Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the npm_and_yarn group across 2 directories with 10 updates #29

Closed
wants to merge 1 commit into from
Closed

build(deps): bump the npm_and_yarn group across 2 directories with 10 updates #29

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 11, 2024
edited
Loading

Bumps the npm_and_yarn group with 5 updates in the /. directory:

Package From To
electron 25.3.1 25.8.4
@babel/traverse 7.22.4 7.23.7
semver 5.7.1 5.7.2
follow-redirects 1.15.2 1.15.4
word-wrap 1.2.3 1.2.5
Bumps the npm_and_yarn group with 7 updates in the /build_scripts/npm_macos directory:
Package From To
semver 5.7.1 5.7.2
minimatch 3.0.4 5.1.6
electron-builder 22.14.13 24.9.1
ansi-regex 3.0.0 3.0.1
follow-redirects 1.14.8 1.15.4
got 9.6.0 ``
git-authors-cli 1.0.37 1.0.48

Updates electron from 25.3.1 to 25.8.4

Release notes

Sourced from electron's releases.

electron v25.8.4

Release Notes for v25.8.4

Features

  • Detect system dark theme preference via xdg settings portal on Linux. #40009 (Also in 26, 27)

Other Changes

electron v25.8.3

Release Notes for v25.8.3

Fixes

  • Fixed app.runningUnderARM64Translation() always returning true on ARM64. #39930 (Also in 26, 27)
  • Fixed a redundant permission popup while fetching screens and windows using desktopCapturer.getSources() on Wayland. #39710 (Also in 24, 26)

Other Changes

  • Fixed crash on shutdown in tls sockets with Node.js HTTP/2 connections. #39945 (Also in 26, 27)
  • The app.runningUnderRosettaTranslation property has been deprecated. #39982 (Also in 26, 27)

electron v25.8.2

Release Notes for v25.8.2

Fixes

  • Fixed an issue where BrowserViews that had their bounds set prior to being added to a BrowserWindow could have unexpected incorrect offsets. #39851 (Also in 26, 27)
  • Fixed an issue where chrome://gpu failed to load. #39852 (Also in 26, 27)
  • Fixed an issue where accelerators representing DOM keys were not correctly converted in webContents.sendInputEvent(). #39820 (Also in 26, 27)

Other Changes

  • Security: backported fix for 1477588. #39919

electron v25.8.1

Release Notes for v25.8.1

Fixes

  • Fixed an error where listening to certain chrome.tabs events would throw incorrectly. #39770 (Also in 26, 27)
  • Fixed an issue where BrowserWindows could crash on macOS with frame: false and roundedCorners: false when going fullscreen. #39794 (Also in 26, 27)
  • Fixed devtools to allow restoring saved dock state on Windows. #39766 (Also in 26, 27)
  • Fixed issue where titlebar would be transparent for transparent windows that are fullscreen. #39779 (Also in 26, 27)
  • Fixed problem with promise resolved to early when browser initiated in-page navigation. #39678 (Also in 26, 27)

Other Changes

... (truncated)

Commits
  • 415301c chore: cherry-pick 3fbd1dca6a4d from libvpx (#40024)
  • b4742f9 feat: enable dark mode on GTK UIs (#40009)
  • 5868f9a build: fix with enable_pdf_viewer = false (#40000)
  • 6e675c8 chore: add deprecated app.runningUnderRosettaTranslation to breaking-change...
  • 66432ed fix: use generic capturer to list both screens and windows when possible (#39...
  • 0ed4837 chore: cherry-pick tls shutdown crash fix from upstream (#39945)
  • 42b4744 docs: add a more detailed explanation to cookies.flushStore() (#39905)
  • 04e85b4 ci: fix linux builds of forks (#39941)
  • e42169b fix: app.runningUnderARM64Translation() always returning true on Windows AR...
  • 67b2739 chore: cherry-pick 1 changes from Release-0-M117 (#39919)
  • Additional commits viewable in compare view

Updates @babel/traverse from 7.22.4 to 7.23.7

Release notes

Sourced from @​babel/traverse's releases.

v7.23.7 (2023-12-29)

🐛 Bug Fix

🏠 Internal

  • babel-helper-create-class-features-plugin
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

Committers: 4

v7.23.6 (2023-12-11)

Thanks @​martinez-hugo and @​odinho for your first pull requests!

👓 Spec Compliance

  • babel-generator, babel-parser, babel-types
  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-types

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-plugin-transform-class-properties
    • #16161 Ensure the [[@@toPrimitive]] call of a decorated class member key is invoked once (@​JLHwung)
    • #16148 Support named evaluation for decorated anonymous class exp (@​JLHwung)
  • babel-plugin-transform-for-of, babel-preset-env
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-plugin-transform-typescript

🔬 Output optimization

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.23.7 (2023-12-29)

🐛 Bug Fix

🏠 Internal

  • babel-helper-create-class-features-plugin
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

v7.23.6 (2023-12-11)

👓 Spec Compliance

  • babel-generator, babel-parser, babel-types
  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-types

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-plugin-transform-class-properties
    • #16161 Ensure the [[@@toPrimitive]] call of a decorated class member key is invoked once (@​JLHwung)
    • #16148 Support named evaluation for decorated anonymous class exp (@​JLHwung)
  • babel-plugin-transform-for-of, babel-preset-env
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-plugin-transform-typescript

🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-helpers, babel-plugin-proposal-decorators

v7.23.5 (2023-11-29)

👓 Spec Compliance

... (truncated)

Commits

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates follow-redirects from 1.15.2 to 1.15.4

Commits
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • 3d42aec Add bracket tests.
  • bcbb096 Do not directly set Error properties.
  • 192dbe7 Release version 1.15.3 of the npm package.
  • bd8c81e Fix resource leak on destroy.
  • 9c728c3 Split linting and testing.
  • Additional commits viewable in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

New Contributors

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates minimatch from 3.0.4 to 5.1.6

Changelog

Sourced from minimatch's changelog.

change log

9.0

  • No default export, only named exports.

8.0

  • Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
  • Bump required Node.js version

7.4

  • Add escape() method
  • Add unescape() method
  • Add Minimatch.hasMagic() method

7.3

  • Add support for posix character classes in a unicode-aware way.

7.2

  • Add windowsNoMagicRoot option

7.1

  • Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

  • Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

  • Add nocaseMagicOnly flag

6.1

... (truncated)

Commits

Updates electron-builder from 22.14.13 to 24.9.1

Release notes

Sourced from electron-builder's releases.

v24.9.1

What's Changed

Full Changelog: electron-userland/electron-builder@v24.9.0...v24.9.1

v24.9.0

What's Changed

New Contributors

Full Changelog: electron-userland/electron-builder@v24.8.1...v24.9.0

v24.8.1

What's Changed

New Contributors

Full Changelog: electron-userland/electron-builder@v24.8.0...v24.8.1

v24.8.0

What's Changed

New Contributors

Full Changelog: electron-userland/electron-builder@v24.7.0...v24.8.0

... (truncated)

Changelog

Sourced from electron-builder's changelog.

24.9.1

Patch Changes

24.9.0

Patch Changes

24.8.1

Patch Changes

24.8.0

Patch Changes

24.7.0

Patch Changes

24.6.5

Patch Changes

... (truncated)

Commits

Updates ansi-regex from 3.0.0 to 3.0.1

Commits

Updates follow-redirects from 1.14.8 to 1.15.4

Commits
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • 3d42aec Add bracket tests.
  • bcbb096 Do not directly set Error properties.
  • 192dbe7 Release version 1.15.3 of the npm package.
  • bd8c81e Fix resource leak on destroy.
  • 9c728c3 Split linting and testing.
  • Additional commits viewable in compare view

Removes got

Updates git-authors-cli from 1.0.37 to 1.0.48

Release notes

Sourced from git-authors-cli's releases.

v1.0.47

No release notes provided.

v1.0.46

No release notes provided.

v1.0.45

No release notes provided.

v1.0.44

Bug Fixes

  • add missing processError method (141fe64)

v1.0.43

No release notes provided.

v1.0.42

No release notes provided.

v1.0.41

No release notes provided.

v1.0.40

What's Changed

New Contributors

Full Changelog: Kikobeats/git-authors-cli@v1.0.39...v1.0.40

v1.0.39

No release notes provided.

v1.0.38

No release notes provided.

Changelog

Sourced from git-authors-cli's changelog.

1.0.48 (2023-12-14)

1.0.47 (2023-10-07)

1.0.46 (2023-04-14)

1.0.45 (2023-01-17)

1.0.44 (2022-08-25)

Bug Fixes

  • add missing processError method (141fe64)

1.0.43 (2022-08-25)

1.0.42 (2022-07-30)

1.0.41 (2022-06-29)

1.0.40 (2022-05-24)

Bug Fixes

1.0.39 (2022-03-22)

1.0.38 (2022-03-22)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop De...

Description has been truncated

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps): bump the npm_and_yarn group across 2 directories with 10…
fff4a2b 
… updates

Bumps the npm_and_yarn group with 5 updates in the /. directory:

| Package | From | To |
| --- | --- | --- |
| [electron](https://github.com/electron/electron) | `25.3.1` | `25.8.4` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.22.4` | `7.23.7` |
| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.4` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |
Bumps the npm_and_yarn group with 7 updates in the /build_scripts/npm_macos directory:

| Package | From | To |
| --- | --- | --- |
| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `5.1.6` |
| [electron-builder](https://github.com/electron-userland/electron-builder/tree/HEAD/packages/electron-builder) | `22.14.13` | `24.9.1` |
| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.8` | `1.15.4` |
| [got](https://github.com/sindresorhus/got) | `9.6.0` | `` |
| [git-authors-cli](https://github.com/Kikobeats/git-authors-cli) | `1.0.37` | `1.0.48` |


Updates `electron` from 25.3.1 to 25.8.4
- [Release notes](https://github.com/electron/electron/releases)
- [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md)
- [Commits](electron/electron@v25.3.1...v25.8.4)

Updates `@babel/traverse` from 7.22.4 to 7.23.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.7/packages/babel-traverse)

Updates `semver` from 5.7.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

Updates `follow-redirects` from 1.15.2 to 1.15.4
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `semver` from 5.7.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

Updates `minimatch` from 3.0.4 to 5.1.6
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v5.1.6)

Updates `electron-builder` from 22.14.13 to 24.9.1
- [Release notes](https://github.com/electron-userland/electron-builder/releases)
- [Changelog](https://github.com/electron-userland/electron-builder/blob/master/packages/electron-builder/CHANGELOG.md)
- [Commits](https://github.com/electron-userland/electron-builder/commits/v24.9.1/packages/electron-builder)

Updates `ansi-regex` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v3.0.0...v3.0.1)

Updates `follow-redirects` from 1.14.8 to 1.15.4
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.4)

Removes `got`

Updates `git-authors-cli` from 1.0.37 to 1.0.48
- [Release notes](https://github.com/Kikobeats/git-authors-cli/releases)
- [Changelog](https://github.com/Kikobeats/git-authors-cli/blob/master/CHANGELOG.md)
- [Commits](Kikobeats/git-authors-cli@v1.0.37...v1.0.48)

---
updated-dependencies:
- dependency-name: electron
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: electron-builder
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: got
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: git-authors-cli
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 11, 2024
@socket-security Socket Security
Copy link

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages Version New capabilities Transitives Size Publisher
git-authors-cli 1.0.37...1.0.48 None +5/-51 923 kB kikobeats
electron-builder 22.14.13...24.9.1 None +36/-85 56 MB onegoldfishh
electron 25.3.1...25.8.4 None +1/-2 901 kB electron-nightly

@TheLastCicada
Copy link

@dependabot rebase

@TheLastCicada TheLastCicada changed the base branch from main to develop March 6, 2024 17:43
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Mar 6, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 6, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-c48d5f1797 branch March 6, 2024 17:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@TheLastCicada