[Security] Bump ini from 1.3.5 to 1.3.8 #801
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?s=60&v=4){kind=small}
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
dependabot-preview
bot
added
dependencies
lewisdaly
approved these changes
Dec 15, 2020
kleyow
added a commit
that referenced
this pull request
Dec 22, 2020
* fix for python error in CI (#733) Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Ensure 'timeout-reserved' notification action passes through and not converted to 'abort' action (#736) * Update CS shared (#737) * Feature/1332 enable on-us transfers (#738) * Added ENABLE_ON_US_TRANSFERS * Bumped up the version * Feature/otc 525 implement get transaction object by transfer (#735) * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id - Post ledger entry Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * OTC-525 Implement GET transaction Object by transferId Bumput up versions * OTC-525 Implement GET transaction Object by transferId Resolved dependency updates * OTC-525 Implement GET transaction Object by transferId * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * changed docker dependency in circle CI image scan from python-dev to python3-dev (#741) * Updated python in some other places in circle CI (#742) * Fix the image scan step in circle CI * Resolved audit checks * Feature/#1335 aborted on put (#740) * added error log if action REJECT comes into fulfil handler Co-authored-by: Valentin <valentin.genev@modusbox.com> * Bugfix/deadlock on adjust limits (#745) * added unique index on participantLimit and logging * added unique index on participantLimit and logging * resolve audit issues * fixed coverage tests Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Updated dependencies and product version for issue: mojaloop/project#1378 (#747) * Update error message (#749) * Update error message when Payer FSP and Payee FSP are the same and on-us is not enabled.. (Added text "FSP" to specify) * Updated unit test * #1423: Bulk transfers error processing in Central Ledger (#743) * Updates for bulk error processing * Bump version * Updates for bulk transfer error processing * Updates for bulk transfer error processing * More updates for bulk error processing * changes to cater for bulk_abort * updated central-services-shared * Updates for bulk error processing * Add unit test for BULK_ABORT branch in transfer fulfil handler * Add unit test for BULK_ABORT branch in transfer facade * Small fix for position handler test for BULK_ABORT branch Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * Bump version for release (#750) * Feature/#1334 patch request notif (#751) * added handling of request for notification by payee functionality * improved coverage and added missing action letter Co-authored-by: Valentin <valentin.genev@modusbox.com> * Feature/1468 bulk quotes endpoints (#761) * version change * Added FSPIOP_CALLBACK_URL_BULK_QUOTES endpoint to seeds and updated population scripts and created one for local legacy simulator updated dependencies * updated dependencies to resolve audit issues * Feature/#1375: GET bulk transfer implementation (#760) * Add bulk get topic and handler * Implement GET bulk transfer logic * Restore default config * Add unit tests * Bump version * More bug fixes * Fix unit test * ensure error code is returned as string and not number for bulk get * Add bulk get to handlers list for cli startup (#765) * Reset package-lock.json to fix bug with version update for AJV (#766) * SemVar fix (#767) * Fix error callback for bulk transfers REJECTED scenario (#768) * Correct FSPIOP API version for admin API (#769) * #1547: Ignore "RESERVED" transferState from v1.0 clients on fulfill callback (#770) * Ignore RESERVE transferState from v1.0 clients on fulfil callback * Update package.json Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> * Bump version to v111.1.2 to fix broken release (#771) * #1547: Fail transfer fulfill with "RESERVED" state and v1.0 content-type (#773) * Update dependencies * Bump version * Fix integration tests * #1547: Update dependencies (central-object-store etc.) (#774) * Update dependencies * Bump version * fix: package.json & package-lock.json to reduce vulnerabilities (#775) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-590103 * Fix bug in volumes of temp_curl service (#778) * Feature/#1615 content headers (#782) * updated shared lib version to support configurable api resource versions and updated timeout handler to use same resource versions * updated dependencies Co-authored-by: Valentin <valentin.genev@modusbox.com> * Fix error callback for expired transfers (#785) * Add unit tests for timeout callback fix (#786) * Bugfix/1710 1709 headers invalid case (#787) * updated dependencies for events and trace * forgot to run npm install * version change * Updated to newest shared library to cater for lowercase default headers for switch requests * updated dependencies for helm release (#789) * updated dependencies for events and trace * forgot to run npm install * version change * updated dependencies * BugFix 1444 - Ignore Dups on Seed insert (#792) * BugFix 1444 - Ignore Dups on Seed insert * bumped up the package.json version * fixed standard version * Update central-services-database and other deps (#793) * Update standard version & fix linting issues (#794) * Fix for mojaloop/project#1877 (#795) Fix for Central-ledger to provide consistent Timeout error code/messages for both timeout-callbacks and get-transfer requests-calbacks. * chore: update license file (#797) * #1885: Update API documentation endpoints (#798) * Update new API documentation endpoints * Resolve audit * Resolve license audit issues * Update plugins test * Add tests for Config * Force update event-stream to 4.0.1 to fix license audit * Refactor API_DOCUMENTATION_ENDPOINTS TO API_DOC_ENDPOINTS_ENABLED * [Security] Bump ini from 1.3.5 to 1.3.8 (#801) Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> * Edited CI to build PISP docker image. (#734) * Edited CI to build PISP docker image. * Addressed comments. * Updated ci to python 3. (#744) * Feature/335 thirdparty callbacks (#748) * Add new endpoint: `THIRDPARTY_CALLBACK_URL_TRX_REQ_POST` * cleanup * skip devDependencies in audit:check * Update pisp/master (#755) * fix for python error in CI (#733) Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Ensure 'timeout-reserved' notification action passes through and not converted to 'abort' action (#736) * Update CS shared (#737) * Feature/1332 enable on-us transfers (#738) * Added ENABLE_ON_US_TRANSFERS * Bumped up the version * Feature/otc 525 implement get transaction object by transfer (#735) * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id - Post ledger entry Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * OTC-525 Implement GET transaction Object by transferId Bumput up versions * OTC-525 Implement GET transaction Object by transferId Resolved dependency updates * OTC-525 Implement GET transaction Object by transferId * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * changed docker dependency in circle CI image scan from python-dev to python3-dev (#741) * Updated python in some other places in circle CI (#742) * Fix the image scan step in circle CI * Resolved audit checks * Feature/#1335 aborted on put (#740) * added error log if action REJECT comes into fulfil handler Co-authored-by: Valentin <valentin.genev@modusbox.com> * Bugfix/deadlock on adjust limits (#745) * added unique index on participantLimit and logging * added unique index on participantLimit and logging * resolve audit issues * fixed coverage tests Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Updated dependencies and product version for issue: mojaloop/project#1378 (#747) * Update error message (#749) * Update error message when Payer FSP and Payee FSP are the same and on-us is not enabled.. (Added text "FSP" to specify) * Updated unit test * #1423: Bulk transfers error processing in Central Ledger (#743) * Updates for bulk error processing * Bump version * Updates for bulk transfer error processing * Updates for bulk transfer error processing * More updates for bulk error processing * changes to cater for bulk_abort * updated central-services-shared * Updates for bulk error processing * Add unit test for BULK_ABORT branch in transfer fulfil handler * Add unit test for BULK_ABORT branch in transfer facade * Small fix for position handler test for BULK_ABORT branch Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * Bump version for release (#750) * Feature/#1334 patch request notif (#751) * added handling of request for notification by payee functionality * improved coverage and added missing action letter Co-authored-by: Valentin <valentin.genev@modusbox.com> * chore(package): update contributors list & deps * chore: audit & deps update Co-authored-by: shashi165 <33355509+shashi165@users.noreply.github.com> Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> Co-authored-by: Steven Oderayi <oderayi@gmail.com> Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com> Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com> Co-authored-by: Valentin Genev <vgenev@gmail.com> Co-authored-by: Valentin <valentin.genev@modusbox.com> Co-authored-by: Adrian Enns <ennsak@gmail.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * chore: add thirdparty endpoints to database seeds (#779) * chore: add thirdparty endpoints to database seeds * chore: update dependencies for vulnerabilities * refactor: change name length to accomodate new endpoints * chore: sync package-lock * chore: remove migrations and shorten endpoint names * chore: fix find and replace error * chore: fix spelling * feat: add patch thirdparty request seed (#783) * chore: add generate challenge endpoints (#790) * chore: add generate challenge endpoints * chore: fix description * chore: add get transaction request seed (#791) * chore: fix config * Updated ci to python 3. (#744) * Feature/335 thirdparty callbacks (#748) * Add new endpoint: `THIRDPARTY_CALLBACK_URL_TRX_REQ_POST` * cleanup * skip devDependencies in audit:check * Update pisp/master (#755) * fix for python error in CI (#733) Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Ensure 'timeout-reserved' notification action passes through and not converted to 'abort' action (#736) * Update CS shared (#737) * Feature/1332 enable on-us transfers (#738) * Added ENABLE_ON_US_TRANSFERS * Bumped up the version * Feature/otc 525 implement get transaction object by transfer (#735) * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id - Post ledger entry Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * OTC-525 Implement GET transaction Object by transferId Bumput up versions * OTC-525 Implement GET transaction Object by transferId Resolved dependency updates * OTC-525 Implement GET transaction Object by transferId * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * changed docker dependency in circle CI image scan from python-dev to python3-dev (#741) * Updated python in some other places in circle CI (#742) * Fix the image scan step in circle CI * Resolved audit checks * Feature/#1335 aborted on put (#740) * added error log if action REJECT comes into fulfil handler Co-authored-by: Valentin <valentin.genev@modusbox.com> * Bugfix/deadlock on adjust limits (#745) * added unique index on participantLimit and logging * added unique index on participantLimit and logging * resolve audit issues * fixed coverage tests Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Updated dependencies and product version for issue: mojaloop/project#1378 (#747) * Update error message (#749) * Update error message when Payer FSP and Payee FSP are the same and on-us is not enabled.. (Added text "FSP" to specify) * Updated unit test * #1423: Bulk transfers error processing in Central Ledger (#743) * Updates for bulk error processing * Bump version * Updates for bulk transfer error processing * Updates for bulk transfer error processing * More updates for bulk error processing * changes to cater for bulk_abort * updated central-services-shared * Updates for bulk error processing * Add unit test for BULK_ABORT branch in transfer fulfil handler * Add unit test for BULK_ABORT branch in transfer facade * Small fix for position handler test for BULK_ABORT branch Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * Bump version for release (#750) * Feature/#1334 patch request notif (#751) * added handling of request for notification by payee functionality * improved coverage and added missing action letter Co-authored-by: Valentin <valentin.genev@modusbox.com> * chore(package): update contributors list & deps * chore: audit & deps update Co-authored-by: shashi165 <33355509+shashi165@users.noreply.github.com> Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> Co-authored-by: Steven Oderayi <oderayi@gmail.com> Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com> Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com> Co-authored-by: Valentin Genev <vgenev@gmail.com> Co-authored-by: Valentin <valentin.genev@modusbox.com> Co-authored-by: Adrian Enns <ennsak@gmail.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * refactor: update pisp/master (#781) * fix for python error in CI (#733) Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Ensure 'timeout-reserved' notification action passes through and not converted to 'abort' action (#736) * Update CS shared (#737) * Feature/1332 enable on-us transfers (#738) * Added ENABLE_ON_US_TRANSFERS * Bumped up the version * Feature/otc 525 implement get transaction object by transfer (#735) * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id - Post ledger entry Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * OTC-525 Implement GET transaction Object by transferId Bumput up versions * OTC-525 Implement GET transaction Object by transferId Resolved dependency updates * OTC-525 Implement GET transaction Object by transferId * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * changed docker dependency in circle CI image scan from python-dev to python3-dev (#741) * Updated python in some other places in circle CI (#742) * Fix the image scan step in circle CI * Resolved audit checks * Feature/#1335 aborted on put (#740) * added error log if action REJECT comes into fulfil handler Co-authored-by: Valentin <valentin.genev@modusbox.com> * Bugfix/deadlock on adjust limits (#745) * added unique index on participantLimit and logging * added unique index on participantLimit and logging * resolve audit issues * fixed coverage tests Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Updated dependencies and product version for issue: mojaloop/project#1378 (#747) * Update error message (#749) * Update error message when Payer FSP and Payee FSP are the same and on-us is not enabled.. (Added text "FSP" to specify) * Updated unit test * #1423: Bulk transfers error processing in Central Ledger (#743) * Updates for bulk error processing * Bump version * Updates for bulk transfer error processing * Updates for bulk transfer error processing * More updates for bulk error processing * changes to cater for bulk_abort * updated central-services-shared * Updates for bulk error processing * Add unit test for BULK_ABORT branch in transfer fulfil handler * Add unit test for BULK_ABORT branch in transfer facade * Small fix for position handler test for BULK_ABORT branch Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * Bump version for release (#750) * Feature/#1334 patch request notif (#751) * added handling of request for notification by payee functionality * improved coverage and added missing action letter Co-authored-by: Valentin <valentin.genev@modusbox.com> * Feature/1468 bulk quotes endpoints (#761) * version change * Added FSPIOP_CALLBACK_URL_BULK_QUOTES endpoint to seeds and updated population scripts and created one for local legacy simulator updated dependencies * updated dependencies to resolve audit issues * Feature/#1375: GET bulk transfer implementation (#760) * Add bulk get topic and handler * Implement GET bulk transfer logic * Restore default config * Add unit tests * Bump version * More bug fixes * Fix unit test * ensure error code is returned as string and not number for bulk get * Add bulk get to handlers list for cli startup (#765) * Reset package-lock.json to fix bug with version update for AJV (#766) * SemVar fix (#767) * Fix error callback for bulk transfers REJECTED scenario (#768) * Correct FSPIOP API version for admin API (#769) * #1547: Ignore "RESERVED" transferState from v1.0 clients on fulfill callback (#770) * Ignore RESERVE transferState from v1.0 clients on fulfil callback * Update package.json Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> * Bump version to v111.1.2 to fix broken release (#771) * #1547: Fail transfer fulfill with "RESERVED" state and v1.0 content-type (#773) * Update dependencies * Bump version * Fix integration tests * #1547: Update dependencies (central-object-store etc.) (#774) * Update dependencies * Bump version * fix: package.json & package-lock.json to reduce vulnerabilities (#775) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-590103 * Fix bug in volumes of temp_curl service (#778) * Edited CI to build PISP docker image. (#734) * Edited CI to build PISP docker image. * Addressed comments. * Updated ci to python 3. (#744) * Update pisp/master (#755) * fix for python error in CI (#733) Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Ensure 'timeout-reserved' notification action passes through and not converted to 'abort' action (#736) * Update CS shared (#737) * Feature/1332 enable on-us transfers (#738) * Added ENABLE_ON_US_TRANSFERS * Bumped up the version * Feature/otc 525 implement get transaction object by transfer (#735) * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id - Post ledger entry Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * OTC-525 Implement GET transaction Object by transferId Bumput up versions * OTC-525 Implement GET transaction Object by transferId Resolved dependency updates * OTC-525 Implement GET transaction Object by transferId * OTC-525 Implement GET transaction Object by transferId Changes: Updated swagger def to include new endpoints for: - Get transaction by transfer id Added new method for: - Get transaction by transfer id Added unit tests for Get transaction by transfer id * changed docker dependency in circle CI image scan from python-dev to python3-dev (#741) * Updated python in some other places in circle CI (#742) * Fix the image scan step in circle CI * Resolved audit checks * Feature/#1335 aborted on put (#740) * added error log if action REJECT comes into fulfil handler Co-authored-by: Valentin <valentin.genev@modusbox.com> * Bugfix/deadlock on adjust limits (#745) * added unique index on participantLimit and logging * added unique index on participantLimit and logging * resolve audit issues * fixed coverage tests Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> * Updated dependencies and product version for issue: mojaloop/project#1378 (#747) * Update error message (#749) * Update error message when Payer FSP and Payee FSP are the same and on-us is not enabled.. (Added text "FSP" to specify) * Updated unit test * #1423: Bulk transfers error processing in Central Ledger (#743) * Updates for bulk error processing * Bump version * Updates for bulk transfer error processing * Updates for bulk transfer error processing * More updates for bulk error processing * changes to cater for bulk_abort * updated central-services-shared * Updates for bulk error processing * Add unit test for BULK_ABORT branch in transfer fulfil handler * Add unit test for BULK_ABORT branch in transfer facade * Small fix for position handler test for BULK_ABORT branch Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * Bump version for release (#750) * Feature/#1334 patch request notif (#751) * added handling of request for notification by payee functionality * improved coverage and added missing action letter Co-authored-by: Valentin <valentin.genev@modusbox.com> * chore(package): update contributors list & deps * chore: audit & deps update Co-authored-by: shashi165 <33355509+shashi165@users.noreply.github.com> Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> Co-authored-by: Steven Oderayi <oderayi@gmail.com> Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com> Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com> Co-authored-by: Valentin Genev <vgenev@gmail.com> Co-authored-by: Valentin <valentin.genev@modusbox.com> Co-authored-by: Adrian Enns <ennsak@gmail.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> * chore: add thirdparty endpoints to database seeds (#779) * chore: add thirdparty endpoints to database seeds * chore: update dependencies for vulnerabilities * refactor: change name length to accomodate new endpoints * chore: sync package-lock * chore: remove migrations and shorten endpoint names * chore: fix find and replace error * chore: fix spelling * chore: update packages * chore: sync package-lock Co-authored-by: shashi165 <33355509+shashi165@users.noreply.github.com> Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> Co-authored-by: Steven Oderayi <oderayi@gmail.com> Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com> Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com> Co-authored-by: Valentin Genev <vgenev@gmail.com> Co-authored-by: Valentin <valentin.genev@modusbox.com> Co-authored-by: Adrian Enns <ennsak@gmail.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> Co-authored-by: Snyk bot <github+bot@snyk.io> Co-authored-by: Ali Behnamfard <abehnamfard@users.noreply.github.com> Co-authored-by: eoln <2881004+eoln@users.noreply.github.com> * feat: add patch thirdparty request seed (#783) * chore: fix rebase errors and audit check Co-authored-by: shashi165 <33355509+shashi165@users.noreply.github.com> Co-authored-by: Shashi <shashikant.hirugade@modusbox.com> Co-authored-by: Steven Oderayi <oderayi@gmail.com> Co-authored-by: vijayg10 <33152110+vijayg10@users.noreply.github.com> Co-authored-by: lazolalucas <lazolalucas@users.noreply.github.com> Co-authored-by: Valentin Genev <vgenev@gmail.com> Co-authored-by: Valentin <valentin.genev@modusbox.com> Co-authored-by: Adrian Enns <ennsak@gmail.com> Co-authored-by: Sam <10507686+elnyry-sam-k@users.noreply.github.com> Co-authored-by: Rajiv Mothilal <rajivmothilal@gmail.com> Co-authored-by: Snyk bot <github+bot@snyk.io> Co-authored-by: Ali Behnamfard <abehnamfard@users.noreply.github.com> Co-authored-by: Miguel de Barros <miguel@debarros.me> Co-authored-by: Lewis Daly <lewis@vesselstech.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: eoln <2881004+eoln@users.noreply.github.com>
ggrg
pushed a commit
to ggrg/central-ledger
that referenced
this pull request
Mar 6, 2021
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps ini from 1.3.5 to 1.3.8. This update includes a security fix.
Vulnerabilities fixed
Sourced from The GitHub Security Advisory Database.
Commits
a2c5da81.3.8af5c6bbDo not use Object.create(null)8b648a1don't test where our devdeps don't even workc74c8af1.3.7024b8b5update deps, add linting032fbafUse Object.create(null) to avoid default object property hazards2da90391.3.6cfea636better git push script, before publish instead of after56d2805do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language@dependabot badge mewill comment on this PR with code to add a "Dependabot enabled" badge to your readmeAdditionally, you can set the following in your Dependabot dashboard: