search

dhis2-club-tanzania / integration-app

0 stars 0 forks source link

An in-range update of bootstrap is breaking the build 🚨 #25

Open greenkeeper[bot] opened 4 years ago

greenkeeper[bot] commented 4 years ago

The dependency bootstrap was updated from 4.3.1 to 4.4.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

bootstrap is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details - βœ… **continuous-integration/travis-ci/push:** The Travis CI build passed ([Details](https://travis-ci.org/hisptz/integration-app/builds/617334234?utm_source=github_status&utm_medium=notification)). - βœ… **Travis CI - Branch:** The build **passed**. - ❌ **WhiteSource Security Check:** The Security Check found 7 vulnerabilities.
| Severity | CVSS Score |CVE | GitHub Issue | | ------------- |-------------|-----|------| | High | 7.3 | [WS-2019-0291](https://github.com/wycats/handlebars.js/issues/1558 "Go to CVE Details") | [#8](https://github.com/hisptz/integration-app/issues/8 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2012-6708](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708 "Go to CVE Details") | [#6](https://github.com/hisptz/integration-app/issues/6 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2019-11358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358 "Go to CVE Details") | [#3](https://github.com/hisptz/integration-app/issues/3 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2015-9251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251 "Go to CVE Details") | [#2](https://github.com/hisptz/integration-app/issues/2 "Go to GitHub Issue") | Medium | 5.0 | [WS-2019-0043](https://hackerone.com/reports/390929 "Go to CVE Details") | [#7](https://github.com/hisptz/integration-app/issues/7 "Go to GitHub Issue") | Medium | 4.3 | [CVE-2011-4969](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4969 "Go to CVE Details") | [#5](https://github.com/hisptz/integration-app/issues/5 "Go to GitHub Issue") | Medium | 4.3 | [WS-2016-0090](https://github.com/jquery/jquery/commit/b078a62013782c7424a4a61a240c23c4c0b42614 "Go to CVE Details") | [#4](https://github.com/hisptz/integration-app/issues/4 "Go to GitHub Issue")
Scan token: 9ff4a6fb122d413599abf1528ab9d4bd
Release Notes for v4.4.0

Highlights

Here's what you need to know about v4.4.0. Remember that with every minor and major release of Bootstrap, we ship a new URL for our hosted docs to ensure URLs continue to work.- New responsive containers! Over a year in the making, fluid up to a particular breakpoint, available for all responsive tiers.

  • New responsive .row-cols classes for quickly specifying the number of columns across breakpoints. This one is huge for those of you who have asked for responsive card decks.
  • New escape-svg() function for simplifying our embedded background-image SVGs for forms and more.
  • New add() and subtract() functions for avoiding errors and zero values from CSS's built in calc feature.
  • New make-col-auto() mixin to make our .col-auto class available with custom HTML.
  • Fixed an issue with Microsoft Edge not picking up :disabled styles by moving selectors to [disabled].
  • Deprecated: bg-variant(), nav-divider(), and form-control-focus() mixins are now deprecated as they're going away in v5.
  • Updated our spacing and alignment for modal footer elements like buttons to automatically wrap when space is constrained.
  • More flexible form control validation styles thanks to fewer chained selectors. Also updated the :invalid validation icon to be an alert instead of an × to avoid confusion with browser functionality for clearing the form field value.
  • Fixed a couple dozen CSS and JS bugs.
  • Moved to GitHub Actions for CI/CD! Expect more updates to our CI setup over time here while Actions evolves.
  • Updated documentation to fix links and typos, improved landmarks for secondary navigation, and a new security doc for guidelines on reporting potential vulnerabilities.

Links

Commits

The new version differs by 213 commits.

  • 593574d Release v4.4.0 (#29735)
  • d61bba5 Backport #29734
  • 7aa1722 Update change-version.js (#29736)
  • 340009e Update devDependencies and gems.
  • bdd8752 Switch to the Coveralls Action (#29478)
  • e0a2d58 Backport #29624
  • 136afcf Update anchor.js to v4.2.1 (#29662)
  • eb1e1cf Fixed input-height-sm and input-height-lg calculations (#29653)
  • 5be0fe8 package.json: Add funding property (#29646)
  • a0bb417 Fix icons link.
  • 590c1ba progress: Fix IE overflow (#29629)
  • f12ae8c Sass: fix version in deprecation messages.
  • 6b7ca12 Make check label cursor customizable (#29633)
  • 0aa6a81 Update devDependencies and gems.
  • 7629dae Update modal.md (#29621)

There are 213 commits in total.

See the full diff

FAQ and help There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html). If those don’t help, you can always [ask the humans behind Greenkeeper](https://github.com/greenkeeperio/greenkeeper/issues/new).

Your Greenkeeper Bot :palm_tree:

issue-label-bot[bot] commented 4 years ago

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.92. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

greenkeeper[bot] commented 4 years ago

After pinning to 4.3.1 your tests are still failing. The reported issue might not affect your project. These imprecisions are caused by inconsistent test results.

greenkeeper[bot] commented 4 years ago

Your tests are still failing with this version. Compare changes

Release Notes for v4.4.1
  • Fix Dart Sass compatibility (#29755, #29763)
  • Add :disabled for disabled fieldset (#29762)
Commits

The new version differs by 5 commits.

  • dca1ab7 Release v4.4.1.
  • b07b6f7 Fix dart Sass compatibility for subtract (#29763)
  • 0d148d8 V4: Add :disabled for disabled fieldset (#29762)
  • c24aaa6 Fix dart Sass compatibility (#29755)
  • 301ee19 Update Gemfile.lock

See the full diff

greenkeeper[bot] commented 4 years ago

Your tests are still failing with this version. Compare changes

Release Notes for v4.5.0

Highlights

  • New interaction utilities. Quickly set user-select with the new utilities and Sass map.
  • New Reboot style for pointer cursors. We now include a role="button" selector in Reboot to set cursor: pointer on non-<button> element buttons.
  • Examples are now downloadable. We've added a script to zip up and offer all our Examples as their own download from the docs.
  • Added guidance to our docs for how to workaround our longstanding input group rounded corner bug.
  • Redesigned docs homepage and navbar to increment us towards v5's new docs design.
  • Deprecated bg-gradient-variant mixin as it's being removed in v5
  • Updated to jQuery v3.5.1, Jekyll v4, and dropped Node.js < 10.

CSS

  • #29413: Prevent vertical offset on progress bar in IE11
  • #29745: Add display: flex on .breadcrumb-item
  • #29819: Allow percentages in container widths
  • #29937: Add missing Noto Sans font to font stack
  • #29946: Added new variable for padding on dropdown header
  • #30004: Fixes disabled .btn cursor
  • #30036: Added focus state to .btn-link
  • #30043: Fix IE auto-size input-group to column
  • #30049: Prevent grid with default cols from breaking when large pre is present by setting min-width: 0
  • #30074: Use word-wrap in .text-break for IE and Edge compatibility.
  • #30166: Avoid border-radius functions returning negative values
  • #30183: Remove unnecessary reduce motion when $enable-transition: false
  • #30244: Fix centered modal scrolling issue
  • #30262: Prevent link underline change from affecting some components
  • #30361: Remove appearance from date inputs
  • #30391: Prevent redundant transition: none in transition()` mixin
  • #30497: Fix card list group borders & radii
  • #30504: Fix spinner-grow animation in Safari
  • #30515: Add .card-footer color
  • #30555, #30512, #30480: Use box-shadow mixin for .form-select, .btn, and other form controls
  • #30562: Added new interaction utilities for user-select and a new - role="button" in Reboot to set cursor: pointer.
  • #30582: Delete unncecessary appearance: none from button.close
  • #30594: Deprecate bg-gradient-variant mixin
  • #30605, #30606: Grid now checks for for $grid-columns > 0
  • #30609: Checks for an empty $grid-breakpoints map list to remove all breakpoints
  • #30660: Prevent list group style leaks
  • #30685: Disable auto-hiding scrollbar in legacy Edge
  • #30755: Removed role="document" from the modal dialog

JavaScript

  • #29968: sanitizer.js: Add srcset in the allowed attributes
  • #29969: Use regex.test() when we want to check for a Boolean on popovers/tooltips
  • #30381: Updated tab.js to address accessibility issue when using ul/li semantic
  • #30383: ensure totype always return stringified null when null passed
  • #30388: enable button toggle on label when checkbox is inside
  • #30490: Switch to string constants to save ~5% on file size
  • #30510, #30511: Fix event propagation from inactive and disabled dropdowns
  • #30744: ensure build plugins can exit in error
  • #30772: Prevent scrollbar replacement on non-integer width
  • 22f75c: scrollspy: only accept valid Elements as input for target

Docs

  • Redesigned docs homepage
  • Improved tap target sizing in our navigation
  • Added examples for our input group border-radius workaround
  • Added warning to browser bugs page that it's no longer maintained
  • Added loading="lazy" for images
  • #29782: Improve wrapping and hit area of accordion example titles
  • #29820: move width after make-container() mixin
  • #29956: Add Microsoft Edge for macOS to supported browsers
  • #30130: Added ability to zip and download our Examples
  • #30175: Add version number in page title
  • #30180: Changed input group validation examples to reflect issues with input group.
  • #30207: Headings hierarchy in theming.md
  • #30325: Updated modal docs to simplify data-target usage and more
  • #30416: Clarify card group behavior
  • #30469: Remove holder.js leftovers
  • #30505: Use existing position utility in navbar example
  • #30695: make the check for URL stricter in our docs search

Examples

  • #29886: Fix checkout page forms
  • #30573: Improve the responsiveness of our Dashboard example

Dependencies

  • Updated jQuery to v3.5.1
  • Replaced bundlesize with bundlewatch
  • Updated to Jekyll v4
  • Drop Node.js < 10
  • Misc devDependencies updates
Commits

The new version differs by 153 commits.

  • 7a6da5e Dist
  • 109ad5d Bump version to 4.5.0.
  • 4a0ddb0 Wording fixes
  • 0f26be5 Move the input groups validation workaround in docs.
  • 842b0d2 Remove mention of build tools
  • 32932d2 Grammar fixes
  • 4a26e51 Include the newly added utilities/interactions.scss file
  • 0f3eda8 Update devDependencies and gems.
  • 30e7df6 Backport d59de33 from #30772
  • f1827ce Avoid bad scrollbar replacement into width values
  • eb1df3e Update codeql.yml (#30777)
  • df91d2c Improve build/zip-examples.js (#30759)
  • d2f9fbd Removed role="document" from the modal dialog (#30755)
  • bad48dc CI: simplify cache
  • 86f2c01 Partially revert "Use regex.test() when we want to check for a Boolean. (#29969)"

There are 153 commits in total.

See the full diff