From 57ad6a4a44d376b04d48d5b23278b541263b8fe2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 21:56:32 +0000 Subject: [PATCH 1/6] chore: bump renovatebot/github-action from 40.3.1 to 40.3.3 Bumps [renovatebot/github-action](https://github.com/renovatebot/github-action) from 40.3.1 to 40.3.3. - [Release notes](https://github.com/renovatebot/github-action/releases) - [Changelog](https://github.com/renovatebot/github-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/renovatebot/github-action/compare/v40.3.1...v40.3.3) --- updated-dependencies: - dependency-name: renovatebot/github-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/test-containers.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-containers.yaml b/.github/workflows/test-containers.yaml index d76bd88e9..0ce5e0b5d 100644 --- a/.github/workflows/test-containers.yaml +++ b/.github/workflows/test-containers.yaml @@ -81,7 +81,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 - name: Self-hosted Renovate - uses: renovatebot/github-action@v40.3.1 + uses: renovatebot/github-action@v40.3.3 with: configurationFile: ./.github/renovate.json token: ${{ secrets.RENOVATE_GITHUB_TOKEN }} From 01be14b2ee51b45d41867459ff247e8960ff8ada Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 22:11:06 +0000 Subject: [PATCH 2/6] chore: bump actions/upload-artifact from 4.4.0 to 4.4.3 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 432a49d5b..8dac7f790 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -49,7 +49,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # tag=v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # tag=v4.4.3 with: name: SARIF file path: results.sarif From 6c01eb7e47031b1dfead4bbe617b1786d0afa988 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 22:35:19 +0000 Subject: [PATCH 3/6] chore: bump eslint-plugin-cypress from 3.5.0 to 3.6.0 in /app Bumps [eslint-plugin-cypress](https://github.com/cypress-io/eslint-plugin-cypress) from 3.5.0 to 3.6.0. - [Release notes](https://github.com/cypress-io/eslint-plugin-cypress/releases) - [Commits](https://github.com/cypress-io/eslint-plugin-cypress/compare/v3.5.0...v3.6.0) --- updated-dependencies: - dependency-name: eslint-plugin-cypress dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- app/package.json | 2 +- app/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/package.json b/app/package.json index dd883546d..4db4a14f8 100644 --- a/app/package.json +++ b/app/package.json @@ -149,7 +149,7 @@ "eslint-config-airbnb-typescript": "^17.0.0", "eslint-config-next": "^13.4.4", "eslint-config-prettier": "^9.1.0", - "eslint-plugin-cypress": "^3.5.0", + "eslint-plugin-cypress": "^3.6.0", "eslint-plugin-jest": "^28.8.3", "eslint-plugin-react-hooks": "^4.6.2", "eslint-plugin-relay": "^1.8.3", diff --git a/app/yarn.lock b/app/yarn.lock index a6665be2f..1e027b063 100644 --- a/app/yarn.lock +++ b/app/yarn.lock @@ -7798,10 +7798,10 @@ eslint-module-utils@^2.7.4: dependencies: debug "^3.2.7" -eslint-plugin-cypress@^3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-3.5.0.tgz#380ef5049ad80ebeca923db69e4aa96e72fcd893" - integrity sha512-JZQ6XnBTNI8h1B9M7wJSFzc48SYbh7VMMKaNTQOFa3BQlnmXPrVc4PKen8R+fpv6VleiPeej6VxloGb42zdRvw== +eslint-plugin-cypress@^3.6.0: + version "3.6.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-3.6.0.tgz#d0e2f68f27b9a34ecf565bef58ed82c8f10d39a8" + integrity sha512-7IAMcBbTVu5LpWeZRn5a9mQ30y4hKp3AfTz+6nSD/x/7YyLMoBI6X7XjDLYI6zFvuy4Q4QVGl563AGEXGW/aSA== dependencies: globals "^13.20.0" From f23f247830b68e88cb4a03a30453e290110bb54b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 23:02:14 +0000 Subject: [PATCH 4/6] chore: bump url from 0.11.3 to 0.11.4 in /app Bumps [url](https://github.com/defunctzombie/node-url) from 0.11.3 to 0.11.4. - [Commits](https://github.com/defunctzombie/node-url/compare/v0.11.3...v0.11.4) --- updated-dependencies: - dependency-name: url dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- app/package.json | 2 +- app/yarn.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/package.json b/app/package.json index 4db4a14f8..ad5d37520 100644 --- a/app/package.json +++ b/app/package.json @@ -108,7 +108,7 @@ "relay-runtime": "^13.2.0", "styled-components": "^5.3.5", "typography": "^0.16.21", - "url": "^0.11.3", + "url": "^0.11.4", "validator": "^13.12.0", "vscode-json-languageservice": "^5.4.1", "write-excel-file": "^2.0.2", diff --git a/app/yarn.lock b/app/yarn.lock index 1e027b063..717ad1e56 100644 --- a/app/yarn.lock +++ b/app/yarn.lock @@ -12313,7 +12313,7 @@ qs@6.11.0: dependencies: side-channel "^1.0.4" -qs@6.13.0, qs@^6.10.0, qs@^6.11.0, qs@^6.11.2: +qs@6.13.0, qs@^6.10.0, qs@^6.11.0, qs@^6.12.3: version "6.13.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== @@ -14125,13 +14125,13 @@ url-parse@^1.5.3: querystringify "^2.1.1" requires-port "^1.0.0" -url@^0.11.3: - version "0.11.3" - resolved "https://registry.yarnpkg.com/url/-/url-0.11.3.tgz#6f495f4b935de40ce4a0a52faee8954244f3d3ad" - integrity sha512-6hxOLGfZASQK/cijlZnZJTq8OXAkt/3YGfQX45vvMYXpZoo8NdWZcY73K108Jf759lS1Bv/8wXnHDTSz17dSRw== +url@^0.11.4: + version "0.11.4" + resolved "https://registry.yarnpkg.com/url/-/url-0.11.4.tgz#adca77b3562d56b72746e76b330b7f27b6721f3c" + integrity sha512-oCwdVC7mTuWiPyjLUz/COz5TLk6wgp0RCsN+wHZ2Ekneac9w8uuV0njcbbie2ME+Vs+d6duwmYuR3HgQXs1fOg== dependencies: punycode "^1.4.1" - qs "^6.11.2" + qs "^6.12.3" use-composed-ref@^1.0.0: version "1.3.0" From b2783ef2a3426d49caa93d0c8adac096e6d9ca43 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 23:18:38 +0000 Subject: [PATCH 5/6] chore: bump @testing-library/user-event from 14.4.3 to 14.5.2 in /app Bumps [@testing-library/user-event](https://github.com/testing-library/user-event) from 14.4.3 to 14.5.2. - [Release notes](https://github.com/testing-library/user-event/releases) - [Changelog](https://github.com/testing-library/user-event/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/user-event/compare/v14.4.3...v14.5.2) --- updated-dependencies: - dependency-name: "@testing-library/user-event" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- app/package.json | 2 +- app/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/package.json b/app/package.json index ad5d37520..8558ea451 100644 --- a/app/package.json +++ b/app/package.json @@ -121,7 +121,7 @@ "@testing-library/jest-dom": "^6.5.0", "@testing-library/react": "^14.1.2", "@testing-library/react-hooks": "^8.0.1", - "@testing-library/user-event": "^14.4.3", + "@testing-library/user-event": "^14.5.2", "@types/archiver": "^5.3.1", "@types/connect-pg-simple": "^7.0.0", "@types/convict": "^6.1.6", diff --git a/app/yarn.lock b/app/yarn.lock index 717ad1e56..cf32cf25e 100644 --- a/app/yarn.lock +++ b/app/yarn.lock @@ -4655,10 +4655,10 @@ "@testing-library/dom" "^9.0.0" "@types/react-dom" "^18.0.0" -"@testing-library/user-event@^14.4.3": - version "14.4.3" - resolved "https://registry.yarnpkg.com/@testing-library/user-event/-/user-event-14.4.3.tgz#af975e367743fa91989cd666666aec31a8f50591" - integrity sha512-kCUc5MEwaEMakkO5x7aoD+DLi02ehmEM2QCGWvNqAS1dV/fAvORWEjnjsEIvml59M7Y5kCkWN6fCCyPOe8OL6Q== +"@testing-library/user-event@^14.5.2": + version "14.5.2" + resolved "https://registry.yarnpkg.com/@testing-library/user-event/-/user-event-14.5.2.tgz#db7257d727c891905947bd1c1a99da20e03c2ebd" + integrity sha512-YAh82Wh4TIrxYLmfGcixwD18oIjyC1pFQC2Y01F2lzV2HTMiYrI0nze0FD0ocB//CKS/7jIUgae+adPqxK5yCQ== "@tootallnate/once@1": version "1.1.2" From c18e576544481408fb461dd262be5be2cc799601 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 23:35:05 +0000 Subject: [PATCH 6/6] chore: bump nodemon from 2.0.20 to 3.1.7 in /app Bumps [nodemon](https://github.com/remy/nodemon) from 2.0.20 to 3.1.7. - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](https://github.com/remy/nodemon/compare/v2.0.20...v3.1.7) --- updated-dependencies: - dependency-name: nodemon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- app/package.json | 2 +- app/yarn.lock | 43 ++++++++++++++----------------------------- 2 files changed, 15 insertions(+), 30 deletions(-) diff --git a/app/package.json b/app/package.json index 8558ea451..ee78f1425 100644 --- a/app/package.json +++ b/app/package.json @@ -162,7 +162,7 @@ "jest-environment-jsdom": "^28.1.0", "jest-extended": "^4.0.2", "jest-mock": "^29.7.0", - "nodemon": "^2.0.20", + "nodemon": "^3.1.7", "prettier": "^3.2.5", "react-dom": "^18.3.1", "relay-compiler": "^13.2.0", diff --git a/app/yarn.lock b/app/yarn.lock index cf32cf25e..1ef86c4d4 100644 --- a/app/yarn.lock +++ b/app/yarn.lock @@ -7100,7 +7100,7 @@ debug@2.6.9: dependencies: ms "2.0.0" -debug@4, "debug@>=3 <5", debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.4, debug@^4.3.7: +debug@4, "debug@>=3 <5", debug@^4, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.4, debug@^4.3.7: version "4.3.7" resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.7.tgz#87945b4151a011d76d95a198d7111c865c360a52" integrity sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ== @@ -11312,18 +11312,18 @@ node-releases@^2.0.3: resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.4.tgz#f38252370c43854dc48aa431c766c6c398f40476" integrity sha512-gbMzqQtTtDz/00jQzZ21PQzdI9PyLYqUSvD0p3naOhX4odFji0ZxYdnVwPTxmSwkmxhcFImpozceidSG+AgoPQ== -nodemon@^2.0.20: - version "2.0.20" - resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-2.0.20.tgz#e3537de768a492e8d74da5c5813cb0c7486fc701" - integrity sha512-Km2mWHKKY5GzRg6i1j5OxOHQtuvVsgskLfigG25yTtbyfRGn/GNvIbRyOf1PSCKJ2aT/58TiuUsuOU5UToVViw== +nodemon@^3.1.7: + version "3.1.7" + resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-3.1.7.tgz#07cb1f455f8bece6a499e0d72b5e029485521a54" + integrity sha512-hLj7fuMow6f0lbB0cD14Lz2xNjwsyruH251Pk4t/yIitCFJbmY1myuLlHm/q06aST4jg6EgAh74PIBBrRqpVAQ== dependencies: chokidar "^3.5.2" - debug "^3.2.7" + debug "^4" ignore-by-default "^1.0.1" minimatch "^3.1.2" pstree.remy "^1.1.8" - semver "^5.7.1" - simple-update-notifier "^1.0.7" + semver "^7.5.3" + simple-update-notifier "^2.0.0" supports-color "^5.5.0" touch "^3.1.0" undefsafe "^2.0.5" @@ -12983,26 +12983,11 @@ semver@7.x, semver@^7.3.2, semver@^7.3.5, semver@^7.3.7, semver@^7.3.8, semver@^ resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13" integrity sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w== -semver@^5.7.1: - version "5.7.1" - resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" - integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== - -semver@^6.0.0, semver@^6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" - integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== - -semver@^6.3.1: +semver@^6.0.0, semver@^6.3.0, semver@^6.3.1: version "6.3.1" resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== -semver@~7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e" - integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A== - send@0.18.0: version "0.18.0" resolved "https://registry.yarnpkg.com/send/-/send-0.18.0.tgz#670167cc654b05f5aa4a767f9113bb371bc706be" @@ -13158,12 +13143,12 @@ signal-exit@^4.0.1: resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-4.1.0.tgz#952188c1cbd546070e2dd20d0f41c0ae0530cb04" integrity sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw== -simple-update-notifier@^1.0.7: - version "1.0.7" - resolved "https://registry.yarnpkg.com/simple-update-notifier/-/simple-update-notifier-1.0.7.tgz#7edf75c5bdd04f88828d632f762b2bc32996a9cc" - integrity sha512-BBKgR84BJQJm6WjWFMHgLVuo61FBDSj1z/xSFUIozqO6wO7ii0JxCqlIud7Enr/+LhlbNI0whErq96P2qHNWew== +simple-update-notifier@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/simple-update-notifier/-/simple-update-notifier-2.0.0.tgz#d70b92bdab7d6d90dfd73931195a30b6e3d7cebb" + integrity sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w== dependencies: - semver "~7.0.0" + semver "^7.5.3" sinon@^16.1.3: version "16.1.3"