Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependencies (major) #26

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependencies (major) #26

wants to merge 1 commit into from
+2,596 −4,098

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 6, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@semantic-release/commit-analyzer ^9.0.2 -> ^13.0.0 age adoption passing confidence
@semantic-release/github ^8.0.6 -> ^10.0.0 age adoption passing confidence
@semantic-release/npm ^9.0.1 -> ^12.0.0 age adoption passing confidence
@semantic-release/release-notes-generator ^10.0.3 -> ^14.0.0 age adoption passing confidence
@storybook/addon-actions (source) ^6.5.13 -> ^8.0.0 age adoption passing confidence
@storybook/addon-essentials (source) ^6.5.13 -> ^8.0.0 age adoption passing confidence
@storybook/addon-interactions (source) ^6.5.13 -> ^8.0.0 age adoption passing confidence
@storybook/addon-links (source) ^6.5.13 -> ^8.0.0 age adoption passing confidence
@storybook/react (source) ^6.5.13 -> ^8.0.0 age adoption passing confidence
@swc/plugin-styled-jsx ^1.5.20 -> ^3.0.0 age adoption passing confidence
@testing-library/jest-dom ^5.16.5 -> ^6.0.0 age adoption passing confidence
@testing-library/react ^13.4.0 -> ^16.0.0 age adoption passing confidence
@types/node (source) 18.19.50 -> 20.16.5 age adoption passing confidence
@typescript-eslint/eslint-plugin (source) 5.62.0 -> 8.6.0 age adoption passing confidence
@typescript-eslint/parser (source) 5.62.0 -> 8.6.0 age adoption passing confidence
eslint (source) 8.57.1 -> 9.11.0 age adoption passing confidence
eslint-config-prettier 8.10.0 -> 9.1.0 age adoption passing confidence
eslint-plugin-jest 27.9.0 -> 28.8.3 age adoption passing confidence
gh-pages ^5.0.0 -> ^6.0.0 age adoption passing confidence
nodemon (source) 2.0.22 -> 3.1.7 age adoption passing confidence
prettier (source) 2.8.8 -> 3.3.3 age adoption passing confidence
rimraf 3.0.2 -> 6.0.1 age adoption passing confidence
semantic-release ^19.0.5 -> ^24.0.0 age adoption passing confidence
typescript (source) ^4.8.4 -> ^5.0.0 age adoption passing confidence

Release Notes

semantic-release/commit-analyzer (@​semantic-release/commit-analyzer)

v13.0.0

Compare Source

Bug Fixes
  • log the raw message again (e2f5d6c)
Features
  • support latest conventional-changelog packages (0254d7a)
BREAKING CHANGES
  • by supporting the latest major versions of conventional-changelog packages, we are
    dropping support for previous major versions of those packages due to the breaking changes between
    majors. this only impacts your project if you are installing alongside semantic-release, so updating
    those packages to latest version should be the only change you need for this update. no action
    should be necessary if you are using default semantic-release config

v12.0.0

Compare Source

Features
  • exports: defined exports to point at ./index.js (f3358dd)
  • node-versions: dropped support for node v18 and v19 (0a23b82)
BREAKING CHANGES
  • exports: exports has been defined, which prevents access to private apis (which arent
    intended for consumption anyway)
  • node-versions: node v18 and v19 are no longer supported

v11.1.0

Compare Source

Features

v11.0.0

Compare Source

Bug Fixes
  • config-loader: accounted for normalization of preset interfaces (3ff9458)
  • deps: update dependency conventional-commits-filter to v4 (99dcf7e)
Features
  • conventional-changelog-presets: supported new preset format (f3b88d3)
  • node-versions: raised the minimum node version to v18.17 and dropped v19 support (a681fbd)
BREAKING CHANGES
  • node-versions: the minimum required node version is now v18.17, v19 support has been dropped, and the minimum required in the v20 range is v20.6.1
  • conventional-changelog-presets: the new preset format is a breaking change when compared to the previous preset format. updating to support the new format means that the old preset format is no longer supported. update your preset to the latest version to maintain compatibility

v10.0.4

Compare Source

Bug Fixes
  • deps: update dependency conventional-commits-parser to v5 (a7201b6)

v10.0.3

Compare Source

Reverts
  • Revert "fix(deps): update dependency conventional-commits-parser to v5 (#​501)" (ab3ee9f), closes #​501
  • Revert "chore(deps): update dependency conventional-changelog-atom to v4 (#​502)" (f21eb8e), closes #​502
  • Revert "chore(deps): update dependency conventional-changelog-ember to v4 (#​504)" (c48b533), closes #​504

v10.0.2

Compare Source

Bug Fixes
  • deps: update dependency conventional-commits-parser to v5 (#​501) (91cf4d5)

v10.0.1

Compare Source

Bug Fixes
  • deps: update dependency conventional-changelog-angular to v6 (#​460) (0607201)
  • deps: update dependency conventional-commits-filter to v3 (#​461) (97d683f)
  • deps: update dependency conventional-commits-parser to v4 (#​462) (5d94efa)

v10.0.0

Compare Source

Code Refactoring
Features
  • deps: raised the peer-dependency requirement on semantic-release to v20.1.0 (e1ab8ea)
  • node-versions: raised the minimum required node version to v18 (affeb23)
BREAKING CHANGES
  • deps: the minimum required version of semantic-release is now v20.1.0 in order to support
    loading ESM plugins
  • node-versions: the minimum required version of node is now v18
  • esm: @semantic-release/commit-analyzer is now a native ES Module. It has named exports
    for each plugin hook (analyzeCommits)
semantic-release/github (@​semantic-release/github)

v10.3.5

Compare Source

Bug Fixes
  • replace searchAPI usage with GraphQL in findSRIssue util (#​907) (7fb46a3)

v10.3.4

Compare Source

v10.3.3

Compare Source

Bug Fixes
  • Revert: feat: verify OAuth scopes of classic GitHub PATs (#​915) (990bd73)

v10.3.2

Compare Source

Bug Fixes
  • missing "PullRequest".canBeRebased field on GHES graphql api (#​913) (4393578)

v10.3.1

Compare Source

Bug Fixes
  • max_node_limit_exceeded error when fetching associatedPRs (#​912) (bb806af)

v10.3.0

Compare Source

Features
  • allow conditional skip on success and fail comments (#​874) (e097d1c)

v10.2.0

Compare Source

Features

v10.1.7

Compare Source

Bug Fixes

v10.1.6

Compare Source

v10.1.5

Compare Source

Bug Fixes

v10.1.4

Compare Source

Bug Fixes
  • docs: correct docs branch for fail-comment links (#​893) (b591730)

v10.1.3

Compare Source

Bug Fixes

v10.1.2

Compare Source

Bug Fixes

v10.1.1

Compare Source

Bug Fixes
  • invalid GraphQL query generated when no release commits are found (#​876) (8ee2744)

v10.1.0

Compare Source

Features

v10.0.7

Compare Source

Bug Fixes
  • replace github search api with graphql in success lifecycle method (#​857) (be394cf)

v10.0.6

Compare Source

Bug Fixes
  • corrected homepage link in package.json so the generated links in the errors are valid (#​848) (865762d)

v10.0.5

Compare Source

Bug Fixes

v10.0.4

Compare Source

Bug Fixes
  • introduce dedicated option for GitHub API endpoint (#​829) (908ff83)

v10.0.3

Compare Source

v10.0.2

Compare Source

Bug Fixes

v10.0.1

Compare Source

Bug Fixes

v10.0.0

Compare Source

Features
  • node-versions: dropped support for node v18 and v19 (#​797) (aea314f)
BREAKING CHANGES
  • node-versions: node v18 and v19 are no longer supported

v9.2.6

Compare Source

Bug Fixes

v9.2.5

Compare Source

Bug Fixes

v9.2.4

Compare Source

Bug Fixes

v9.2.3

Compare Source

Bug Fixes

v9.2.2

Compare Source

Bug Fixes

v9.2.1

Compare Source

v9.2.0

Compare Source

Features

v9.1.0

Compare Source

Features
  • releaseNameTemplate and releaseBodyTemplate options for customizing release body and name (#​704) (9e2678c)

v9.0.7

Compare Source

Bug Fixes

v9.0.6

Compare Source

Bug Fixes

v9.0.5

Compare Source

Bug Fixes

v9.0.4

Compare Source

Bug Fixes

v9.0.3

Compare Source

Bug Fixes

v9.0.2

Compare Source

Bug Fixes

v9.0.1

Compare Source

Bug Fixes

v9.0.0

Compare Source

BREAKING CHANGES
  • @semantic-release/github is now a native ES Module
  • Node 14 and 16 are no longer supported
semantic-release/npm (@​semantic-release/npm)

v12.0.1

Compare Source

Bug Fixes
  • deps: update dependency execa to v9 (9ac5ed0)

v12.0.0

Compare Source

Features
  • exports: defined exports to point at ./index.js (9e193c2)
  • node-versions: dropped support for node v18 and v19 (2df962b)
BREAKING CHANGES
  • exports: exports has been defined, which prevents access to private apis (which arent
    intended for consumption anyway)
  • node-versions: node v18 and v19 are no longer supported

v11.0.3

Compare Source

Bug Fixes

even though our existing range allowed anyone to update as soon as the new npm version was available, this will encourage being on a version that does not report the ip vulnerability a bit more forcefully

v11.0.2

Compare Source

Bug Fixes
  • deps: update dependency npm to v10.2.5 (42b5dec)

v11.0.1

Compare Source

Bug Fixes

v11.0.0

Compare Source

Bug Fixes
  • deps: update dependency npm to v10 (819f257)
Features
  • node-versions: raised the minimum required node version to v18.17 and dropped v19 support (6413130)
BREAKING CHANGES
  • node-versions: node v18.17 is now the minimum required version and support for v19 has been dropped

v10.0.6

Compare Source

Bug Fixes

v10.0.5

Compare Source

Bug Fixes

v10.0.4

Compare Source

Bug Fixes

v10.0.3

Compare Source

Bug Fixes

v10.0.2

Compare Source

Bug Fixes

v10.0.1

Compare Source

Bug Fixes

v10.0.0

Compare Source

Bug Fixes
  • aggregate-error: upgraded to the latest version (7285e05)
  • deps: upgraded npm to v9 (2a79f80)
  • execa: upgraded to the latest version (7c74660)
  • normalize-url: upgraded to the latest version (b55bb01)
  • remove support for legacy auth (51ab3c8)
  • tempy: upgraded to the latest version of tempy (f1992a5)
Code Refactoring
  • esm: converted the package to esm (2d8ff15)
Features
  • node-versions: dropped support for node versions below v18 (aff3574)
  • semantic-release-peer: raised the minimum peer requirement to the first version that supports loading esm plugins (22e70ad)
BREAKING CHANGES
  • deps: the direct dependency on npm has been upgraded to v9. details of breaking changes
    can be found at https://github.com/npm/cli/releases/tag/v9.0.0
  • semantic-release-peer: the required version of semantic-release has been
    raised to v20.1.0 in order to support loading of ESM plugins
  • aggregate-error: due to the aggregate-error upgrade, thrown errors are no longer iterable, but instead list the errors under an errors property
  • legacy authentication using NPM_USERNAME and NPM_PASSWORD is no longer supported. Use NPM_TOKEN instead.
  • node-versions: node v18 is now the minimum required node version
  • esm: @semantic-release/npm is now a native ES Module. It
    has named exports for each plugin hook (verifyConditions, prepare,
    publish, addChannel)
semantic-release/release-notes-generator (@​semantic-release/release-notes-generator)

v14.0.1

Compare Source

Bug Fixes

v14.0.0

Compare Source

Features
BREAKING CHANGES
  • by supporting the latest major versions of conventional-changelog packages, we are dropping support for previous major versions of those packages due to the breaking changes between majors. this only impacts your project if you are installing alongside semantic-release, so updating those packages to latest version should be the only change you need for this update. no action should be necessary if you are using default semantic-release config

v13.0.0

Compare Source

Features
  • exports: defined exports to point at ./index.js (5655b18)
  • node-versions: dropped support for node v18 and v19 (e65959a)
BREAKING CHANGES
  • exports: exports has been defined, which prevents access to private apis (which arent
    intended for consumption anyway)
  • node-versions: node v18 and v19 are no longer supported

v12.1.0

Compare Source

Features

v12.0.1

Compare Source

Bug Fixes

v12.0.0

Compare Source

Bug Fixes
  • deps: update dependency conventional-changlog-writer to v7 (4fe3563)
Features
  • conventional-changelog-presets: supported new preset format ([a68167

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/major-dependencies branch 4 times, most recently from cc95a42 to cc6cdac Compare January 11, 2023 15:43
@renovate renovate bot changed the title chore(deps): update dependency semantic-release to v20 chore(deps): update dependencies (major) Jan 13, 2023
@renovate renovate bot force-pushed the renovate/major-dependencies branch from cc6cdac to d5d8ad1 Compare January 13, 2023 03:34
@socket-security
Copy link

socket-security bot commented Jan 13, 2023
edited
Loading

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Obfuscated code npm/[email protected] ⚠︎

View full report↗︎

Next steps

What is obfuscated code?

Obfuscated files are intentionally packed to hide their behavior. This could be a sign of malware.

Packages should not obfuscate their code. Consider not using packages with obfuscated code

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@renovate renovate bot force-pushed the renovate/major-dependencies branch 11 times, most recently from 5be48b6 to f7832c2 Compare January 20, 2023 18:30
@renovate renovate bot force-pushed the renovate/major-dependencies branch 7 times, most recently from 2da4372 to 7c8ac76 Compare January 30, 2023 22:05
@renovate renovate bot force-pushed the renovate/major-dependencies branch from 7c8ac76 to 8e9f299 Compare February 1, 2023 07:26
@renovate renovate bot force-pushed the renovate/major-dependencies branch from 8e9f299 to f0ef344 Compare February 17, 2023 02:19
@renovate renovate bot force-pushed the renovate/major-dependencies branch 3 times, most recently from 824fa44 to 374a89b Compare March 4, 2023 04:00
@renovate renovate bot force-pushed the renovate/major-dependencies branch 12 times, most recently from 670c313 to 02834a7 Compare September 4, 2024 10:51
@renovate renovate bot force-pushed the renovate/major-dependencies branch 7 times, most recently from 9582c50 to 508a33a Compare September 11, 2024 16:28
@renovate renovate bot force-pushed the renovate/major-dependencies branch 6 times, most recently from 496c430 to 37ff244 Compare September 19, 2024 11:01
@renovate renovate bot force-pushed the renovate/major-dependencies branch 2 times, most recently from f3232cd to 3abcc3a Compare September 20, 2024 16:58
@renovate renovate bot force-pushed the renovate/major-dependencies branch from 3abcc3a to 82da1f3 Compare September 20, 2024 18:02
@socket-security Socket Security
Copy link

Report too large to display inline

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@vsiryxm