Skip to content

Bump the npm-production group with 3 updates #141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the npm-production group with 3 updates #141

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2024
edited
Loading

Bumps the npm-production group with 3 updates: @octokit/types, axios and react-live.

Updates @octokit/types from 13.6.0 to 13.6.2

Release notes

Sourced from @​octokit/types's releases.

v13.6.2

13.6.2 (2024-11-25)

Bug Fixes

v13.6.1

13.6.1 (2024-10-03)

Bug Fixes

Commits

Updates axios from 1.7.4 to 1.7.8

Release notes

Sourced from axios's releases.

Release v1.7.8

Release notes:

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

Release v1.7.7

Release notes:

Bug Fixes

  • fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
  • http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

Release v1.7.6

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.8 (2024-11-25)

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

1.7.7 (2024-08-31)

Bug Fixes

  • fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
  • http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

... (truncated)

Commits
  • 415ca94 chore(release): v1.7.8 (#6715)
  • 0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
  • c71811b fix(types): export CJS types from ESM (#6218)
  • 4355a6d chore(sponsor): update sponsor block (#6709)
  • 5d54d22 chore(sponsor): update sponsor block (#6707)
  • eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
  • df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
  • 7139ce9 chore(deps): bump cookie and socket.io (#6704)
  • 5ebb124 chore(deps-dev): bump elliptic from 6.5.4 to 6.6.0 (#6698)
  • 4e9b33d chore(deps): bump send and express (#6699)
  • Additional commits viewable in compare view

Updates react-live from 4.1.7 to 4.1.8

Release notes

Sourced from react-live's releases.

react-live@4.1.8

What's Changed

Documentation Changes

New Contributors

Full Changelog: https://github.com/FormidableLabs/react-live/compare/react-live@4.1.7...react-live@4.1.8

Commits
  • 177ffdd Version Packages (#401)
  • ed5b98c Update runtime deps to latest (#402)
  • 20050af fix: wrap preview in boundary (#392)
  • 7d7ef30 Fix lockfile and use corepack (#400)
  • ae097fb Revert "Removed yarn.lock and installed dependency with pnpm"
  • a988388 Merge pull request #393 from FormidableLabs/fix-cursor
  • 0156fdb Merge pull request #394 from FormidableLabs/chore/add-ga-tag
  • 8e40df2 Removed yarn.lock and installed dependency with pnpm
  • 181a79e Removed yarn.lock and installed dependency with pnpm
  • 42fe663 Add gtag configuration
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the npm-production group with 3 updates
6c15fa2 
Bumps the npm-production group with 3 updates: [@octokit/types](https://github.com/octokit/types.ts), [axios](https://github.com/axios/axios) and [react-live](https://github.com/FormidableLabs/react-live).


Updates `@octokit/types` from 13.6.0 to 13.6.2
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](octokit/types.ts@v13.6.0...v13.6.2)

Updates `axios` from 1.7.4 to 1.7.8
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.4...v1.7.8)

Updates `react-live` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/FormidableLabs/react-live/releases)
- [Changelog](https://github.com/FormidableLabs/react-live/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FormidableLabs/react-live/compare/react-live@4.1.7...react-live@4.1.8)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
- dependency-name: react-live
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner December 1, 2024 18:27
@dependabot dependabot bot added dependabot Dependabot issues and PRs npm Node.js issues and PRs labels Dec 1, 2024
@github-actions
Copy link

github-actions bot commented Dec 1, 2024

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 4 0 0.1s
✅ JSON jsonlint 12 0 0.29s
✅ JSON prettier 12 0 1.94s
✅ JSON v8r 12 0 39.72s
✅ MARKDOWN markdownlint 5 0 0.49s
✅ MARKDOWN markdown-link-check 5 0 3.42s
✅ REPOSITORY checkov yes no 21.37s
✅ REPOSITORY gitleaks yes no 5.99s
✅ REPOSITORY git_diff yes no 0.04s
✅ REPOSITORY secretlint yes no 1.05s
✅ REPOSITORY trivy-sbom yes no 4.17s
✅ REPOSITORY trufflehog yes no 49.94s
✅ TYPESCRIPT prettier 8 0 0.94s
✅ YAML prettier 18 0 1.41s
✅ YAML v8r 18 0 36.21s
✅ YAML yamllint 18 0 0.79s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 11, 2024

Superseded by #151.

@dependabot dependabot bot closed this Dec 11, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm-production-9f3c03ff8e branch December 11, 2024 16:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependabot Dependabot issues and PRs npm Node.js issues and PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant