search

cbib / ProteomX

Statistical and Functional analysis and interpretation of proteomics data
MIT License
0 stars 1 forks source link

build(deps): bump debug and @angular/cli in /frontend #135

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 8 months ago

Bumps debug to 4.3.4 and updates ancestor dependencies debug and @angular/cli. These dependencies need to be updated together.

Updates debug from 3.2.6 to 4.3.4

Release notes

Sourced from debug's releases.

4.3.4

What's Changed

New Contributors

Full Changelog: https://github.com/debug-js/debug/compare/4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

Repository Migration Information

I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.

Q: What impact will this have on me?

In most cases, you shouldn't notice any change.

The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a "debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.

Q: What are the security implications of this change?

If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@​qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.

Even in such a case, however, the officially released package on npm (debug) would not be affected. That package is still very much under control (even more than it used to be).

Q: What should I do if I encounter an issue related to the migration?

Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.

Q: Why was this done as a 'patch' release? Isn't this breaking?

No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.

Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.

... (truncated)

Commits
  • da66c86 4.3.4
  • 9b33412 replace deprecated String.prototype.substr() (#876)
  • c0805cc add section about configuring JS console to show debug messages (#866)
  • 043d3cd 4.3.3
  • 4079aae update license and more maintainership information
  • 19b36c0 update repository location + maintainership information
  • f851b00 adds README section regarding usage in child procs (#850)
  • d177f2b Remove accidental epizeuxis
  • e47f96d 4.3.2
  • 1e9d38c cache enabled status per-logger (#799)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates debug from 4.1.1 to 4.3.4

Release notes

Sourced from debug's releases.

4.3.4

What's Changed

New Contributors

Full Changelog: https://github.com/debug-js/debug/compare/4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

Repository Migration Information

I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.

Q: What impact will this have on me?

In most cases, you shouldn't notice any change.

The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a "debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.

Q: What are the security implications of this change?

If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@​qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.

Even in such a case, however, the officially released package on npm (debug) would not be affected. That package is still very much under control (even more than it used to be).

Q: What should I do if I encounter an issue related to the migration?

Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.

Q: Why was this done as a 'patch' release? Isn't this breaking?

No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.

Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.

... (truncated)

Commits
  • da66c86 4.3.4
  • 9b33412 replace deprecated String.prototype.substr() (#876)
  • c0805cc add section about configuring JS console to show debug messages (#866)
  • 043d3cd 4.3.3
  • 4079aae update license and more maintainership information
  • 19b36c0 update repository location + maintainership information
  • f851b00 adds README section regarding usage in child procs (#850)
  • d177f2b Remove accidental epizeuxis
  • e47f96d 4.3.2
  • 1e9d38c cache enabled status per-logger (#799)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates @angular/cli from 9.1.1 to 17.2.1

Release notes

Sourced from @​angular/cli's releases.

v17.2.1

17.2.1 (2024-02-22)

@​angular-devkit/build-angular

Commit Description
fix - 9e7c47b59 allow mts and cts file replacement
fix - f2a2e9287 provide Vite client code source map when loading

v17.2.0

17.2.0 (2024-02-14)

@​schematics/angular

Commit Description
feat - 03e1aa790 add support to bun package manager

@​angular/cli

Commit Description
feat - b3e206741 add support to bun package manager

@​angular-devkit/build-angular

Commit Description
feat - 7f57123fd add define build option to application builder
feat - f4f535653 add JSON build logs when using the application builder
feat - b59f663e5 allow control of Vite-based development server prebundling
feat - 8f47f1e96 provide default and abbreviated build target support for dev-server and extract-i18n
feat - 7a12074dc provide option to allow automatically cleaning the terminal screen during rebuilds
feat - 7c522aa87 support using custom postcss configuration with application builder
fix - 476a68daa add output location in build stats
fix - 5e6f1a9f4 avoid preloading server chunks
fix - 41ea985f9 display server bundles in build stats
fix - d493609d3 downgrade copy-webpack-plugin to workaround Node.js support issue
fix - 8d5af1d5c ensure correct .html served with Vite dev-server
fix - 944cbcdb1 limit the number of lazy chunks visible in the stats table
fix - 905e13633 support string as plugin option in custom postcss plugin config

@​angular-devkit/schematics

Commit Description
fix - da1c38c48 add bun to known package managers

@​angular/create

Commit Description
feat - 600498f2c add support to bun package manager

v17.2.0-rc.0

17.2.0-rc.0 (2024-02-08)

@​angular-devkit/build-angular

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/cli's changelog.

17.2.1 (2024-02-22)

@​angular-devkit/build-angular

Commit Type Description
9e7c47b59 fix allow mts and cts file replacement
f2a2e9287 fix provide Vite client code source map when loading

17.2.0 (2024-02-14)

@​angular/cli

Commit Type Description
b3e206741 feat add support to bun package manager

@​schematics/angular

Commit Type Description
03e1aa790 feat add support to bun package manager

@​angular-devkit/build-angular

Commit Type Description
7f57123fd feat add define build option to application builder
f4f535653 feat add JSON build logs when using the application builder
b59f663e5 feat allow control of Vite-based development server prebundling
8f47f1e96 feat provide default and abbreviated build target support for dev-server and extract-i18n
7a12074dc feat provide option to allow automatically cleaning the terminal screen during rebuilds
7c522aa87 feat support using custom postcss configuration with application builder
476a68daa fix add output location in build stats
5e6f1a9f4 fix avoid preloading server chunks
41ea985f9 fix display server bundles in build stats
d493609d3 fix downgrade copy-webpack-plugin to workaround Node.js support issue
8d5af1d5c fix ensure correct .html served with Vite dev-server
944cbcdb1 fix limit the number of lazy chunks visible in the stats table
905e13633 fix support string as plugin option in custom postcss plugin config

@​angular-devkit/schematics

Commit Type Description
da1c38c48 fix add bun to known package managers

... (truncated)

Commits
  • ca18ead release: cut the v17.2.1 release
  • a361540 test: avoid new Node.js properties in webpack direct E2E chunk size testing
  • 40e04f6 test: generalize webpack direct E2E chunk size testing
  • 4fc5c6a Revert "refactor(@​schematics/angular): remove private /components API"
  • f2a2e92 fix(@​angular-devkit/build-angular): provide Vite client code source map when ...
  • 9e7c47b fix(@​angular-devkit/build-angular): allow mts and cts file replacement
  • 644010d release: cut the v17.2.0 release
  • 79b1edd build: update Angular peer deps packages to 17.2.0
  • 905e136 fix(@​angular-devkit/build-angular): support string as plugin option in custom...
  • d493609 fix(@​angular-devkit/build-angular): downgrade copy-webpack-plugin to workarou...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cbib/ProteomX/network/alerts).