From bac7f4d51033a922c883ebe04caecdc8ad227b58 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:11:57 +0100
Subject: [PATCH 1/4] chore(deps-dev): bump puppeteer from 23.8.0 to 23.9.0 in
/app/travel_analytics (#1297)
Bumps [puppeteer](https://github.com/puppeteer/puppeteer) from 23.8.0 to
23.9.0.
Release notes
Sourced from puppeteer's
releases.
puppeteer-core: v23.9.0
23.9.0
(2024-11-21)
Features
Bug Fixes
puppeteer: v23.9.0
23.9.0
(2024-11-21)
Miscellaneous Chores
- puppeteer: Synchronize puppeteer versions
Dependencies
- The following workspace dependencies were updated
- dependencies
- puppeteer-core bumped from 23.8.0 to 23.9.0
Commits
ba33db8
chore: release main (#13314)e837140
fix: correctly resolve OOPIF response bodies (#13311)374cead
fix: roll to Chrome 131.0.6778.85 (#13312)c3ca96c
feat: config download behavior (#13309)e5be9de
docs: update troubleshooting.md (#13310)df2e90b
chore(deps-dev): Bump cross-spawn from 7.0.3 to 7.0.6 (#13306)4617771
chore(deps): Bump the all group in /website with 2 updates (#13302)23f5926
chore(deps): Bump cross-spawn from 7.0.3 to 7.0.5 in /website (#13305)74dc31c
chore(deps): Bump node from a5e0ed5 to a7a3b7e
in /docker in the all grou...2b191e2
chore(deps): Bump github/codeql-action from 3.27.1 to 3.27.4 in the all
group...- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
app/travel_analytics/package-lock.json | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/app/travel_analytics/package-lock.json b/app/travel_analytics/package-lock.json
index f269ab76..3658cf05 100644
--- a/app/travel_analytics/package-lock.json
+++ b/app/travel_analytics/package-lock.json
@@ -7330,9 +7330,9 @@
}
},
"node_modules/bare-stream": {
- "version": "2.3.2",
- "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.3.2.tgz",
- "integrity": "sha512-EFZHSIBkDgSHIwj2l2QZfP4U5OcD4xFAOwhSb/vlr9PIqyGJGvB/nfClJbcnh3EY4jtPE4zsb5ztae96bVF79A==",
+ "version": "2.4.2",
+ "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.4.2.tgz",
+ "integrity": "sha512-XZ4ln/KV4KT+PXdIWTKjsLY+quqCaEtqqtgGJVPw9AoM73By03ij64YjepK0aQvHSWDb6AfAZwqKaFu68qkrdA==",
"dev": true,
"optional": true,
"dependencies": {
@@ -11097,9 +11097,9 @@
}
},
"node_modules/puppeteer": {
- "version": "23.8.0",
- "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-23.8.0.tgz",
- "integrity": "sha512-MFWDMWoCcOpwNwQIjA9gPKWrEUbj8bLCzkK56w5lZPMUT6wK4FfpgOEPxKffVmXEMYMZzgcjxzqy15b/Q1ibaw==",
+ "version": "23.9.0",
+ "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-23.9.0.tgz",
+ "integrity": "sha512-WfB8jGwFV+qrD9dcJJVvWPFJBU6kxeu2wxJz9WooDGfM3vIiKLgzImEDBxUQnCBK/2cXB3d4dV6gs/LLpgfLDg==",
"dev": true,
"hasInstallScript": true,
"dependencies": {
@@ -11107,7 +11107,7 @@
"chromium-bidi": "0.8.0",
"cosmiconfig": "^9.0.0",
"devtools-protocol": "0.0.1367902",
- "puppeteer-core": "23.8.0",
+ "puppeteer-core": "23.9.0",
"typed-query-selector": "^2.12.0"
},
"bin": {
@@ -11118,9 +11118,9 @@
}
},
"node_modules/puppeteer-core": {
- "version": "23.8.0",
- "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-23.8.0.tgz",
- "integrity": "sha512-c2ymGN2M//We7pC+JhP2dE/g4+qnT89BO+EMSZyJmecN3DN6RNqErA7eH7DrWoNIcU75r2nP4VHa4pswAL6NVg==",
+ "version": "23.9.0",
+ "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-23.9.0.tgz",
+ "integrity": "sha512-hLVrav2HYMVdK0YILtfJwtnkBAwNOztUdR4aJ5YKDvgsbtagNr6urUJk9HyjRA9e+PaLI3jzJ0wM7A4jSZ7Qxw==",
"dev": true,
"dependencies": {
"@puppeteer/browsers": "2.4.1",
From d290e2a66ca3cc869f6453288a8a70611d4b2245 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:22:52 +0100
Subject: [PATCH 2/4] chore(deps-dev): bump puppeteer from 23.8.0 to 23.9.0 in
/app/travel_processor (#1292)
Bumps [puppeteer](https://github.com/puppeteer/puppeteer) from 23.8.0 to
23.9.0.
Release notes
Sourced from puppeteer's
releases.
puppeteer-core: v23.9.0
23.9.0
(2024-11-21)
Features
Bug Fixes
puppeteer: v23.9.0
23.9.0
(2024-11-21)
Miscellaneous Chores
- puppeteer: Synchronize puppeteer versions
Dependencies
- The following workspace dependencies were updated
- dependencies
- puppeteer-core bumped from 23.8.0 to 23.9.0
Commits
ba33db8
chore: release main (#13314)e837140
fix: correctly resolve OOPIF response bodies (#13311)374cead
fix: roll to Chrome 131.0.6778.85 (#13312)c3ca96c
feat: config download behavior (#13309)e5be9de
docs: update troubleshooting.md (#13310)df2e90b
chore(deps-dev): Bump cross-spawn from 7.0.3 to 7.0.6 (#13306)4617771
chore(deps): Bump the all group in /website with 2 updates (#13302)23f5926
chore(deps): Bump cross-spawn from 7.0.3 to 7.0.5 in /website (#13305)74dc31c
chore(deps): Bump node from a5e0ed5 to a7a3b7e
in /docker in the all grou...2b191e2
chore(deps): Bump github/codeql-action from 3.27.1 to 3.27.4 in the all
group...- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Steffen Weinstock <79531202+stewsk@users.noreply.github.com>
---
app/travel_processor/package-lock.json | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/app/travel_processor/package-lock.json b/app/travel_processor/package-lock.json
index 486e92f0..86058f74 100644
--- a/app/travel_processor/package-lock.json
+++ b/app/travel_processor/package-lock.json
@@ -7404,9 +7404,9 @@
}
},
"node_modules/bare-stream": {
- "version": "2.3.2",
- "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.3.2.tgz",
- "integrity": "sha512-EFZHSIBkDgSHIwj2l2QZfP4U5OcD4xFAOwhSb/vlr9PIqyGJGvB/nfClJbcnh3EY4jtPE4zsb5ztae96bVF79A==",
+ "version": "2.4.2",
+ "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.4.2.tgz",
+ "integrity": "sha512-XZ4ln/KV4KT+PXdIWTKjsLY+quqCaEtqqtgGJVPw9AoM73By03ij64YjepK0aQvHSWDb6AfAZwqKaFu68qkrdA==",
"dev": true,
"optional": true,
"dependencies": {
@@ -11262,9 +11262,9 @@
}
},
"node_modules/puppeteer": {
- "version": "23.8.0",
- "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-23.8.0.tgz",
- "integrity": "sha512-MFWDMWoCcOpwNwQIjA9gPKWrEUbj8bLCzkK56w5lZPMUT6wK4FfpgOEPxKffVmXEMYMZzgcjxzqy15b/Q1ibaw==",
+ "version": "23.9.0",
+ "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-23.9.0.tgz",
+ "integrity": "sha512-WfB8jGwFV+qrD9dcJJVvWPFJBU6kxeu2wxJz9WooDGfM3vIiKLgzImEDBxUQnCBK/2cXB3d4dV6gs/LLpgfLDg==",
"dev": true,
"hasInstallScript": true,
"dependencies": {
@@ -11272,7 +11272,7 @@
"chromium-bidi": "0.8.0",
"cosmiconfig": "^9.0.0",
"devtools-protocol": "0.0.1367902",
- "puppeteer-core": "23.8.0",
+ "puppeteer-core": "23.9.0",
"typed-query-selector": "^2.12.0"
},
"bin": {
@@ -11283,9 +11283,9 @@
}
},
"node_modules/puppeteer-core": {
- "version": "23.8.0",
- "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-23.8.0.tgz",
- "integrity": "sha512-c2ymGN2M//We7pC+JhP2dE/g4+qnT89BO+EMSZyJmecN3DN6RNqErA7eH7DrWoNIcU75r2nP4VHa4pswAL6NVg==",
+ "version": "23.9.0",
+ "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-23.9.0.tgz",
+ "integrity": "sha512-hLVrav2HYMVdK0YILtfJwtnkBAwNOztUdR4aJ5YKDvgsbtagNr6urUJk9HyjRA9e+PaLI3jzJ0wM7A4jSZ7Qxw==",
"dev": true,
"dependencies": {
"@puppeteer/browsers": "2.4.1",
From d2803a6cfa96bcc7ef085510ce43ea7b4116e037 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:29:51 +0100
Subject: [PATCH 3/4] chore(deps-dev): bump cross-spawn from 7.0.5 to 7.0.6
(#1294)
Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from
7.0.5 to 7.0.6.
Changelog
Sourced from cross-spawn's
changelog.
7.0.6
(2024-11-18)
Bug Fixes
- update cross-spawn version to 7.0.5 in package-lock.json (f700743)
Commits
77cd97f
chore(release): 7.0.66717de4
chore: upgrade standard-versionf700743
fix: update cross-spawn version to 7.0.5 in package-lock.json9a7e3b2
chore: fix build status badge- See full diff in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Steffen Weinstock <79531202+stewsk@users.noreply.github.com>
---
package-lock.json | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index d392bcaf..879efb54 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3723,11 +3723,10 @@
}
},
"node_modules/cross-spawn": {
- "version": "7.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz",
- "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
- "license": "MIT",
"dependencies": {
"path-key": "^3.1.0",
"shebang-command": "^2.0.0",
From e43dadc521600ae84ec1569cbc6e2e5a883139c1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:34:48 +0100
Subject: [PATCH 4/4] chore(deps-dev): bump @cap-js/cds-typer from 0.28.1 to
0.29.0 (#1295)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [@cap-js/cds-typer](https://github.com/cap-js/cds-typer) from
0.28.1 to 0.29.0.
Release notes
Sourced from @cap-js/cds-typer's
releases.
v0.29.0
Added
- [breaking] cds-typer now tries to automatically detect whether it
has to generate ESM or CommonJS in the emitted index.js files.
This behaviour can be overridden via the
--targetModuleType
option. If you rely on these generated index.js files to be CJS
despite your project being of ESM type, you need to manually tell
cds-typer to generate CJS files!
Fixed
- The static
.keys property now properly reels in key
types from inherited classes.
Changelog
Sourced from @cap-js/cds-typer's
changelog.
Version 0.29.0 - 2024-11-20
Added
- [breaking] cds-typer now tries to automatically detect whether it
has to generate ESM or CommonJS in the emitted index.js files.
This behaviour can be overridden via the
--targetModuleType
option. If you rely on these generated index.js files to be CJS
despite your project being of ESM type, you need to manually tell
cds-typer to generate CJS files!
Fixed
- The static
.keys property now properly reels in key
types from inherited classes.
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Steffen Weinstock <79531202+stewsk@users.noreply.github.com>
---
package-lock.json | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 879efb54..f2a326f0 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -580,11 +580,10 @@
"license": "MIT"
},
"node_modules/@cap-js/cds-typer": {
- "version": "0.28.1",
- "resolved": "https://registry.npmjs.org/@cap-js/cds-typer/-/cds-typer-0.28.1.tgz",
- "integrity": "sha512-hLpmWyqjPC6SvzSA/rPYs4kobrlvUvyfjm14BhuysewKzSD55JBq6dtvfWf0w+YeGCEhtb/yg1TlWI4JviBjGQ==",
+ "version": "0.29.0",
+ "resolved": "https://registry.npmjs.org/@cap-js/cds-typer/-/cds-typer-0.29.0.tgz",
+ "integrity": "sha512-rAzcywMcW+mK6v288u5X0uw5o3YxEe/H/KmS5a4CbF9G/3GAGDXmkr21xcbN7bS1vleuQtRjmvwd04kgafjphw==",
"dev": true,
- "license": "SEE LICENSE IN LICENSE",
"bin": {
"cds-typer": "lib/cli.js"
},