SAP / risk-explorer-for-software-supply-chains

A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and other resources. The taxonomy as well as related safeguards can be explored using an interactive visualization tool.
https://sap.github.io/risk-explorer-for-software-supply-chains/
Apache License 2.0
71 stars 14 forks source link

Bump react-devtools-core and react-native #98

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps react-devtools-core to 4.28.4 and updates ancestor dependency react-native. These dependencies need to be updated together.

Updates react-devtools-core from 4.19.1 to 4.28.4

Commits
Maintainer changes

This version was pushed to npm by hoxyq, a new releaser for react-devtools-core since your current version.


Updates react-native from 0.67.2 to 0.72.6

Release notes

Sourced from react-native's releases.

0.72.6

Fixed

  • Fix a potential bug in EventEmitter when used with certain Babel configurations that incorrectly polyfill the spread operator for iterables (9b3bd63723 by @​yungsters)

iOS specific


You can participate in the conversation on the status of this release in this discussion


To help you upgrade to this version, you can use the upgrade helper ⚛️


You can find the whole changelog history in the changelog.md file.

0.72.5

Changed

Fixed

Android specific

iOS specific


You can participate in the conversation on the status of this release in this discussion


... (truncated)

Changelog

Sourced from react-native's changelog.

Changelog (pre 0.70)

This file contains all changelogs for releases in the 0.60-0.69 range. Please check out the other CHANGELOG-*.md files for newer and older versions.

v0.69.12

Changed

iOS specific

Fixed

Android specific

v0.69.11

Fixed

iOS specific

v0.69.10

Fixed

Android specific

v0.69.9

Changed

iOS specific

Fixed

... (truncated)

Commits
  • 4fd3da2 [0.72.6] Bump version numbers
  • 6e3a130 [Local] Fix CI for 0.72, with Acitve Support and Xcode15 (#40855)
  • 9b3bd63 RN: Switch EventEmitter to Array.from(...) (#39525)
  • 785f91b Fix Gemfile, setting Active support to < 7.1.0 (#39828)
  • 355025d Update Xcode 15 patches to be more robust (#39710)
  • 3c4cc59 Move hermes-engine.podspec and hermes-utils.rb from hermes-engine to hermes f...
  • 1e38d4d [0.72.5] Bump version numbers
  • 2a041cb Add ld_classic flag to Hermes when building for Xcode 15 (#39516)
  • 8ccdb2c Fix Xcode 15 RC issues (#39474)
  • a5e110a Bump IPHONEOS_DEPLOYMENT_TARGET to 13.4 for 3rd party pods (#39478)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SAP/risk-explorer-for-software-supply-chains/network/alerts).