Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump convict, @antora/cli and @antora/site-generator-default in /docs #291

Open
wants to merge 1 commit into
base: 5.7
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 10, 2023

Bumps convict to 6.2.4 and updates ancestor dependencies convict, @antora/cli and @antora/site-generator-default. These dependencies need to be updated together.

Updates convict from 6.0.0 to 6.2.4

Changelog

Sourced from convict's changelog.

6.2.4 (2023-01-07)

Bug Fixes

  • Fix imperfect prototype pollution fix (#410) (#411). Thanks to Captain-K-101

[6.2.3] - 2022-05-07

Fixed

  • More more complete fix for prototype pollution vulnerability first addressed in #384 (Marc-Aurèle Darche @​madarche, Snyk Security team)

[6.2.2] - 2022-03-27

Fixed

  • More complete fix for prototype pollution vulnerability first addressed in #384 (Marc-Aurèle Darche @​madarche)

[6.2.1] - 2021-10-20

Fixed

[6.2.0] - 2021-05-21

Changed

  • Update dependency: validator ^11.1.0^13.6.0 (#390)
  • Update dependency: parser ^18.1.3^20.2.7 (#390)
  • Update dependency: moment ^2.24.0^2.29.1 (#390)

[6.1.0] - 2021-05-03

Added

  • Add new "nullable" option to allow "null" additionally to any format #386 (maxwrlr)

[6.0.1] - 2021-03-11

Fixed

  • Fix prototype pollution vulnerability #384 (arjunshibu, Jamie Slome)
Commits
Maintainer changes

This version was pushed to npm by madarche, a new releaser for convict since your current version.


Updates @antora/cli from 2.3.3 to 3.1.2

Changelog

Sourced from @​antora/cli's changelog.

= Antora Changelog

This document provides a summary of all notable changes to the core Antora components by release. For a detailed view of what's changed, refer to the repository's https://gitlab.com/antora/antora/commits/main[commit history].

This project utilizes semantic versioning.

== 3.2.0-alpha.2 (2022-11-01)

=== Added

  • content-classifier: Emit componentsRegistered event after all components and versions have been registered (#1015)
  • content-classifier: Store raw files, nav, and startPage data on partially constructed component version until processed (#1015)
  • content-classifier: Add readable property named files to component version in ContentCatalog#registerComponentVersionStartPage to get files for component version on access (#1015)
  • content-classifier: Add readable property named startPage to component version in ContentCatalog#registerComponentVersionStartPage to look up start page for component version on access (#1015)
  • content-classifier: Discover implicit site start page in component version promoted to site root (#1021)
  • content-classifier: Update ContentCatalog#registerComponentVersionStartPage to return start page

=== Changed

  • content-classifier: Don't recompute resource ID on file from content aggregate if src.family is set (#1026)
  • content-classifier: Don't assign fallback value to url property on component version if property is already set
  • site-generator: Print site URL instead of file URI in completion message if CI=true

=== Fixed

  • playbook-builder: Decouple logic to compute default log format from process environment (#1022)
  • playbook-builder: Use consistent formatting for error messages in playbook builder
  • playbook-builder: Allow content aggregator to parse value of content.branches and content.tags playbook keys (#1025)
  • content-classifier: Add guard to prevent ContentCatalog#registerSiteStartPage from registering alias loop (#1020)
  • redirect-producer: Preserve target when creating static route if target is an absolute URL (#1024)
  • site-generator: Look for IS_TTY on playbook.env in site generator to decouple check from process environment

== 3.2.0-alpha.1 (2022-10-20)

=== Added

  • content-aggregate: Introduce syntax to match branches by worktree name (for inclusion or exclusion) (e.g., HEAD@5.8.x) (#1016)
  • content-aggregate: Allow linked worktree to be used as content source; automatically resolve main repository location and remap HEAD reference in branches (#535)
  • content-aggregate: Add support for ref placeholder to insert full name of git ref (e.g., refs/heads/v3.1.x) in value of edit_url key on content source (#1013)
  • content-classifier: Use value of versionSegment property on component version in place of version in output path and URL of pages (#1006)
  • content-classifier: Set dynamic activeVersionSegment property on component version to indicate which version segment is in use (#1006)
  • content-classifier: Add addSplatAlias method to ContentCatalog for adding a splat (directory) alias (#1008)

=== Changed

  • playbook-builder: Remove trailing slash from value of site.url when building playbook (#1009)
  • content-aggregator: Always assign the value auth-required to origin.private if the server requests credentials (even when credentials are embedded in content source URL) (#1012)
  • content-classifier: shorten urlSegment fragment in property names on ContentCatalog to segment (e.g., latestVersionUrlSegment -> latestVersionSegment)
  • site-generator: Remove trailing slash from value of site.url after playbookBuilt event (#1009)

... (truncated)

Commits
  • f09e3ac release 3.1.2
  • 937c40c upgrade dependencies that can be upgraded and refresh dependency lock file
  • 5af8e49 refresh dependency lock file
  • cdd7223 update release process; automate management of release and tool version attri...
  • a8d8e72 merge !964
  • 911ae54 update What's New for Antora 3.1.2
  • f6fc688 replace raise event with emit event
  • 1975bd2 backport fix for #1025 allow content aggregator to parse value of content.bra...
  • 7a39895 reclassify CHANGELOG entries
  • 34ac3e2 backport fix for #1024 preserve target when creating static route if target i...
  • Additional commits viewable in compare view

Updates @antora/site-generator-default from 2.3.3 to 3.1.2

Changelog

Sourced from @​antora/site-generator-default's changelog.

= Antora Changelog

This document provides a summary of all notable changes to the core Antora components by release. For a detailed view of what's changed, refer to the repository's https://gitlab.com/antora/antora/commits/main[commit history].

This project utilizes semantic versioning.

== 3.2.0-alpha.2 (2022-11-01)

=== Added

  • content-classifier: Emit componentsRegistered event after all components and versions have been registered (#1015)
  • content-classifier: Store raw files, nav, and startPage data on partially constructed component version until processed (#1015)
  • content-classifier: Add readable property named files to component version in ContentCatalog#registerComponentVersionStartPage to get files for component version on access (#1015)
  • content-classifier: Add readable property named startPage to component version in ContentCatalog#registerComponentVersionStartPage to look up start page for component version on access (#1015)
  • content-classifier: Discover implicit site start page in component version promoted to site root (#1021)
  • content-classifier: Update ContentCatalog#registerComponentVersionStartPage to return start page

=== Changed

  • content-classifier: Don't recompute resource ID on file from content aggregate if src.family is set (#1026)
  • content-classifier: Don't assign fallback value to url property on component version if property is already set
  • site-generator: Print site URL instead of file URI in completion message if CI=true

=== Fixed

  • playbook-builder: Decouple logic to compute default log format from process environment (#1022)
  • playbook-builder: Use consistent formatting for error messages in playbook builder
  • playbook-builder: Allow content aggregator to parse value of content.branches and content.tags playbook keys (#1025)
  • content-classifier: Add guard to prevent ContentCatalog#registerSiteStartPage from registering alias loop (#1020)
  • redirect-producer: Preserve target when creating static route if target is an absolute URL (#1024)
  • site-generator: Look for IS_TTY on playbook.env in site generator to decouple check from process environment

== 3.2.0-alpha.1 (2022-10-20)

=== Added

  • content-aggregate: Introduce syntax to match branches by worktree name (for inclusion or exclusion) (e.g., HEAD@5.8.x) (#1016)
  • content-aggregate: Allow linked worktree to be used as content source; automatically resolve main repository location and remap HEAD reference in branches (#535)
  • content-aggregate: Add support for ref placeholder to insert full name of git ref (e.g., refs/heads/v3.1.x) in value of edit_url key on content source (#1013)
  • content-classifier: Use value of versionSegment property on component version in place of version in output path and URL of pages (#1006)
  • content-classifier: Set dynamic activeVersionSegment property on component version to indicate which version segment is in use (#1006)
  • content-classifier: Add addSplatAlias method to ContentCatalog for adding a splat (directory) alias (#1008)

=== Changed

  • playbook-builder: Remove trailing slash from value of site.url when building playbook (#1009)
  • content-aggregator: Always assign the value auth-required to origin.private if the server requests credentials (even when credentials are embedded in content source URL) (#1012)
  • content-classifier: shorten urlSegment fragment in property names on ContentCatalog to segment (e.g., latestVersionUrlSegment -> latestVersionSegment)
  • site-generator: Remove trailing slash from value of site.url after playbookBuilt event (#1009)

... (truncated)

Commits
  • f09e3ac release 3.1.2
  • 937c40c upgrade dependencies that can be upgraded and refresh dependency lock file
  • 5af8e49 refresh dependency lock file
  • cdd7223 update release process; automate management of release and tool version attri...
  • a8d8e72 merge !964
  • 911ae54 update What's New for Antora 3.1.2
  • f6fc688 replace raise event with emit event
  • 1975bd2 backport fix for #1025 allow content aggregator to parse value of content.bra...
  • 7a39895 reclassify CHANGELOG entries
  • 34ac3e2 backport fix for #1024 preserve target when creating static route if target i...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [convict](https://github.com/mozilla/node-convict) to 6.2.4 and updates ancestor dependencies [convict](https://github.com/mozilla/node-convict), [@antora/cli](https://gitlab.com/antora/antora) and [@antora/site-generator-default](https://gitlab.com/antora/antora). These dependencies need to be updated together.


Updates `convict` from 6.0.0 to 6.2.4
- [Release notes](https://github.com/mozilla/node-convict/releases)
- [Changelog](https://github.com/mozilla/node-convict/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mozilla/node-convict/commits)

Updates `@antora/cli` from 2.3.3 to 3.1.2
- [Release notes](https://gitlab.com/antora/antora/tags)
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v2.3.3...v3.1.2)

Updates `@antora/site-generator-default` from 2.3.3 to 3.1.2
- [Release notes](https://gitlab.com/antora/antora/tags)
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v2.3.3...v3.1.2)

---
updated-dependencies:
- dependency-name: convict
  dependency-type: indirect
- dependency-name: "@antora/cli"
  dependency-type: direct:production
- dependency-name: "@antora/site-generator-default"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 10, 2023
@dependabot dependabot bot changed the base branch from 5.1 to 5.2 March 10, 2023 07:26
@dependabot dependabot bot changed the base branch from 5.2 to 5.7 May 5, 2023 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants