turkdevops / gitea

Git with a cup of tea, painless self-hosted git service
https://gitea.io
MIT License
0 stars 0 forks source link

Bump mermaid from 8.13.3 to 9.1.2 #108

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps mermaid from 8.13.3 to 9.1.2.

Release notes

Sourced from mermaid's releases.

9.1.2

Release Notes

🚀 Features

Bug Fixes & Cleanup

Documentation

Dependecy updates

... (truncated)

Commits
  • 3b8d74f Updated release version to 9.1.2
  • 3fd9cab Test file
  • 113efd1 Added placeholder docs fro C4C diagram
  • f159808 Merge pull request #3122 from activus-d/typo-correction
  • e9148b4 Merge pull request #3120 from flywire/patch-1
  • 6118804 Merge pull request #3114 from siddhant-tripathy1/3093_Removing_sass_files
  • 36321c7 chore(deps-dev): bump webpack-cli from 4.9.2 to 4.10.0 (#3130)
  • 6c0f8e2 chore(deps-dev): bump lint-staged from 13.0.0 to 13.0.1 (#3132)
  • 71e75c0 chore(deps-dev): bump @​applitools/eyes-cypress from 3.26.1 to 3.26.2 (#3136)
  • 0400a59 chore(deps-dev): bump webpack-dev-server from 4.9.1 to 4.9.2 (#3133)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/turkdevops/gitea/network/alerts).
guardrails[bot] commented 2 years ago

:warning: We detected 1 security issue in this pull request:

Mode: paranoid | Total findings: 1 | Considered vulnerability: 1

Vulnerable Libraries (1)
Severity | Details ----- | -------- Medium | [mermaid@9.1.2](https://github.com/turkdevops/gitea/blob/c3398a7441e8e322b171a9c009f38d2171db6cf4/package-lock.json#L25) (t) - **no patch available** More info on how to fix Vulnerable Libraries in [General](https://docs.guardrails.io/docs/en/vulnerabilities/general/using_vulnerable_libraries.html?utm_source=ghpr#).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot[bot] commented 1 year ago

Superseded by #130.