Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Bump the npm_and_yarn at /. security update group with 6 updates #318

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

⬆️ Bump the npm_and_yarn at /. security update group with 6 updates #318

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 29, 2023

Bumps the npm_and_yarn at /. security update group with 6 updates:

Package From To
gatsby 4.13.1 4.25.7
gatsby-plugin-manifest 4.17.0 5.12.3
gatsby-plugin-page-creator 4.15.0 5.12.3
gatsby-plugin-sharp 4.25.1 5.12.3
gatsby-transformer-sharp 4.13.0 5.12.3
sharp 0.30.7 0.32.6
gatsby 4.25.7 5.12.11

Updates gatsby from 4.13.1 to 4.25.7

Release notes

Sourced from gatsby's releases.

v4.24

Welcome to [email protected] release (September 2022 #2)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to [email protected] release (September 2022 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to [email protected] release (August 2022 #3)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to [email protected] release (August 2022 #2)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Commits
  • db5eb18 chore(release): Publish
  • fc22f4b fix(gatsby): don't serve codeframes for files outside of compilation (#38059)...
  • 8889bfe chore(release): Publish
  • d3d5fd0 fix(gatsby-source-wordpress): prevent inconsistent schema customization (#377...
  • 5bdef4a fix(gatsby): don't block event loop during inference (#37780) (#37801)
  • 50e3f94 chore(release): Publish
  • 3f8477d chore: Update get-unowned-packages script to use npm 9 syntax
  • dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
  • 3be4a80 chore(release): Publish
  • 98c4d27 feat(gatsby): add initial webhook body env var to bootstrap context (#37478) ...
  • Additional commits viewable in compare view

Updates gatsby-plugin-manifest from 4.17.0 to 5.12.3

Release notes

Sourced from gatsby-plugin-manifest's releases.

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

... (truncated)

Changelog

Sourced from gatsby-plugin-manifest's changelog.

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-manifest

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-manifest

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

5.9.0 (2023-04-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-manifest

5.8.0 (2023-03-21)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-manifest

... (truncated)

Commits

Updates gatsby-plugin-page-creator from 4.15.0 to 5.12.3

Release notes

Sourced from gatsby-plugin-page-creator's releases.

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

... (truncated)

Changelog

Sourced from gatsby-plugin-page-creator's changelog.

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.9.0 (2023-04-18)

🧾 Release notes

Bug Fixes

5.8.0 (2023-03-21)

🧾 Release notes

Bug Fixes

5.7.0 (2023-02-21)

🧾 Release notes

... (truncated)

Commits

Updates gatsby-plugin-sharp from 4.25.1 to 5.12.3

Release notes

Sourced from gatsby-plugin-sharp's releases.

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

... (truncated)

Changelog

Sourced from gatsby-plugin-sharp's changelog.

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sharp

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

5.9.0 (2023-04-18)

🧾 Release notes

Bug Fixes

  • update dependency fs-extra to ^11.1.1 #37827 (3e9a590)
  • don't serve static assets that are not result of currently triggered deferred job #37796 (6539860)

5.8.1 (2023-03-29)

... (truncated)

Commits

Updates gatsby-transformer-sharp from 4.13.0 to 5.12.3

Release notes

Sourced from gatsby-transformer-sharp's releases.

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

... (truncated)

Changelog

Sourced from gatsby-transformer-sharp's changelog.

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-transformer-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-transformer-sharp

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

5.9.0 (2023-04-18)

🧾 Release notes

Bug Fixes

5.8.0 (2023-03-21)

🧾 Release notes

... (truncated)

Commits

Updates sharp from 0.30.7 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

  • Upgrade to libvips v8.14.5 for upstream bug fixes.

  • Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

  • Ensure withMetadata can add ICC profiles to RGB16 output. #3773

  • Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

  • TypeScript: Add definitions for block and unblock. #3799 @​ldrick

v0.32.5 - 15th August 2023

  • Upgrade to libvips v8.14.4 for upstream bug fixes.

  • TypeScript: Add missing WebpPresetEnum to definitions. #3748 @​pilotso11

  • Ensure compilation using musl v1.2.4. #3755 @​kleisauke

  • Ensure resize with a fit of inside respects 90/270 degree rotation. #3756

  • TypeScript: Ensure minSize property of WebpOptions is boolean. #3758 @​sho-xizz

  • Ensure withMetadata adds default sRGB profile. #3761

v0.32.4 - 21st July 2023

  • Upgrade to libvips v8.14.3 for upstream bug fixes.

  • Expose ability to (un)block low-level libvips operations by name.

  • Prebuilt binaries: restore support for tile-based output. #3581

v0.32.3 - 14th July 2023

... (truncated)

Commits

Updates gatsby from 4.25.7 to 5.12.11

Release notes

Sourced from gatsby's releases.

v4.24

Welcome to [email protected] release (September 2022 #2)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to [email protected] release (September 2022 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to [email protected] release (August 2022 #3)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to [email protected] release (August 2022 #2)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Commits
  • db5eb18 chore(release): Publish
  • fc22f4b fix(gatsby): don't serve codeframes for files outside of compilation (#38059)...
  • 8889bfe chore(release): Publish
  • d3d5fd0 fix(gatsby-source-wordpress): prevent inconsistent schema customization (#377...
  • 5bdef4a fix(gatsby): don't block event loop during inference (#37780) (#37801)
  • 50e3f94 chore(release): Publish
  • 3f8477d chore: Update get-unowned-packages script to use npm 9 syntax
  • dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
  • 3be4a80 chore(release): Publish
  • 98c4d27 feat(gatsby): add initial webhook body env var to bootstrap context (#37478) ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
⬆️ Bump the npm_and_yarn at /. security update group with 6 updates
005b1e4 
Bumps the npm_and_yarn at /. security update group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.13.1` | `4.25.7` |
| [gatsby-plugin-manifest](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-manifest) | `4.17.0` | `5.12.3` |
| [gatsby-plugin-page-creator](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-page-creator) | `4.15.0` | `5.12.3` |
| [gatsby-plugin-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-sharp) | `4.25.1` | `5.12.3` |
| [gatsby-transformer-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-transformer-sharp) | `4.13.0` | `5.12.3` |
| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |
| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.25.7` | `5.12.11` |


Updates `gatsby` from 4.13.1 to 4.25.7
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/compare/[email protected]@4.25.7)

Updates `gatsby-plugin-manifest` from 4.17.0 to 5.12.3
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-manifest/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-manifest)

Updates `gatsby-plugin-page-creator` from 4.15.0 to 5.12.3
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-page-creator/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-page-creator)

Updates `gatsby-plugin-sharp` from 4.25.1 to 5.12.3
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-sharp/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-sharp)

Updates `gatsby-transformer-sharp` from 4.13.0 to 5.12.3
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-transformer-sharp/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-transformer-sharp)

Updates `sharp` from 0.30.7 to 0.32.6
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](lovell/sharp@v0.30.7...v0.32.6)

Updates `gatsby` from 4.25.7 to 5.12.11
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/compare/[email protected]@4.25.7)

---
updated-dependencies:
- dependency-name: gatsby
  dependency-type: direct:production
- dependency-name: gatsby-plugin-manifest
  dependency-type: direct:production
- dependency-name: gatsby-plugin-page-creator
  dependency-type: direct:production
- dependency-name: gatsby-plugin-sharp
  dependency-type: direct:production
- dependency-name: gatsby-transformer-sharp
  dependency-type: direct:production
- dependency-name: sharp
  dependency-type: indirect
- dependency-name: gatsby
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HTMLhead HTMLhead Awaiting requested review from HTMLhead HTMLhead is a code owner

@dev-angelo dev-angelo Awaiting requested review from dev-angelo dev-angelo is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants