Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refs/heads/main #35672

Closed
wants to merge 36 commits into from
Closed

Refs/heads/main #35672

wants to merge 36 commits into from
+839 −3,263

Conversation

psyberjunkie
Copy link

@psyberjunkie psyberjunkie commented Dec 16, 2024
edited
Loading

Why:

Closes:

What's being changed (if available, include any code snippets, screenshots, or gifs):

Check off the following:

  • A subject matter expert (SME) has reviewed the technical accuracy of the content in this PR. In most cases, the author can be the SME. Open source contributions may require a SME review from GitHub staff.
  • The changes in this PR meet the docs fundamentals that are required for all content.
  • All CI checks are passing.

dependabot bot and others added 30 commits October 25, 2024 03:53
@dependabot
Bump http-proxy-middleware from 3.0.0 to 3.0.3
11f4818 
Bumps [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) from 3.0.0 to 3.0.3.
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v3.0.0...v3.0.3)

---
updated-dependencies:
- dependency-name: http-proxy-middleware
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@snyk-bot
fix: upgrade tsx from 4.15.1 to 4.19.2
6d0c95e 
Snyk has created this PR to upgrade tsx from 4.15.1 to 4.19.2.

See this package in npm:
tsx

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade dayjs from 1.11.3 to 1.11.13
37b4c76 
Snyk has created this PR to upgrade dayjs from 1.11.3 to 1.11.13.

See this package in npm:
dayjs

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade sharp from 0.33.1 to 0.33.5
b7728e2 
Snyk has created this PR to upgrade sharp from 0.33.1 to 0.33.5.

See this package in npm:
sharp

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade liquidjs from 10.16.1 to 10.18.0
cc4dff9 
Snyk has created this PR to upgrade liquidjs from 10.16.1 to 10.18.0.

See this package in npm:
liquidjs

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@dependabot
Bump nanoid from 3.3.7 to 3.3.8
720770c 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.7...3.3.8)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
b5681fb 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
- https://snyk.io/vuln/npm:braces:20180219
@psyberjunkie
Merge pull request #12 from psyberjunkie/snyk-fix-17e9eb8df272b791430…
8389c79 
…87d4fe61f06aa

[Snyk] Security upgrade mdast from 2.3.2 to 3.0.0
@psyberjunkie @github-advanced-security
Fix code scanning alert no. 37: Incomplete string escaping or encoding
208e1b2 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@psyberjunkie
Merge pull request #13 from psyberjunkie/alert-autofix-37
7756427 
Fix code scanning alert no. 37: Incomplete string escaping or encoding
@psyberjunkie
Merge pull request #11 from psyberjunkie/dependabot/npm_and_yarn/nano…
5e2fb01 
…id-3.3.8

Bump nanoid from 3.3.7 to 3.3.8
@psyberjunkie
Merge pull request #4 from psyberjunkie/snyk-upgrade-f343b269b03aedb1…
823f83e 
…7ee820ac21a63a95

[Snyk] Upgrade tsx from 4.15.1 to 4.19.2
@psyberjunkie
Merge pull request #1 from psyberjunkie/dependabot/npm_and_yarn/http-…
a619519 
…proxy-middleware-3.0.3

Bump http-proxy-middleware from 3.0.0 to 3.0.3
@psyberjunkie
Merge pull request #6 from psyberjunkie/snyk-upgrade-1708e4e196ebb9f0…
07168f1 
…25788298214ed2a6

[Snyk] Upgrade sharp from 0.33.1 to 0.33.5
@psyberjunkie
Merge pull request #7 from psyberjunkie/snyk-upgrade-fbe2a0cfd201e7a3…
bba2c45 
…18afc596fabf41e5

[Snyk] Upgrade liquidjs from 10.16.1 to 10.18.0
@psyberjunkie
Merge pull request #5 from psyberjunkie/snyk-upgrade-1c2d0f4039239b2b…
78b7f50 
…794dbafe19978803

[Snyk] Upgrade dayjs from 1.11.3 to 1.11.13
@snyk-bot
fix: content/actions/sharing-automations/creating-actions/dockerfile-…
66554a6 
…support-for-github-actions.md to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356506
- https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356506
- https://snyk.io/vuln/SNYK-DEBIAN9-GLIBC-356506
- https://snyk.io/vuln/SNYK-DEBIAN9-SHADOW-306269
- https://snyk.io/vuln/SNYK-DEBIAN9-SHADOW-306269
@psyberjunkie
Merge pull request #14 from psyberjunkie/snyk-fix-bbd117a4b9257b462c7…
8567cf0 
…da182cbc7d287

[Snyk] Security upgrade debian from 9.5-slim to 12.8-slim
@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
a7c6039 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-STYLEDCOMPONENTS-3149924
@psyberjunkie
Merge pull request #15 from psyberjunkie/snyk-fix-4812a0e925547dbc599…
83a77a0 
…c56a53efed317

[Snyk] Security upgrade styled-components from 5.3.5 to 5.3.7
@psyberjunkie
"amazonwebservices.aws-toolkit-vscode"
1400808
@snyk-bot
fix: Dockerfile.openapi_decorator to reduce vulnerabilities
de7332d 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-6032385
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-6032385
@psyberjunkie
Merge pull request #16 from psyberjunkie/snyk-fix-3668e03a6b7f9fc5844…
6f47b55 
…55ac466f1f0e7

[Snyk] Security upgrade node from 18.15-alpine to 18.20.5-alpine
@snyk-bot
fix: Dockerfile.openapi_decorator to reduce vulnerabilities
0723a43 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-7430912
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-7430907
- https://snyk.io/vuln/SNYK-UPSTREAM-NODE-7430909
- https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-8235201
- https://snyk.io/vuln/SNYK-ALPINE320-OPENSSL-8235201
@psyberjunkie
Merge pull request #17 from psyberjunkie/snyk-fix-219f9f765a710d5ce71…
b83e220 
…b3e98f07a8db6

[Snyk] Security upgrade node from 18.20.5-alpine to 23.3.0-alpine
@snyk-bot
fix: upgrade @primer/css from 21.3.1 to 21.5.1
846249b 
Snyk has created this PR to upgrade @primer/css from 21.3.1 to 21.5.1.

See this package in npm:
@primer/css

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade @elastic/elasticsearch from 8.13.1 to 8.16.2
8ce031c 
Snyk has created this PR to upgrade @elastic/elasticsearch from 8.13.1 to 8.16.2.

See this package in npm:
@elastic/elasticsearch

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade js-cookie from 3.0.1 to 3.0.5
b9949c5 
Snyk has created this PR to upgrade js-cookie from 3.0.1 to 3.0.5.

See this package in npm:
js-cookie

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade styled-components from 5.3.7 to 5.3.11
1842d46 
Snyk has created this PR to upgrade styled-components from 5.3.7 to 5.3.11.

See this package in npm:
styled-components

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade got from 14.4.2 to 14.4.5
6c47d8c 
Snyk has created this PR to upgrade got from 14.4.2 to 14.4.5.

See this package in npm:
got

See this project in Snyk:
https://app.snyk.io/org/psyberjunkie/project/c321e2a9-41fd-4799-aee9-1d16a7df4529?utm_source=github&utm_medium=referral&page=upgrade-pr
@welcome Welcome
Copy link

welcome bot commented Dec 16, 2024

Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions GitHub Actions
Copy link
Contributor

👋 Hey there spelunker. It looks like you've modified some files that we can't accept as contributions:

  • Dockerfile.openapi_decorator
  • package-lock.json
  • package.json
  • src/events/tests/analyze-comments.ts

You'll need to revert all of the files you changed that match that list using GitHub Desktop or git checkout origin/main <file name>. Once you get those files reverted, we can continue with the review process. :octocat:

The complete list of files we can't accept are:

  • .devcontainer/**
  • .github/**
  • data/reusables/rai/**
  • Dockerfile*
  • src/**
  • package*.json
  • content/actions/deployment/security-hardening-your-deployments/**

We also can't accept contributions to files in the content directory with frontmatter type: rai.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Dec 16, 2024
@github-actions GitHub Actions
Copy link
Contributor

Automatically generated comment ℹ️

This comment is automatically generated and will be overwritten every time changes are committed to this branch.

The table contains an overview of files in the content directory that have been changed in this pull request. It's provided to make it easy to review your changes on the staging site. Please note that changes to the data directory will not show up in this table.

Content directory changes

You may find it useful to copy this table into the pull request summary. There you can edit it to share links to important articles or changes and to give a high-level overview of how the changes in your pull request support the overall goals of the pull request.

Source Preview Production What Changed
actions/sharing-automations/creating-actions/dockerfile-support-for-github-actions.md fpt
ghec
ghes@ 3.15 3.14 3.13 3.12 3.11 3.10
fpt
ghec
ghes@ 3.15 3.14 3.13 3.12 3.11 3.10

fpt: Free, Pro, Team
ghec: GitHub Enterprise Cloud
ghes: GitHub Enterprise Server

@nguyenalex836 nguyenalex836 added invalid This issue/PR is invalid and removed triage Do not begin working on this issue until triaged by the team labels Dec 16, 2024
@github-actions github-actions bot closed this Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
invalid This issue/PR is invalid
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@psyberjunkie @nguyenalex836 @snyk-bot