search

atom / node-keytar

Native Password Node Module
https://atom.github.io/node-keytar
MIT License
1.37k stars 193 forks source link

Bump prebuild-install from 6.1.2 to 7.0.1 #441

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps prebuild-install from 6.1.2 to 7.0.1.

Release notes

Sourced from prebuild-install's releases.

v7.0.1

Changed

  • Upgrade to the latest version of detect-libc (#166) (f71c6b9) (Lovell Fuller).

v7.0.0

Changed

  • Breaking: bump node-abi so that Electron 14+ gets correct ABI (#161) (477f347) (csett86). Drops support of Node.js < 10.
  • Bump simple-get (7468c14) (Vincent Weevers).

v6.1.4

Fixed

  • Move auth token to header instead of query param (#160) (b3fad76) (nicolai-nordic)
  • Remove _ prefix as it isn't allowed by npm config (#153) (a964e5b) (Tom Boothman)
  • Make rc.path absolute (#158) (57bcc06) (George Waters).

v6.1.3

Changed

  • Inline no longer maintained noop-logger (#155) (e08d75a) (Alexandru Dima)
  • Point users towards prebuildify in README (#150) (5ee1a2f) (Vincent Weevers)
Changelog

Sourced from prebuild-install's changelog.

[7.0.1] - 2022-01-28

Changed

  • Upgrade to the latest version of detect-libc (#166) (f71c6b9) (Lovell Fuller).

[7.0.0] - 2021-11-12

Changed

  • Breaking: bump node-abi so that Electron 14+ gets correct ABI (#161) (477f347) (csett86). Drops support of Node.js < 10.
  • Bump simple-get (7468c14) (Vincent Weevers).

[6.1.4] - 2021-08-11

Fixed

  • Move auth token to header instead of query param (#160) (b3fad76) (nicolai-nordic)
  • Remove _ prefix as it isn't allowed by npm config (#153) (a964e5b) (Tom Boothman)
  • Make rc.path absolute (#158) (57bcc06) (George Waters).

[6.1.3] - 2021-06-03

Changed

  • Inline no longer maintained noop-logger (#155) (e08d75a) (Alexandru Dima)
  • Point users towards prebuildify in README (#150) (5ee1a2f) (Vincent Weevers)
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
andyleejordan commented 2 years ago

@sergiou87, @sbatten, and @shiftkey could you please take a look at this ASAP? It's propagating a high-level CVE up to vsce, a dependency for practically every VS Code extension.

dependabot[bot] commented 2 years ago

Looks like prebuild-install is up-to-date now, so this is no longer needed.

hectorvp commented 2 years ago

@sergiou87 shouldn't this bumped version go as patch update on npm?

sergiou87 commented 2 years ago

Yes, soon 😄