Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

254 Dependency Updates #682

Open
wants to merge 33 commits into
base: main
Choose a base branch
from
Open

254 Dependency Updates #682

wants to merge 33 commits into from

Conversation

AndersonTarren
Copy link
Contributor

Critical Changes

Changes

Issues Closed

New Metadata

Deleted Metadata

Definition of Done

Refer to Asteroids DoD document to see any additional details for the items below

  • Any net new LWC work has Sa11y tests & 50% or above lines JEST test coverage
  • CRUD/FLS is enforced in Apex
  • Permission sets are updated to account for CRUD|FLS|Tab|Classes
  • Field sets are updated to account for new fields
  • UX approval or UX not necessary
  • Link the pull request and work item by PR comment and Chatter post respectively, e.g. GUS: W-0000000: Work Name (Reorganize code; use custom iterator #303)
  • All acceptance criteria have been met
    • Developer
    • Code Reviewer
    • QA
  • PR contains draft release notes
  • QE story level testing completed

dependabot bot and others added 19 commits July 21, 2022 03:15
@dependabot
Bump terser from 4.8.0 to 4.8.1
3f62dd7 
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump decode-uri-component from 0.2.0 to 0.2.2
7c9e477 
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump minimist from 1.2.5 to 1.2.8
922cba4 
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8.
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump @sideway/formula from 3.0.0 to 3.0.1
ed07dee 
Bumps [@sideway/formula](https://github.com/sideway/formula) from 3.0.0 to 3.0.1.
- [Commits](hapijs/formula@v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: "@sideway/formula"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump word-wrap from 1.2.3 to 1.2.4
5ef717a 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@AndersonTarren
Merge pull request #671 from SalesforceFoundation/dependabot/npm_and_…
455b4fd 
…yarn/word-wrap-1.2.4

Bump word-wrap from 1.2.3 to 1.2.4
@AndersonTarren
Update label_audit.yml python value
9929c55
@AndersonTarren
Update python.yml Python Value
8cb9ade
@AndersonTarren
Merge pull request #670 from SalesforceFoundation/dependabot/npm_and_…
eea5d4a 
…yarn/sideway/formula-3.0.1

Bump @sideway/formula from 3.0.0 to 3.0.1
@AndersonTarren
Merge pull request #666 from SalesforceFoundation/dependabot/npm_and_…
c2ca09e 
…yarn/minimist-1.2.8

Bump minimist from 1.2.5 to 1.2.8
@AndersonTarren
Merge pull request #661 from SalesforceFoundation/dependabot/npm_and_…
8f8832d 
…yarn/decode-uri-component-0.2.2

Bump decode-uri-component from 0.2.0 to 0.2.2
@AndersonTarren
Merge pull request #637 from SalesforceFoundation/dependabot/npm_and_…
9e90471 
…yarn/terser-4.8.1

Bump terser from 4.8.0 to 4.8.1
@AndersonTarren
Readme Update
9574065
@AndersonTarren
Proposed package changes with label audit disabled
31e6b6f
@AndersonTarren
Lockfile lint issue
bf074f3
@AndersonTarren
Update Node Version
a525f64
@AndersonTarren
Update Node to 18
60dc3fb
@AndersonTarren
Updating Parser
e4085af
update a word.
3afb286
@salesforce-cla Salesforce CLA
Copy link

salesforce-cla bot commented Feb 4, 2025

Thanks for the contribution! Unfortunately we can't verify the commit author(s): jjbennett <j***@j***.i***.s***.com>. One possible solution is to add that email to your GitHub account. Alternatively you can change your commits to another email and force push the change. After getting your commits associated with your GitHub account, sign the Salesforce Inc. Contributor License Agreement and this Pull Request will be revalidated.

@jjbennett jjbennett marked this pull request as ready for review February 4, 2025 17:54
@jjbennett jjbennett requested a review from a team as a code owner February 4, 2025 17:54
@jjbennett jjbennett requested a review from jstvz February 4, 2025 17:54
@jjbennett
Copy link
Contributor

@jstvz - We are working on the issues reported by the dependabot. None of these changes will go into the package itself. It's more around our workflow for git. Do you know if it would be ok to merge this to main now vs waiting for the typically package release schedule?

@jstvz
Copy link
Member

jstvz commented Feb 4, 2025
edited
Loading

@jstvz - Do you know if it would be ok to merge this to main now vs waiting for the typically package release schedule?

@jjbennett Certainly okay, technically. Probably okay policy-wise, but I don't have enough day to day involvement with release management to give you an authoritative answer on that, sorry.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jstvz jstvz Awaiting requested review from jstvz jstvz is a code owner automatically assigned from SalesforceFoundation/release-engineering-reviewers

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
cla:missing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AndersonTarren @jjbennett @jstvz