Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump debug, expo, react-native, snyk, react-native-scripts and jest-expo in /Todo List with Tab Navigation #67

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump debug, expo, react-native, snyk, react-native-scripts and jest-expo in /Todo List with Tab Navigation #67

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 11, 2023

Bumps debug to 4.3.4 and updates ancestor dependencies debug, expo, react-native, snyk, react-native-scripts and jest-expo. These dependencies need to be updated together.

Updates debug from 2.2.0 to 4.3.4

Release notes

Sourced from debug's releases.

4.3.4

What's Changed

New Contributors

Full Changelog: debug-js/debug@4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

Repository Migration Information

I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.

Q: What impact will this have on me?

In most cases, you shouldn't notice any change.

The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a "debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.

Q: What are the security implications of this change?

If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@​qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.

Even in such a case, however, the officially released package on npm (debug) would not be affected. That package is still very much under control (even more than it used to be).

Q: What should I do if I encounter an issue related to the migration?

Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.

Q: Why was this done as a 'patch' release? Isn't this breaking?

No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.

Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.

... (truncated)

Commits
  • da66c86 4.3.4
  • 9b33412 replace deprecated String.prototype.substr() (#876)
  • c0805cc add section about configuring JS console to show debug messages (#866)
  • 043d3cd 4.3.3
  • 4079aae update license and more maintainership information
  • 19b36c0 update repository location + maintainership information
  • f851b00 adds README section regarding usage in child procs (#850)
  • d177f2b Remove accidental epizeuxis
  • e47f96d 4.3.2
  • 1e9d38c cache enabled status per-logger (#799)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates expo from 23.0.6 to 47.0.13

Changelog

Sourced from expo's changelog.

Changelog

This is the log of notable changes to the Expo client that are developer-facing. Package-specific changes not released in any SDK will be added here just before the release. Until then, you can find them in changelogs of the individual packages (see packages directory).

Unpublished

📚 3rd party library updates

🛠 Breaking changes

🎉 New features

🐛 Bug fixes

47.0.0 — 2022-10-28

📚 3rd party library updates

🛠 Breaking changes

  • expo-apple-authentication
    • [plugin] Upgrade minimum runtime requirement to Node 14 (LTS). (#18204 by @​EvanBacon)
    • Bumped iOS deployment target to 13.0 and deprecated support for iOS 12. (#18873 by @​tsapeta)
  • expo-application
    • Bumped iOS deployment target to 13.0 and deprecated support for iOS 12. (#18873 by @​tsapeta)
  • expo-av

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by tsapeta, a new releaser for expo since your current version.


Updates react-native from 0.50.3 to 0.70.6

Release notes

Sourced from react-native's releases.

0.70.6

Fixed

  • Fixed regression: @​jest/create-cache-key-function dependency was inadvertedly bumped to 29.x. We are bringing it back to 27.0.1. (fb0e88beb9 by @​kelset)

Changed

iOS specific

You can participate in the conversation on the status of this release in this discussion

To help you upgrade to this version, you can use the upgrade helper ⚛️

You can find the whole changelog history in the changelog.md file.

0.70.5

Hotfix

This version is a patch release addressing the Android build issue that has been ongoing since Nov 4th 2022. If you are on 0.70.x, update to this version to fix it.

If you are on an older version of React Native, refer to this issue for details and the workaround you can apply in your project.

You can participate in the conversation on the status of this release in this discussion

To help you upgrade to this version, you can use the upgrade helper ⚛️

You can find the whole changelog history in the changelog.md file.

0.70.4

... (truncated)

Changelog

Sourced from react-native's changelog.

v0.70.6

Fixed

  • Fixed regression: @​jest/create-cache-key-function dependency was inadvertedly bumped to 29.x. We are bringing it back to 27.0.1. (fb0e88beb9 by @​kelset)

Changed

iOS specific

v0.70.5

Fixed

v0.70.4

Changed

Fixed

iOS specific

v0.70.3

Fixed

  • Stop styles from being reset when detaching Animated.Values in old renderer (2f58e52006 by @​javache)
  • Revert "Fix TextInput dropping text when used as uncontrolled component with defaultValue" to fix TextInputs not being settable to undefined programmatically (e2645a5) by Garrett Forbes Monroe

Android specific

iOS specific

... (truncated)

Commits
  • 49dd38f [0.70.6] Bump version numbers
  • fb0e88b [LOCAL] correct fix: bring back jest cache but on the right version
  • c563759 [LOCAL] Bump git checkout cache key
  • 69ce989 Revert "[0.70.6] Bump version numbers"
  • 02a388f [0.70.6] Bump version numbers
  • ef29c9b [LOCAL] remove regression: unwanted @​jest/create-cache-key-function dependency
  • 9bcc5e0 [LOCAL] Bump CLI to 9.3.2
  • 11473c3 Add support Promise.any out of box (#35080)
  • 3f1c55b Update ruby codegen to cleanup build folder. (#34398)
  • 35fa47b [0.70.5] Bump version numbers
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by fb, a new releaser for react-native since your current version.


Updates snyk from 1.176.0 to 1.1082.0

Release notes

Sourced from snyk's releases.

v1.1082.0

1.1082.0 (2023-01-08)

Bug Fixes

  • add logic to ignore unsupporting package managers during snyk monitor (910a86c)
  • run snyk code test with the default org (7d2c6be)

v1.1081.0

1.1081.0 (2023-01-03)

v1.1080.0

1.1080.0 (2022-12-29)

Bug Fixes

  • merge internal and external defined no_proxy (e92b1ae)

Features

  • Upgrade snyk-iac-test to v0.37.2 (963039f)

v1.1079.0

1.1079.0 (2022-12-28)

v1.1078.0

1.1078.0 (2022-12-28)

Bug Fixes

  • missing org slug in query string when tracking usage for iac scans (8e8fddb)

v1.1077.0

1.1077.0 (2022-12-27)

Bug Fixes

  • add no_proxy for localhost traffic (f66df33)

v1.1076.0

1.1076.0 (2022-12-22)

Bug Fixes

... (truncated)

Commits
  • 9fe8602 Merge pull request #4273 from snyk/fix/unsupporting-pm-monitor
  • a379de7 refactor: Merge remote-tracking branch 'origin/master' into fix/unsupporting-...
  • 3d7352c Merge pull request #4274 from snyk/fix/code-smoke-tests
  • 7d2c6be fix: run snyk code test with the default org
  • 910a86c fix: add logic to ignore unsupporting package managers during snyk monitor
  • 8404b80 Merge pull request #4272 from snyk/chore/update-gpg-key
  • 0e8c4d3 chore: update public gpg key
  • 6be2302 Merge pull request #4269 from snyk/chore/add-runbook-to-iac-smoke-tests-alert
  • f1444ed chore: add iac ownership to iac-cli-alert package
  • 016fa13 chore: add runbook to iac smoke tests alert
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by snyk-admin, a new releaser for snyk since your current version.


Updates react-native-scripts from 1.8.1 to 2.0.1

Changelog

Sourced from react-native-scripts's changelog.

2.0.1 (September 21, 2018)

This release merges Create React Native App with Expo CLI.

  • Expo CLI is a tool based on CRNA, made by the same team
  • It has all the same features, plus some additional benefits
  • Like CRNA, Expo CLI does not require an Expo user account
  • The create-react-native-app command will continue to work

The separate react-native-scripts package is now deprecated: new projects created with create-react-native-app will use Expo CLI instead of react-native-scripts. In addition to everything provided by CRNA, Expo CLI includes these extras:

  • Web-based user interface: in addition to the CLI, there's a GUI where you can view logs, launch the app on your devices or simulators, and publish updates.
  • Standalone app builds: you can build IPA and APK packages for deploying to App Store and Play Store without using Xcode or Android Studio.
  • Publishing: you can push updates to your deployed apps and optionally publish your app to Expo.io.
  • Tunnel: your physical device doesn’t need to be in the same wi-fi as your computer to be able to develop using it.
  • Optional user accounts: logging in allows listing all your projects in development in the Expo app without having to scan any QR codes and enables additional features like standalone builds. However, just like CRNA, Expo CLI can also be used without a user account.

Why are we bringing these two tools together?

  • Just one tool to learn: previously developers would start with CRNA and then switch to exp or XDE for additional features like standalone builds. Expo CLI is as easy to get started with as CRNA, but also supports everything previously offered by these separate tools.
  • Less confusing options: CRNA apps have always been loaded using the Expo app and able to use the Expo APIs in addition to the core React Native APIs. Users are sometimes confused about the differences between plain React Native, CRNA and Expo apps created with tools like exp or XDE. Installing the expo-cli package will make it clearer the additional functionality is provided by Expo.
  • Developer experience: Expo CLI is ahead of CRNA in terms of features and developer experience, and we’re continuously improving it.
  • Maintenance: having these two projects as separate codebases requires more maintenance and CRNA has previously falled behind because of this. A single codebase helps us keep it up to date and fix issues as fast as possible.

Upgrading from 1.14.0 to 2.0.1

All apps created with create-react-native-app, are compatible with Expo CLI without changes.

Upgrade react-native-scripts to v2.0.1 with:

npm install --save --save-exact [email protected]

or

yarn add --exact [email protected]

When you run npm start for the first time, Expo CLI will be installed.

Because react-native-scripts is now a wrapper for Expo CLI, you can also follow these steps to remove it from your project and use Expo CLI directly:

  1. Replace react-native-scripts with expo in the scripts config in package.json. Example: 
    "scripts": {
  "start": "expo start",
  "eject": "expo eject",
  "android": "expo start --android",

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by fson, a new releaser for react-native-scripts since your current version.


Updates jest-expo from 23.0.0 to 47.0.1

Changelog

Sourced from jest-expo's changelog.

47.0.1 — 2022-10-30

This version does not introduce any user-facing changes.

47.0.0 — 2022-10-27

🎉 New features

46.0.2 — 2022-10-25

🐛 Bug fixes

  • Update transform in jest-preset to support transforming other file extensions such as .jsx, .tsx, etc. (#18476 by @​@amandeepmittal)

⚠️ Notices

46.0.1 — 2022-07-11

This version does not introduce any user-facing changes.

46.0.0 — 2022-07-07

🛠 Breaking changes

🎉 New features

🐛 Bug fixes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump debug, expo, react-native, snyk, react-native-scrip…
a7d34e1 
…ts and jest-expo

Bumps [debug](https://github.com/debug-js/debug) to 4.3.4 and updates ancestor dependencies [debug](https://github.com/debug-js/debug), [expo](https://github.com/expo/expo/tree/HEAD/packages/expo), [react-native](https://github.com/facebook/react-native), [snyk](https://github.com/snyk/snyk), [react-native-scripts](https://github.com/react-community/create-react-native-app) and [jest-expo](https://github.com/expo/expo/tree/HEAD/packages/jest-expo). These dependencies need to be updated together.


Updates `debug` from 2.2.0 to 4.3.4
- [Release notes](https://github.com/debug-js/debug/releases)
- [Commits](debug-js/debug@2.2.0...4.3.4)

Updates `expo` from 23.0.6 to 47.0.13
- [Release notes](https://github.com/expo/expo/releases)
- [Changelog](https://github.com/expo/expo/blob/main/CHANGELOG.md)
- [Commits](https://github.com/expo/expo/commits/HEAD/packages/expo)

Updates `react-native` from 0.50.3 to 0.70.6
- [Release notes](https://github.com/facebook/react-native/releases)
- [Changelog](https://github.com/facebook/react-native/blob/main/CHANGELOG.md)
- [Commits](facebook/react-native@v0.50.3...v0.70.6)

Updates `snyk` from 1.176.0 to 1.1082.0
- [Release notes](https://github.com/snyk/snyk/releases)
- [Commits](snyk/cli@v1.176.0...v1.1082.0)

Updates `react-native-scripts` from 1.8.1 to 2.0.1
- [Release notes](https://github.com/react-community/create-react-native-app/releases)
- [Changelog](https://github.com/expo/create-react-native-app/blob/main/CHANGELOG.md)
- [Commits](https://github.com/react-community/create-react-native-app/commits)

Updates `jest-expo` from 23.0.0 to 47.0.1
- [Release notes](https://github.com/expo/expo/releases)
- [Changelog](https://github.com/expo/expo/blob/main/packages/jest-expo/CHANGELOG.md)
- [Commits](https://github.com/expo/expo/commits/HEAD/packages/jest-expo)

---
updated-dependencies:
- dependency-name: debug
  dependency-type: indirect
- dependency-name: expo
  dependency-type: direct:production
- dependency-name: react-native
  dependency-type: direct:production
- dependency-name: snyk
  dependency-type: direct:production
- dependency-name: react-native-scripts
  dependency-type: direct:development
- dependency-name: jest-expo
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants