Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated a few vulnerable dependencies #27

Merged
merged 18 commits into from
Feb 23, 2022
Merged

Updated a few vulnerable dependencies #27

merged 18 commits into from
Feb 23, 2022

Conversation

GoliathLabs
Copy link
Member

Tested locally on my machine. No errors in the developer console or over at the dockerfiles' nginx

GoliathLabs and others added 18 commits February 5, 2022 22:09
@GoliathLabs
Added: default sass compiler
6e89a66
@GoliathLabs
Updated: node version to 14 in build-meshviewer
0ff5c4c
@GoliathLabs
Added: sass
946ea03
@GoliathLabs
Revert "Added: sass"
06a72d3 
This reverts commit 946ea03.
@GoliathLabs
Revert "Updated: node version to 14 in build-meshviewer"
bd25e24 
This reverts commit 0ff5c4c.
@GoliathLabs
Revert "Added: default sass compiler"
b47a6b2 
This reverts commit 6e89a66.
@dependabot
Bump copy-props from 2.0.4 to 2.0.5
83afe6a 
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases)
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md)
- [Commits](gulpjs/copy-props@2.0.4...2.0.5)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump lodash from 4.17.15 to 4.17.21
e23fe0a 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.15...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Merge pull request #9 from GoliathLabs/dependabot/npm_and_yarn/copy-p…
cf0722b 
…rops-2.0.5
@dependabot
Merge pull request #10 from GoliathLabs/dependabot/npm_and_yarn/lodas…
aae8cb4 
…h-4.17.21
@dependabot
Bump ini from 1.3.5 to 1.3.8
a725a57 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.8)

---
updated-dependencies:
- dependency-name: ini
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Merge pull request #11 from GoliathLabs/dependabot/npm_and_yarn/ini-1…
5c3edf9 
….3.8
@dependabot
Bump hosted-git-info from 2.8.5 to 2.8.9
d97943b 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.8.5...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump y18n from 3.2.1 to 3.2.2
1b722f6 
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@GoliathLabs
Merge pull request #13 from GoliathLabs/dependabot/npm_and_yarn/y18n-…
fd15c5b 
…3.2.2

Bump y18n from 3.2.1 to 3.2.2
@GoliathLabs
Merge pull request #12 from GoliathLabs/dependabot/npm_and_yarn/hoste…
9a3d75e 
…d-git-info-2.8.9

Bump hosted-git-info from 2.8.5 to 2.8.9
@dependabot
Bump ua-parser-js from 0.7.23 to 0.7.31
04a1d6b 
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.23 to 0.7.31.
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Commits](faisalman/ua-parser-js@0.7.23...0.7.31)

---
updated-dependencies:
- dependency-name: ua-parser-js
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Merge pull request #14 from GoliathLabs/dependabot/npm_and_yarn/ua-pa…
5194eb6 
…rser-js-0.7.31
T0biii
T0biii approved these changes Feb 7, 2022
View reviewed changes
Copy link
Member

@T0biii T0biii left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
btw: we have formed a new team: https://github.com/orgs/freifunkMUC/teams/meshviewer

@awlx
Copy link
Member

awlx commented Feb 23, 2022

@T0biii @GoliathLabs your team now has write access

@GoliathLabs GoliathLabs merged commit 696bdcb into freifunkMUC:main Feb 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@T0biii T0biii T0biii approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@GoliathLabs @awlx @T0biii