Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 9 directories with 5 updates - autoclosed #330

Closed
wants to merge 1 commit into from
Closed

Bump the npm_and_yarn group across 9 directories with 5 updates - autoclosed #330

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2024

Bumps the npm_and_yarn group with 4 updates in the /. directory: next, axios, protobufjs and json5.
Bumps the npm_and_yarn group with 1 update in the /activities-examples directory: axios.
Bumps the npm_and_yarn group with 1 update in the /expense directory: axios.
Bumps the npm_and_yarn group with 1 update in the /food-delivery/apps/driver directory: next.
Bumps the npm_and_yarn group with 1 update in the /food-delivery/apps/menu directory: next.
Bumps the npm_and_yarn group with 1 update in the /nestjs-exchange-rates directory: @nestjs/core.
Bumps the npm_and_yarn group with 1 update in the /patching-api directory: axios.
Bumps the npm_and_yarn group with 1 update in the /protobufs directory: protobufjs.
Bumps the npm_and_yarn group with 1 update in the /timer-examples directory: axios.

Updates next from 12.3.1 to 14.1.0

Release notes

Sourced from next's releases.

v14.1.0

Core Changes

  • Turbopack: switch to a single client components entrypoint: #59352
  • Update swc_core to v0.86.98 and turbopack: #59393
  • Fix cases for the optimize_server_react transform: #59390
  • Use new JSX transform: #56294
  • loading.tsx should have no effect on partial rendering when PPR is enabled: #59196
  • Update font data: #59426
  • Remove CacheNode.status field: #59472
  • Rename CacheNode.data → .lazyData : #59473
  • Generate Params Cleanup: #59431
  • Fix webpack chunks handling in traces: #59498
  • Rename CacheNode.subTreeData -> .rsc : #59491
  • fix NODE_OPTIONS=inspect: #59530
  • Add CacheNode.prefetchRsc field: #59537
  • allow passing wildcard domains in serverActions.allowedDomains: #59428
  • Page Info Cleanup: #59430
  • Fix force-static and fetch no-store cases: #59549
  • Should not show no index for client rendering bailout: #59531
  • Enable build worker by default: #59405
  • Fork navigateReducer into PPR and non-PPR versions: #59538
  • cleanup magic segment strings: #59552
  • chore: update Turbopack: #59589
  • Fix another magic segment string constant: #59591
  • Make CacheNodeSeedData match FlightRouterState more closely: #59590
  • transpilePackages should override default settings for external packages: #59385
  • move segment constants to separate file: #59587
  • Revert "Page Info Cleanup (#59430)": #59592
  • Fix useOptimistic in server components bug. Add tests for invalid React server APIs: #59621
  • Partial Pre Rendering Headers: #59447
  • Add tests for invalid React server APIs: #59622
  • Refactor setup-dev-bundler to make Turbopack/Webpack split clearer: #59650
  • refactor and simplify app dynamic components: #59658
  • Change manifestPath to pagesManifestPath: #59657
  • Fix issue with outputFileTracingExcludes and pages/api edge runtime: #59157
  • Update font data: #59722
  • Remove path normalization logic when uploading .next/trace traces: #59305
  • LayoutRouter: Support segment value of Promise to asynchronously bail out and trigger a server patch: #59724
  • fix: Allow start turbopack dev server for a project using middleware: #59759
  • fix: gracefully shutdown server: #59551
  • Revert "fix: gracefully shutdown server (#59551)": #59792
  • Optionally bundle legacy react-dom/server APIs based on usage: #59737
  • fix default handling in route groups that handle interception: #59752
  • Transpile all code on app browser layer: #59569
  • Initial implementation of PPR client navigations: #59725
  • fix(turbopack): prevent edge entrypoint from becoming an async module: #59818
  • Ensure we validate revalidate configs properly: #59822
  • Update error check in validateRevalidate: #59826
  • Rename confusing loaders: #59827

... (truncated)

Commits

Updates axios from 1.2.1 to 1.6.5

Release notes

Sourced from axios's releases.

Release v1.6.5

Release notes:

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Release v1.6.3

Release notes:

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Release v1.6.2

Release notes:

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
</tr></table>

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.5 (2024-01-05)

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

1.6.4 (2024-01-03)

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
</tr></table>

... (truncated)

Commits

Updates protobufjs from 7.2.5 to 7.2.6

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.2.6

7.2.6 (2024-01-16)

Bug Fixes

  • report missing import properly in loadSync (#1960) (af3ff83)
Changelog

Sourced from protobufjs's changelog.

7.2.6 (2024-01-16)

Bug Fixes

  • report missing import properly in loadSync (#1960) (af3ff83)
Commits

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

Updates axios from 0.26.1 to 1.6.5

Release notes

Sourced from axios's releases.

Release v1.6.5

Release notes:

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Release v1.6.3

Release notes:

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Release v1.6.2

Release notes:

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
</tr></table>

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.5 (2024-01-05)

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

1.6.4 (2024-01-03)

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
</tr></table>

... (truncated)

Commits

Updates axios from 0.26.1 to 1.6.5

Release notes

Sourced from axios's releases.

Release v1.6.5

Release notes:

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Release v1.6.3

Release notes:

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Release v1.6.2

Release notes:

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
</tr></table>

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.5 (2024-01-05)

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

1.6.4 (2024-01-03)

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
</tr></table>

... (truncated)

Commits

Updates next from 13.5.6 to 14.1.0

Release notes

Sourced from next's releases.

v14.1.0

Core Changes

  • Turbopack: switch to a single client components entrypoint: #59352
  • Update swc_core to v0.86.98 and turbopack: #59393
  • Fix cases for the optimize_server_react transform: #59390
  • Use new JSX transform: #56294
  • loading.tsx should have no effect on partial rendering when PPR is enabled: #59196
  • Update font data: #59426
  • Remove CacheNode.status field: #59472
  • Rename CacheNode.data → .lazyData : #59473
  • Generate Params Cleanup: #59431
  • Fix webpack chunks handling in traces: #59498
  • Rename CacheNode.subTreeData -> .rsc : #59491
  • fix NODE_OPTIONS=inspect: #59530
  • Add CacheNode.prefetchRsc field: #59537
  • allow passing wildcard domains in serverActions.allowedDomains: #59428
  • Page Info Cleanup: #59430
  • Fix force-static and fetch no-store cases: #59549
  • Should not show no index for client rendering bailout: #59531
  • Enable build worker by default: #59405
  • Fork navigateReducer into PPR and non-PPR versions: #59538
  • cleanup magic segment strings: #59552
  • chore: update Turbopack: #59589
  • Fix another magic segment string constant: #59591
  • Make CacheNodeSeedData match FlightRouterState more closely: #59590
  • transpilePackages should override default settings for external packages: #59385
  • move segment constants to separate file: #59587
  • Revert "Page Info Cleanup (#59430)": #59592
  • Fix useOptimistic in server components bug. Add tests for invalid React server APIs: #59621
  • Partial Pre Rendering Headers: #59447
  • Add tests for invalid React server APIs: #59622
  • Refactor setup-dev-bundler to make Turbopack/Webpack split clearer: #59650
  • refactor and simplify app dynamic components: #59658
  • Change manifestPath to pagesManifestPath: #59657
  • Fix issue with outputFileTracingExcludes and pages/api edge runtime: #59157
  • Update font data: #59722
  • Remove path normalization logic when uploading .next/trace traces: #59305
  • LayoutRouter: Support segment value of Promise to asynchronously bail out and trigger a server patch: #59724
  • fix: Allow start turbopack dev server for a project using middleware: #59759
  • fix: gracefully shutdown server: #59551
  • Revert "fix: gracefully shutdown server (#59551)": #59792
  • Optionally bundle legacy react-dom/server APIs based on usage: #59737
  • fix default handling in route groups that handle interception: #59752
  • Transpile all code on app browser layer: #59569
  • Initial implementation of PPR client navigations: #59725
  • fix(turbopack): prevent edge entrypoint from becoming an async module: #59818
  • Ensure we validate revalidate configs properly: #59822
  • Update error check in validateRevalidate: #59826
  • Rename confusing loaders: #59827

... (truncated)

Commits

Updates next from 13.5.6 to 14.1.0

Release notes

Sourced from next's releases.

v14.1.0

Core Changes

  • Turbopack: switch to a single client components entrypoint: #59352
  • Update swc_core to v0.86.98 and turbopack: #59393
  • Fix cases for the optimize_server_react transform: #59390
  • Use new JSX transform: #56294
  • loading.tsx should have no effect on partial rendering when PPR is enabled: #59196
  • Update font data: #59426
  • Remove CacheNode.status field: #59472
  • Rename CacheNode.data → .lazyData : #59473
  • Generate Params Cleanup: #59431
  • Fix webpack chunks handling in traces: #59498
  • Rename CacheNode.subTreeData -> .rsc : #59491
  • fix NODE_OPTIONS=inspect: #59530
  • Add CacheNode.prefetchRsc field: #59537
  • allow passing wildcard domains in serverActions.allowedDomains: #59428
  • Page Info Cleanup: #59430
  • Fix force-static and fetch no-store cases: #59549
  • Should not show no index for client rendering bailout: #59531
  • Enable build worker by default: #59405
  • Fork navigateReducer into PPR and non-PPR versions: #59538
  • cleanup magic segment strings: #59552
  • chore: update Turbopack: #59589
  • Fix another magic segment string constant: #59591
  • Make CacheNodeSeedData match FlightRouterState more closely: #59590
  • transpilePackages should override default settings for external packages: #59385
  • move segment constants to separate file: #59587
  • Revert "Page Info Cleanup (#59430)": #59592
  • Fix useOptimistic in server components bug. Add tests for invalid React server APIs: #59621
  • Partial Pre Rendering Headers: #59447
  • Add tests for invalid React server APIs: #59622
  • Refactor setup-dev-bundler to make Turbopack/Webpack split clearer: #59650
  • refactor and simplify app dynamic components: #59658
  • Change manifestPath to pagesManifestPath: #59657
  • Fix issue with outputFileTracingExcludes and pages/api edge runtime: #59157
  • Update font data: #59722
  • Remove path normalization logic when uploading .next/trace traces: #59305
  • LayoutRouter: Support segment value of Promise to asynchronously bail out and trigger a server patch: #59724
  • fix: Allow start turbopack dev server for a project using middleware: #59759
  • fix: gracefully shutdown server: #59551
  • Revert "fix: gracefully shutdown server (#59551)": #59792
  • Optionally bundle legacy react-dom/server APIs based on usage: #59737
  • fix default handling in route groups that handle interception: #59752
  • Transpile all code on app browser layer: #59569
  • Initial implementation of PPR client navigations: #59725
  • fix(turbopack): prevent edge entrypoint from becoming an async module: #59818
  • Ensure we validate revalidate configs properly: #59822
  • Update error check in validateRevalidate: #59826
  • Rename confusing loaders: #59827

... (truncated)

Commits
  • 16e7a5b v14.1.0
  • 8a3881f Update labeler.json (#60843)
  • 1b255a6 v14.0.5-canary.68
  • 02c2f11 Enable missing suspense bailout by default (#60840)
  • 2096dfa v14.0.5-canary.67
  • b8d8e6e dx: warn the deprecated cache configs are used (#60836)
  • c192f4e turbopack: rename custom cache handler configs (#60828)
  • 2227ae5 Revert "Fix: Throw an error for empty array return in generateStaticParams ...
  • b7f5107 Fix: respect init.cache if fetch input is request instance (#60821)
  • 752c15e Add metrics names for unstable_cach...

    Description has been truncated

@dependabot
Bump the npm_and_yarn group across 9 directories with 5 updates
75c9bdc 
Bumps the npm_and_yarn group with 4 updates in the /. directory: [next](https://github.com/vercel/next.js), [axios](https://github.com/axios/axios), [protobufjs](https://github.com/protobufjs/protobuf.js) and [json5](https://github.com/json5/json5).
Bumps the npm_and_yarn group with 1 update in the /activities-examples directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /expense directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /food-delivery/apps/driver directory: [next](https://github.com/vercel/next.js).
Bumps the npm_and_yarn group with 1 update in the /food-delivery/apps/menu directory: [next](https://github.com/vercel/next.js).
Bumps the npm_and_yarn group with 1 update in the /nestjs-exchange-rates directory: [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core).
Bumps the npm_and_yarn group with 1 update in the /patching-api directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /protobufs directory: [protobufjs](https://github.com/protobufjs/protobuf.js).
Bumps the npm_and_yarn group with 1 update in the /timer-examples directory: [axios](https://github.com/axios/axios).


Updates `next` from 12.3.1 to 14.1.0
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v12.3.1...v14.1.0)

Updates `axios` from 1.2.1 to 1.6.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.2.1...v1.6.5)

Updates `protobufjs` from 7.2.5 to 7.2.6
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.2.5...protobufjs-v7.2.6)

Updates `json5` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

Updates `axios` from 0.26.1 to 1.6.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.2.1...v1.6.5)

Updates `axios` from 0.26.1 to 1.6.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.2.1...v1.6.5)

Updates `next` from 13.5.6 to 14.1.0
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v12.3.1...v14.1.0)

Updates `next` from 13.5.6 to 14.1.0
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v12.3.1...v14.1.0)

Updates `@nestjs/core` from 8.4.7 to 10.3.0
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.3.0/packages/core)

Updates `axios` from 0.26.0 to 1.6.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.2.1...v1.6.5)

Updates `protobufjs` from 6.11.2 to 6.11.4
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.2.5...protobufjs-v7.2.6)

Updates `axios` from 0.26.1 to 1.6.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.2.1...v1.6.5)

---
updated-dependencies:
- dependency-name: next
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: axios
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: protobufjs
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: next
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: next
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@nestjs/core"
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: protobufjs
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the Mend: dependency security vulnerability Security vulnerability detected by WhiteSource label Jan 19, 2024
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@mend-for-github-com mend-for-github-com bot changed the title Bump the npm_and_yarn group across 9 directories with 5 updates Bump the npm_and_yarn group across 9 directories with 5 updates - autoclosed Jan 19, 2024
@mend-for-github-com Mend for GitHub.com
Copy link
Contributor

✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 19, 2024

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-3cbe339145 branch January 19, 2024 03:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Mend: dependency security vulnerability Security vulnerability detected by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@CLAassistant