From 9827fd5c45a76d5ba3704b561f2347c02d3207a1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 12 Sep 2023 08:22:19 +0000 Subject: [PATCH 1/3] fix: upgrade semver from 7.5.3 to 7.5.4 Snyk has created this PR to upgrade semver from 7.5.3 to 7.5.4. See this package in npm: See this project in Snyk: https://app.snyk.io/org/mayank1513/project/283cb728-95f5-42bc-892c-7bfd8a88ec53?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 383e06d8..c116bee5 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "opn": "^5.4.0", "r2": "^2.0.1", "read-env": "^1.3.0", - "semver": "^7.5.3", + "semver": "^7.5.4", "xcode": "3.0.1", "xml-js": "^1.6.11", "yargs": "^16.2.0" diff --git a/yarn.lock b/yarn.lock index 915d8610..1f5b817e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3985,10 +3985,10 @@ semver@^7.3.7: dependencies: lru-cache "^6.0.0" -semver@^7.5.3: - version "7.5.3" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.3.tgz#161ce8c2c6b4b3bdca6caadc9fa3317a4c4fe88e" - integrity sha512-QBlUtyVk/5EeHbi7X0fw6liDZc7BBmEaSYn01fMU1OUYbf6GPsbTtd8WmnqbI20SeycoHSeiybkE/q1Q+qlThQ== +semver@^7.5.4: + version "7.5.4" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" + integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== dependencies: lru-cache "^6.0.0" From 3c1f834ae36709db0aff543bbc6775212377a579 Mon Sep 17 00:00:00 2001 From: Mayank Date: Tue, 12 Sep 2023 14:10:54 +0530 Subject: [PATCH 2/3] Create sync.yml --- .github/workflows/sync.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/workflows/sync.yml diff --git a/.github/workflows/sync.yml b/.github/workflows/sync.yml new file mode 100644 index 00000000..16033a7d --- /dev/null +++ b/.github/workflows/sync.yml @@ -0,0 +1,17 @@ +name: Sync Fork + +on: + schedule: + - cron: '*/30 * * * *' # every 30 minutes + workflow_dispatch: +jobs: + sync: + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - run: gh repo sync $REPOSITORY -b $BRANCH_NAME + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + REPOSITORY: ${{ github.repository }} + BRANCH_NAME: ${{ github.ref_name }} From 8daf7bd2af028f75ee7070b17e33b0ae3df5ee5a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 26 Sep 2023 02:53:06 +0000 Subject: [PATCH 3/3] fix: upgrade axios from 1.3.5 to 1.5.0 Snyk has created this PR to upgrade axios from 1.3.5 to 1.5.0. See this package in npm: See this project in Snyk: https://app.snyk.io/org/mayank1513/project/283cb728-95f5-42bc-892c-7bfd8a88ec53?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 20c2980a..d884a808 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "@clack/prompts": "0.7.0", "@sentry/cli": "^1.72.0", "@sentry/node": "^7.69.0", - "axios": "1.3.5", + "axios": "1.5.0", "chalk": "^2.4.1", "glob": "^7.1.3", "inquirer": "^6.2.0", diff --git a/yarn.lock b/yarn.lock index ab84729d..db26a09f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1421,10 +1421,10 @@ available-typed-arrays@^1.0.5: resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7" integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw== -axios@1.3.5: - version "1.3.5" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.3.5.tgz#e07209b39a0d11848e3e341fa087acd71dadc542" - integrity sha512-glL/PvG/E+xCWwV8S6nCHcrfg1exGx7vxyUIivIA1iL7BIh6bePylCfVHwp6k13ao7SATxB6imau2kqY+I67kw== +axios@1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.5.0.tgz#f02e4af823e2e46a9768cfc74691fdd0517ea267" + integrity sha512-D4DdjDo5CY50Qms0qGQTTw6Q44jl7zRwY7bthds06pUGfChBCTcQs+N743eFWGEd6pRTMd6A+I87aWyFV5wiZQ== dependencies: follow-redirects "^1.15.0" form-data "^4.0.0"