search

stone-payments / emerald-web-framework

A open-source framework that makes it easy to build top quality components for high-performance financial applications
Apache License 2.0
82 stars 11 forks source link

chore(deps): bump http-cache-semantics, @semantic-release/npm, lerna and semantic-release #442

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps http-cache-semantics, @semantic-release/npm, lerna and semantic-release. These dependencies needed to be updated together. Updates http-cache-semantics from 3.8.1 to 4.1.1

Commits


Updates @semantic-release/npm from 5.3.5 to 9.0.2

Release notes

Sourced from @​semantic-release/npm's releases.

v9.0.2

9.0.2 (2023-01-13)

Bug Fixes

  • deps: update dependency fs-extra to v11 (7157d76)
  • deps: update dependency npm to v9 (28265ec)
  • deps: update dependency registry-auth-token to v5 (187671f)
  • revert): "fix(deps: update dependency npm to v9" (#561) (c28a848)

v9.0.1

9.0.1 (2022-02-28)

Bug Fixes

  • add missed preferLocal option for execa call (#458) (c817a88)

v9.0.0

9.0.0 (2022-01-18)

Bug Fixes

  • add preferLocal option to allow execa to use local npm version (#445) (002439e)
  • updated the peer requirement for semantic-release to the new stable version (575a5a4)
  • updated the peer requirement on semantic-release to a version matching the engines definition of this package (2d1f5f2)
  • upgrade npm dependency to v8 (a12d6e5)

BREAKING CHANGES

  • the minimum required peer of semantic-release has been raised to match the engines.node requirements of this package
  • npm v8 dropped support for node v15, so it is no longer supported in this plugin. this should be low impact since node v15 is already EOL

Co-authored-by: Matt Travi programmer@travi.org

v9.0.0-beta.3

9.0.0-beta.3 (2022-01-18)

Bug Fixes

  • updated the peer requirement for semantic-release to the new stable version (575a5a4)

v9.0.0-beta.2

... (truncated)

Commits
  • 2b97ece build(release.yml): set node-version to lts/*
  • 7157d76 fix(deps): update dependency fs-extra to v11
  • 399b557 chore(deps): lock file maintenance (#563)
  • c28a848 fix(revert): "fix(deps): update dependency npm to v9" (#561)
  • 2cf3c1b chore(deps): update dependency semantic-release to v20.0.2 (#562)
  • 7854354 chore(deps): update dependency semantic-release to v20.0.1 (#560)
  • 187671f fix(deps): update dependency registry-auth-token to v5
  • 28265ec fix(deps): update dependency npm to v9
  • 27fd270 chore(deps): update dependency sinon to v15 (#554)
  • 4a8089d chore(deps): update dependency semantic-release to v20 (#555)
  • Additional commits viewable in compare view


Updates lerna from 3.20.2 to 6.4.1

Release notes

Sourced from lerna's releases.

v6.4.1

6.4.1 (2023-01-12)

Bug Fixes

v6.4.0

6.4.0 (2023-01-05)

Bug Fixes

  • run: add explicit nx dependency (#3486) (7e39397)
  • version: recognize .prettierignore when formatting files (#3482) (4e2c7a9)

Features

  • create: support relative path from root as lerna create location (#3478) (82825ce)
  • watch: Add lerna watch command (#3466) (008b995)

v6.3.0

6.3.0 (2022-12-26)

Features

  • version: support custom command for git tag (#2760) (6eac92f)
  • version: use npmClientArgs in npm install after lerna version (#3434) (e019e3f)

v6.2.0

6.2.0 (2022-12-13)

Bug Fixes

  • core: more detailed error message when version cannot be found (#3424) (b729b0c)
  • schema: add the other format changelogPreset can assume (#3441) (d286973)
  • utils: check validity of bundledDependencies before iteration (#2960) (2517ffb)

Features

v6.1.0

6.1.0 (2022-11-29)

... (truncated)

Changelog

Sourced from lerna's changelog.

6.4.1 (2023-01-12)

Bug Fixes

6.4.0 (2023-01-05)

Features

6.3.0 (2022-12-26)

Features

  • version: use npmClientArgs in npm install after lerna version (#3434) (e019e3f)

6.2.0 (2022-12-13)

Bug Fixes

  • schema: add the other format changelogPreset can assume (#3441) (d286973)

Features

6.1.0 (2022-11-29)

Features

  • version: bump prerelease versions from conventional commits (#3362) (2288b3a)

6.0.3 (2022-11-07)

Note: Version bump only for package lerna

6.0.2 (2022-11-02)

Note: Version bump only for package lerna

6.0.1 (2022-10-14)

Bug Fixes

  • run: allow for loading of env files to be skipped (#3375) (5dbd904)

6.0.0 (2022-10-12)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jameshenry, a new releaser for lerna since your current version.


Updates semantic-release from 15.9.16 to 20.1.0

Release notes

Sourced from semantic-release's releases.

v20.1.0

20.1.0 (2023-01-25)

Features

  • plugins: add support for loading ESM plugins (#2688) (d170f73)

v20.0.4

20.0.4 (2023-01-24)

Bug Fixes

  • windows: fixed issues preventing execution from windows (#2672) (5df624c)

v20.0.3

20.0.3 (2023-01-23)

Reverts

  • Revert "chore(deps): update dependency ava to v5.1.1" (#2682) (914b0a2), closes #2682

v20.0.3-beta.1

20.0.3-beta.1 (2023-01-14)

Bug Fixes

  • deps: bump @semantic-release/npm to ^10.0.0-beta.1 (#2670) (6a83cb5)

v20.0.2

20.0.2 (2023-01-08)

Bug Fixes

  • deps: update dependency semver-diff to v4 (#1915) (cb45d27)

v20.0.1

20.0.1 (2023-01-07)

Bug Fixes

  • deps: update dependency cosmiconfig to v8 (f914c1e)
  • deps: update dependency hosted-git-info to v6 (c4da008)

v20.0.0

... (truncated)

Commits
  • d170f73 feat(plugins): add support for loading ESM plugins (#2688)
  • 5df624c fix(windows): fixed issues preventing execution from windows (#2672)
  • 914b0a2 Revert "chore(deps): update dependency ava to v5.1.1" (#2682)
  • 140e36d docs(workflow-configuration): improved sentence structure (#2679)
  • e9efbc7 docs(pre-releases): Correct @​latest version in semantic-release (#2668)
  • 3f3b286 chore(deps): update dependency ava to v5.1.1
  • 4db0484 chore(deps): lock file maintenance
  • be2e196 ci(permissions): provided only the necessary permissions to the GITHUB_TOKEN
  • e607e23 build(release.yml): set node-version to lts/*
  • c7b8e10 docs: update node LTS version for npx command (#2669)
  • Additional commits viewable in compare view


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/stone-payments/emerald-web-framework/network/alerts).
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
andremacdowell commented 1 year ago

@dependabot rebase

devsec-app-stone[bot] commented 1 year ago

:robot: Gandalf - Continuos AppSec

Gandalf badge

Este repositório está sendo monitorando de forma automática e contínua em busca de achados que possam comprometer à segurança da aplicação.

Para maiores detalhes, acesse aqui à plataforma.

O que é? | Dúvidas e/ou sugestões