic references
  • Additional commits viewable in compare view


Updates minimatch from 3.0.4 to 3.1.2

Commits


Updates node-fetch from 2.7.0 to 3.3.2

Release notes

Sourced from node-fetch's releases.

v3.3.2

3.3.2 (2023-07-25)

Bug Fixes

v3.3.1

3.3.1 (2023-03-11)

Bug Fixes

  • release "Allow URL class object as an argument for fetch()" #1696 (#1716) (7b86e94)

v3.3.0

3.3.0 (2022-11-10)

Features

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

  • Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

... (truncated)

Commits


Updates @grpc/grpc-js from 1.8.21 to 1.8.22

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.8.22

  • Avoid buffering significantly more than grpc.max_receive_message_size per received message.
Commits
  • a8a0203 Merge pull request from GHSA-7v5v-9h63-cj86
  • 3b110cd grpc-js: Bump to 1.8.22
  • 8e62222 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
  • 9d83947 Merge pull request #2742 from sergiitk/backport-1.8-psm-interop-common-prod-t...
  • 00f348c Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
  • 36d105b Merge pull request #2737 from murgatroid99/backport-1.8-grpc-js_linkify-it_fix
  • 969e305 Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
  • d78216f Merge pull request #2715 from sergiitk/backport-1.8-psm-interop-pkg-dev
  • f38966a Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
  • ffefff2 Merge pull request #2640 from XuanWang-Amos/backport-1.8-psm-interop-shared-b...
  • Additional commits viewable in compare view


Updates ws from 7.4.6 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits


Updates braces from 3.0.2 to 3.0.3

Commits


Updates express from 4.18.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog:

dependabot[bot] commented 1 month ago

Looks like these dependencies are no longer a dependency, so this is no longer needed.