aggrosoft / oxid-cookie-compliance

GDPR Compliance
MIT License
4 stars 9 forks source link

Bump cacheable-request, @release-it/bumper and release-it #33

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps cacheable-request to 10.2.7 and updates ancestor dependencies cacheable-request, @release-it/bumper and release-it. These dependencies need to be updated together.

Updates cacheable-request from 6.1.0 to 10.2.7

Release notes

Sourced from cacheable-request's releases.

v10.2.6

Fix for memory leak on Listeners

The listener was not being removed on response and just error but new handlers were being added causing a memory leak.

line 220 in src/index.ts was modified to remove the listener on response also

         if (this.cache instanceof Keyv) {
                const cachek = this.cache;
                cachek.once('error', errorHandler);
                ee.on('error', () => cachek.removeListener('error', errorHandler));
                ee.on('response', () => cachek.removeListener('error', errorHandler));
            }

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.5...v10.2.6

v10.2.5

Types definition issue with http-cache-sematics as that type definition needs to be in dependencies. Thanks @​Maxim-Mazurok

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.4...v10.2.5

v10.2.4

Minor updates with one exception is that we removed @types/http-cache-semantics from the main dependencies as it does not look to be needed.

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.3...v10.2.4

v10.2.3 Maintenance Release

Upgrading core modules in the system such as keyv and also a minor fix to an uncaught exception that we were seeing referenced here: sindresorhus/got#1925

Additional update is moving normalize-url to 8.0.0 which after testing it looks to not affect anything but will post the release notes here: https://github.com/sindresorhus/normalize-url/releases/tag/v8.0.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jaredwray, a new releaser for cacheable-request since your current version.


Updates @release-it/bumper from 1.4.1 to 4.0.2

Commits


Updates release-it from 13.7.1 to 15.6.0

Release notes

Sourced from release-it's releases.

Release 15.6.0

  • Fix specs for #966 (39a318b)
  • Move space (quickfix) (cfae247)
  • fix: use spec formdata (#958) (c21e6b6)
  • Fix npm.isCollaborator() on npm v9 (#966) (3bd405a)
  • feat(git): added option to use --exclude option on git describe (#963) (2b484bf)

Release 15.5.1

  • Update dependencies (aa89cbd)
  • Prompt for npm OTP in --only-version (fixes #948) (ff626d1)
  • Remove unused export/function (331b0de)
  • Add knip + config (ee99f63)

Release 15.5.0

  • Update dependencies (5d035be)
  • Add npm.versionArgs option (5efc57f)

Release 15.4.3

  • Update dependencies (67da5d9)
  • Update got to 12.5.1 (#943) (a9c8c34)

Release 15.4.2

  • Update dependencies (97095d5)
  • Defer dry run bail out in asset globbing (to include the warning in dry runs) (bf6ccc8)
  • Housekeeping for Actions (feff2eb)

Release 15.4.1

  • Handle file paths and dots in git urls (055a4ff)
  • Update dependencies (including git-url-parse) (1851650)

Release 15.4.0

  • Add npm.name to config.context and extend context for tagName (closes #933) (627763f)

Release 15.3.0

  • Add new features to docs (e2101ed)
  • Add tests for branchName in tag name (a6f6eff)
  • Update dependencies (ae9ccb9)
  • add branchName for template (#897) (9aa9a5d)
  • add new --changelog option (#912) (5798a7a)

Release 15.2.0

  • Update dependencies (b78eb1e)
  • Add package.json to exports (acc66f7)
  • Fixes loading scoped plugins to ensure name is preserved (#926) (145fc71)
  • Add workaround for Windows by removing drive letter from git url (#924) (ce3a726)
  • Enable manual triggers and disable tag triggers in test pipeline (b830876)
  • Fix plugin links (b7cd505)

Release 15.1.4

  • Migrate to git-url-parse v12 (41aad00)

... (truncated)

Changelog

Sourced from release-it's changelog.

Changelog

This document lists breaking changes for each major release.

See the GitHub Releases page for detailed changelogs: https://github.com/release-it/release-it/releases

v15 (2022-04-30)

  • Removed support for Node.js v10 and v12.
  • Removed support for GitLab v12.4 and lower.
  • Removed anonymous metrics (and the option to disable it).
  • Programmatic usage and plugins only through ES Module syntax (import)

Use release-it v14 in legacy environments.

v14 (2020-09-03)

  • Removed global property from plugins. Use this.config[key] instead.
  • Removed deprecated npm.access option. Set this in package.json instead.

v13 (2020-03-07)

  • Dropped support for Node v8
  • Dropped support for GitLab v11.6 and lower.
  • Deprecated scripts are removed (in favor of hooks).
  • Removed deprecated --non-interactive (-n) argument. Use --ci instead.
  • Removed old %s and [REV_RANGE] syntax in command substitutions. Use ${version} and ${latestTag} instead.

v12 (2019-05-03)

  • The --follow-tags argument for git push has been moved to the default configuration. This is only a breaking change if git.pushArgs was not empty (it was empty by default).

v11

  • The custom conventional-changelog increment (e.g. "increment": "conventional:angular") with additional script configuration is replaced with a plugin. Please see conventional changelog how to use this plugin.
  • The pkgFiles option has been removed. If there's a need to bump other files than what npm version bumps, it should be (part of) a plugin.
  • By default, the latest version was derived from the latest Git tag. From v11, if the repo has a package.json then that version is used instead. The use option has been removed. Also see latest version.
  • scripts.changelog has been moved to git.changelog

v10

  • Dropped support for Node v6

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aggrosoft/oxid-cookie-compliance/network/alerts).