udsm-dhis2-lab / 90-90-90-cascade-graph-widget

90-90-90 HIV Prevention, Engagement and Care Cascade Graph Widget(i.e Treatment target graph to help end the AIDS epidemic)
GNU Lesser General Public License v3.0
0 stars 0 forks source link

An in-range update of bootstrap is breaking the build 🚨 #365

Open greenkeeper[bot] opened 4 years ago

greenkeeper[bot] commented 4 years ago

🚨 Reminder! Less than one month left to migrate your repositories over to Snyk before Greenkeeper says goodbye on June 3rd! πŸ’œ πŸššπŸ’¨ πŸ’š

Find out how to migrate to Snyk at greenkeeper.io


The dependency bootstrap was updated from 4.4.1 to 4.5.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

bootstrap is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details - ❌ **continuous-integration/travis-ci/push:** The Travis CI build could not complete due to an error ([Details](https://travis-ci.org/github/hisptz/90-90-90-cascade-graph-widget/builds/686230501?utm_source=github_status&utm_medium=notification)). - βœ… **ci/circleci: build:** Your tests passed on CircleCI! ([Details](https://circleci.com/gh/hisptz/90-90-90-cascade-graph-widget/636?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link)). - ❌ **Travis CI - Branch:** The build **errored**. - ❌ **WhiteSource Security Check:** The Security Check found 18 vulnerabilities.
| Severity | CVSS Score |CVE | GitHub Issue | | ------------- |-------------|-----|------| | High | 9.8 | [CVE-2019-15599](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2019-15599 "Go to CVE Details") | [#342](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/342 "Go to GitHub Issue") | High | 9.8 | [WS-2019-0369](https://github.com/RetireJS/retire.js/commit/f07a7557d3fc1c26b86fe11a5b33cb1b8f3dcf2f "Go to CVE Details") | [#234](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/234 "Go to GitHub Issue") | High | 8.1 | [WS-2020-0070](https://hackerone.com/reports/712065 "Go to CVE Details") | [#363](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/363 "Go to GitHub Issue") | High | 7.5 | [WS-2020-0068](https://www.npmjs.com/advisories/1500 "Go to CVE Details") | [#359](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/359 "Go to GitHub Issue") | High | 7.5 | [CVE-2020-7608](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2020-7608 "Go to CVE Details") | [#333](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/333 "Go to GitHub Issue") | High | 7.5 | [CVE-2019-20149](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2019-20149 "Go to CVE Details") | [#226](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/226 "Go to GitHub Issue") | High | 7.5 | [WS-2020-0042](https://github.com/acornjs/acorn/commit/b5c17877ac0511e31579ea31e7650ba1a5871e51 "Go to CVE Details") | [#319](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/319 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2012-6708](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2012-6708 "Go to CVE Details") | [#8](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/8 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2020-11022](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2020-11022 "Go to CVE Details") | [#356](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/356 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2019-11358](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2019-11358 "Go to CVE Details") | [#5](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/5 "Go to GitHub Issue") | Medium | 6.1 | [CVE-2015-9251](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2015-9251 "Go to CVE Details") | [#4](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/4 "Go to GitHub Issue") | Medium | 5.6 | [CVE-2020-7598](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2020-7598 "Go to CVE Details") | [#330](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/330 "Go to GitHub Issue") | Medium | 5.3 | [WS-2019-0381](https://github.com/jonschlinkert/kind-of/commit/975c13a7cfaf25d811475823824af3a9c04b0ba8 "Go to CVE Details") | [#332](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/332 "Go to GitHub Issue") | Medium | 5.0 | [WS-2019-0333](https://github.com/wycats/handlebars.js/commit/f7f05d7558e674856686b62a00cde5758f3b7a08 "Go to CVE Details") | [#193](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/193 "Go to GitHub Issue") | Medium | 5.0 | [WS-2019-0332](https://github.com/wycats/handlebars.js/commit/198887808780bbef9dba67a8af68ece091d5baa7 "Go to CVE Details") | [#192](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/192 "Go to GitHub Issue") | Medium | 5.0 | [WS-2019-0331](https://github.com/wycats/handlebars.js/commit/d54137810a49939fd2ad01a91a34e182ece4528e "Go to CVE Details") | [#191](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/191 "Go to GitHub Issue") | Medium | 5.0 | [WS-2019-0318](https://github.com/wycats/handlebars.js/commit/8d5530ee2c3ea9f0aee3fde310b9f36887d00b8b "Go to CVE Details") | [#188](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/188 "Go to GitHub Issue") | Medium | 4.3 | [CVE-2011-4969](https://vuln.whitesourcesoftware.com/vulnerability/CVE-2011-4969 "Go to CVE Details") | [#7](https://github.com/hisptz/90-90-90-cascade-graph-widget/issues/7 "Go to GitHub Issue")
Scan token: 54ba5823535c41209be2b586dac3ddd1

Release Notes for v4.5.0

Highlights

  • New interaction utilities. Quickly set user-select with the new utilities and Sass map.
  • New Reboot style for pointer cursors. We now include a role="button" selector in Reboot to set cursor: pointer on non-<button> element buttons.
  • Examples are now downloadable. We've added a script to zip up and offer all our Examples as their own download from the docs.
  • Added guidance to our docs for how to workaround our longstanding input group rounded corner bug.
  • Redesigned docs homepage and navbar to increment us towards v5's new docs design.
  • Deprecated bg-gradient-variant mixin as it's being removed in v5
  • Updated to jQuery v3.5.1, Jekyll v4, and dropped Node.js < 10.

CSS

  • #29413: Prevent vertical offset on progress bar in IE11
  • #29745: Add display: flex on .breadcrumb-item
  • #29819: Allow percentages in container widths
  • #29937: Add missing Noto Sans font to font stack
  • #29946: Added new variable for padding on dropdown header
  • #30004: Fixes disabled .btn cursor
  • #30036: Added focus state to .btn-link
  • #30043: Fix IE auto-size input-group to column
  • #30049: Prevent grid with default cols from breaking when large pre is present by setting min-width: 0
  • #30074: Use word-wrap in .text-break for IE and Edge compatibility.
  • #30166: Avoid border-radius functions returning negative values
  • #30183: Remove unnecessary reduce motion when $enable-transition: false
  • #30244: Fix centered modal scrolling issue
  • #30262: Prevent link underline change from affecting some components
  • #30361: Remove appearance from date inputs
  • #30391: Prevent redundant transition: none in transition()` mixin
  • #30497: Fix card list group borders & radii
  • #30504: Fix spinner-grow animation in Safari
  • #30515: Add .card-footer color
  • #30555, #30512, #30480: Use box-shadow mixin for .form-select, .btn, and other form controls
  • #30562: Added new interaction utilities for user-select and a new - role="button" in Reboot to set cursor: pointer.
  • #30582: Delete unncecessary appearance: none from button.close
  • #30594: Deprecate bg-gradient-variant mixin
  • #30605, #30606: Grid now checks for for $grid-columns > 0
  • #30609: Checks for an empty $grid-breakpoints map list to remove all breakpoints
  • #30660: Prevent list group style leaks
  • #30685: Disable auto-hiding scrollbar in legacy Edge
  • #30755: Removed role="document" from the modal dialog

JavaScript

  • #29968: sanitizer.js: Add srcset in the allowed attributes
  • #29969: Use regex.test() when we want to check for a Boolean on popovers/tooltips
  • #30381: Updated tab.js to address accessibility issue when using ul/li semantic
  • #30383: ensure totype always return stringified null when null passed
  • #30388: enable button toggle on label when checkbox is inside
  • #30490: Switch to string constants to save ~5% on file size
  • #30510, #30511: Fix event propagation from inactive and disabled dropdowns
  • #30744: ensure build plugins can exit in error
  • #30772: Prevent scrollbar replacement on non-integer width
  • 22f75c: scrollspy: only accept valid Elements as input for target

Docs

  • Redesigned docs homepage
  • Improved tap target sizing in our navigation
  • Added examples for our input group border-radius workaround
  • Added warning to browser bugs page that it's no longer maintained
  • Added loading="lazy" for images
  • #29782: Improve wrapping and hit area of accordion example titles
  • #29820: move width after make-container() mixin
  • #29956: Add Microsoft Edge for macOS to supported browsers
  • #30130: Added ability to zip and download our Examples
  • #30175: Add version number in page title
  • #30180: Changed input group validation examples to reflect issues with input group.
  • #30207: Headings hierarchy in theming.md
  • #30325: Updated modal docs to simplify data-target usage and more
  • #30416: Clarify card group behavior
  • #30469: Remove holder.js leftovers
  • #30505: Use existing position utility in navbar example
  • #30695: make the check for URL stricter in our docs search

Examples

  • #29886: Fix checkout page forms
  • #30573: Improve the responsiveness of our Dashboard example

Dependencies

  • Updated jQuery to v3.5.1
  • Replaced bundlesize with bundlewatch
  • Updated to Jekyll v4
  • Drop Node.js < 10
  • Misc devDependencies updates
Commits

The new version differs by 153 commits.

  • 7a6da5e Dist
  • 109ad5d Bump version to 4.5.0.
  • 4a0ddb0 Wording fixes
  • 0f26be5 Move the input groups validation workaround in docs.
  • 842b0d2 Remove mention of build tools
  • 32932d2 Grammar fixes
  • 4a26e51 Include the newly added utilities/interactions.scss file
  • 0f3eda8 Update devDependencies and gems.
  • 30e7df6 Backport d59de33 from #30772
  • f1827ce Avoid bad scrollbar replacement into width values
  • eb1df3e Update codeql.yml (#30777)
  • df91d2c Improve build/zip-examples.js (#30759)
  • d2f9fbd Removed role="document" from the modal dialog (#30755)
  • bad48dc CI: simplify cache
  • 86f2c01 Partially revert "Use regex.test() when we want to check for a Boolean. (#29969)"

There are 153 commits in total.

See the full diff

FAQ and help There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html). If those don’t help, you can always [ask the humans behind Greenkeeper](https://github.com/greenkeeperio/greenkeeper/issues/new).

Your Greenkeeper Bot :palm_tree:

greenkeeper[bot] commented 4 years ago

After pinning to 4.4.1 your tests are still failing. The reported issue might not affect your project. These imprecisions are caused by inconsistent test results.