Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade: , , , applicationinsights, govuk-frontend, moment, sequelize #36

Closed

Conversation

johnwatson484
Copy link
Member

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@azure/identity
from 3.3.0 to 3.4.2 | 14 versions ahead of your current version | 8 months ago
on 2024-01-24
@hapi/hoek
from 11.0.2 to 11.0.4 | 2 versions ahead of your current version | 9 months ago
on 2023-12-05
@hapi/hapi
from 21.3.2 to 21.3.10 | 8 versions ahead of your current version | 3 months ago
on 2024-06-12
applicationinsights
from 2.1.8 to 2.9.6 | 29 versions ahead of your current version | a month ago
on 2024-08-15
govuk-frontend
from 3.14.0 to 3.15.0 | 1 version ahead of your current version | 7 months ago
on 2024-02-05
moment
from 2.29.4 to 2.30.1 | 2 versions ahead of your current version | 9 months ago
on 2023-12-27
sequelize
from 6.33.0 to 6.37.3 | 9 versions ahead of your current version | 5 months ago
on 2024-04-13

Release notes
Package name: @hapi/hoek from @hapi/hoek GitHub release notes
Package name: @hapi/hapi from @hapi/hapi GitHub release notes
Package name: govuk-frontend
  • 3.15.0 - 2024-02-05

    This release includes the ability to update the crown logo. You must do this between 19 February and 1 March 2024.

    We’ll send reminders to our mailing list and cross-government Slack as soon as you can make this change.

    New features

    Update to the new GOV.UK logo (between 19 February and 1 March 2024)

    We’ve updated the GOV.UK logo to reflect the changing of the monarch. King Charles III uses the Tudor Crown, rather than the St Edward’s Crown chosen by Queen Elizabeth II.

    If your service uses GOV.UK branding, you must update your service to use the new crown.

    These changes were made in the following pull requests:

    Include the new logo assets

    Multiple new image assets are included in this release. You will need to copy these to your service's image assets folder if they are not being used directly from the Frontend package. By default this folder is located at /assets/images.

    If you are using Nunjucks, the asset path may have been changed by the assetPath global variable or assetsPath parameter on the header component.

    Copy the following files from /dist/assets/images into your assets folder. Any images with the same name as an existing image can be safely overwritten.

    • favicon.ico
    • govuk-apple-touch-icon-152x152.png
    • govuk-apple-touch-icon-167x167.png
    • govuk-apple-touch-icon-180x180.png
    • govuk-apple-touch-icon.png
    • govuk-logotype-tudor-crown.png
    • govuk-mask-icon.svg
    • govuk-opengraph-image.png
    Update the logo in the header of your page

    If you are using the govukHeader Nunjucks macro in your service, add the useTudorCrown parameter to the macro instantiation.

    {{ govukHeader({
      ...
      useTudorCrown: true
    }) }}

    If you are not using the Nunjucks macro, locate the HTML for the existing crown and replace it with this updated HTML. Make sure the URL for the new PNG fallback image is correct.

    <!--[if gt IE 8]><!-->
    <svg
      aria-hidden="true"
      focusable="false"
      class="govuk-header__logotype-crown"
      xmlns="http://www.w3.org/2000/svg"
      viewBox="0 0 32 30"
      height="30"
      width="32"
    >
      <path
        fill="currentColor" fill-rule="evenodd"
        d="M22.6 10.4c-1 .4-2-.1-2.4-1-.4-.9.1-2 1-2.4.9-.4 2 .1 2.4 1s-.1 2-1 2.4m-5.9 6.7c-.9.4-2-.1-2.4-1-.4-.9.1-2 1-2.4.9-.4 2 .1 2.4 1s-.1 2-1 2.4m10.8-3.7c-1 .4-2-.1-2.4-1-.4-.9.1-2 1-2.4.9-.4 2 .1 2.4 1s0 2-1 2.4m3.3 4.8c-1 .4-2-.1-2.4-1-.4-.9.1-2 1-2.4.9-.4 2 .1 2.4 1s-.1 2-1 2.4M17 4.7l2.3 1.2V2.5l-2.3.7-.2-.2.9-3h-3.4l.9 3-.2.2c-.1.1-2.3-.7-2.3-.7v3.4L15 4.7c.1.1.1.2.2.2l-1.3 4c-.1.2-.1.4-.1.6 0 1.1.8 2 1.9 2.2h.7c1-.2 1.9-1.1 1.9-2.1 0-.2 0-.4-.1-.6l-1.3-4c-.1-.2 0-.2.1-.3m-7.6 5.7c.9.4 2-.1 2.4-1 .4-.9-.1-2-1-2.4-.9-.4-2 .1-2.4 1s0 2 1 2.4m-5 3c.9.4 2-.1 2.4-1 .4-.9-.1-2-1-2.4-.9-.4-2 .1-2.4 1s.1 2 1 2.4m-3.2 4.8c.9.4 2-.1 2.4-1 .4-.9-.1-2-1-2.4-.9-.4-2 .1-2.4 1s0 2 1 2.4m14.8 11c4.4 0 8.6.3 12.3.8 1.1-4.5 2.4-7 3.7-8.8l-2.5-.9c.2 1.3.3 1.9 0 2.7-.4-.4-.8-1.1-1.1-2.3l-1.2 4c.7-.5 1.3-.8 2-.9-1.1 2.5-2.6 3.1-3.5 3-1.1-.2-1.7-1.2-1.5-2.1.3-1.2 1.5-1.5 2.1-.1 1.1-2.3-.8-3-2-2.3 1.9-1.9 2.1-3.5.6-5.6-2.1 1.6-2.1 3.2-1.2 5.5-1.2-1.4-3.2-.6-2.5 1.6.9-1.4 2.1-.5 1.9.8-.2 1.1-1.7 2.1-3.5 1.9-2.7-.2-2.9-2.1-2.9-3.6.7-.1 1.9.5 2.9 1.9l.4-4.3c-1.1 1.1-2.1 1.4-3.2 1.4.4-1.2 2.1-3 2.1-3h-5.4s1.7 1.9 2.1 3c-1.1 0-2.1-.2-3.2-1.4l.4 4.3c1-1.4 2.2-2 2.9-1.9-.1 1.5-.2 3.4-2.9 3.6-1.9.2-3.4-.8-3.5-1.9-.2-1.3 1-2.2 1.9-.8.7-2.3-1.2-3-2.5-1.6.9-2.2.9-3.9-1.2-5.5-1.5 2-1.3 3.7.6 5.6-1.2-.7-3.1 0-2 2.3.6-1.4 1.8-1.1 2.1.1.2.9-.3 1.9-1.5 2.1-.9.2-2.4-.5-3.5-3 .6 0 1.2.3 2 .9l-1.2-4c-.3 1.1-.7 1.9-1.1 2.3-.3-.8-.2-1.4 0-2.7l-2.9.9C1.3 23 2.6 25.5 3.7 30c3.7-.5 7.9-.8 12.3-.8"></path>
    </svg>
    <!--<![endif]-->
    <!--[if IE 8]>
    <img src="/assets/images/govuk-logotype-tudor-crown.png" class="govuk-header__logotype-crown-fallback-image" width="32" height="30" alt="">
    <![endif]-->
  • 3.14.0 - 2021-10-04
from govuk-frontend GitHub release notes
Package name: moment from moment GitHub release notes
Package name: sequelize
  • 6.37.3 - 2024-04-13

    6.37.3 (2024-04-13)

    Bug Fixes

    • postgres: use schema for foreign key constrains of a table (#17099) (6aba382)
  • 6.37.2 - 2024-03-29

    6.37.2 (2024-03-29)

    Bug Fixes

    • add readOnly to the transaction options types and docs (#17226) (7c8972f)
  • 6.37.1 - 2024-02-18

    6.37.1 (2024-02-18)

    Bug Fixes

    • types: Add definition of returning in SaveOptions. (#16954) (505467b)
  • 6.37.0 - 2024-02-11

    6.37.0 (2024-02-11)

    Features

    • postgres: support connectionTimeoutMillis dialectOption (#14119) (e81200e)
  • 6.36.0 - 2024-02-02
  • 6.35.2 - 2023-12-11
  • 6.35.1 - 2023-11-19
  • 6.35.0 - 2023-11-12
  • 6.34.0 - 2023-11-03
  • 6.33.0 - 2023-09-08
from sequelize GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade:
  - @azure/identity from 3.3.0 to 3.4.2.
    See this package in npm: https://www.npmjs.com/package/@azure/identity
  - @hapi/hoek from 11.0.2 to 11.0.4.
    See this package in npm: https://www.npmjs.com/package/@hapi/hoek
  - @hapi/hapi from 21.3.2 to 21.3.10.
    See this package in npm: https://www.npmjs.com/package/@hapi/hapi
  - applicationinsights from 2.1.8 to 2.9.6.
    See this package in npm: https://www.npmjs.com/package/applicationinsights
  - govuk-frontend from 3.14.0 to 3.15.0.
    See this package in npm: https://www.npmjs.com/package/govuk-frontend
  - moment from 2.29.4 to 2.30.1.
    See this package in npm: https://www.npmjs.com/package/moment
  - sequelize from 6.33.0 to 6.37.3.
    See this package in npm: https://www.npmjs.com/package/sequelize

See this project in Snyk:
https://app.snyk.io/org/defra-ffc/project/10f0bab1-838c-438d-a135-d4e335039692?utm_source=github&utm_medium=referral&page=upgrade-pr
@johnwatson484 johnwatson484 deleted the snyk-upgrade-b035e648bc4773a2f4856ff29e44eb0d branch September 20, 2024 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants