search

aws-samples / retail-demo-store

AWS Retail Demo Store is a sample retail web application and workshop platform demonstrating how AWS infrastructure and services can be used to build compelling customer experiences for eCommerce, retail, and digital marketing use-cases
MIT No Attribution
727 stars 516 forks source link

Bump fast-xml-parser and aws-amplify in /src/web-ui #468

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps fast-xml-parser to 4.2.5 and updates ancestor dependency aws-amplify. These dependencies need to be updated together.

Updates fast-xml-parser from 4.2.4 to 4.2.5

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.2.5 / 2023-06-22

  • change code implementation

4.2.4 / 2023-06-06

  • fix security bug

4.2.3 / 2023-06-05

  • fix security bug

4.2.2 / 2023-04-18

  • fix #562: fix unpaired tag when it comes in last of a nested tag. Also throw error when unpaired tag is used as closing tag

4.2.1 / 2023-04-18

  • fix: jpath after unpaired tags

4.2.0 / 2023-04-09

  • support updateTag parser property

4.1.4 / 2023-04-08

  • update typings to let user create XMLBuilder instance without options (#556) (By Patrick)
  • fix: IsArray option isn't parsing tags with 0 as value correctly #490 (#557) (By Aleksandr Murashkin)
  • feature: support oneListGroup to group repeated children tags udder single group

4.1.3 / 2023-02-26

  • fix #546: Support complex entity value

4.1.2 / 2023-02-12

  • Security Fix

4.1.1 / 2023-02-03

  • Fix #540: ignoreAttributes breaks unpairedTags
  • Refactor XML builder code

4.1.0 / 2023-02-02

  • Fix '' in DTD comment throwing an error. (#533) (By Adam Baker)
  • Set "eNotation" to 'true' as default

4.0.15 / 2023-01-25

  • make "eNotation" optional

4.0.14 / 2023-01-22

  • fixed: add missed typing "eNotation" to parse values

4.0.13 / 2023-01-07

4.0.12 / 2022-11-19

... (truncated)

Commits


Updates aws-amplify from 5.3.1 to 5.3.3

Release notes

Sourced from aws-amplify's releases.

2023-06-28 Amplify JS release - aws-amplify@5.3.3

What's Changed

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@5.3.2...aws-amplify@5.3.3

2023-06-27 Amplify JS release - aws-amplify@5.3.2

What's Changed

New Contributors

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@5.3.1...aws-amplify@5.3.2

Commits
  • b1061a1 chore(release): Publish [ci skip]
  • d10780f release: Amplify JS release (#11556)
  • 60f7d3d fix: Update isReactNative check to consider Expo as well (#11555)
  • fe1c1e3 chore(release): update API docs [ci skip]
  • d60ad34 chore(release): Publish [ci skip]
  • bd89c0e release: Amplify JS release (#11548)
  • 7ebbbb1 chore: update sdk client patch versions for fast-xml-parser security … (#11547)
  • 18012b0 fix(auth): Catch password reset Cognito API error response (#11274)
  • cfd2062 chore(release): update API docs [ci skip]
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws-samples/retail-demo-store/network/alerts).
gfaires commented 1 year ago

@dependabot rebase

dependabot[bot] commented 1 year ago

The dependabot.yml entry that created this PR has been deleted so this PR can't be rebased. Please close the PR so Dependabot can create a new one with the current dependabot.yml.

dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.