Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
:warning: We detected 21 security issues in this pull request:
Vulnerable Libraries (21)
Severity | Details
----- | --------
Medium | [acorn@6.3.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>5.7.3 || >6.4.0 || >7.1.0`
Medium | [browserslist@4.6.6](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>4.16.4`
High | [dns-packet@1.3.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=1.3.2 || >=5.2.2`
High | [dot-prop@4.2.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=4.2.1 || >=5.1.1`
High | [elliptic@6.5.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>6.5.3`
Critical | [handlebars@4.1.2](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>4.7.6`
Medium | [hosted-git-info@2.8.4](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=2.8.9 || >=3.0.8`
High | [http-proxy@1.17.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=1.18.1`
High | [https-proxy-agent@2.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=2.2.3`
High | [merge@1.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=2.1.1`
High | [node-forge@0.7.5](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>0.9.2`
High | [node-sass@4.12.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=3.3.0`
High | [normalize-url@4.3.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>4.5.0 || >5.3.0 || 6.0.0`
Medium | [postcss@7.0.17](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>7.0.35 || >8.2.9`
High | [serialize-javascript@1.9.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>3.0.0`
Medium | [ssri@5.3.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>6.0.1 || >7.1.0 || 8.0.0`
High | [tree-kill@1.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=1.2.2`
High | [trim-newlines@1.0.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=3.0.1 || =4.0.0`
High | [url-parse@1.4.7](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=1.5.0`
Medium | [websocket-extensions@0.1.3](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=0.1.4`
High | [y18n@4.0.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/4aed35300c8769c9a6e8463541185aad68420a6b/package.json) upgrade to `>=5.0.5`
More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr).
Bumps @ngrx/entity from 8.3.0 to 12.2.0.
Changelog
Sourced from
@ngrx/entity
's changelog.... (truncated)
Commits
97643eb
chore: release 12.2.07ed8457
docs: add pinned version for update guide v11 (#3058)61e1963
feat(component-store): accept error type intapResponse
(#3056)a337da3
docs(store): addcreateFeature
docs (#3057)1620df9
fix(data): make options optional on add with partial (#3043)cb7cd72
build: clean node modules on build (#3055)7cbae46
docs(effects): update test without TestBed example (#3047)7515e36
fix(component): avoid early destruction of view in ngrxLet which interfered w...ce96bb0
chore: allow Node.js v15 and above (#3042)adb297f
chore(shematics): replace schemas id with $id (#3034)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)