From cefac55751c9115c689c4319e4bb5fbd18f31300 Mon Sep 17 00:00:00 2001 From: Yoshiki Fujikane <40124947+ffjlabo@users.noreply.github.com> Date: Tue, 30 Jul 2024 16:33:09 +0900 Subject: [PATCH 1/9] Set fetch-depth to 0 to create correct patches during git cherry-pick as much as possible (#5096) Signed-off-by: Yoshiki Fujikane Signed-off-by: pipecd-bot --- .github/workflows/cherry_pick.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/cherry_pick.yaml b/.github/workflows/cherry_pick.yaml index 50e14ddbaf..dbd7740508 100644 --- a/.github/workflows/cherry_pick.yaml +++ b/.github/workflows/cherry_pick.yaml @@ -16,6 +16,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 + with: + fetch-depth: 0 - name: make a cherry-pick PR run: | git config user.name "pipecd-bot" From 0f37f84d32b6778740e5633e1655191710a10ac7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 15:58:51 +0900 Subject: [PATCH 2/9] Bump postcss from 7.0.39 to 8.4.40 in /docs (#5099) Bumps [postcss](https://github.com/postcss/postcss) from 7.0.39 to 8.4.40. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.39...8.4.40) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: pipecd-bot --- docs/package-lock.json | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index 336549e149..0699e19499 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -440,6 +440,12 @@ "integrity": "sha512-0n3mSAQLPpGLV9ORXT5+C/D4mwew7Ebws69Hx4E2sgz2ZA5+32Q80B9tL8PbL7XHnRDiAxH/pnrUJ9a4fkTNTA==", "dev": true }, + "nanoid": { + "version": "3.3.7", + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", + "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==", + "dev": true + }, "node-releases": { "version": "1.1.77", "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.77.tgz", @@ -489,33 +495,21 @@ "dev": true }, "postcss": { - "version": "8.4.38", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz", - "integrity": "sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==", + "version": "8.4.40", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.40.tgz", + "integrity": "sha512-YF2kKIUzAofPMpfH6hOi2cGnv/HrUlfucspc7pDyvv7kGdqXrfj8SCl/t8owkEgKEuu8ZcRjSOxFxVLqwChZ2Q==", "dev": true, "requires": { "nanoid": "^3.3.7", - "picocolors": "^1.0.0", + "picocolors": "^1.0.1", "source-map-js": "^1.2.0" }, "dependencies": { - "nanoid": { - "version": "3.3.7", - "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", - "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==", - "dev": true - }, "picocolors": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.1.tgz", "integrity": "sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew==", "dev": true - }, - "source-map-js": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", - "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==", - "dev": true } } }, @@ -639,6 +633,12 @@ "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", "dev": true }, + "source-map-js": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", + "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==", + "dev": true + }, "string-width": { "version": "4.2.3", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", From 097ff85abdbbaa14a0d800850e567072108fe1ca Mon Sep 17 00:00:00 2001 From: Shinnosuke Sawada-Dazai Date: Fri, 2 Aug 2024 18:30:47 +0900 Subject: [PATCH 3/9] Use LRUCache for Application Manifests Cache (#5108) * Use LRUCache for Application Manifests Cache Signed-off-by: Shinnosuke Sawada-Dazai * Use not constant but config value Co-authored-by: Yoshiki Fujikane <40124947+ffjlabo@users.noreply.github.com> Signed-off-by: Shinnosuke Sawada-Dazai --------- Signed-off-by: Shinnosuke Sawada-Dazai Co-authored-by: Yoshiki Fujikane <40124947+ffjlabo@users.noreply.github.com> Signed-off-by: pipecd-bot --- pkg/app/piped/cmd/piped/piped.go | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/pkg/app/piped/cmd/piped/piped.go b/pkg/app/piped/cmd/piped/piped.go index db939d24c4..c35657ec34 100644 --- a/pkg/app/piped/cmd/piped/piped.go +++ b/pkg/app/piped/cmd/piped/piped.go @@ -99,6 +99,7 @@ type piped struct { addLoginUserToPasswd bool launcherVersion string maxRecvMsgSize int + appManifestCacheCount int } func NewCommand() *cobra.Command { @@ -107,10 +108,11 @@ func NewCommand() *cobra.Command { panic(fmt.Sprintf("failed to detect the current user's home directory: %v", err)) } p := &piped{ - adminPort: 9085, - toolsDir: path.Join(home, ".piped", "tools"), - gracePeriod: 30 * time.Second, - maxRecvMsgSize: 1024 * 1024 * 10, // 10MB + adminPort: 9085, + toolsDir: path.Join(home, ".piped", "tools"), + gracePeriod: 30 * time.Second, + maxRecvMsgSize: 1024 * 1024 * 10, // 10MB + appManifestCacheCount: 150, } cmd := &cobra.Command{ Use: "piped", @@ -131,6 +133,7 @@ func NewCommand() *cobra.Command { cmd.Flags().BoolVar(&p.enableDefaultKubernetesCloudProvider, "enable-default-kubernetes-cloud-provider", p.enableDefaultKubernetesCloudProvider, "Whether the default kubernetes provider is enabled or not. This feature is deprecated.") cmd.Flags().BoolVar(&p.addLoginUserToPasswd, "add-login-user-to-passwd", p.addLoginUserToPasswd, "Whether to add login user to $HOME/passwd. This is typically for applications running as a random user ID.") cmd.Flags().DurationVar(&p.gracePeriod, "grace-period", p.gracePeriod, "How long to wait for graceful shutdown.") + cmd.Flags().IntVar(&p.appManifestCacheCount, "app-manifest-cache-count", p.appManifestCacheCount, "The number of app manifests to cache. The cache-key contains the commit hash. The default is 150.") cmd.Flags().StringVar(&p.launcherVersion, "launcher-version", p.launcherVersion, "The version of launcher which initialized this Piped.") @@ -344,7 +347,11 @@ func (p *piped) run(ctx context.Context, input cli.Input) (runErr error) { analysisResultStore := analysisresultstore.NewStore(apiClient, input.Logger) // Create memory caches. - appManifestsCache := memorycache.NewTTLCache(ctx, time.Hour, time.Minute) + appManifestsCache, err := memorycache.NewLRUCache(p.appManifestCacheCount) + if err != nil { + input.Logger.Error("failed to create app manifests cache", zap.Error(err)) + return err + } var liveStateGetter livestatestore.Getter // Start running application live state store. From fe40dad0ca3b0a65d9c2396171cb0e376d3d3642 Mon Sep 17 00:00:00 2001 From: Khanh Tran <32532742+khanhtc1202@users.noreply.github.com> Date: Tue, 6 Aug 2024 14:58:46 +0700 Subject: [PATCH 4/9] Fix UI dependecies deprecated (#5113) Signed-off-by: khanhtc1202 Signed-off-by: pipecd-bot --- .../application-list/delete-application-dialog/index.tsx | 9 ++++++++- .../applications-page/application-list/index.tsx | 2 +- .../application-list/sealed-secret-dialog/index.tsx | 8 +++++++- web/src/theme.ts | 4 ++-- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/web/src/components/applications-page/application-list/delete-application-dialog/index.tsx b/web/src/components/applications-page/application-list/delete-application-dialog/index.tsx index 07d97e34a9..ffb13b429a 100644 --- a/web/src/components/applications-page/application-list/delete-application-dialog/index.tsx +++ b/web/src/components/applications-page/application-list/delete-application-dialog/index.tsx @@ -83,7 +83,14 @@ export const DeleteApplicationDialog: FC = memo( }, [dispatch]); return ( - + { + if (reason !== "backdropClick" || !isDeleting) { + handleCancel(); + } + }} + > {TITLE} diff --git a/web/src/components/applications-page/application-list/index.tsx b/web/src/components/applications-page/application-list/index.tsx index 92c6db34dd..eb2afd7f77 100644 --- a/web/src/components/applications-page/application-list/index.tsx +++ b/web/src/components/applications-page/application-list/index.tsx @@ -194,7 +194,7 @@ export const ApplicationList: FC = memo( onPageChange={(_, newPage) => { onPageChange(newPage + 1); }} - onChangeRowsPerPage={(e) => { + onRowsPerPageChange={(e) => { setRowsPerPage(parseInt(e.target.value, 10)); onPageChange(1); }} diff --git a/web/src/components/applications-page/application-list/sealed-secret-dialog/index.tsx b/web/src/components/applications-page/application-list/sealed-secret-dialog/index.tsx index aa125e47f0..6834a5f21d 100644 --- a/web/src/components/applications-page/application-list/sealed-secret-dialog/index.tsx +++ b/web/src/components/applications-page/application-list/sealed-secret-dialog/index.tsx @@ -102,7 +102,13 @@ export const SealedSecretDialog: FC = memo( } return ( - + {sealedSecret ? ( <> {DIALOG_TITLE} diff --git a/web/src/theme.ts b/web/src/theme.ts index 341947dca5..5a617c8697 100644 --- a/web/src/theme.ts +++ b/web/src/theme.ts @@ -1,4 +1,4 @@ -import { createMuiTheme } from "@material-ui/core/styles"; +import { createTheme } from "@material-ui/core/styles"; import cyan from "@material-ui/core/colors/cyan"; declare module "@material-ui/core/styles/createTypography" { @@ -11,7 +11,7 @@ declare module "@material-ui/core/styles/createTypography" { } } -export const theme = createMuiTheme({ +export const theme = createTheme({ props: { MuiButtonBase: { disableRipple: true, From 9293978a4001110bb38559aee5fe929532a7c515 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Aug 2024 14:40:56 +0900 Subject: [PATCH 5/9] Bump postcss and autoprefixer in /docs (#5114) Bumps [postcss](https://github.com/postcss/postcss) to 8.4.40 and updates ancestor dependency [autoprefixer](https://github.com/postcss/autoprefixer). These dependencies need to be updated together. Updates `postcss` from 7.0.39 to 8.4.40 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/7.0.39...8.4.40) Updates `autoprefixer` from 9.8.8 to 10.4.20 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/9.8.8...10.4.20) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect - dependency-name: autoprefixer dependency-type: direct:development ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: pipecd-bot --- docs/package-lock.json | 112 ++++++++++++++++++++--------------------- docs/package.json | 2 +- 2 files changed, 56 insertions(+), 58 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index 0699e19499..5f0f8aaa9d 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -68,30 +68,17 @@ "dev": true }, "autoprefixer": { - "version": "9.8.8", - "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-9.8.8.tgz", - "integrity": "sha512-eM9d/swFopRt5gdJ7jrpCwgvEMIayITpojhkkSMRsFHYuH5bkSQ4p/9qTEHtmNudUZh22Tehu7I6CxAW0IXTKA==", + "version": "10.4.20", + "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.20.tgz", + "integrity": "sha512-XY25y5xSv/wEoqzDyXXME4AFfkZI0P23z6Fs3YgymDnKJkCGOnkL0iTxCa85UTqaSgfcqyf3UA6+c7wUvx/16g==", "dev": true, "requires": { - "browserslist": "^4.12.0", - "caniuse-lite": "^1.0.30001109", + "browserslist": "^4.23.3", + "caniuse-lite": "^1.0.30001646", + "fraction.js": "^4.3.7", "normalize-range": "^0.1.2", - "num2fraction": "^1.2.2", - "picocolors": "^0.2.1", - "postcss": "^7.0.32", - "postcss-value-parser": "^4.1.0" - }, - "dependencies": { - "postcss": { - "version": "7.0.39", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.39.tgz", - "integrity": "sha512-yioayjNbHn6z1/Bywyb2Y4s3yvDAeXGOyxqD+LnVOinq6Mdmd++SW2wUNVzavyyHxd6+DxzWGIuosg6P1Rj8uA==", - "dev": true, - "requires": { - "picocolors": "^0.2.1", - "source-map": "^0.6.1" - } - } + "picocolors": "^1.0.1", + "postcss-value-parser": "^4.2.0" } }, "binary-extensions": { @@ -121,22 +108,21 @@ } }, "browserslist": { - "version": "4.17.3", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.17.3.tgz", - "integrity": "sha512-59IqHJV5VGdcJZ+GZ2hU5n4Kv3YiASzW6Xk5g9tf5a/MAzGeFwgGWU39fVzNIOVcgB3+Gp+kiQu0HEfTVU/3VQ==", + "version": "4.23.3", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.3.tgz", + "integrity": "sha512-btwCFJVjI4YWDNfau8RhZ+B1Q/VLoUITrm3RlP6y1tYGWIOa+InuYiRGXUBXo8nA1qKmHMyLB/iVQg5TT4eFoA==", "dev": true, "requires": { - "caniuse-lite": "^1.0.30001264", - "electron-to-chromium": "^1.3.857", - "escalade": "^3.1.1", - "node-releases": "^1.1.77", - "picocolors": "^0.2.1" + "caniuse-lite": "^1.0.30001646", + "electron-to-chromium": "^1.5.4", + "node-releases": "^2.0.18", + "update-browserslist-db": "^1.1.0" } }, "caniuse-lite": { - "version": "1.0.30001265", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001265.tgz", - "integrity": "sha512-YzBnspggWV5hep1m9Z6sZVLOt7vrju8xWooFAgN6BA5qvy98qPAPb7vNUzypFaoh2pb3vlfzbDO8tB57UPGbtw==", + "version": "1.0.30001649", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001649.tgz", + "integrity": "sha512-fJegqZZ0ZX8HOWr6rcafGr72+xcgJKI9oWfDW5DrD7ExUtgZC7a7R7ZYmZqplh7XDocFdGeIFn7roAxhOeYrPQ==", "dev": true }, "chalk": { @@ -207,9 +193,9 @@ } }, "electron-to-chromium": { - "version": "1.3.865", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.865.tgz", - "integrity": "sha512-okGcCKfihgGlaROMFNPQ6eaU3bk9Xa68rLYSnVD2PyIqM5B/vyQoXCpB3p1HI3AXio097ROVBlSO4JZVilUWuA==", + "version": "1.5.5", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.5.tgz", + "integrity": "sha512-QR7/A7ZkMS8tZuoftC/jfqNkZLQO779SSW3YuZHP4eXpj3EffGLFcB/Xu9AAZQzLccTiCV+EmUo3ha4mQ9wnlA==", "dev": true }, "emoji-regex": { @@ -246,6 +232,12 @@ "reusify": "^1.0.4" } }, + "fraction.js": { + "version": "4.3.7", + "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-4.3.7.tgz", + "integrity": "sha512-ZsDfxO51wGAXREY55a7la9LScWpwv9RxIrYABrlvOFBlH/ShPnrtsXeuUIfXKKOVicNxQ+o8JTbJvjS4M89yew==", + "dev": true + }, "fs-extra": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz", @@ -447,9 +439,9 @@ "dev": true }, "node-releases": { - "version": "1.1.77", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-1.1.77.tgz", - "integrity": "sha512-rB1DUFUNAN4Gn9keO2K1efO35IDK7yKHCdCaIMvFO7yUYmmZYeDjnGKle26G4rwj+LKRQpjyUUvMkPglwGCYNQ==", + "version": "2.0.18", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.18.tgz", + "integrity": "sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==", "dev": true }, "normalize-path": { @@ -461,13 +453,7 @@ "normalize-range": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/normalize-range/-/normalize-range-0.1.2.tgz", - "integrity": "sha1-LRDAa9/TEuqXd2laTShDlFa3WUI=", - "dev": true - }, - "num2fraction": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/num2fraction/-/num2fraction-1.2.2.tgz", - "integrity": "sha1-b2gragJ6Tp3fpFZM0lidHU5mnt4=", + "integrity": "sha512-bdok/XvKII3nUpklnV6P2hxtMNrCboOjAcyBuQnWEhO665FwrSNRxU+AqpsyvO6LgGYPspN+lu5CLtw4jPRKNA==", "dev": true }, "path-type": { @@ -477,9 +463,9 @@ "dev": true }, "picocolors": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-0.2.1.tgz", - "integrity": "sha512-cMlDqaLEqfSaW8Z7N5Jw+lyIW869EzT73/F5lhtY9cLGoVxSXznfgfXMO0Z5K0o0Q2TkTXq+0KFsdnSe3jDViA==", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.1.tgz", + "integrity": "sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew==", "dev": true }, "picomatch": { @@ -559,9 +545,9 @@ } }, "postcss-value-parser": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz", - "integrity": "sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==", + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz", + "integrity": "sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==", "dev": true }, "pretty-hrtime": { @@ -627,12 +613,6 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", "dev": true }, - "source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true - }, "source-map-js": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz", @@ -683,6 +663,24 @@ "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==", "dev": true }, + "update-browserslist-db": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.0.tgz", + "integrity": "sha512-EdRAaAyk2cUE1wOf2DkEhzxqOQvFOoRJFNS6NeyJ01Gp2beMRpBAINjM2iDXE3KCuKhwnvHIQCJm6ThL2Z+HzQ==", + "dev": true, + "requires": { + "escalade": "^3.1.2", + "picocolors": "^1.0.1" + }, + "dependencies": { + "escalade": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.2.tgz", + "integrity": "sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA==", + "dev": true + } + } + }, "wrap-ansi": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", diff --git a/docs/package.json b/docs/package.json index ebb53eb0ff..beb1d193f2 100644 --- a/docs/package.json +++ b/docs/package.json @@ -17,7 +17,7 @@ }, "homepage": "https://github.com/google/docsy-example#readme", "devDependencies": { - "autoprefixer": "^9.8.6", + "autoprefixer": "^10.4.20", "postcss": "^8.4.31", "postcss-cli": "^8.3.1" } From f1fa7bf73d8164219490721b7ee0e351350ba8bf Mon Sep 17 00:00:00 2001 From: Khanh Tran <32532742+khanhtc1202@users.noreply.github.com> Date: Tue, 13 Aug 2024 10:08:16 +0700 Subject: [PATCH 6/9] fix: upgrade google-protobuf from 3.21.0 to 3.21.4 (#5115) Snyk has created this PR to upgrade google-protobuf from 3.21.0 to 3.21.4. See this package in yarn: google-protobuf See this project in Snyk: https://app.snyk.io/org/pipecd/project/f41c5767-b506-4f59-beb9-ef662258eb9a?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: t-kikuc Co-authored-by: snyk-bot Signed-off-by: pipecd-bot --- web/package.json | 2 +- web/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/web/package.json b/web/package.json index a69b130344..34fc613081 100644 --- a/web/package.json +++ b/web/package.json @@ -74,7 +74,7 @@ "dotenv": "^8.6.0", "echarts": "^5.5.1", "formik": "^2.2.9", - "google-protobuf": "^3.15.6", + "google-protobuf": "^3.21.4", "grpc-web": "^1.5.0", "history": "^4.10.1", "path-browserify": "^1.0.1", diff --git a/web/yarn.lock b/web/yarn.lock index 3ca2195f8b..0883bc0482 100644 --- a/web/yarn.lock +++ b/web/yarn.lock @@ -3783,10 +3783,10 @@ globby@^13.1.1: merge2 "^1.4.1" slash "^4.0.0" -google-protobuf@^3.15.6: - version "3.21.0" - resolved "https://registry.yarnpkg.com/google-protobuf/-/google-protobuf-3.21.0.tgz#8dfa3fca16218618d373d414d3c1139e28034d6e" - integrity sha512-byR7MBTK4tZ5PZEb+u5ZTzpt4SfrTxv5682MjPlHN16XeqgZE2/8HOIWeiXe8JKnT9OVbtBGhbq8mtvkK8cd5g== +google-protobuf@^3.21.4: + version "3.21.4" + resolved "https://registry.yarnpkg.com/google-protobuf/-/google-protobuf-3.21.4.tgz#2f933e8b6e5e9f8edde66b7be0024b68f77da6c9" + integrity sha512-MnG7N936zcKTco4Jd2PX2U96Kf9PxygAPKBug+74LHzmHXmceN16MmRcdgZv+DGef/S9YvQAfRsNCn4cjf9yyQ== graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.4, graceful-fs@^4.2.6, graceful-fs@^4.2.9: version "4.2.10" From 4ac391d30e311b8153a7b4f5e6bd989e2b2f01cf Mon Sep 17 00:00:00 2001 From: Khanh Tran <32532742+khanhtc1202@users.noreply.github.com> Date: Tue, 13 Aug 2024 10:15:31 +0700 Subject: [PATCH 7/9] fix: upgrade react-markdown from 6.0.2 to 6.0.3 (#5116) Snyk has created this PR to upgrade react-markdown from 6.0.2 to 6.0.3. See this package in yarn: react-markdown See this project in Snyk: https://app.snyk.io/org/pipecd/project/f41c5767-b506-4f59-beb9-ef662258eb9a?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: t-kikuc Co-authored-by: snyk-bot Signed-off-by: pipecd-bot --- web/package.json | 2 +- web/yarn.lock | 17 ++++++++++++----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/web/package.json b/web/package.json index 34fc613081..93e32ea520 100644 --- a/web/package.json +++ b/web/package.json @@ -84,7 +84,7 @@ "react-dom": "^17.0.2", "react-draggable": "^4.4.6", "react-intersection-observer": "^8.26.2", - "react-markdown": "^6.0.2", + "react-markdown": "^6.0.3", "react-redux": "^7.2.9", "react-router-dom": "^5.3.4", "react-syntax-highlighter": "^15.5.0", diff --git a/web/yarn.lock b/web/yarn.lock index 0883bc0482..54eab48f93 100644 --- a/web/yarn.lock +++ b/web/yarn.lock @@ -5786,6 +5786,13 @@ property-information@^5.0.0: dependencies: xtend "^4.0.0" +property-information@^5.3.0: + version "5.6.0" + resolved "https://registry.yarnpkg.com/property-information/-/property-information-5.6.0.tgz#61675545fb23002f245c6540ec46077d4da3ed69" + integrity sha512-YUHSPk+A30YPv+0Qf8i9Mbfe/C0hdPXk1s1jPVToV8pk8BQtpw10ct89Eo7OWkutrwqvT0eicAxlOg3dOAu8JA== + dependencies: + xtend "^4.0.0" + proxy-addr@~2.0.7: version "2.0.7" resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.7.tgz#f19fe69ceab311eeb94b42e70e8c2070f9ba1025" @@ -5913,16 +5920,16 @@ react-is@^18.0.0: resolved "https://registry.yarnpkg.com/react-is/-/react-is-18.2.0.tgz#199431eeaaa2e09f86427efbb4f1473edb47609b" integrity sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w== -react-markdown@^6.0.2: - version "6.0.2" - resolved "https://registry.yarnpkg.com/react-markdown/-/react-markdown-6.0.2.tgz#d89be45c278b1e5f0196f851fffb11e30c69f027" - integrity sha512-Et2AjXAsbmPP1nLQQRqmVgcqzfwcz8uQJ8VAdADs8Nk/aaUA0YeU9RDLuCtD+GwajCnm/+Iiu2KPmXzmD/M3vA== +react-markdown@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/react-markdown/-/react-markdown-6.0.3.tgz#625ec767fa321d91801129387e7d31ee0cb99254" + integrity sha512-kQbpWiMoBHnj9myLlmZG9T1JdoT/OEyHK7hqM6CqFT14MAkgWiWBUYijLyBmxbntaN6dCDicPcUhWhci1QYodg== dependencies: "@types/hast" "^2.0.0" "@types/unist" "^2.0.3" comma-separated-tokens "^1.0.0" prop-types "^15.7.2" - property-information "^5.0.0" + property-information "^5.3.0" react-is "^17.0.0" remark-parse "^9.0.0" remark-rehype "^8.0.0" From 2737f4053a7c2b4877c4f36b2349e703a242c800 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Thu, 8 Aug 2024 02:10:33 -0500 Subject: [PATCH 8/9] fix: tool/actions-gh-release/Dockerfile to reduce vulnerabilities (#5118) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-7413532 - https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-7413532 Signed-off-by: khanhtc1202 Co-authored-by: snyk-bot Signed-off-by: pipecd-bot --- tool/actions-gh-release/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tool/actions-gh-release/Dockerfile b/tool/actions-gh-release/Dockerfile index 055e3b1bf1..87c2d8f9bc 100644 --- a/tool/actions-gh-release/Dockerfile +++ b/tool/actions-gh-release/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.22.4-alpine3.20 +FROM golang:1.22.5-alpine3.20 RUN apk update && apk add git From ec595532abe1d58f18fff5c7af73b8ae44317741 Mon Sep 17 00:00:00 2001 From: Chris Aniszczyk Date: Mon, 12 Aug 2024 22:13:48 -0500 Subject: [PATCH 9/9] fix: upgrade dayjs from 1.8.28 to 1.11.12 (#5126) Snyk has created this PR to upgrade dayjs from 1.8.28 to 1.11.12. See this package in yarn: dayjs See this project in Snyk: https://app.snyk.io/org/pipecd/project/f41c5767-b506-4f59-beb9-ef662258eb9a?utm_source=github&utm_medium=referral&page=upgrade-pr Signed-off-by: t-kikuc Co-authored-by: snyk-bot Signed-off-by: pipecd-bot --- web/package.json | 2 +- web/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/web/package.json b/web/package.json index 93e32ea520..dd03a4c140 100644 --- a/web/package.json +++ b/web/package.json @@ -70,7 +70,7 @@ "@types/yup": "^0.29.14", "clsx": "^1.2.1", "dagre": "^0.8.5", - "dayjs": "^1.8.28", + "dayjs": "^1.11.12", "dotenv": "^8.6.0", "echarts": "^5.5.1", "formik": "^2.2.9", diff --git a/web/yarn.lock b/web/yarn.lock index 54eab48f93..5b7b9836cd 100644 --- a/web/yarn.lock +++ b/web/yarn.lock @@ -2830,10 +2830,10 @@ data-urls@^3.0.2: whatwg-mimetype "^3.0.0" whatwg-url "^11.0.0" -dayjs@^1.8.28: - version "1.8.28" - resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.8.28.tgz#37aa6201df483d089645cb6c8f6cef6f0c4dbc07" - integrity sha512-ccnYgKC0/hPSGXxj7Ju6AV/BP4HUkXC2u15mikXT5mX9YorEaoi1bEKOmAqdkJHN4EEkmAf97SpH66Try5Mbeg== +dayjs@^1.11.12: + version "1.11.12" + resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.12.tgz#5245226cc7f40a15bf52e0b99fd2a04669ccac1d" + integrity sha512-Rt2g+nTbLlDWZTwwrIXjy9MeiZmSDI375FvZs72ngxx8PDC6YXOeR3q5LAuPzjZQxhiWdRKac7RKV+YyQYfYIg== debug@2.6.9: version "2.6.9"