search

moov-io / watchman

AML/CTF/KYC/OFAC Search of global watchlist and sanctions
https://moov-io.github.io/watchman/
Apache License 2.0
330 stars 87 forks source link

build(deps): bump sockjs and react-scripts in /webui #513

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 10 months ago

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps sockjs to 0.3.20 and updates ancestor dependency react-scripts. These dependencies need to be updated together.

Updates sockjs from 0.3.19 to 0.3.20

Release notes

Sourced from sockjs's releases.

0.3.20

  • Updated node-uuid and coffeescript
  • Exclude examples, tests, and Makefile from npm package
  • Update examples to use latest jQuery and sockjs-client #271
  • Don't call res.end in writeHead #266
  • Pin websocket-driver as later versions cause some tests from sockjs-protocol to fail
Changelog

Sourced from sockjs's changelog.

0.3.20

  • Updated node-uuid and coffeescript
  • Exclude examples, tests, and Makefile from npm package
  • Update examples to use latest jQuery and sockjs-client #271
  • Don't call res.end in writeHead #266
  • Pin websocket-driver as later versions cause some tests from sockjs-protocol to fail
Commits
  • a0f6afb 0.3.20
  • b989e9b Pin websocket-driver version to prevent test failures
  • b4f1672 Add Makefile to .npmignore
  • b97cd64 Update coffeescript to latest v1 and uuid to latest v3
  • ac7bfeb Exclude examples and tests from npm
  • 78a6aeb Update sockjs_url to latest v1
  • dd7e642 Merge pull request #266 from cakoose/backport-writeHead-fix
  • 68e8fd7 Merge pull request #271 from daniel-seitz/v0.3.20
  • e3e7822 Use jsDelivr for jquery in examples
  • 3e975c6 writeHead: Don't end() response
  • See full diff in compare view


Updates react-scripts from 3.0.1 to 3.4.4

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.4

or

yarn add --exact react-scripts@3.4.4

3.4.3 (2020-08-12)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.3

or

yarn add --exact react-scripts@3.4.3

3.4.2 (2020-08-11)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.1 to 3.4.2

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.2

or

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/moov-io/watchman/network/alerts).
codecov-commenter commented 10 months ago

Codecov Report

Merging #513 (0d29122) into master (58c4b3b) will not change coverage. Report is 1 commits behind head on master. The diff coverage is n/a.

:exclamation: Current head 0d29122 differs from pull request most recent head 57e090f. Consider uploading reports for the commit 57e090f to get more accurate results

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #513 +/- ## ====================================== Coverage 8.25% 8.25% ====================================== Files 44 44 Lines 3503 3503 ====================================== Hits 289 289 Misses 3191 3191 Partials 23 23 ```
adamdecaf commented 10 months ago

@dependabot rebase

dependabot[bot] commented 9 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.