Conversation
dependabot
Bot
added
dataviewer
dependencies
dependabot
Bot
added
dataviewer
dependencies
Contributor
Dependency ReviewThe following issues were found:
Snapshot WarningsEnsure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice. License Issuesdata-management/viewer/frontend/package-lock.json
OpenSSF ScorecardScorecard details
Scanned Files
|
github-actions
Bot
changed the title
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Advisory Review Summary
- Surface:
dataviewer-frontend(npm,data-management/viewer/frontend/) - Ecosystems touched: npm (
package.json+package-lock.json) - Files changed:
data-management/viewer/frontend/package.json,data-management/viewer/frontend/package-lock.json
| Package | From | To | Severity | Surface |
|---|---|---|---|---|
@azure/msal-browser |
5.9.0 | 5.10.0 | None found | dataviewer-frontend |
@azure/msal-react |
5.3.2 | 5.4.0 | None found | dataviewer-frontend |
react |
19.2.5 | 19.2.6 | None found | dataviewer-frontend |
react-dom |
19.2.5 | 19.2.6 | None found | dataviewer-frontend |
react-is |
19.2.5 | 19.2.6 | None found | dataviewer-frontend |
vite |
8.0.10 | 8.0.11 | None found | dataviewer-frontend |
@azure/msal-browser
No GHSA or CVE advisories found for this bump. Source: GitHub Releases.
Release notes (5.9.0 → 5.10.0):
Minor version bump within v5. No ABI concerns for this surface. No peer-dep conflicts.
Validation Signal
- Deterministic CI:
PR Validation: in_progress:in_progress— CI has not completed. See run: PR Validation. Relevant check:Dataviewer Frontend Tests. - Static impact reasoning: Minor bump within same major; peer dependency on
reactis satisfied byreact@19.2.6. No high-risk triggers.
@azure/msal-react
No GHSA or CVE advisories found for this bump. Source: GitHub Releases.
Release notes (5.3.2 → 5.4.0):
- Bump
@azure/msal-browserto v5.10.0 (consistent with this PR)- Remove duplicate typings in build output (#8557)
Peer dependency on @azure/msal-browser resolves to v5.10.0 as bumped in the same PR. No conflicts.
Validation Signal
- Deterministic CI:
PR Validation: in_progress:in_progress. Relevant check:Dataviewer Frontend Tests. - Static impact reasoning: Minor bump within same major; peer dep chain is internally consistent.
react / react-dom / react-is
No GHSA or CVE advisories found. Source: GitHub Releases.
Release notes (19.2.5 → 19.2.6):
- React Server Components: type hardening and performance improvements (#36425 by
@eps1lonand@unstubbable)
Patch-only. No major version boundary crossed (remains at 19.x). react-is is a transitive peer dep of recharts in this project; patch alignment across all three packages is correct.
Validation Signal
- Deterministic CI:
PR Validation: in_progress:in_progress. Relevant check:Dataviewer Frontend Tests. - Static impact reasoning: Patch bump only; no breaking changes expected.
vite
No GHSA or CVE advisories found. Source: CHANGELOG.md.
Release notes (8.0.10 → 8.0.11):
Patch bump within Vite 8.x. No Vite major version boundary crossed.
Validation Signal
- Deterministic CI:
PR Validation: in_progress:in_progress. Relevant check:Dataviewer Frontend Tests. - Static impact reasoning: Patch bump only; rolldown update is internal to Vite's bundler pipeline and does not affect user-facing build output contracts.
Advisory verdict: COMMENT — All six bumps are minor/patch within their respective major versions; no GHSA/CVE advisories were found; no peer-dep conflicts detected. Verdict is COMMENT because PR Validation is still in progress (in_progress:in_progress) and the Dataviewer Frontend Tests check result is not yet available.
Note
🔒 Integrity filter blocked 1 item
The following item were blocked because they don't meet the GitHub integrity level.
- #630
pull_request_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
To allow these resources, lower min-integrity in your GitHub frontmatter:
tools:
github:
min-integrity: approved # merged | approved | unapproved | noneGenerated by AW Dependabot PR Review for issue #630 · ● 1M
Collaborator
|
@dependabot rebase |
…directory with 6 updates Bumps the dataviewer-frontend-patch-minor group with 6 updates in the /data-management/viewer/frontend directory: | Package | From | To | | --- | --- | --- | | [@azure/msal-browser](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `5.9.0` | `5.10.0` | | [@azure/msal-react](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `5.3.2` | `5.4.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.6` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.6` | | [react-is](https://github.com/facebook/react/tree/HEAD/packages/react-is) | `19.2.5` | `19.2.6` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.10` | `8.0.11` | Updates `@azure/msal-browser` from 5.9.0 to 5.10.0 - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases) - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-browser-v5.9.0...msal-browser-v5.10.0) Updates `@azure/msal-react` from 5.3.2 to 5.4.0 - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases) - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-react-v5.3.2...msal-react-v5.4.0) Updates `react` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react) Updates `react-dom` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom) Updates `react-is` from 19.2.5 to 19.2.6 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-is) Updates `vite` from 8.0.10 to 8.0.11 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.11/packages/vite) --- updated-dependencies: - dependency-name: "@azure/msal-browser" dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: "@azure/msal-react" dependency-version: 5.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: react dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: react-dom dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: react-is dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: vite dependency-version: 8.0.11 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
changed the title
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/data-management/viewer/frontend/dataviewer-frontend-patch-minor-fad6e6d4de
branch
from
29c0e33 to
dbf57f1
Compare
Contributor
There was a problem hiding this comment.
Advisory Review Summary
Surfaces touched: dataviewer-frontend (data-management/viewer/frontend/)
Files changed: package.json, package-lock.json
| Package | From | To | Severity | Surface |
|---|---|---|---|---|
@azure/msal-browser |
5.9.0 | 5.10.0 | None | dataviewer-frontend |
@azure/msal-react |
5.3.2 | 5.4.0 | None | dataviewer-frontend |
react |
19.2.5 | 19.2.6 | None | dataviewer-frontend |
react-dom |
19.2.5 | 19.2.6 | None | dataviewer-frontend |
react-is |
19.2.5 | 19.2.6 | None | dataviewer-frontend |
vite |
8.0.10 | 8.0.11 | None | dataviewer-frontend |
@azure/msal-browser 5.9.0 → 5.10.0
Advisory: No GHSA or CVE identifiers present. No published security advisory found for this bump.
Release notes highlights (5.10.0, 2026-05-07):
Source: MSAL.js releases
Risk notes: Minor version bump within same major (v5). No breaking changes noted. The @azure/msal-react companion package is bumped in the same PR, maintaining version alignment.
Validation Signal
Deterministic CI: PR Validation: in_progress:in_progress
Relevant check run: Dataviewer Frontend Tests — status not yet available.
CI run: PR Validation
Static impact reasoning: Minor bump; no major React, Vite, TypeScript, or Tailwind version boundary crossed. No peer-dep conflicts expected — react remains at 19.x, vite at 8.x, typescript at 6.x, tailwindcss at 4.x.
@azure/msal-react 5.3.2 → 5.4.0
Advisory: No GHSA or CVE identifiers present.
Risk notes: Minor bump. Peer dependency on @azure/msal-browser is satisfied by the co-bumped 5.10.0. No cross-major boundary.
Validation Signal
Deterministic CI: Pending — see above.
Static impact reasoning: Co-bumped with @azure/msal-browser; version alignment maintained within the MSAL.js v5 line.
react / react-dom / react-is 19.2.5 → 19.2.6
Advisory: No GHSA or CVE identifiers present.
Release notes: Patch release in the React 19.2.x line. No breaking changes or security notices.
Source: React releases
Risk notes: Patch bump within React 19.x. No peer-dep or ABI impact.
Validation Signal
Deterministic CI: Pending — see above.
Static impact reasoning: All three packages (react, react-dom, react-is) move in lock-step on the same patch version. No major boundary crossed.
vite 8.0.10 → 8.0.11
Advisory: No GHSA or CVE identifiers present.
Risk notes: Patch bump within Vite 8.x. No major boundary crossed; @vitejs/plugin-react remains at 6.0.1 which is compatible with Vite 8.x.
Validation Signal
Deterministic CI: Pending — see above.
Static impact reasoning: Patch release; no breaking Vite API changes expected. Build pipeline unaffected.
Advisory verdict: COMMENT — CI validation is still in progress (in_progress:in_progress); no adverse advisory findings on any of the six bumped packages. All are patch or minor bumps within established major version lines with no peer-dep conflicts. Once Dataviewer Frontend Tests passes, this PR can be merged at maintainer discretion.
Note
🔒 Integrity filter blocked 1 item
The following item was blocked because it doesn't meet the GitHub integrity level.
- #630
pull_request_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
To allow these resources, lower min-integrity in your GitHub frontmatter:
tools:
github:
min-integrity: approved # merged | approved | unapproved | noneGenerated by AW Dependabot PR Review for issue #630 · ● 573.9K
katriendg
approved these changes
May 8, 2026
dependabot
Bot
deleted the
dependabot/npm_and_yarn/data-management/viewer/frontend/dataviewer-frontend-patch-minor-fad6e6d4de
branch
WilliamBerryiii
pushed a commit
that referenced
this pull request
May 8, 2026
🤖 I have created a release *beep* *boop* --- ## [0.8.0](v0.7.4...v0.8.0) (2026-05-08) ### ⚠ BREAKING CHANGES * **dataviewer:** bump frontend stack to React 19, Vite 8, Tailwind v4, MSAL 5, ESLint 10 ([#524](#524)) ### ✨ Features * **agents:** add automated validation for high-risk Dependabot bumps ([#574](#574)) ([8c3686a](8c3686a)), closes [#573](#573) * **data:** add camera selector to annotation workspace and fix AV1 frame extraction ([#591](#591)) ([c809d2f](c809d2f)) * **data:** seed dataviewer frontend test foundation and per-section codecov flags ([#594](#594)) ([c06c4e3](c06c4e3)) * **dataviewer:** add OWASP security middleware stack ([#439](#439)) ([239edb9](239edb9)) * **infrastructure:** add conversion pipeline Terraform module ([#542](#542)) ([244531e](244531e)) * **infrastructure:** upgrade OSMO to chart 1.2.1 / image 6.2 with secure auth and skrl 2.0.0 compatibility ([#492](#492)) ([edfd7a5](edfd7a5)) * **pipeline:** add ACSA setup for ROS2 bag sync to Blob ([#451](#451)) ([c271a54](c271a54)) * **workflows:** add advisory Dependabot PR reviewer agentic workflow ([#498](#498)) ([d4bb140](d4bb140)) * **workflows:** trigger AW Dependabot PR reviewer after PR Validation ([#580](#580)) ([7ab3d16](7ab3d16)) ### 🐛 Bug Fixes * **ci:** correct stale version comment for actions/create-github-app-token ([#506](#506)) ([b2e9a54](b2e9a54)) * **ci:** restore data-pipeline and training broken tests by domain folder restructure ([#547](#547)) ([06d8472](06d8472)) * **docs:** update remaining stale 'Coming soon' labels in docs/README.md ([#507](#507)) ([02439d6](02439d6)) * **docs:** update stale coming soon label for Training section ([#472](#472)) ([46db49b](46db49b)) * **evaluation:** scope SIL AzureML validation code path and script reference ([#387](#387)) ([9f138a9](9f138a9)) * **infrastructure:** OSMO workflow execution, PostgreSQL public access, and quickstart corrections ([#477](#477)) ([9ed2da6](9ed2da6)) * **scripts:** exclude CHANGELOG.md from changed-files msdate check ([#644](#644)) ([8133bdc](8133bdc)) * **workflows:** allow dependabot[bot] to activate AW Dependabot PR Review ([#586](#586)) ([39dc022](39dc022)) * **workflows:** correct branches filter on AW Dependabot PR Review workflow_run trigger ([#584](#584)) ([fe06b52](fe06b52)) * **workflows:** normalize validate.yaml placeholder env/compute values ([#510](#510)) ([340ff44](340ff44)) * **workflows:** recompile aw-dependabot-pr-review lock file ([#576](#576)) ([d77c167](d77c167)) * **workflows:** switch AW Dependabot PR Review to pull_request_target ([#589](#589)) ([3f1edd1](3f1edd1)) ### 📚 Documentation * **docs:** Fix deployment guide links ([#614](#614)) ([0070b04](0070b04)) * document dependency-pinning-artifacts directory purpose ([#508](#508)) ([50e0010](50e0010)) ### 📦 Build System * **training:** standardize on Python 3.12 across manifests, containers, and runtime scripts ([#541](#541)) ([7ad014a](7ad014a)) ### 🔧 Operations * **build:** add Copilot cloud agent setup-steps workflow ([#593](#593)) ([c912668](c912668)) ### 🔧 Miscellaneous * **build:** exclude auto-generated CHANGELOG.md from cspell and seed dictionary ([#582](#582)) ([de1dd57](de1dd57)) * **build:** redesign codecov flags and split pytest CI per component ([#520](#520)) ([357e745](357e745)) * **dataviewer:** bump frontend stack to React 19, Vite 8, Tailwind v4, MSAL 5, ESLint 10 ([#524](#524)) ([50f8ad4](50f8ad4)) * **dataviewer:** repoint stale src/dataviewer references to data-management/viewer ([#504](#504)) ([88fa1b4](88fa1b4)), closes [#503](#503) * **deps-dev:** bump basic-ftp from 5.3.0 to 5.3.1 ([#618](#618)) ([ca10f2a](ca10f2a)) * **deps-dev:** bump globals from 15.15.0 to 17.5.0 in /data-management/viewer/frontend ([#527](#527)) ([0e0b2ae](0e0b2ae)) * **deps-dev:** bump ip-address from 10.1.0 to 10.2.0 ([#616](#616)) ([816c9cf](816c9cf)) * **deps-dev:** bump lint-staged from 16.4.0 to 17.0.2 in the root-npm-dependencies group across 1 directory ([#626](#626)) ([0e2f293](0e2f293)) * **deps-dev:** bump pydantic from 2.13.3 to 2.13.4 in the python-dependencies group across 1 directory ([#629](#629)) ([c24f1c1](c24f1c1)) * **deps-dev:** bump the python-dependencies group across 1 directory with 2 updates ([#514](#514)) ([8410f4b](8410f4b)) * **deps:** bump azure-core from 1.39.0 to 1.40.0 in /evaluation in the inference-dependencies group across 1 directory ([#597](#597)) ([6141db4](6141db4)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /data-management/viewer ([#424](#424)) ([5fb6d58](5fb6d58)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /data-management/viewer/backend ([#423](#423)) ([b516ad5](b516ad5)) * **deps:** bump lucide-react from 0.469.0 to 1.8.0 in /data-management/viewer/frontend ([#528](#528)) ([1bdfc1e](1bdfc1e)) * **deps:** bump nginx from `8aa63af` to `5616878` in /data-management/viewer/frontend ([#511](#511)) ([9e7e20e](9e7e20e)) * **deps:** bump nginx from 1.27-alpine to 1.29-alpine in /data-management/viewer/frontend ([#484](#484)) ([0e5c3dd](0e5c3dd)) * **deps:** bump node from `435f353` to `e49fd70` in /data-management/viewer/frontend ([#560](#560)) ([2884649](2884649)) * **deps:** bump react-is from 18.3.1 to 19.2.5 in /data-management/viewer/frontend ([#530](#530)) ([d51318c](d51318c)) * **deps:** bump tensordict from 0.11.0 to 0.12.1 in /evaluation in the inference-dependencies group across 1 directory ([#456](#456)) ([b24e733](b24e733)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 2 updates ([#531](#531)) ([171a1da](171a1da)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 5 updates ([#516](#516)) ([4f9a577](4f9a577)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 5 updates ([#602](#602)) ([6c27ab5](6c27ab5)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 2 updates ([#529](#529)) ([8646971](8646971)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 3 updates ([#601](#601)) ([d28fb50](d28fb50)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 3 updates ([#632](#632)) ([4ca5f3e](4ca5f3e)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 5 updates ([#515](#515)) ([109ee81](109ee81)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 6 updates ([#630](#630)) ([04d5dfd](04d5dfd)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 9 updates ([#563](#563)) ([c08f450](c08f450)) * **deps:** bump the docusaurus-dependencies group across 1 directory with 4 updates ([#627](#627)) ([f5825fc](f5825fc)) * **deps:** bump the docusaurus-dependencies group across 1 directory with 6 updates ([#599](#599)) ([b859344](b859344)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#459](#459)) ([2609c52](2609c52)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#517](#517)) ([f54bf5d](f54bf5d)) * **deps:** bump the inference-dependencies group across 1 directory with 11 updates ([#562](#562)) ([087f53a](087f53a)) * **deps:** bump the inference-dependencies group across 1 directory with 2 updates ([#628](#628)) ([4a3be47](4a3be47)) * **deps:** bump the pip group across 2 directories with 1 update ([#494](#494)) ([a14b6b0](a14b6b0)) * **docs:** update stale Python 3.11 references to 3.12 ([#575](#575)) ([6f85c95](6f85c95)) * **scripts:** remove redundant SC1091 disables in OSMO deploy scripts ([#509](#509)) ([ae1cb82](ae1cb82)) ### 🔒 Security * **build:** pin dependencies and hash-verify downloads ([#465](#465)) ([0289f49](0289f49)) * **build:** remediate dependency security advisories ([#479](#479)) ([7196d6d](7196d6d)) * **deps-dev:** bump basic-ftp from 5.2.1 to 5.2.2 ([#454](#454)) ([cb158f1](cb158f1)) * **deps-dev:** bump basic-ftp from 5.2.2 to 5.3.0 ([#495](#495)) ([e983b8b](e983b8b)) * **deps-dev:** bump hypothesis from 6.152.3 to 6.152.4 in the python-dependencies group ([#598](#598)) ([83384d2](83384d2)) * **deps-dev:** bump markdownlint-cli2 from 0.22.0 to 0.22.1 in the root-npm-dependencies group ([#559](#559)) ([32bde35](32bde35)) * **deps-dev:** bump picomatch from 2.3.1 to 2.3.2 in /docs/docusaurus ([#455](#455)) ([66f86ca](66f86ca)) * **deps-dev:** bump postcss from 8.5.10 to 8.5.12 in /data-management/viewer/frontend ([#569](#569)) ([a652dba](a652dba)) * **deps-dev:** bump the python-dependencies group with 2 updates ([#457](#457)) ([749d231](749d231)) * **deps-dev:** bump the python-dependencies group with 2 updates ([#485](#485)) ([71b44fd](71b44fd)) * **deps-dev:** bump the python-dependencies group with 3 updates ([#564](#564)) ([9fc52fd](9fc52fd)) * **deps-dev:** bump typescript from 6.0.2 to 6.0.3 in /docs/docusaurus in the docusaurus-dependencies group ([#513](#513)) ([5694dbc](5694dbc)) * **deps:** bump azureml/openmpi4.1.0-ubuntu22.04 from 20260303.v5 to 20260409.v4 in /evaluation/sil/docker ([#480](#480)) ([25d4df8](25d4df8)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /evaluation in the uv group across 1 directory ([#538](#538)) ([92c5b2e](92c5b2e)) * **deps:** bump diffusers from 0.35.2 to 0.38.0 in /training/il/lerobot ([#638](#638)) ([6261d19](6261d19)) * **deps:** bump follow-redirects from 1.15.11 to 1.16.0 in /docs/docusaurus ([#469](#469)) ([0458908](0458908)) * **deps:** bump gitpython and mako for lerobot IL training ([#623](#623)) ([9f8022b](9f8022b)) * **deps:** bump node from 24.14.1-slim to 25.9.0-slim in /data-management/viewer/frontend ([#482](#482)) ([1532d09](1532d09)) * **deps:** bump packaging from 26.0 to 26.1 in /evaluation in the inference-dependencies group ([#483](#483)) ([f4afb6c](f4afb6c)) * **deps:** bump pillow from 12.1.1 to 12.2.0 ([#467](#467)) ([39fb663](39fb663)) * **deps:** bump python from 3.11-slim to 3.14-slim in /data-management/viewer/backend ([#481](#481)) ([7af9dfc](7af9dfc)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 15 updates ([#428](#428)) ([e4446a2](e4446a2)) * **deps:** bump the dataviewer-backend-dependencies group in /data-management/viewer/backend with 4 updates ([#487](#487)) ([0f57c5b](0f57c5b)) * **deps:** bump the dataviewer-backend-dependencies group in /data-management/viewer/backend with 8 updates ([#566](#566)) ([d6e7869](d6e7869)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 5 updates ([#464](#464)) ([24c208d](24c208d)) * **deps:** bump the dataviewer-dependencies group in /data-management/viewer with 2 updates ([#486](#486)) ([90149f3](90149f3)) * **deps:** bump the dataviewer-dependencies group in /data-management/viewer with 6 updates ([#565](#565)) ([f0bb36b](f0bb36b)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 10 updates ([#613](#613)) ([e481f83](e481f83)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#534](#534)) ([5478ab6](5478ab6)) * **deps:** bump the github-actions group with 2 updates ([#488](#488)) ([4e6ce98](4e6ce98)) * **deps:** bump the github-actions group with 3 updates ([#567](#567)) ([48c38dc](48c38dc)) * **deps:** bump the github-actions group with 3 updates ([#634](#634)) ([00cfb49](00cfb49)) * **deps:** bump the github-actions group with 6 updates ([#603](#603)) ([73eb79a](73eb79a)) * **deps:** bump the training-dependencies group across 1 directory with 23 updates ([#463](#463)) ([d5a8656](d5a8656)) * **deps:** bump yaml from 2.8.2 to 2.8.3 in /data-management/viewer/frontend ([#453](#453)) ([10449df](10449df)) * pytest harness, dependabot advisories, and OSSF Scorecard remediations ([#501](#501)) ([e8756e8](e8756e8)) * **scripts:** pin and hash-verify all shell script downloads ([#468](#468)) ([0c2bb9c](0c2bb9c)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: physical-ai-toolchain-release[bot] <267194360+physical-ai-toolchain-release[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the dataviewer-frontend-patch-minor group with 6 updates in the /data-management/viewer/frontend directory:
5.9.05.10.05.3.25.4.019.2.519.2.619.2.519.2.619.2.519.2.68.0.108.0.11Updates
@azure/msal-browserfrom 5.9.0 to 5.10.0Release notes
Sourced from @azure/msal-browser's releases.
Commits
b4e498cStop looking in localStorage for temporary cache (#8579)1b261b4Bump uuid and@actions/corein /.github/actions/issue_template_bot (#8571)1d8d2aeUpdate docs with popup closure detection and interaction status details (#8580)bd7b6c4Use local e2eTestUtils path for samples (#8578)64b3278Add MSAL client metadata headers to IMDS managed identity requests (#8529)45bb72cRestore NativeAuthSample app, e2e tests, and 3p-e2e pipeline (re-apply #8176,...b79cadcDedupe build output (#8557)644ab48Post-release PR (#8574)Updates
@azure/msal-reactfrom 5.3.2 to 5.4.0Release notes
Sourced from @azure/msal-react's releases.
Commits
b4e498cStop looking in localStorage for temporary cache (#8579)1b261b4Bump uuid and@actions/corein /.github/actions/issue_template_bot (#8571)1d8d2aeUpdate docs with popup closure detection and interaction status details (#8580)bd7b6c4Use local e2eTestUtils path for samples (#8578)64b3278Add MSAL client metadata headers to IMDS managed identity requests (#8529)45bb72cRestore NativeAuthSample app, e2e tests, and 3p-e2e pipeline (re-apply #8176,...b79cadcDedupe build output (#8557)644ab48Post-release PR (#8574)Updates
reactfrom 19.2.5 to 19.2.6Release notes
Sourced from react's releases.
Commits
eaf3e95Version 19.2.6Updates
react-domfrom 19.2.5 to 19.2.6Release notes
Sourced from react-dom's releases.
Commits
eaf3e95Version 19.2.6Updates
react-isfrom 19.2.5 to 19.2.6Release notes
Sourced from react-is's releases.
Commits
eaf3e95Version 19.2.6Updates
vitefrom 8.0.10 to 8.0.11Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
Commits
66f3194release: v8.0.115c0cfcbfix(deps): update all non-major dependencies (#22382)555ff36chore(deps): update rolldown-related dependencies (#22383)b31fd35refactor: remove unnecessary async (#22296)3c8bf06refactor: devtools integration (#22312)7c2aa3bfix: make separate object instance for each environment (#22276)3f80524feat: update rolldown to 1.0.0-rc.18 (#22360)0c162e9refactor: show direct path type in bad character warning (#22339)672c962fix(deps): update all non-major dependencies (#22334)30028f9fix(glob): align hmr matcher options with glob enumeration (#22306)