Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Mend: high confidence minor and patch dependency updates #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Aug 14, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
browser-sync (source) 2.26.3 -> 2.29.3 age adoption passing confidence
gulp (source) 4.0.0 -> 4.0.2 age adoption passing confidence
gulp-sass 4.0.2 -> 4.1.1 age adoption passing confidence
jquery (source) 3.3.1 -> 3.7.1 age adoption passing confidence
maven 3.2.1 -> 3.9.6 age adoption passing confidence
org.apache.maven.plugins:maven-checkstyle-plugin 3.1.0 -> 3.3.1 age adoption passing confidence
org.apache.commons:commons-exec (source) 1.3 -> 1.4.0 age adoption passing confidence
org.apache.maven.plugins:maven-surefire-plugin 3.0.0-M4 -> 3.2.5 age adoption passing confidence
org.apache.maven.plugins:maven-compiler-plugin 3.8.0 -> 3.13.0 age adoption passing confidence
junit:junit (source) 4.12 -> 4.13.2 age adoption passing confidence
com.github.tomakehurst:wiremock (source) 2.8.0 -> 2.27.2 age adoption passing confidence
org.asciidoctor:asciidoctor-maven-plugin 1.5.3 -> 1.6.0 age adoption passing confidence
cglib:cglib-nodep 2.2 -> 2.2.2 age adoption passing confidence
org.glassfish.jaxb:jaxb-runtime (source) 2.3.0 -> 2.3.9 age adoption passing confidence
com.nulab-inc:zxcvbn 1.2.5 -> 1.9.0 age adoption passing confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

BrowserSync/browser-sync (browser-sync)

v2.29.3: The one that fixes snippetOptions

Compare Source

What's Changed

Full Changelog: BrowserSync/browser-sync@v2.29.2...v2.29.3

v2.29.2

Compare Source

v2.29.1

Compare Source

What's Changed

Full Changelog: BrowserSync/browser-sync@v2.29.0...v2.29.1

v2.29.0: The one that restores IE11 support 💪

Compare Source

What's Changed

esbuild does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke IE11 support 😢

This is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.

So, IE11 will work once again 🎉. Please use the issues thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)

### IE11 works, again
npm install browser-sync@latest

Full Changelog: BrowserSync/browser-sync@v2.28.3...v2.29.0

v2.28.3

Compare Source

v2.28.2

Compare Source

v2.28.1

Compare Source

v2.28.0: the one that finally removes document.write

Compare Source

What's Changed

Full Changelog: BrowserSync/browser-sync@v2.27.12...v2.28.0

v2.27.12

Compare Source

v2.27.11

Compare Source

v2.27.10

Compare Source

v2.27.9: 2.27.9

Compare Source

What's Changed

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

v2.27.8: 2.27.8

Compare Source

This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

PR:

Resolved Issues:

Thanks to @​lachieh for the original PR, which helped me land this fix

v2.27.7

Compare Source

v2.27.6

Compare Source

v2.27.5

Compare Source

v2.27.4

Compare Source

v2.27.3

Compare Source

v2.27.1: added snippet: boolean option

Compare Source

This release adds a feature to address https://github.com/BrowserSync/browser-sync/issues/1882

Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

browser-sync . --no-snippet

or in any Browsersync configuration

const config = {
  snippet: false,
};

the original request was related to Eleventy usage, so here's how that would look

eleventyConfig.setBrowserSyncConfig({
  snippet: false,
});

v2.26.14: upgraded dependencies

Compare Source

This is a maintenance release to address 2 security related issues (socket.io & axios)

Happy Browsersync'in :)

v2.26.13

Compare Source

v2.26.12

Compare Source

v2.26.10

Compare Source

v2.26.9

Compare Source

v2.26.7

Compare Source

v2.26.6

Compare Source

v2.26.5

Compare Source

v2.26.4

Compare Source

gulpjs/gulp (gulp)

v4.0.2

Compare Source

Fix
Docs
Build
  • Add node 12 to Travis & Azure (b4b5a68)

v4.0.1

Compare Source

Fix
Docs
Upgrade
  • Update glob-watcher, gulp-cli, and undertaker dependencies & rimraf devDep (d3734d3)
Build
Scaffold
  • Mark *.png and *.jpg as binary files to git (a010db6)
  • Update some links and license year (1027236)
  • Add tidelift configuration (49b5aca)
  • Add new expense policy (9819957)
  • Add support-bot template (9078c49)
dlmanning/gulp-sass (gulp-sass)

v4.1.1

Compare Source

June 24, 2021

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.1

v4.1.0

Compare Source

April 23, 2020

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.0

jquery/jquery (jquery)

v3.7.1: jQuery 3.7.1 Released: Reliable Table Row Dimensions

Compare Source

https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/

v3.7.0: jQuery 3.7.0: Staying in Order

Compare Source

https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/

v3.6.4: jQuery 3.6.4 Released: Selector Forgiveness

Compare Source

https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/

v3.6.3: jQuery supports CSS.supports in jQuery 3.6.3

Compare Source

https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/

v3.6.2: jQuery 3.6.2 :has arrived!

Compare Source

https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/

v3.6.1: jQuery 3.6.1 Maintenance Release

Compare Source

https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/

v3.6.0: jQuery 3.6.0 Released!

Compare Source

https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/

v3.5.1

Compare Source

v3.5.0: jQuery 3.5.0 Released!

Compare Source

See the blog post:
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
and the upgrade guide:
https://jquery.com/upgrade-guide/3.5/

NOTE: Despite being a minor release, this update includes a breaking change that we had to make to fix a security issue ( CVE-2020-11022). Please follow the blog post & the upgrade guide for more details.

v3.4.1

Compare Source

v3.4.0

Compare Source

wiremock/wiremock (com.github.tomakehurst:wiremock)

v2.27.2

Compare Source

v2.27.1

Compare Source

v2.27.0

Compare Source

v2.26.3

Compare Source

v2.26.2

Compare Source

v2.26.1

Compare Source

v2.26.0

Compare Source

v2.25.1

Compare Source

v2.25.0

Compare Source

v2.24.1

Compare Source

v2.24.0

Compare Source

v2.23.2

Compare Source

v2.23.1

Compare Source

v2.23.0

Compare Source

v2.22.0

Compare Source

v2.21.0

Compare Source

v2.20.0

Compare Source

v2.19.0

Compare Source

v2.18.0

Compare Source

v2.17.0

Compare Source

v2.16.0

Compare Source

v2.15.0

Compare Source

v2.14.0

Compare Source

v2.13.0

Compare Source

v2.12.0

Compare Source

v2.11.0

Compare Source

v2.10.1

Compare Source

v2.10.0

Compare Source

v2.9.0

Compare Source

nulab/zxcvbn4j (com.nulab-inc:zxcvbn)

v1.9.0

Compare Source

v1.8.2

Compare Source

v1.8.1

Compare Source

v1.8.0

Compare Source

v1.7.0

Compare Source

v1.6.0

Compare Source

v1.5.2

Compare Source

v1.5.1

Compare Source

v1.5.0

Compare Source

v1.4.1

Compare Source

  • Fix message from full-width to half-width #​91 (kxn4t)

v1.4.0

Compare Source

v1.3.6

Compare Source

v1.3.5

Compare Source

v1.3.4

Compare Source

v1.3.3

Compare Source

v1.3.2

Compare Source

v1.3.1

Compare Source

v1.3.0

Compare Source

v1.2.7

Compare Source

v1.2.6

Compare Source


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Aug 14, 2023
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 8c72560 to 4ed0804 Compare August 14, 2023 17:48
@mend-for-github-com mend-for-github-com bot changed the title Update Mend: high confidence minor and patch dependency updates Update Mend: high confidence minor and patch dependency updates - autoclosed Aug 14, 2023
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch August 14, 2023 19:39
@mend-for-github-com mend-for-github-com bot changed the title Update Mend: high confidence minor and patch dependency updates - autoclosed Update Mend: high confidence minor and patch dependency updates Aug 14, 2023
@mend-for-github-com mend-for-github-com bot reopened this Aug 14, 2023
@mend-for-github-com mend-for-github-com bot restored the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch August 14, 2023 20:56
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 10 times, most recently from d4cd575 to 5f7fe3e Compare August 21, 2023 17:50
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from cc3457d to e4b7de8 Compare August 30, 2023 02:07
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 6 times, most recently from a47c4fa to 44afdb2 Compare September 7, 2023 02:07
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from 98efc40 to a00cf9d Compare September 11, 2023 02:07
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 4 times, most recently from 0efdcd0 to c4f9f13 Compare April 15, 2024 02:06
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from d4cb550 to 9247715 Compare April 26, 2024 06:59
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from 4b04a84 to 07e66c2 Compare May 8, 2024 13:40
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 10 times, most recently from ab59333 to a6d60fd Compare May 16, 2024 02:05
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 8 times, most recently from 5147c86 to e81737e Compare May 19, 2024 02:08
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from e81737e to d735d13 Compare May 19, 2024 13:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by Mend
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants