Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directories with 14 updates #18

Closed
wants to merge 1 commit into from
Closed

Bump the npm_and_yarn group across 1 directories with 14 updates #18

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 5, 2024
edited
Loading

Bumps the npm_and_yarn group with 5 updates in the /FireworkRNSDKSample directory:

Package From To
react-native 0.66.4 0.73.5
babel-plugin-module-resolver 4.1.0 5.0.0
decode-uri-component 0.2.0 0.2.2
minimatch 3.0.4 3.1.2
nanoid 3.1.30 3.3.7

Updates react-native from 0.66.4 to 0.73.5

Release notes

Sourced from react-native's releases.

0.73.5

Changelog

Security

Changed

Fixed

How to Test

Generate a new project:

npx react-native@next init RN0735RC1 --version 0.73.5

  • To help you upgrade to this version, you can use the upgrade helper ⚛️

  • See changes from this release in the changelog

Hermes dSYMS:

Help us testing 🧪

If you experience a regression, please file an Upgrade issue and file a pick request in the appropriate discussion: https://github.com/reactwg/react-native-releases/discussions/

0.73.4

v0.73.4

Fixed

Android

... (truncated)

Changelog

Sourced from react-native's changelog.

Changelog (pre 0.70)

This file contains all changelogs for releases in the 0.60-0.69 range. Please check out the other CHANGELOG-*.md files for newer and older versions.

v0.69.12

Changed

iOS specific

Fixed

Android specific

v0.69.11

Fixed

iOS specific

v0.69.10

Fixed

Android specific

v0.69.9

Changed

iOS specific

Fixed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.


Updates babel-plugin-module-resolver from 4.1.0 to 5.0.0

Changelog

Sourced from babel-plugin-module-resolver's changelog.

5.0.0 (2023-01-09)

⚠ BREAKING CHANGES

  • Remove support for Node < 16

  • Update dependencies and find-babel-config to fix json5 vulnerabilities (#441) (c43e71c)

Commits
  • ff8a445 chore(release): 5.0.0
  • c43e71c chore: Update dependencies and find-babel-config to fix json5 vulnerabilities...
  • f2daf06 docs: Valid install commands when using Github copy button (#426)
  • See full diff in compare view

Updates @babel/traverse from 7.22.8 to 7.24.0

Release notes

Sourced from @​babel/traverse's releases.

v7.24.0 (2024-02-28)

Thanks @​ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

  • babel-standalone
  • babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-preset-flow
  • babel-helper-import-to-platform-api, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-standalone
  • babel-plugin-transform-runtime
  • babel-parser, babel-types

🐛 Bug Fix

  • babel-plugin-proposal-do-expressions, babel-traverse
  • babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object
  • babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-preset-env
  • babel-helpers
  • babel-helpers, babel-plugin-proposal-decorators

💅 Polish

  • babel-core, babel-helper-create-class-features-plugin, babel-preset-env

🏠 Internal

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.0 (2024-02-28)

🚀 New Feature

  • babel-standalone
  • babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-preset-flow
  • babel-helper-import-to-platform-api, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-standalone
  • babel-plugin-transform-runtime
  • babel-parser, babel-types

🐛 Bug Fix

  • babel-plugin-proposal-do-expressions, babel-traverse
  • babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object
  • babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods
  • babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-preset-env
  • babel-helpers
  • babel-helpers, babel-plugin-proposal-decorators

💅 Polish

  • babel-core, babel-helper-create-class-features-plugin, babel-preset-env

🏠 Internal

  • babel-helper-transform-fixture-test-runner

🔬 Output optimization

... (truncated)

Commits

Updates @sideway/formula from 3.0.0 to 3.0.1

Commits
Maintainer changes

This version was pushed to npm by marsup, a new releaser for @​sideway/formula since your current version.


Updates ansi-regex from 4.1.0 to 4.1.1

Commits

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates json5 from 0.5.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

v2.2.0

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

  • Fix: Bump minimist to v1.2.5. (#222)

v2.1.1

  • New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
  • Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
  • Fix: Spelling mistakes have been fixed. (#196)

v2.1.0

  • New: The index.mjs and index.min.mjs browser builds in the dist directory support ES6 modules. (#187)

v2.0.1

  • Fix: The browser builds in the dist directory support ES5. (#182)

v2.0.0

  • Major: JSON5 officially supports Node.js v6 and later. Support for Node.js v4 has been dropped. Since Node.js v6 supports ES5 features, the code has been rewritten in native ES5, and the dependence on Babel has been eliminated.

  • New: Support for Unicode 10 has been added.

  • New: The test framework has been migrated from Mocha to Tap.

  • New: The browser build at dist/index.js is no longer minified by default. A minified version is available at dist/index.min.js. (#181)

  • Fix: The warning has been made clearer when line and paragraph separators are

... (truncated)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

  • Fix: Bump minimist to v1.2.5. (#222)

v2.1.1 [code, [diff][d2.1.1]]

... (truncated)

Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates nanoid from 3.1.30 to 3.3.7

Changelog

Sourced from nanoid's changelog.

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).

3.3.6

  • Fixed package.

3.3.5

  • Backport funding information.

3.3.4

3.3.3

  • Reduced size (by Anton Khlynovskiy).

3.3.2

  • Fixed enhanced-resolve support.

3.3.1

  • Reduced package size.

3.3

  • Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

  • Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

  • Reduced async exports size (by Artyom Arutyunyan).
  • Moved from Jest to uvu (by Vitaly Baev).

3.1.31

  • Fixed collision vulnerability on object in size (by Artyom Arutyunyan).
Commits

Updates node-fetch from 2.6.6 to 2.7.0

Release notes

Sourced from node-fetch's releases.

v2.7.0

2.7.0 (2023-08-23)

Features

v2.6.13

2.6.13 (2023-08-18)

Bug Fixes

v2.6.12

2.6.12 (2023-06-29)

Bug Fixes

v2.6.11

2.6.11 (2023-05-09)

Reverts

v2.6.10

2.6.10 (2023-05-08)

Bug Fixes

v2.6.9

2.6.9 (2023-01-30)

Bug Fixes

v2.6.8

2.6.8 (2023-01-13)

... (truncated)

Commits

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 5, 2024
@dependabot
Bump the npm_and_yarn group across 1 directories with 14 updates
265da21 
Bumps the npm_and_yarn group with 5 updates in the /FireworkRNSDKSample directory:

| Package | From | To |
| --- | --- | --- |
| [react-native](https://github.com/facebook/react-native/tree/HEAD/packages/react-native) | `0.66.4` | `0.73.5` |
| [babel-plugin-module-resolver](https://github.com/tleunen/babel-plugin-module-resolver) | `4.1.0` | `5.0.0` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [nanoid](https://github.com/ai/nanoid) | `3.1.30` | `3.3.7` |


Updates `react-native` from 0.66.4 to 0.73.5
- [Release notes](https://github.com/facebook/react-native/releases)
- [Changelog](https://github.com/facebook/react-native/blob/main/CHANGELOG-pre-070.md)
- [Commits](https://github.com/facebook/react-native/commits/v0.73.5/packages/react-native)

Updates `babel-plugin-module-resolver` from 4.1.0 to 5.0.0
- [Changelog](https://github.com/tleunen/babel-plugin-module-resolver/blob/master/CHANGELOG.md)
- [Commits](tleunen/babel-plugin-module-resolver@v4.1.0...v5.0.0)

Updates `@babel/traverse` from 7.22.8 to 7.24.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-traverse)

Updates `@sideway/formula` from 3.0.0 to 3.0.1
- [Commits](hapijs/formula@v3.0.0...v3.0.1)

Updates `ansi-regex` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v4.1.0...v4.1.1)

Updates `semver` from 5.7.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `json5` from 0.5.1 to 2.2.3
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v0.5.1...v2.2.3)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `minimist` from 1.2.5 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `nanoid` from 3.1.30 to 3.3.7
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.1.30...3.3.7)

Updates `node-fetch` from 2.6.6 to 2.7.0
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.6...v2.7.0)

Updates `react-devtools-core` from 4.22.1 to 4.28.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/HEAD/packages/react-devtools-core)

Updates `shell-quote` from 1.6.1 to 1.8.1
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.6.1...v1.8.1)

---
updated-dependencies:
- dependency-name: react-native
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: babel-plugin-module-resolver
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@sideway/formula"
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: minimist
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: nanoid
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: node-fetch
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: react-devtools-core
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: shell-quote
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/FireworkRNSDKSample/npm_and_yarn-security-group-ce91459348 branch from f0da425 to 265da21 Compare March 22, 2024 03:30
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Mar 22, 2024

Superseded by #22.

@dependabot dependabot bot closed this Mar 22, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/FireworkRNSDKSample/npm_and_yarn-security-group-ce91459348 branch March 22, 2024 03:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants