changes from main #56
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [ejs](https://github.com/mde/ejs) from 3.1.6 to 3.1.8. - [Release notes](https://github.com/mde/ejs/releases) - [Changelog](https://github.com/mde/ejs/blob/main/CHANGELOG.md) - [Commits](mde/ejs@v3.1.6...v3.1.8) --- updated-dependencies: - dependency-name: ejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 6.11.2 to 6.11.3. - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/v6.11.3/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@v6.11.2...v6.11.3) --- updated-dependencies: - dependency-name: protobufjs dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…otobufjs-6.11.3 build(deps): bump protobufjs from 6.11.2 to 6.11.3 in /ui
…s-3.1.8 build(deps): bump ejs from 3.1.6 to 3.1.8 in /ui
Config file for dependabot to exclude security updates for store/migrations
Add build and common requirements and questions
Co-authored-by: Michael Macnair <[email protected]>
reformat examples
Bumps [terser](https://github.com/terser/terser) from 5.12.0 to 5.14.2. - [Release notes](https://github.com/terser/terser/releases) - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) --- updated-dependencies: - dependency-name: terser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…rser-5.14.2 build(deps): bump terser from 5.12.0 to 5.14.2 in /ui
Bumps [moment](https://github.com/moment/moment) from 2.29.2 to 2.29.4. - [Release notes](https://github.com/moment/moment/releases) - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.2...2.29.4) --- updated-dependencies: - dependency-name: moment dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
…ment-2.29.4 build(deps): bump moment from 2.29.2 to 2.29.4 in /ui
Update slsa.yaml
Add a SLSA practice
Bumps [jose](https://github.com/panva/jose) from 2.0.5 to 2.0.6. - [Release notes](https://github.com/panva/jose/releases) - [Changelog](https://github.com/panva/jose/blob/v2.0.6/CHANGELOG.md) - [Commits](panva/jose@v2.0.5...v2.0.6) --- updated-dependencies: - dependency-name: jose dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
remove old terraform config
Bumps [d3-color](https://github.com/d3/d3-color), [victory-core](https://github.com/formidablelabs/victory) and [victory-histogram](https://github.com/formidablelabs/victory). These dependencies needed to be updated together. Updates `d3-color` from 1.4.1 to 3.1.0 - [Release notes](https://github.com/d3/d3-color/releases) - [Commits](d3/d3-color@v1.4.1...v3.1.0) Updates `victory-core` from 36.3.0 to 36.6.8 - [Release notes](https://github.com/formidablelabs/victory/releases) - [Changelog](https://github.com/FormidableLabs/victory/blob/main/CHANGELOG.md) - [Commits](FormidableLabs/victory@v36.3.0...v36.6.8) Updates `victory-histogram` from 36.3.0 to 36.6.8 - [Release notes](https://github.com/formidablelabs/victory/releases) - [Changelog](https://github.com/FormidableLabs/victory/blob/main/CHANGELOG.md) - [Commits](FormidableLabs/victory@v36.3.0...v36.6.8) --- updated-dependencies: - dependency-name: d3-color dependency-type: indirect - dependency-name: victory-core dependency-type: indirect - dependency-name: victory-histogram dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…/migrations/semver-7.5.4 build(deps): bump semver from 7.3.8 to 7.5.4 in /store/migrations
…rd-wrap-1.2.4 build(deps): bump word-wrap from 1.2.3 to 1.2.4 in /ui
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. - [Commits](golang/net@v0.7.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
…/migrations/word-wrap-1.2.4 build(deps): bump word-wrap from 1.2.3 to 1.2.4 in /store/migrations
…org/x/net-0.17.0 build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0
…bel/traverse-7.23.2 build(deps): bump @babel/traverse from 7.17.3 to 7.23.2 in /ui
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.53.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
…golang.org/grpc-1.56.3 build(deps): bump google.golang.org/grpc from 1.53.0 to 1.56.3
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9. - [Commits](indutny/node-ip@v1.1.5...v1.1.9) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [jose](https://github.com/panva/jose) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/panva/jose/releases) - [Changelog](https://github.com/panva/jose/blob/v2.0.7/CHANGELOG.md) - [Commits](panva/jose@v2.0.6...v2.0.7) --- updated-dependencies: - dependency-name: jose dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps google.golang.org/protobuf from 1.30.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.9 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.1 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [express](https://github.com/expressjs/express) from 4.17.3 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.3...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
…press-4.19.2 build(deps): bump express from 4.17.3 to 4.19.2 in /ui
…bpack-dev-middleware-5.3.4 build(deps): bump webpack-dev-middleware from 5.3.1 to 5.3.4 in /ui
…llow-redirects-1.15.6 build(deps): bump follow-redirects from 1.14.9 to 1.15.6 in /ui
…golang.org/protobuf-1.33.0 build(deps): bump google.golang.org/protobuf from 1.30.0 to 1.33.0
…/migrations/jose-2.0.7 build(deps): bump jose from 2.0.6 to 2.0.7 in /store/migrations
…-1.1.9 build(deps): bump ip from 1.1.5 to 1.1.9 in /ui
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.23.0. - [Commits](golang/net@v0.17.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) to 7.2.6 and updates ancestor dependency [firebase-admin](https://github.com/firebase/firebase-admin-node). These dependencies need to be updated together. Updates `protobufjs` from 7.2.4 to 7.2.6 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.2.4...protobufjs-v7.2.6) Updates `firebase-admin` from 11.4.1 to 12.1.0 - [Release notes](https://github.com/firebase/firebase-admin-node/releases) - [Commits](firebase/firebase-admin-node@v11.4.1...v12.1.0) --- updated-dependencies: - dependency-name: protobufjs dependency-type: indirect - dependency-name: firebase-admin dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
…org/x/net-0.23.0 build(deps): bump golang.org/x/net from 0.17.0 to 0.23.0
…c/grpc-js-and-google-gax-1.8.17
…/migrations/grpc/grpc-js-and-google-gax-1.8.17 build(deps): bump @grpc/grpc-js and google-gax in /store/migrations
…/migrations/multi-14bfe01ea5 build(deps): bump protobufjs and firebase-admin in /store/migrations
|
thanks a lot @sumitsharmathales ! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.