Skip to content

Bump the frontend-backend group across 1 directory with 7 updates #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the frontend-backend group across 1 directory with 7 updates #58

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 2, 2024
edited
Loading

Bumps the frontend-backend group with 7 updates in the /frontend/backend directory:

Package From To
axios 1.6.2 1.7.8
fast-jwt 3.0.0 5.0.0
follow-redirects 1.13.3 1.15.9
json-web-token 3.0.1 3.2.0
payload 1.5.9 3.2.2
sharp 0.32.0 0.33.5
yaml 2.1.0 2.6.1

Updates axios from 1.6.2 to 1.7.8

Release notes

Sourced from axios's releases.

Release v1.7.8

Release notes:

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

Release v1.7.7

Release notes:

Bug Fixes

  • fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
  • http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

Release v1.7.6

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.8 (2024-11-25)

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

1.7.7 (2024-08-31)

Bug Fixes

  • fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
  • http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

... (truncated)

Commits
  • 415ca94 chore(release): v1.7.8 (#6715)
  • 0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
  • c71811b fix(types): export CJS types from ESM (#6218)
  • 4355a6d chore(sponsor): update sponsor block (#6709)
  • 5d54d22 chore(sponsor): update sponsor block (#6707)
  • eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
  • df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
  • 7139ce9 chore(deps): bump cookie and socket.io (#6704)
  • 5ebb124 chore(deps-dev): bump elliptic from 6.5.4 to 6.6.0 (#6698)
  • 4e9b33d chore(deps): bump send and express (#6699)
  • Additional commits viewable in compare view

Updates fast-jwt from 3.0.0 to 5.0.0

Release notes

Sourced from fast-jwt's releases.

v5.0.0

Breaking changes

This version supports Node 20 and above

What's Changed

Full Changelog: nearform/fast-jwt@v4.0.5...v5.0.0

v4.0.5

What's Changed

New Contributors

Full Changelog: nearform/fast-jwt@v4.0.3...v4.0.5

v4.0.3

What's Changed

New Contributors

Full Changelog: nearform/fast-jwt@v4.0.2...v4.0.3

v4.0.2

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from fast-jwt's changelog.

2021-12-30 / 1.4.1

  • feat: Release v1.4.1 (#178)
  • feat: Distinguish between sync & async methods in types (#177)
  • chore(deps): bump actions/setup-node from 2.5.0 to 2.5.1 (#176)
  • chore: use major version of notify release action
  • chore(deps): bump nearform/github-action-notify-release (#175)
  • chore(deps-dev): bump @​types/node from 16.11.14 to 17.0.1 (#172)
  • feat: Update release.yml to use the new token naming convention (#169)
  • chore(deps): bump fastify/github-action-merge-dependabot from 2.7.1 to 3.0.2 (#168)
  • chore(deps): bump fastify/github-action-merge-dependabot (#166)

2021-12-01 / 1.4.0

  • feat: v1.4.0 (#163)
  • feat: Added support for x509 certificate public key (#161)
  • feat: Refactoring checkAreCompatibleAlgorithms function (#158)
  • chore(deps): bump actions/setup-node from 2.4.1 to 2.5.0 (#156)
  • chore(deps): bump actions/cache from 2.1.6 to 2.1.7 (#154)
  • feat: Added JwtHeader type definition (#153)
  • refactor (docs): Improve documentation (#151)
  • chore(deps): bump mnemonist from 0.38.5 to 0.39.0 (#150)
  • chore(deps-dev): bump tsd from 0.18.0 to 0.19.0 (#149)
  • chore(deps): bump fastify/github-action-merge-dependabot (#148)
  • refactor (docs): fix mutatePayload definition sentence (#146)
  • chore: use main for optic action to test (#144)

2021-11-10 / 1.3.2

  • feat: v1.3.2 (#141)
  • feat: 1.3.1 (#140)
  • chore: Updated README with missing information (#138)
  • chore(deps): bump nearform/optic-release-automation from 2.1.3 to 2.1.4 (#132)
  • chore(deps): bump nearform/optic-release-automation from 2.1.2 to 2.1.3 (#130)
  • chore(deps): bump nearform/optic-release-automation from 2.1.0 to 2.1.2 (#128)
  • fix: bump optic-release-automation (#126)
  • fix: bump optic-release-automation (#124)
  • fix: ci (#123)
  • chore(deps): bump nearform/optic-release-automation from 1.0.1 to 2.0.0 (#122)
  • fix: release ci (#121)
  • chore(deps): bump actions/checkout from 2.3.5 to 2.4.0 (#120)
  • feat: Add support for ES* password protected private keys (#119)

2021-11-01 / 1.3.0

  • feat: Bumped v1.3.0
  • feat: Support passphrase protected keys (#117)
  • docs: remove readme deps badge
  • chore(deps): bump actions/checkout from 2.3.4 to 2.3.5 (#114)
  • chore(deps-dev): bump tsd from 0.17.0 to 0.18.0 (#112)

... (truncated)

Commits

Updates follow-redirects from 1.13.3 to 1.15.9

Commits
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • 458ca8e Fix native URL test for Node 20.
  • ca49e44 Handle KeepAlive connections in tests.
  • f3711d7 Test on Node 20 and 22.
  • fda0faf Fix typo.
  • 760757f Release version 1.15.7 of the npm package.
  • Additional commits viewable in compare view

Updates json-web-token from 3.0.1 to 3.2.0

Commits

Updates payload from 1.5.9 to 3.2.2

Release notes

Sourced from payload's releases.

v3.2.2

v3.2.2 (2024-11-29)

🚀 Features

  • richtext-lexical: fully-typed blocks in JSX serializer (#9554) (519bb79)

🐛 Bug Fixes

  • add generic to LabelFunction to prevent type error for custom translation keys (#9335) (27eeac2)
  • do not send admin dependencies to client (#9583) (3da9be0)
  • incorrect formState after doc save (#9573) (4b302f2)
  • plugin-sentry: capture non APIError errors to sentry (#9595) (61a51ca)
  • richtext-lexical: allow exiting the RTE with the keyboard in Firefox (#8654) (3c35d81)
  • richtext-lexical: various JSX converter issues (#9570) (17c7945)
  • ui: ensure UI is reactive to HMR changes, without having to refresh the page (#9602) (c4327f2)
  • ui: css is not defined error in production build (#9603) (36a6a19)
  • ui: retains search params when navigating back (#9576) (3961223)
  • ui: ensure Form submit button only uses onClick handler when needed, as that was causing issues with password manager extensions (#9572) (ca07c9f)

🤝 Contributors

v3.2.1

v3.2.1 (2024-11-27)

🐛 Bug Fixes

  • plugin-search: missing copyfiles script, incorrect scss import (#9552) (6af4dee)

🤝 Contributors

v3.2.0

v3.2.0 (2024-11-27)

... (truncated)

Commits
  • 07e40d3 chore(release): v3.2.2 [skip ci]
  • 27eeac2 fix: add generic to LabelFunction to prevent type error for custom translatio...
  • 3da9be0 fix: do not send admin dependencies to client (#9583)
  • be59d52 chore(release): v3.2.1 [skip ci]
  • c8bee29 chore(release): v3.2.0 [skip ci]
  • 5d18a52 fix: overrides entity visibility within drawers (#9546)
  • fd0ff51 perf: faster page navigation by speeding up createClientConfig, speed up vers...
  • 67a9d66 fix: allows for emails to be non unique when allowEmailLogin is false (#9541)
  • a9f511d fix: skip validation of where query paths from access result (#9349)
  • 4c4eb2a chore: some strictNullChecks mitigation (#9528)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by elliotpayload, a new releaser for payload since your current version.


Updates sharp from 0.32.0 to 0.33.5

Changelog

Sourced from sharp's changelog.

v0.33.5 - 16th August 2024

  • Upgrade to libvips v8.15.3 for upstream bug fixes.

  • Add pageHeight and pages to response of multi-page output. #3411

  • Ensure option to force use of a globally-installed libvips works correctly. #4111 @​project0

  • Minimise use of engines property to improve yarn v1 support. #4130

  • Ensure sharp.format.heif includes only AVIF when using prebuilt binaries. #4132

  • Add support to recomb operation for 4x4 matrices. #4147 @​ton11797

  • Expose PNG text chunks as comments metadata. #4157 @​nkeynes

  • Expose optional precision and minAmplitude parameters of blur operation. #4168 #4172 @​marcosc90

  • Ensure keepIccProfile avoids colour transformation where possible. #4186

  • TypeScript: chromaSubsampling metadata is optional. #4191 @​DavidVaness

v0.33.4 - 16th May 2024

  • Remove experimental status from pipelineColourspace.

  • Reduce default concurrency when musl thread over-subscription detected.

  • TypeScript: add missing definitions for OverlayOptions. #4048 @​ike-gg

  • Install: add advanced option to force use of a globally-installed libvips. #4060

... (truncated)

Commits
  • fc32e0b Release v0.33.5
  • 0546e48 Docs: changelog entry for #4191
  • ab65b7a TypeScript: chromaSubsampling can be undefined (#4191)
  • 2474bd4 Prerelease v0.33.5-rc.1
  • ff2e689 Remove yarn v1 specifics from help text
  • 6327f13 CI: Add yarn v1 to packaging tests
  • f1e69a2 Prerelease v0.33.5-rc.0
  • 3c14dbb Minimise use of engines property to improve yarn v1 support
  • 82cebc3 Upgrade to libvips v8.15.3 for Linux ARMv6
  • ad36fa0 Ensure emnapiInit function is exported
  • Additional commits viewable in compare view

Updates yaml from 2.1.0 to 2.6.1

Release notes

Sourced from yaml's releases.

v2.6.1

  • Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
  • Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
  • Default to literal block scalar if folded would overflow (#585)

v2.6.0

  • Use a proper tag for !!merge << keys (#580)
  • Add stringKeys parse option (#581)
  • Stringify a Document as a Document (#576)
  • Add sponsorship by Manifest

v2.5.1

  • Include range in flow sequence pair maps (#573)

v2.5.0

  • Add --indent option to CLI tool (#559, with thanks to @​danielbayley)
  • Require newline in all cases for props on block sequence (#557)
  • Always reset indentation in lexer on ... (#558)
  • Ignore minContentWidth if greater than lineWidth (#562)
  • Drop unused Collection.maxFlowStringSingleLineLength (#522, #421)

v2.4.5

  • Improve tab handling (#553, yaml-test-suite tests DK95 & Y79Y)

v2.4.4

With special thanks to @​RedCMD for finding and reporting all of the following:

  • Allow comment after top-level block scalar with explicit indent indicator (#547)
  • Allow tab as indent for line comments before nodes (#548)
  • Do not allow tab before block collection (#549)
  • In flow collections, allow []{} immediately after : with plain key (#550)
  • Require indentation for ? explicit-key contents (#551)
  • Require indentation from block scalar header & flow collections in mapping values (#553)

v2.4.3

  • Improve error when parsing a non-string value (#459)
  • Do not parse -.NaN or +.nan as NaN (#546)
  • Support # within %TAG prefixes with trailing #comments
  • Check for non-node complex keys when stringifying with simpleKeys (#541)

v2.4.2

  • Restrict YAML 1.1 boolean strings to their explicit capitalization (#530)
  • Add sponsorship by Scipress (#536)

v2.4.1

  • cst: Do not drop trailing newline after line comment in block-map if followed by unindented block-seq value (#525)
  • Stringify flow collection comments in parent (#528)
  • Do not skip folding lines after the first in indented block scalars (#529)

v2.4.0

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the frontend-backend group across 1 directory with 7 updates
0edfa22 
Bumps the frontend-backend group with 7 updates in the /frontend/backend directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.6.2` | `1.7.8` |
| [fast-jwt](https://github.com/nearform/fast-jwt) | `3.0.0` | `5.0.0` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.13.3` | `1.15.9` |
| [json-web-token](https://github.com/joaquimserafim/json-web-token) | `3.0.1` | `3.2.0` |
| [payload](https://github.com/payloadcms/payload/tree/HEAD/packages/payload) | `1.5.9` | `3.2.2` |
| [sharp](https://github.com/lovell/sharp) | `0.32.0` | `0.33.5` |
| [yaml](https://github.com/eemeli/yaml) | `2.1.0` | `2.6.1` |



Updates `axios` from 1.6.2 to 1.7.8
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.2...v1.7.8)

Updates `fast-jwt` from 3.0.0 to 5.0.0
- [Release notes](https://github.com/nearform/fast-jwt/releases)
- [Changelog](https://github.com/nearform/fast-jwt/blob/master/CHANGELOG.md)
- [Commits](nearform/fast-jwt@v3.0.0...v5.0.0)

Updates `follow-redirects` from 1.13.3 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.13.3...v1.15.9)

Updates `json-web-token` from 3.0.1 to 3.2.0
- [Release notes](https://github.com/joaquimserafim/json-web-token/releases)
- [Commits](https://github.com/joaquimserafim/json-web-token/commits)

Updates `payload` from 1.5.9 to 3.2.2
- [Release notes](https://github.com/payloadcms/payload/releases)
- [Commits](https://github.com/payloadcms/payload/commits/v3.2.2/packages/payload)

Updates `sharp` from 0.32.0 to 0.33.5
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](lovell/sharp@v0.32.0...v0.33.5)

Updates `yaml` from 2.1.0 to 2.6.1
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.1.0...v2.6.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-backend
- dependency-name: fast-jwt
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-backend
- dependency-name: follow-redirects
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-backend
- dependency-name: json-web-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-backend
- dependency-name: payload
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: frontend-backend
- dependency-name: sharp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-backend
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend-backend
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 2, 2024
@dependabot dependabot bot mentioned this pull request Dec 2, 2024
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 9, 2024

Superseded by #60.

@dependabot dependabot bot closed this Dec 9, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/frontend/backend/frontend-backend-2d5de074c2 branch December 9, 2024 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant