Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump flat, confabulous and prepper #44

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 30, 2022

Bumps flat to 5.0.2 and updates ancestor dependencies flat, confabulous and prepper. These dependencies need to be updated together.

Updates flat from 4.1.0 to 5.0.2

Commits
  • e5ffd66 Release 5.0.2
  • fdb79d5 Update dependencies, refresh lockfile, format with standard.
  • e52185d Test against node 14 in CI.
  • 0189cb1 Avoid arrow function syntax.
  • f25d3a1 Release 5.0.1
  • 54cc7ad use standard formatting
  • 779816e drop dependencies
  • 2eea6d3 Bump lodash from 4.17.15 to 4.17.19
  • a61a554 Bump acorn from 7.1.0 to 7.4.0
  • 20ef0ef Fix prototype pollution on unflatten
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by timoxley, a new releaser for flat since your current version.


Updates confabulous from 1.7.0 to 2.1.0

Changelog

Sourced from confabulous's changelog.

[2.1.0]

Added

  • confabulous.close - See readme for details

Update

  • Update dev dependencies
  • Move to prettier

[2.0.3]

Update

  • Update dev depenencies

[2.0.2]

Update

  • Fix build

[2.0.1]

Updated

  • Update zUnit
  • Use new npm token

[2.0.0]

Breaking Changes

  • Updated decrypt processor to use crypto.createCipheriv. Rather than suppying an algorithm and password, now an algorithm, key and initialization vector iare required.

Updated

  • Update dependencies
  • Remove lodash.noop dependency
  • Replace mocha with zUnit
  • Replace lodash.set, lodash.has with dot-prop
  • Replace imperative with esnext style
  • Replace chai with node assert
  • Update husky
  • Replace travis with github actions
  • Replace merge with ramda.mergeDeepRight due to issue 41
Commits
Maintainer changes

This version was pushed to npm by guidesmiths_bot, a new releaser for confabulous since your current version.


Updates prepper from 1.2.0 to 1.2.1

Release notes

Sourced from prepper's releases.

v1.2.1

What's Changed

New Contributors 🎉

Full Changelog: onebeyond/prepper@v1.2.0...v1.2.1

NPM Release details

See full log

npm notice 
npm notice 📦  [email protected]
npm notice === Tarball Contents === 
npm notice 26B    _config.yml                          
npm notice 297B   .codeclimate.yml                     
npm notice 29B    .eslintignore                        
npm notice 29B    .eslintrc                            
npm notice 502B   .github/workflows/ci.yml             
npm notice [8](https://github.com/guidesmiths/prepper/runs/5444556458?check_suite_focus=true#step:5:8)30B   .github/workflows/node-js-publish.yml
npm notice 275B   CHANGELOG.md                         
npm notice [9](https://github.com/guidesmiths/prepper/runs/5444556458?check_suite_focus=true#step:5:9).4kB  README.md                            
npm notice 152B   index.js                             
npm notice 351B   lib/handlers/Env.js                  
npm notice 341B   lib/handlers/Flatten.js              
npm notice 1.5kB  lib/handlers/KeyFilter.js            
npm notice 534B   lib/handlers/Merge.js                
npm notice 285B   lib/handlers/Noop.js                 
npm notice 712B   lib/handlers/Oversized.js            
npm notice 454B   lib/handlers/Process.js              
npm notice 1.1kB  lib/handlers/Repo.js                 
npm notice 926B   lib/handlers/Sequence.js             
npm notice 536B   lib/handlers/System.js               
npm notice 374B   lib/handlers/Timestamp.js            
npm notice 471B   lib/handlers/Tracer.js               
npm notice 353B   lib/handlers/Unflatten.js            
npm notice 4.8kB  lib/Logger.js                        
npm notice 1.3kB  lib/utils/stringify.js               
npm notice 1.6kB  package.json                         
npm notice 1.2kB  test/express/app.js                  
npm notice 2.9kB  test/express/app.tests.js            
npm notice 998B   test/express/appLogger.js            
npm notice 689B   test/express/reqLogger.js            
npm notice 7[11](https://github.com/guidesmiths/prepper/runs/5444556458?check_suite_focus=true#step:5:11)B   test/handlers/Env.tests.js           
</tr></table> 

... (truncated)

Changelog

Sourced from prepper's changelog.

Change Log

Commits
  • fb877f0 fix: added support for old npm versions
  • f870f06 feat: added npm publication pipeline to new releases
  • 41e8062 feat: added support to node v16 in CI pipelines
  • 72601d9 fix: old reporter vulnerabilities
  • 4b9e0e8 fix: vulnerabilities and bump version
  • 8f03615 fix: package.json & package-lock.json to reduce vulnerabilities (#4)
  • 1d6d909 fix: package.json & package-lock.json to reduce vulnerabilities (#2)
  • 82c3b1b Migrate CI from Travis to GitHub Actions (#3)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by guidesmiths_bot, a new releaser for prepper since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [flat](https://github.com/hughsk/flat) to 5.0.2 and updates ancestor dependencies [flat](https://github.com/hughsk/flat), [confabulous](https://github.com/guidesmiths/confabulous) and [prepper](https://github.com/guidesmiths/prepper). These dependencies need to be updated together.


Updates `flat` from 4.1.0 to 5.0.2
- [Release notes](https://github.com/hughsk/flat/releases)
- [Commits](hughsk/flat@4.1.0...5.0.2)

Updates `confabulous` from 1.7.0 to 2.1.0
- [Release notes](https://github.com/guidesmiths/confabulous/releases)
- [Changelog](https://github.com/guidesmiths/confabulous/blob/master/CHANGELOG.md)
- [Commits](onebeyond/confabulous@v1.7.0...v2.1.0)

Updates `prepper` from 1.2.0 to 1.2.1
- [Release notes](https://github.com/guidesmiths/prepper/releases)
- [Changelog](https://github.com/onebeyond/prepper/blob/master/CHANGELOG.md)
- [Commits](onebeyond/prepper@v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: flat
  dependency-type: indirect
- dependency-name: confabulous
  dependency-type: direct:production
- dependency-name: prepper
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@infinitas-cliftobot
Copy link

👋 Hi!

Sorry for interrupting your PR workflow, but we need your help!

We're busy updating the Infinitas Service Catalog so it contais a list of all the services we have at Infinitas and make them easily discoverable for everyone. You can find the catalog here in Notion.

The thing we're asking all repository contributors is to add a bit of metadata to your repository by adding a catalog-info.yaml to the root of each repository that we automatically index each night.

If you want to take a look at a working implementation, please check the eCommerce repo

Once the catalog file is added to the repo we'll promise to stop reminding you when creating new PR's.

Might you need any further assistance feel free to reach out to Clifton, Henk or Jerome.

And remember:

Please help out

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants