Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the security group in /web with 9 updates #5048

Merged
merged 1 commit into from
Dec 14, 2024
Merged

chore(deps): bump the security group in /web with 9 updates #5048

merged 1 commit into from
Dec 14, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 14, 2024

Bumps the security group in /web with 9 updates:

Package From To
@emotion/react 11.13.5 11.14.0
@emotion/styled 11.13.5 11.14.0
monaco-editor 0.52.0 0.52.2
react-select 5.8.3 5.9.0
@aws-sdk/types 3.696.0 3.709.0
msw 2.6.7 2.6.8
sass 1.82.0 1.83.0
terser-webpack-plugin 5.3.10 5.3.11
webpack-dev-server 5.1.0 5.2.0

Updates @emotion/react from 11.13.5 to 11.14.0

Release notes

Sourced from @​emotion/react's releases.

@​emotion/react@​11.14.0

Minor Changes

  • #3281 fc4d7bd Thanks @​Andarist! - Source code has been migrated to TypeScript. From now on type declarations will be emitted based on that, instead of being hand-written.

Patch Changes

  • Updated dependencies [8dc1a6d, e1bf17e]:
    • @​emotion/cache@​11.14.0
    • @​emotion/use-insertion-effect-with-fallbacks@​1.2.0
Commits

Updates @emotion/styled from 11.13.5 to 11.14.0

Release notes

Sourced from @​emotion/styled's releases.

@​emotion/styled@​11.14.0

Minor Changes

  • #3284 a19d019 Thanks @​Andarist! - Source code has been migrated to TypeScript. From now on type declarations will be emitted based on that, instead of being hand-written.

Patch Changes

  • Updated dependencies [e1bf17e]:
    • @​emotion/use-insertion-effect-with-fallbacks@​1.2.0
Commits

Updates monaco-editor from 0.52.0 to 0.52.2

Release notes

Sourced from monaco-editor's releases.

v0.52.2

Changes:

This list of changes was auto generated.

Changelog

Sourced from monaco-editor's changelog.

Monaco Editor Changelog

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for monaco-editor since your current version.


Updates react-select from 5.8.3 to 5.9.0

Release notes

Sourced from react-select's releases.

[email protected]

Minor Changes

Commits

Updates @aws-sdk/types from 3.696.0 to 3.709.0

Release notes

Sourced from @​aws-sdk/types's releases.

v3.709.0

3.709.0(2024-12-10)

Chores
  • codegen: update clients for String dispatch fix (#6721) (c6859500)
Documentation Changes
  • client-dsql: Doc only update to examples for DeleteMultiRegionClusters & CreateMultiRegionClusters (ca62a3c1)
  • client-application-auto-scaling: Doc only update for AAS Predictive Scaling policy configuration API. (ba20f1db)
New Features
  • clients: update client endpoints as of 2024-12-10 (6f523dce)
  • client-sesv2: Introduces support for creating DEED (Deterministic Easy-DKIM) identities. (9587ce34)
  • client-ivs-realtime: IVS Real-Time now offers customers the ability to customize thumbnails recording mode and interval for both Individual Participant Recording (IPR) and Server-Side Compositions (SSC). (e9f436eb)
  • client-connect: Add support for Push Notifications for Amazon Connect chat. With Push Notifications enabled an alert could be sent to customers about new messages even when they aren't actively using the mobile application. (8f9a63c6)
  • client-finspace: Update KxCommandLineArgument value parameter regex to allow for spaces and semicolons (db4712c8)
  • client-bcm-pricing-calculator: Updated condition key inference from Workload Estimate, Bill Scenario, and Bill Estimate resources. Updated documentation links. (7e392d42)

For list of updated packages, view updated-packages.md in assets-3.709.0.zip

v3.708.0

3.708.0(2024-12-09)

Chores
  • client-sesv2: enable sigv4a code generation in sesv2 ahead of service availability (#6719) (bdfa8685)
Documentation Changes
  • client-ecs: This is a documentation only update to address various tickets for Amazon ECS. (8dfab180)
  • client-workspaces: Added text to clarify case-sensitivity (f62407ad)
  • client-appsync: Provides description of new Amazon Bedrock runtime datasource. (35613283)
  • client-keyspaces: Amazon Keyspaces: adding the list of IAM actions required by the UpdateKeyspace API. (a4233c3b)
New Features
  • clients: update client endpoints as of 2024-12-09 (0141da01)
  • client-cognito-identity-provider: Change CustomDomainConfig from a required to an optional parameter for the UpdateUserPoolDomain operation. (7c1425c9)
  • client-ec2: This release includes a new API for modifying instance network-performance-options after launch. (2f49c14f)
  • client-medialive: H265 outputs now support disabling the deblocking filter. (4adf1d4f)

... (truncated)

Changelog

Sourced from @​aws-sdk/types's changelog.

3.709.0 (2024-12-10)

Note: Version bump only for package @​aws-sdk/types

Commits

Updates msw from 2.6.7 to 2.6.8

Release notes

Sourced from msw's releases.

v2.6.8 (2024-12-07)

Bug Fixes

  • setupServer: reapply interception after calling server.listen() after server.close() (#2383) (00da9cad4249b61732ee375d9dbefeb76028cc2b) @​kettanaito
Commits
  • de3bedf chore(release): v2.6.8
  • 00da9ca fix(setupServer): reapply interception after calling server.listen() after ...
  • e8d748e chore(ci): fix broken restore cache key
  • See full diff in compare view

Updates sass from 1.82.0 to 1.83.0

Release notes

Sourced from sass's releases.

Dart Sass 1.83.0

To install Sass 1.83.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Allow trailing commas in all argument and parameter lists.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.83.0

  • Allow trailing commas in all argument and parameter lists.
Commits
  • f38dbb0 Merge pull request #2464 from sass/rest-param-comma
  • 0230ccf Update pkg/sass_api/CHANGELOG.md
  • dd9b106 Rename ArgumentInvocation and ArgumentDeclaration
  • c45bc70 Allow a trailing comma after rest parameters and arguments
  • 219fe67 Fix static analysis issues for dart 3.6 (#2462)
  • f9eef81 Fix links to importers in the internal documentation (#2458)
  • 1b3c7de Represent rest parameters as properties on Parameter (#2454)
  • 7a6722c Fix the declaration of ReturnRule._returnExpression (#2455)
  • 1536dc0 Merge pull request #2453 from sass/return
  • a74f9c3 Enable useDefineForClassFields and fix affected TS files. (#2447)
  • Additional commits viewable in compare view

Updates terser-webpack-plugin from 5.3.10 to 5.3.11

Release notes

Sourced from terser-webpack-plugin's releases.

v5.3.11

5.3.11 (2024-12-13)

Bug Fixes

  • avoid the deprecation message (0341ad1)
Changelog

Sourced from terser-webpack-plugin's changelog.

5.3.11 (2024-12-13)

Bug Fixes

  • avoid the deprecation message (0341ad1)
Commits

Updates webpack-dev-server from 5.1.0 to 5.2.0

Release notes

Sourced from webpack-dev-server's releases.

v5.2.0

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)
Changelog

Sourced from webpack-dev-server's changelog.

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)
Commits
  • bcb3725 chore(release): 5.2.0
  • 2a1cbc6 chore: fix security (#5379)
  • b74fc4c chore(deps): bump the dependencies group across 1 directory with 7 updates (#...
  • 145b5d0 fix: speed up initial client bundling
  • b1e549f chore(deps-dev): bump the dependencies group across 1 directory with 8 update...
  • 844eaf8 chore(deps): types (#5370)
  • 12913bb chore(deps-dev): bump the dependencies group with 4 updates (#5359)
  • f942a5d chore(deps): bump the dependencies group across 1 directory with 7 updates (#...
  • 94a2443 chore(deps): bump the dependencies group across 1 directory with 9 updates (#...
  • a11d81f chore(deps): update (#5347)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the security group in /web with 9 updates
0dc6358 
Bumps the security group in /web with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@emotion/react](https://github.com/emotion-js/emotion) | `11.13.5` | `11.14.0` |
| [@emotion/styled](https://github.com/emotion-js/emotion) | `11.13.5` | `11.14.0` |
| [monaco-editor](https://github.com/microsoft/monaco-editor) | `0.52.0` | `0.52.2` |
| [react-select](https://github.com/JedWatson/react-select) | `5.8.3` | `5.9.0` |
| [@aws-sdk/types](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/types) | `3.696.0` | `3.709.0` |
| [msw](https://github.com/mswjs/msw) | `2.6.7` | `2.6.8` |
| [sass](https://github.com/sass/dart-sass) | `1.82.0` | `1.83.0` |
| [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin) | `5.3.10` | `5.3.11` |
| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.1.0` | `5.2.0` |


Updates `@emotion/react` from 11.13.5 to 11.14.0
- [Release notes](https://github.com/emotion-js/emotion/releases)
- [Changelog](https://github.com/emotion-js/emotion/blob/main/CHANGELOG.md)
- [Commits](https://github.com/emotion-js/emotion/compare/@emotion/[email protected]...@emotion/[email protected])

Updates `@emotion/styled` from 11.13.5 to 11.14.0
- [Release notes](https://github.com/emotion-js/emotion/releases)
- [Changelog](https://github.com/emotion-js/emotion/blob/main/CHANGELOG.md)
- [Commits](https://github.com/emotion-js/emotion/compare/@emotion/[email protected]...@emotion/[email protected])

Updates `monaco-editor` from 0.52.0 to 0.52.2
- [Release notes](https://github.com/microsoft/monaco-editor/releases)
- [Changelog](https://github.com/microsoft/monaco-editor/blob/main/CHANGELOG.md)
- [Commits](microsoft/monaco-editor@v0.52.0...v0.52.2)

Updates `react-select` from 5.8.3 to 5.9.0
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/[email protected]@5.9.0)

Updates `@aws-sdk/types` from 3.696.0 to 3.709.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/types/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.709.0/packages/types)

Updates `msw` from 2.6.7 to 2.6.8
- [Release notes](https://github.com/mswjs/msw/releases)
- [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md)
- [Commits](mswjs/msw@v2.6.7...v2.6.8)

Updates `sass` from 1.82.0 to 1.83.0
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.82.0...1.83.0)

Updates `terser-webpack-plugin` from 5.3.10 to 5.3.11
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/terser-webpack-plugin@v5.3.10...v5.3.11)

Updates `webpack-dev-server` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: "@emotion/react"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: "@emotion/styled"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: monaco-editor
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: react-select
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: "@aws-sdk/types"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: msw
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: terser-webpack-plugin
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: webpack-dev-server
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependabot javascript Pull requests that update Javascript code type::security labels Dec 14, 2024
replicated-ci
replicated-ci approved these changes Dec 14, 2024
View reviewed changes
Copy link

@replicated-ci replicated-ci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action

@replicated-ci replicated-ci merged commit 03db1ee into main Dec 14, 2024
122 checks passed
@replicated-ci replicated-ci deleted the dependabot/npm_and_yarn/web/security-6c2b0cf16f branch December 14, 2024 12:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@replicated-ci replicated-ci replicated-ci approved these changes

Assignees
No one assigned
Labels
dependabot javascript Pull requests that update Javascript code type::security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@replicated-ci