Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): bump dotenv from 10.0.0 to 15.0.0 #831

Merged
merged 1 commit into from
Feb 2, 2022
Merged

fix(deps): bump dotenv from 10.0.0 to 15.0.0 #831

merged 1 commit into from
Feb 2, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2022
edited
Loading

Bumps dotenv from 10.0.0 to 15.0.0.

Changelog

Sourced from dotenv's changelog.

15.0.0 (2022-01-31)

v15.0.0 is a major new release with some important breaking changes.

Added

  • Breaking: Multiline parsing support (just works. no need for the flag.)

Changed

  • Breaking: # marks the beginning of a comment (UNLESS the value is wrapped in quotes. Please update your .env files to wrap in quotes any values containing #. For example: SECRET_HASH="something-with-a-#-hash").

..Understandably, (as some teams have noted) this is tedious to do across the entire team. To make it less tedious, we recommend using dotenv cli going forward. It's an optional plugin that will keep your .env files in sync between machines, environments, or team members.

Removed

  • Breaking: Remove multiline option (just works out of the box now. no need for the flag.)

14.3.2 (2022-01-25)

Changed

  • Preserve backwards compatibility on values containing # 🐞 (#603)

14.3.1 (2022-01-25)

Changed

  • Preserve backwards compatibility on exports by re-introducing the prior in-place exports 🐞 (#606)

14.3.0 (2022-01-24)

Added

  • Add multiline option 🎉 (#486)

14.2.0 (2022-01-17)

Added

  • Add dotenv_config_override cli option
  • Add DOTENV_CONFIG_OVERRIDE command line env option

14.1.1 (2022-01-17)

Added

  • Add React gotcha to FAQ on README

14.1.0 (2022-01-17)

... (truncated)

Commits
  • 4b7a130 Update CHANGELOG
  • 155c285 Remove multiline options from documentation
  • ab38cf2 Merge branch 'master' of github.com:motdotla/dotenv
  • 1fa0581 Remove multiline from env and cli options
  • d0fbd37 Merge pull request #609 from Josh-Cena/docs-react
  • 1412693 docs: improve explanation about environment in React
  • 55b649a Correct date of release of v15.0.0
  • be18c38 Update CHANGELOG
  • 953702a Merge pull request #608 from motdotla/branch-15
  • a487795 Update main example to use quotes
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @nogic1008.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependabot 🤖 Pull requests that update a dependency file label Feb 1, 2022
@dependabot dependabot bot requested a review from a team February 1, 2022 09:06
@dependabot dependabot bot added this to the v1.0.5 milestone Feb 1, 2022
@commit-lint
Copy link

commit-lint bot commented Feb 1, 2022
edited
Loading

Bug Fixes

  • deps: bump dotenv from 10.0.0 to 15.0.0 (28c0560)

Contributors

dependabot[bot]

Commit-Lint commands

You can trigger Commit-Lint actions by commenting on this PR:

  • @Commit-Lint merge patch will merge dependabot PR on "patch" versions (X.X.Y - Y change)
  • @Commit-Lint merge minor will merge dependabot PR on "minor" versions (X.Y.Y - Y change)
  • @Commit-Lint merge major will merge dependabot PR on "major" versions (Y.Y.Y - Y change)
  • @Commit-Lint merge disable will desactivate merge dependabot PR
  • @Commit-Lint review will approve dependabot PR
  • @Commit-Lint stop review will stop approve dependabot PR

@codecov
Copy link

codecov bot commented Feb 1, 2022
edited
Loading

Codecov Report

Merging #831 (28c0560) into master (55847f3) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #831   +/-   ##
=======================================
  Coverage   98.54%   98.54%           
=======================================
  Files          90       90           
  Lines        2059     2059           
  Branches      542      542           
=======================================
  Hits         2029     2029           
  Misses         30       30

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 55847f3...28c0560. Read the comment docs.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dotenv-15.0.0 branch 2 times, most recently from 53aafe2 to 1b666c2 Compare February 2, 2022 02:46
@dependabot
fix(deps): bump dotenv from 10.0.0 to 15.0.0
28c0560 
Bumps [dotenv](https://github.com/motdotla/dotenv) from 10.0.0 to 15.0.0.
- [Release notes](https://github.com/motdotla/dotenv/releases)
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v10.0.0...v15.0.0)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dotenv-15.0.0 branch from 1b666c2 to 28c0560 Compare February 2, 2022 03:57
nogic1008
nogic1008 approved these changes Feb 2, 2022
View reviewed changes
Copy link
Contributor

@nogic1008 nogic1008 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot squash and merge

@dependabot dependabot bot merged commit 6f345d9 into master Feb 2, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/dotenv-15.0.0 branch February 2, 2022 04:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nogic1008 nogic1008 nogic1008 approved these changes

Assignees
No one assigned
Labels
dependabot 🤖 Pull requests that update a dependency file
Projects
None yet
Milestone
v1.1
Development

Successfully merging this pull request may close these issues.
1 participant
@nogic1008