-
Notifications
You must be signed in to change notification settings - Fork 285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the npm_and_yarn group across 8 directories with 7 updates #3703
build(deps): bump the npm_and_yarn group across 8 directories with 7 updates #3703
Conversation
85d6864
to
ed4f55e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hyperledger-cacti/cacti-maintainers FYI : I'm modifying this one by hand to combat the axios downgrade which the bot seems still intent on doing.
ed4f55e
to
008bc5c
Compare
@hyperledger-cacti/cacti-maintainers ready for review |
008bc5c
to
3f97abf
Compare
3f97abf
to
d9016a8
Compare
➤ YN0028: The lockfile would have been modified by this install, which is explicitly forbidden. I'm fixing this |
…updates Bumps the npm_and_yarn group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` | | [webpack](https://github.com/webpack/webpack) | `5.95.0` | `5.96.0` | | [axios](https://github.com/axios/axios) | `1.7.2` | `1.7.9` | | [express](https://github.com/expressjs/express) | `4.21.1` | `4.21.2` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.7` | `6.6.0` | | [undici](https://github.com/nodejs/undici) | `6.20.1` | `6.21.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.3.3` | `5.3.6` | Updates `secp256k1` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases) - [Commits](cryptocoinjs/secp256k1-node@v4.0.3...v4.0.4) Updates `webpack` from 5.95.0 to 5.96.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.95.0...v5.96.0) Updates `axios` from 1.7.2 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.9) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `elliptic` from 6.5.7 to 6.6.0 - [Commits](indutny/elliptic@v6.5.7...v6.6.0) Updates `undici` from 6.20.1 to 6.21.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.20.1...v6.21.0) Updates `vite` from 5.3.3 to 5.3.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.3.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.3.6/packages/vite) Updates `axios` from 1.7.7 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `elliptic` from 6.5.7 to 6.6.0 - [Commits](indutny/elliptic@v6.5.7...v6.6.0) Updates `secp256k1` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases) - [Commits](cryptocoinjs/secp256k1-node@v4.0.3...v4.0.4) Updates `secp256k1` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases) - [Commits](cryptocoinjs/secp256k1-node@v4.0.3...v4.0.4) Updates `axios` from 1.7.7 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `elliptic` from 6.5.7 to 6.6.0 - [Commits](indutny/elliptic@v6.5.7...v6.6.0) Updates `secp256k1` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases) - [Commits](cryptocoinjs/secp256k1-node@v4.0.3...v4.0.4) Updates `axios` from 1.7.7 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `axios` from 1.7.7 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `elliptic` from 6.5.7 to 6.6.0 - [Commits](indutny/elliptic@v6.5.7...v6.6.0) Updates `express` from 4.21.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.1...4.21.2) Updates `elliptic` from 6.5.7 to 6.6.0 - [Commits](indutny/elliptic@v6.5.7...v6.6.0) --- updated-dependencies: - dependency-name: secp256k1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: undici dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: secp256k1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: secp256k1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: secp256k1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: direct:production dependency-group: npm_and_yarn ... Co-authored-by: Peter Somogyvari <peter.somogyvari@accenture.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
d9016a8
to
3908867
Compare
Bumps the npm_and_yarn group with 7 updates in the / directory:
4.0.3
4.0.4
5.95.0
5.96.0
1.7.2
1.7.4
4.21.1
4.21.2
6.5.7
6.6.0
6.20.1
6.21.0
5.3.3
5.3.6
Bumps the npm_and_yarn group with 3 updates in the /examples/cactus-example-discounted-asset-trade directory: axios, express and elliptic.
Bumps the npm_and_yarn group with 1 update in the /packages/cactus-common directory: secp256k1.
Bumps the npm_and_yarn group with 4 updates in the /packages/cactus-plugin-ledger-connector-fabric directory: secp256k1, axios, express and elliptic.
Bumps the npm_and_yarn group with 3 updates in the /packages/cactus-plugin-satp-hermes directory: secp256k1, axios and express.
Bumps the npm_and_yarn group with 2 updates in the /packages/cactus-test-tooling directory: axios and elliptic.
Bumps the npm_and_yarn group with 1 update in the /weaver/samples/fabric/fabric-cli directory: express.
Bumps the npm_and_yarn group with 1 update in the /weaver/sdks/fabric/interoperation-node-sdk directory: elliptic.
Updates
secp256k1
from 4.0.3 to 4.0.4Commits
756fce1
4.0.48bd6446
elliptic: fix key verification in loadCompressedPublicKey840834e
Update elliptic to 6.5.7 (CVE-2024-42461) (#206)Updates
webpack
from 5.95.0 to 5.96.0Release notes
Sourced from webpack's releases.
Commits
aff0c3e
chore(release): 5.96.06f11ec1
refactor: module source types codeb07142f
refactor: module source types code7d98b3c
fix: Module Federation should track all referenced chunks6d09769
chore: lintingcb3cf61
chore: add test69dd27e
fix: Module Federation should track all referenced chunks6a6f14f
refactor: udate acorndb32353
refactor: code79b8f00
refactor: update acornUpdates
axios
from 1.7.2 to 1.7.4Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)Updates
express
from 4.21.1 to 4.21.2Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
1faf228
4.21.22e0fb64
deps: bump path-to-regexp@0.1.12 (#6209)59fc270
deps: path-to-regexp@0.1.11 (#5956)51fc39c
docs: add funding (#6065)Maintainer changes
This version was pushed to npm by jonchurch, a new releaser for express since your current version.
Updates
elliptic
from 6.5.7 to 6.6.0Commits
b8a7edd
6.6.034c8534
fix: signature verification due to leading zerosUpdates
undici
from 6.20.1 to 6.21.0Release notes
Sourced from undici's releases.
Commits
61ec353
Bumped v6.21.011e31a4
fix: range end is zero-indexed (#3826) (#3827)98d1b1b
fix: handle undefined deref() of WeakRef(socket) (#3751) (#3822)f21da44
fetch: fix content-encoding order (#3343) (#3764)e2e3fd2
web: mark as uncloneable when possible (#3709) (#3744)Updates
vite
from 5.3.3 to 5.3.6Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
Commits
f469ceb
release: v5.3.62691bb3
fix: avoid DOM Clobbering gadget ingetRelativeUrlFromDocument
(#18115)4573a6f
fix: fs raw query (#18112)4407839
release: v5.3.566bdb1d
refactor(asset): remove rollup 3 public file watch workaround (#16331)b240a83
fix(build): env output is not stable (#17748)b58b423
fix(importMetaGlob): handle alias that starts with hash (#17743)d906d3f
fix(css): resolve url aliases with fragments (fix: #17690) (#17691)3c1bde3
fix(client): fix vite error path (#17744)9983731
chore(deps): update all non-major dependencies (#17734)Updates
axios
from 1.7.7 to 1.7.9Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)Updates
express
from 4.21.1 to 4.21.2Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
1faf228
4.21.22e0fb64
deps: bump path-to-regexp@0.1.12 (#6209)59fc270
deps: path-to-regexp@0.1.11 (#5956)51fc39c
docs: add funding (#6065)Maintainer changes
This version was pushed to npm by jonchurch, a new releaser for express since your current version.
Updates
elliptic
from 6.5.7 to 6.6.0Commits
b8a7edd
6.6.034c8534
fix: signature verification due to leading zerosUpdates
secp256k1
from 4.0.3 to 4.0.4Commits
756fce1
4.0.48bd6446
elliptic: fix key verification in loadCompressedPublicKey840834e
Update elliptic to 6.5.7 (CVE-2024-42461) (#206)Updates
secp256k1
from 4.0.3 to 4.0.4Commits
756fce1
4.0.48bd6446
elliptic: fix key verification in loadCompressedPublicKey840834e
Update elliptic to 6.5.7 (CVE-2024-42461) (#206)Updates
axios
from 1.7.7 to 1.7.9Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)Updates
express
from 4.21.1 to 4.21.2Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
1faf228
4.21.22e0fb64
deps: bump path-to-regexp@0.1.12 (#6209)59fc270
deps: path-to-regexp@0.1.11 (#5956)51fc39c
docs: add funding (#6065)Maintainer changes
This version was pushed to npm by jonchurch, a new releaser for express since your current version.
Updates
elliptic
from 6.5.7 to 6.6.0Commits
b8a7edd
6.6.034c8534
fix: signature verification due to leading zerosUpdates
secp256k1
from 4.0.3 to 4.0.4Commits
756fce1
4.0.48bd6446
elliptic: fix key verification in loadCompressedPublicKey840834e
Update elliptic to 6.5.7 (CVE-2024-42461) (#206)Updates
axios
from 1.7.7 to 1.7.9Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)Updates
express
from 4.21.1 to 4.21.2Release notes
Sourced from express's releases.