mozilla-rally / beyond_the_paywall

Stanford "Beyond the Paywall" Study
Mozilla Public License 2.0
5 stars 6 forks source link

Bump express and web-ext #42

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Removes express. It's no longer used after updating ancestor dependency web-ext. These dependencies need to be updated together.

Removes express

Updates web-ext from 5.5.0 to 7.4.0

Release notes

Sourced from web-ext's releases.

7.4.0

Features

  • web-ext lint: enabled MV3 by default (#2557)
  • web-ext lint: updated to use addons-linter v5.23.0 (#2537) (#2561)
    • Firefox 108.0b5 schema has been imported
    • MV3 event pages are now fully supported by the linter
    • Various fixes related to CSP have been made in the linter

Bug Fixes

  • Other dependencies updated:

See all changes https://github.com/mozilla/web-ext/compare/7.3.1...7.4.0

7.3.1

Bug Fixes

  • web-ext sign: fixed a bug that caused the experimental CLI flag --use-submission-api to use an invalid URL (#2531)

See all changes https://github.com/mozilla/web-ext/compare/7.3.0...7.3.1

7.3.0

Features

  • web-ext lint: added support for the --firefox-preview option (#2505)
  • web-ext lint: updated to use addons-linter v5.18.0 (#2500, #2518, #2524, #2526)
    • Firefox 106.0b10 schema has been imported
    • The linter now verifies that all locale directories have messages.json files
    • The linter now validates CSP values set for the new script-src-elem/script-src-attr directives
  • web-ext run: added new CLI flag --devtools to open DevTools for the installed add-on right away. (#2488) (requires Firefox 106 and above)
  • web-ext sign: added new experimental CLI flag --use-submission-api to use the new AMO add-on submission API (#2489). See also: mozilla/web-ext#2503

Bug Fixes

  • Other dependencies updated:
    • jose to v4.10.0 (#2496)
    • sign-addon to v5.1.0 (#2522)
    • ws to v8.9.0 (#2519)
    • yargs to v17.6.0 (#2520)

See all changes https://github.com/mozilla/web-ext/compare/7.2.0...7.3.0

7.2.0

Features

... (truncated)

Commits
  • e975ab9 7.4.0
  • d32f086 chore(deps): update dependency prettier to v2.8.0 (#2562)
  • 4275195 fix(deps): update dependency addons-linter to v5.23.0 (#2561)
  • cbdae4b fix(deps): update dependency jose to v4.11.1 (#2560)
  • bf21efa chore(deps): update commitlint monorepo to v17.3.0 (#2559)
  • e344ede chore(deps): update dependency eslint to v8.28.0 (#2558)
  • e849044 chore(deps): update dependency testdouble to v3.16.8 (#2555)
  • 87ea259 fix(deps): update dependency yargs to v17.6.2 (#2545)
  • 7dc3f20 feat: enable MV3 by default in web-ext lint command (#2557)
  • fc843ac chore(docs): Add a note about prettier-dev npm command in CONTRIBUTING.md (...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mozilla-rally/beyond_the_paywall/network/alerts).