Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump yarn-audit-fix from 7.2.3 to 10.0.9 #859

Merged
merged 1 commit into from
Aug 26, 2024
Merged

chore(deps): bump yarn-audit-fix from 7.2.3 to 10.0.9 #859

merged 1 commit into from
Aug 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 26, 2024

Bumps yarn-audit-fix from 7.2.3 to 10.0.9.

Release notes

Sourced from yarn-audit-fix's releases.

v10.0.9

10.0.9 (2024-08-21)

Fixes & improvements

  • fix(deps): update dependency commander to v12 (3fe23a1)

v10.0.8

10.0.8 (2024-08-06)

Fixes & improvements

  • fix: apply object key sort to npm view deps output (#336) (106229b)
  • fix: set shell true to handle sec fix for windows (#335) (6a29f1c)

v10.0.7

10.0.7 (2023-11-23)

Fixes & improvements

  • fix(deps): update dependency commander to v11 (1cd29fa)

v10.0.6

10.0.6 (2023-11-22)

Fixes & improvements

  • refactor: use os.temp() instead of find-cache-dir (85776a0)
  • fix: rm find-up and pkg-dir from deps to bring back nodejs 16 support (5ac29c1)

v10.0.5

10.0.5 (2023-11-16)

Fixes & improvements

  • fix(deps): update dependency find-up to v7 (284fb63)

v10.0.4

10.0.4 (2023-11-04)

Fixes & improvements

  • fix(deps): update dependency pkg-dir to v8 (9b5feac)

v10.0.3

10.0.3 (2023-11-02)

Fixes & improvements

v10.0.2

10.0.2 (2023-11-02)

Fixes & improvements

  • docs: mention presentation at HolyJS 2022 (b1641f0)

... (truncated)

Changelog

Sourced from yarn-audit-fix's changelog.

10.0.9 (2024-08-21)

Fixes & improvements

  • fix(deps): update dependency commander to v12 (3fe23a1)

10.0.8 (2024-08-06)

Fixes & improvements

  • fix: apply object key sort to npm view deps output (#336) (106229b)
  • fix: set shell true to handle sec fix for windows (#335) (6a29f1c)

10.0.7 (2023-11-23)

Fixes & improvements

  • fix(deps): update dependency commander to v11 (1cd29fa)

10.0.6 (2023-11-22)

Fixes & improvements

  • refactor: use os.temp() instead of find-cache-dir (85776a0)
  • fix: rm find-up and pkg-dir from deps to bring back nodejs 16 support (5ac29c1)

10.0.5 (2023-11-16)

Fixes & improvements

  • fix(deps): update dependency find-up to v7 (284fb63)

10.0.4 (2023-11-04)

Fixes & improvements

  • fix(deps): update dependency pkg-dir to v8 (9b5feac)

10.0.3 (2023-11-02)

Fixes & improvements

10.0.2 (2023-11-02)

Fixes & improvements

  • docs: mention presentation at HolyJS 2022 (b1641f0)

10.0.1 (2023-08-25)

Fixes & improvements

  • fix(deps): update dependency find-cache-dir to v5 (0c7a0eb)

10.0.0 (2023-08-05)

Fixes & improvements

... (truncated)

Commits
  • 2378bb0 chore(release): 10.0.9 [skip ci]
  • 3fe23a1 fix(deps): update dependency commander to v12
  • aa4ac8e chore(deps): update paambaati/codeclimate-action action to v9
  • 48cd011 chore(deps): update dependency npm to v10
  • 42ff07a chore: set explicit key sorter
  • c929e36 chore(release): 10.0.8 [skip ci]
  • 106229b fix: apply object key sort to npm view deps output (#336)
  • 6a29f1c fix: set shell true to handle sec fix for windows (#335)
  • 5e5fee0 ci: add nodejs 22 to test matrix
  • 00efac0 chore(deps): update dependency typescript to v5.4.5
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump yarn-audit-fix from 7.2.3 to 10.0.9
25b083d 
Bumps [yarn-audit-fix](https://github.com/antongolub/yarn-audit-fix) from 7.2.3 to 10.0.9.
- [Release notes](https://github.com/antongolub/yarn-audit-fix/releases)
- [Changelog](https://github.com/antongolub/yarn-audit-fix/blob/master/CHANGELOG.md)
- [Commits](antongolub/yarn-audit-fix@v7.2.3...v10.0.9)

---
updated-dependencies:
- dependency-name: yarn-audit-fix
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 26, 2024
@github-actions GitHub Actions
Copy link

Our Pull Request Approval Process

We have these basic policies to make the approval process smoother for our volunteer team.

Testing Your Code

Please make sure your code passes all tests and there are no merge conflicts.

The process helps maintain accurate and well-formatted documentation and is a prerequisite for getting your PR approved. Assigned reviewers regularly review the PR queue and tend to focus on PRs that are passing.

Reviewers

When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

  1. comments in this PR or
  2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

  1. arbitrators of future discussions with other contributors about the validity of your changes
  2. point of contact for evaluating the validity of your work
  3. person who verifies matching issues by others that should be closed.
  4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

  1. PRs with issues not assigned to you will be closed by the reviewer
  2. Fix the first comment in the PR so that each issue listed automatically closes

Other

  1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.

@palisadoes palisadoes merged commit bbac10b into develop Aug 26, 2024
3 of 4 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/develop/yarn-audit-fix-10.0.9 branch August 26, 2024 16:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@palisadoes