Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the npm_and_yarn group across 1 directory with 1 update #557

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2024

Bumps the npm_and_yarn group with 1 update in the / directory: webpack-dev-middleware.

Updates webpack-dev-middleware from 5.3.1 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

v5.3.2

5.3.2 (2022-05-17)

Bug Fixes

  • node types (#1195) (d68ab36)
  • compatibility with Node.js 18
Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)

5.3.3 (2022-05-18)

Bug Fixes

5.3.2 (2022-05-17)

Bug Fixes

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 1 update in the / directory: [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware).


Updates `webpack-dev-middleware` from 5.3.1 to 5.3.4
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4)

---
updated-dependencies:
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 23, 2024
Copy link

vercel bot commented Mar 23, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
feishin ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 23, 2024 5:24am

@kgarner7 kgarner7 merged commit f61cf8c into development Mar 27, 2024
4 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-c37866de94 branch March 27, 2024 02:10
spiceratops referenced this pull request in spiceratops/k8s-gitops May 7, 2024
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [ghcr.io/jeffvli/feishin](https://github.com/jeffvli/feishin) |
minor | `0.6.1` -> `0.7.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>jeffvli/feishin (ghcr.io/jeffvli/feishin)</summary>

###
[`v0.7.1`](https://github.com/jeffvli/feishin/releases/tag/v0.7.1):
0.7.1

[Compare
Source](https://github.com/jeffvli/feishin/compare/v0.7.0...v0.7.1)

0.7.1 released to fix missing Windows binary.

**Full Changelog**:
jeffvli/feishin@v0.7.0...v0.7.1

###
[`v0.7.0`](https://github.com/jeffvli/feishin/releases/tag/v0.7.0):
0.7.0

[Compare
Source](https://github.com/jeffvli/feishin/compare/v0.6.1...v0.7.0)

0.7.0 is here!

Moving forwards, release notes will be simplified as so. Thanks to all
the contributors as always!

#### Highlights

- (UI) Added `Get Info` button on dropdowns to show extended details for
the selected item
-   (UI) Changed titlebar on light theme to use a lighter color
- (UI) Error page now shows server menu in case to handle cases where
application can become stuck
- (UI) Fixed synchronized lyrics not repeating when track is repeated on
fullscreen player
- (UI) Added toggle to switch between tracks and albums when double
clicking an item in the genres list
-   (UI) (Jellyfin) Fixed lyrics parsing for Jellyfin v10.9.0
-   (UI) (Navidrome) Adds `Share item` to item context menus
- (UI) (Navidrome) Added `inPlaylist` and `notInPlaylist` operators for
Navidrome smart playlists
- (UI) (Navidrome) Added JSON preview for smart playlist builder output
- (UI) Added Farsi and Chinese (Traditional) languages (thanks to
translators!)
- (Desktop) The positioning state of the application is now persisted
(maximize, fullscreen, window position)
- (Player) Various fixes/improvements with player implementation
including mpris and scrobbling
- ...and more: [view
commits](https://github.com/jeffvli/feishin/compare/v0.6.1...v0.7.0)

#### What's Changed

- Bump the npm_and_yarn group across 1 directory with 2 updates by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/jeffvli/feishin/pull/542](https://github.com/jeffvli/feishin/pull/542)
- Bump the npm_and_yarn group across 1 directory with 1 update by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/jeffvli/feishin/pull/551](https://github.com/jeffvli/feishin/pull/551)
- Bump the npm_and_yarn group across 1 directory with 1 update by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/jeffvli/feishin/pull/557](https://github.com/jeffvli/feishin/pull/557)
- Bump the npm_and_yarn group across 1 directory with 1 update by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/jeffvli/feishin/pull/561](https://github.com/jeffvli/feishin/pull/561)
- \[bugfix]: Resolve MPV next/prev race condition by
[@&#8203;kgarner7](https://github.com/kgarner7) in
[https://github.com/jeffvli/feishin/pull/566](https://github.com/jeffvli/feishin/pull/566)
- \[bugfix]: Add a fallback image to the dynamic background url by
[@&#8203;iiPythonx](https://github.com/iiPythonx) in
[https://github.com/jeffvli/feishin/pull/571](https://github.com/jeffvli/feishin/pull/571)
- \[enhancement]: Show item details by
[@&#8203;kgarner7](https://github.com/kgarner7) in
[https://github.com/jeffvli/feishin/pull/573](https://github.com/jeffvli/feishin/pull/573)
- Fix portrait mode detection by
[@&#8203;Kaydax](https://github.com/Kaydax) in
[https://github.com/jeffvli/feishin/pull/582](https://github.com/jeffvli/feishin/pull/582)
- \[enhancement]: Support react-router links in Modal by
[@&#8203;kgarner7](https://github.com/kgarner7) in
[https://github.com/jeffvli/feishin/pull/586](https://github.com/jeffvli/feishin/pull/586)
- \[enhancement]: Support toggling Album/Track view for gneres by
[@&#8203;kgarner7](https://github.com/kgarner7) in
[https://github.com/jeffvli/feishin/pull/591](https://github.com/jeffvli/feishin/pull/591)
- Implement Navidrome sharing by
[@&#8203;iiPythonx](https://github.com/iiPythonx) in
[https://github.com/jeffvli/feishin/pull/575](https://github.com/jeffvli/feishin/pull/575)
- \[bugfix]: Handle top-level songs for Jellyfin by
[@&#8203;kgarner7](https://github.com/kgarner7) in
[https://github.com/jeffvli/feishin/pull/553](https://github.com/jeffvli/feishin/pull/553)
- Bump ejs from 3.1.9 to 3.1.10 in the npm_and_yarn group across 1
directory by [@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/jeffvli/feishin/pull/602](https://github.com/jeffvli/feishin/pull/602)
- Fix LrcLib fetcher by
[@&#8203;vukanovics](https://github.com/vukanovics) in
[https://github.com/jeffvli/feishin/pull/603](https://github.com/jeffvli/feishin/pull/603)
- Allow smaller album covers in card/poster display by
[@&#8203;Dylancyclone](https://github.com/Dylancyclone) in
[https://github.com/jeffvli/feishin/pull/598](https://github.com/jeffvli/feishin/pull/598)
- Add new Navidrome smart playlist operators (up to v0.52.0) by
[@&#8203;jeffvli](https://github.com/jeffvli) in
[https://github.com/jeffvli/feishin/pull/604](https://github.com/jeffvli/feishin/pull/604)

#### New Contributors

- [@&#8203;Kaydax](https://github.com/Kaydax) made their first
contribution in
[https://github.com/jeffvli/feishin/pull/582](https://github.com/jeffvli/feishin/pull/582)
- [@&#8203;vukanovics](https://github.com/vukanovics) made their first
contribution in
[https://github.com/jeffvli/feishin/pull/603](https://github.com/jeffvli/feishin/pull/603)
- [@&#8203;Dylancyclone](https://github.com/Dylancyclone) made their
first contribution in
[https://github.com/jeffvli/feishin/pull/598](https://github.com/jeffvli/feishin/pull/598)

**Full Changelog**:
jeffvli/feishin@v0.6.1...v0.7.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDcuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM0OC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant