search

dlr-eoc / ukis-frontend-libraries

A collection of angular ui-components, services, interfaces... to help you create geospatial mapping applications for the web.
Apache License 2.0
17 stars 4 forks source link

release-v11.1.0 #190

Closed boeckMt closed 1 year ago

boeckMt commented 1 year ago

Release PR Checklist

For creating a new version see DEVELOPMENT/new version and see Release pull request.

Please check if your PR fulfills the following requirements:

  1. [x] The PR name follows the naming convention release-v[0-9]+.[0-9]+.[0-9].
  2. [x] The brach follows the naming convention release-v[0-9]+.[0-9]+.[0-9].
  3. [x] The CHANGELOG.md is updated with a version header # [<version>](https://github.com/dlr-eoc/ukis-frontend-libraries/tree/v<version>) (<date>) (<description>).
  4. [x] The correct version and tag was set with npm version <major | minor | patch> -m "Version for release XYZ".
  5. [x] The Tag v[0-9]+.[0-9]+.[0-9] was pushed with the brach.
  6. [x] The Project is building without errors see and check if the build job was successful.
  7. [x] Add the Label RELEASE to the PR.

Then a release on GitHub is created and the built packages are published.

If everything works fine the PR can be merged.

socket-security[bot] commented 1 year ago

New dependency changes detected. Learn more about Socket for GitHub ↗︎

🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore xmlserializer@0.6.1
  • @SocketSecurity ignore w3c-schemas@1.4.0
🧐 Potential typo squat

Package name is similar to other popular packages and may not be the package you want.

Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages.

Package 📎 Did you mean? Found in
xmlserializer@0.6.1 (added) xdoml-serializer (1.4 thousand times more downloads) package-lock.json, package.json, projects/demo-maps/package.json via @dlr-eoc/services-ogc@11.1.0, projects/services-ogc/package.json via @dlr-eoc/utils-ogc@11.1.0, projects/utils-ogc/package.json
w3c-schemas@1.4.0 (added) w3char-schemas (37 thousand times more downloads) package-lock.json, package.json via ogc-schemas@2.6.1, projects/demo-maps/package.json via @dlr-eoc/services-ogc@11.1.0, projects/services-ogc/package.json via @dlr-eoc/utils-ogc@11.1.0, ogc-schemas@2.6.1, projects/utils-ogc/package.json via ogc-schemas@2.6.1
Pull request alert summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ⚠️ 2 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues

📊 Modified Dependency Overview:

🚮 Removed packages: @dlr-eoc/base-layers-raster@11.0.0, @dlr-eoc/cookie-alert@11.0.0, @dlr-eoc/core-ui@11.0.0, @dlr-eoc/layer-control@11.0.0, @dlr-eoc/map-ol@11.0.0, @dlr-eoc/map-three@11.0.0, @dlr-eoc/map-tools@11.0.0, @dlr-eoc/services-layers@11.0.0, @dlr-eoc/services-map-state@11.0.0, @dlr-eoc/services-ogc@11.0.0, @dlr-eoc/services-util-store@11.0.0, @dlr-eoc/user-info@11.0.0, @dlr-eoc/utils-maps@11.0.0, @dlr-eoc/utils-ogc@11.0.0

boeckMt commented 1 year ago

@MichaelLangbein, @lucas-angermann and @voinSR a new version has been created and is ready to use. All changes can be found in the CHANGELOG.