Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump debug and @angular/cli in /fastfed-idp-app/client #942

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump debug and @angular/cli in /fastfed-idp-app/client #942

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 11, 2024

Bumps debug to 4.3.4 and updates ancestor dependency @angular/cli. These dependencies need to be updated together.

Updates debug from 4.1.1 to 4.3.4

Release notes

Sourced from debug's releases.

4.3.4

What's Changed

New Contributors

Full Changelog: debug-js/debug@4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

Repository Migration Information

I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.

Q: What impact will this have on me?

In most cases, you shouldn't notice any change.

The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a "debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.

Q: What are the security implications of this change?

If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@​qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.

Even in such a case, however, the officially released package on npm (debug) would not be affected. That package is still very much under control (even more than it used to be).

Q: What should I do if I encounter an issue related to the migration?

Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.

Q: Why was this done as a 'patch' release? Isn't this breaking?

No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.

Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.

... (truncated)

Commits
  • da66c86 4.3.4
  • 9b33412 replace deprecated String.prototype.substr() (#876)
  • c0805cc add section about configuring JS console to show debug messages (#866)
  • 043d3cd 4.3.3
  • 4079aae update license and more maintainership information
  • 19b36c0 update repository location + maintainership information
  • f851b00 adds README section regarding usage in child procs (#850)
  • d177f2b Remove accidental epizeuxis
  • e47f96d 4.3.2
  • 1e9d38c cache enabled status per-logger (#799)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates @angular/cli from 10.2.3 to 17.0.10

Release notes

Sourced from @​angular/cli's releases.

v17.0.10

17.0.10 (2024-01-10)

@​schematics/angular

Commit Description
fix - 09c32c678 retain existing EOL when adding imports
fix - a5c339eaa retain existing EOL when updating JSON files

@​angular/cli

Commit Description
fix - ed1e130da retain existing EOL when updating JSON files

@​angular-devkit/core

Commit Description
fix - 3dc4db7d7 retain existing EOL when updating workspace config

v17.0.9

17.0.9 (2024-01-03)

@​angular/cli

Commit Description
fix - 446dfb76a add prerender and ssr-dev-server schemas in angular.json schema

@​angular-devkit/schematics

Commit Description
fix - 88d6ca4a5 replace template line endings with platform specific

v17.0.8

17.0.8 (2023-12-21)

@​schematics/angular

Commit Description
fix - 99b026ede add missing property "buildTarget" to interface "ServeBuilderOptions"
fix - 313004311 do not generate standalone component when using ng generate module

@​angular/cli

Commit Description
fix - 6dba26a0b ng e2e and ng lint prompt requires to hit Enter twice to proceed on Windows
fix - 0b48acc4e re-add -d alias for --dry-run

@​angular-devkit/build-angular

Commit Description
fix - cf11cdf6c add missing tailwind @screen directive in matcher
fix - aa6c757d7 construct SSR request URL using server resolvedUrls
fix - 0662048d4 ensure empty optimized Sass stylesheets stay empty
fix - d1923a66d ensure external dependencies are used by Web Worker bundling

... (truncated)

Changelog

Sourced from @​angular/cli's changelog.

17.0.10 (2024-01-10)

@​angular/cli

Commit Type Description
ed1e130da fix retain existing EOL when updating JSON files

@​schematics/angular

Commit Type Description
09c32c678 fix retain existing EOL when adding imports
a5c339eaa fix retain existing EOL when updating JSON files

@​angular-devkit/core

Commit Type Description
3dc4db7d7 fix retain existing EOL when updating workspace config

17.1.0-rc.0 (2024-01-03)

@​angular/cli

Commit Type Description
602d0166c fix add prerender and ssr-dev-server schemas in angular.json schema

@​schematics/angular

Commit Type Description
4469e481f fix do not trigger NPM install when using ---skip-install and --ssr

@​angular-devkit/build-angular

Commit Type Description
68dae539a feat initial experimental implementation of @web/test-runner builder
49ed9a26c fix emit error when using prerender and app-shell builders with application builder
874e576b5 fix filter explicit external dependencies for Vite prebundling
bd26a18e7 fix typo in preloadInitial option description

@​angular-devkit/schematics

... (truncated)

Commits
  • adc9dab release: cut the v17.0.10 release
  • 7913a8e refactor(@​angular/cli): change Twitter icon in the application schematic
  • 09c32c6 fix(@​schematics/angular): retain existing EOL when adding imports
  • 3dc4db7 fix(@​angular-devkit/core): retain existing EOL when updating workspace config
  • a5c339e fix(@​schematics/angular): retain existing EOL when updating JSON files
  • ed1e130 fix(@​angular/cli): retain existing EOL when updating JSON files
  • 2332529 refactor(@​schematics/angular): update server schematic to use new dependency ...
  • 90ad47d ci: add ci-* to GitHub actions config
  • 03a1dc0 release: cut the v17.0.9 release
  • 446dfb7 fix(@​angular/cli): add prerender and ssr-dev-server schemas in angular.json s...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump debug and @angular/cli in /fastfed-idp-app/client
f326f1a 
Bumps [debug](https://github.com/debug-js/debug) to 4.3.4 and updates ancestor dependency [@angular/cli](https://github.com/angular/angular-cli). These dependencies need to be updated together.


Updates `debug` from 4.1.1 to 4.3.4
- [Release notes](https://github.com/debug-js/debug/releases)
- [Commits](debug-js/debug@4.1.1...4.3.4)

Updates `@angular/cli` from 10.2.3 to 17.0.10
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@10.2.3...17.0.10)

---
updated-dependencies:
- dependency-name: debug
  dependency-type: indirect
- dependency-name: "@angular/cli"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants