internetarchive / internet-archive-voice-apps

Voice Apps (Actions on Google, Alexa Skill) of Internet Archive. Just say: "Ok Google, Ask Internet Archive to Play Jazz" or "Alexa, Ask Internet Internet Archive to play Instrumental Music"
46 stars 42 forks source link

chore(deps): bump mathjs from 5.10.3 to 7.5.1 in /functions #531

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 3 years ago

Bumps mathjs from 5.10.3 to 7.5.1.

Changelog

Sourced from mathjs's changelog.

2020-10-10, version 7.5.1

  • Fix object pollution vulnerability in math.config. Thanks Snyk.

2020-10-07, version 7.5.0

  • Function pickRandom now allows randomly picking elements from matrices with 2 or more dimensions instead of only from a vector, see #1974. Thanks @​KonradLinkowski.

2020-10-07, version 7.4.0

  • Implemented support for passing a precision in functions ceil, floor, and fix, similar to round, see #1967, #1901. Thanks @​rnd-debug.
  • Implemented function rotationMatrix, see #1160, #1984. Thanks @​rnd-debug.
  • Implement a clear error message when using sqrtm with a matrix having more than two dimensions. Thanks @​KonradLinkowski.
  • Update dependency decimal.js to 10.2.1.

2020-09-26, version 7.3.0

  • Implemented functions usolveAll and lsolveAll, see #1916. Thanks @​m93a.
  • Implemented support for units in functions std and variance, see #1950. Thanks @​rnd-debug.
  • Implemented support for binary, octal, and hexadecimal notation in the expression parser, and implemented functions bin, oct, and hex for formatting. Thanks @​clnhlzmn.
  • Fix #1964: inconsistent calculation of negative dividend modulo for BigNumber and Fraction. Thanks @​ovk.

2020-08-24, version 7.2.0

2020-07-13, version 7.1.0

  • Implement support for recursion (self-referencing) of typed-functions, new in typed-function@2.0.0. This fixes #1885: functions which where extended with a new data type did not always work. Thanks @​nickewing.
  • Fix #1899: documentation on expression trees still using old namespace math.expression.node.* instead of math.*.

... (truncated)

Commits


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/internetarchive/internet-archive-voice-apps/network/alerts).
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.