Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all non-major dependencies #7392

Merged
merged 1 commit into from
Mar 22, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 21, 2022

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@babel/core (source) ^7.17.7 -> ^7.17.8 age adoption passing confidence
@babel/parser (source) ^7.17.7 -> ^7.17.8 age adoption passing confidence
@babel/standalone (source) ^7.17.7 -> ^7.17.8 age adoption passing confidence
@typescript-eslint/eslint-plugin ^5.15.0 -> ^5.16.0 age adoption passing confidence
@typescript-eslint/parser ^5.15.0 -> ^5.16.0 age adoption passing confidence
debug ^4.3.3 -> ^4.3.4 age adoption passing confidence
es-module-lexer ^0.10.1 -> ^0.10.4 age adoption passing confidence
json5 (source) ^2.2.0 -> ^2.2.1 age adoption passing confidence
lint-staged ^12.3.6 -> ^12.3.7 age adoption passing confidence
node-forge ^1.2.1 -> ^1.3.0 age adoption passing confidence

Release Notes

babel/babel (@​babel/core)

v7.17.8

Compare Source

👓 Spec Compliance
🐛 Bug Fix
↩️ Revert
babel/babel (@​babel/parser)

v7.17.8

Compare Source

v7.17.8 (2022-03-18)

👓 Spec Compliance
🐛 Bug Fix
↩️ Revert
Committers: 4
typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v5.16.0

Compare Source

Bug Fixes
  • eslint-plugin: [consistent-type-assertions] enforce assertionStyle for const assertions (#​4685) (8ec05be)
Features
  • eslint-plugin: [prefer-optional-chain] support logical with empty object (#​4430) (d21cfe0)
typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v5.16.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

debug-js/debug

v4.3.4

Compare Source

What's Changed

New Contributors

Full Changelog: debug-js/debug@4.3.3...4.3.4

guybedford/es-module-lexer

v0.10.4

Compare Source

What's Changed

Full Changelog: guybedford/es-module-lexer@0.10.3...0.10.4

v0.10.3

Compare Source

What's Changed

Full Changelog: guybedford/es-module-lexer@0.10.2...0.10.3

v0.10.2

Compare Source

What's Changed

Full Changelog: guybedford/es-module-lexer@0.10.1...0.10.2

json5/json5

v2.2.1

Compare Source

okonet/lint-staged

v12.3.7

Compare Source

Bug Fixes
  • improve renderer logic for --silent and FORCE_COLOR settings (d327873)
digitalbazaar/forge

v1.3.0

Compare Source

Security
Fixed
  • [asn1] Add fallback to pretty print invalid UTF8 data.
  • [asn1] fromDer is now more strict and will default to ensuring all input
    bytes are parsed or throw an error. A new option parseAllBytes can disable
    this behavior.
    • NOTE: The previous behavior is being changed since it can lead to
      security issues with crafted inputs. It is possible that code doing custom
      DER parsing may need to adapt to this new behavior and optional flag.
  • [rsa] Add and use a validator to check for proper structure of parsed ASN.1
    RSASSA-PKCS-v1_5 DigestInfo data. Additionally check that the hash
    algorithm identifier is a known value from RFC 8017
    PKCS1-v1-5DigestAlgorithms. An invalid DigestInfo or algorithm identifier
    will now throw an error.
    • NOTE: The previous lenient behavior is being changed to be more strict
      since it could lead to security issues with crafted inputs. It is possible
      that code may have to handle the errors from these stricter checks.
Added
  • [oid] Added missing RFC 8017 PKCS1-v1-5DigestAlgorithms algorithm
    identifiers:
    • 1.2.840.113549.2.2 / md2
    • 2.16.840.1.101.3.4.2.4 / sha224
    • 2.16.840.1.101.3.4.2.5 / sha512-224
    • 2.16.840.1.101.3.4.2.6 / sha512-256

Configuration

📅 Schedule: "before 3am on Monday" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Mar 21, 2022
bluwy
bluwy previously approved these changes Mar 21, 2022
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 2aaf2ec to eb6f8f0 Compare March 21, 2022 18:18
patak-dev
patak-dev previously approved these changes Mar 21, 2022
@patak-dev
Copy link
Member

@bluwy do you know why it is a fix(deps) instead of a chore(deps) ?

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from eb6f8f0 to 3f84441 Compare March 22, 2022 01:21
@bluwy
Copy link
Member

bluwy commented Mar 22, 2022

According to the docs, looks like renovate does so when updating prod deps, likely so that release tools like semantic-release would keep the commit in the changelog.

@patak-dev patak-dev merged commit b63fc3b into main Mar 22, 2022
@patak-dev patak-dev deleted the renovate/all-minor-patch branch March 22, 2022 03:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants