This repository has been archived by the owner on Mar 23, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 33
Bump urijs from 1.19.2 to 1.19.3 in /tests #3438
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.2 to 1.19.3. - [Release notes](https://github.com/medialize/URI.js/releases) - [Changelog](https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md) - [Commits](medialize/URI.js@v1.19.2...v1.19.3) Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
Pull requests that update a dependency file
label
Dec 20, 2020
bors r+ |
bors bot
added a commit
that referenced
this pull request
Dec 20, 2020
3435: Bump rand from 0.7.3 to 0.8.0 r=mergify[bot] a=dependabot[bot] Bumps [rand](https://github.com/rust-random/rand) from 0.7.3 to 0.8.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand's changelog</a>.</em></p> <blockquote> <h2>[0.8.0] - 2020-12-18</h2> <h3>Platform support</h3> <ul> <li>The minimum supported Rust version is now 1.36 (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1011">#1011</a>)</li> <li><code>getrandom</code> updated to v0.2 (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1041">#1041</a>)</li> <li>Remove <code>wasm-bindgen</code> and <code>stdweb</code> feature flags. For details of WASM support, see the <a href="https://docs.rs/getrandom/latest">getrandom documentation</a>. (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/948">#948</a>)</li> <li><code>ReadRng::next_u32</code> and <code>next_u64</code> now use little-Endian conversion instead of native-Endian, affecting results on Big-Endian platforms (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1061">#1061</a>)</li> <li>The <code>nightly</code> feature no longer implies the <code>simd_support</code> feature (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1048">#1048</a>)</li> <li>Fix <code>simd_support</code> feature to work on current nightlies (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1056">#1056</a>)</li> </ul> <h3>Rngs</h3> <ul> <li><code>ThreadRng</code> is no longer <code>Copy</code> to enable safe usage within thread-local destructors (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1035">#1035</a>)</li> <li><code>gen_range(a, b)</code> was replaced with <code>gen_range(a..b)</code>. <code>gen_range(a..=b)</code> is also supported. Note that <code>a</code> and <code>b</code> can no longer be references or SIMD types. (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/744">#744</a>, <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1003">#1003</a>)</li> <li>Replace <code>AsByteSliceMut</code> with <code>Fill</code> and add support for <code>[bool], [char], [f32], [f64]</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/940">#940</a>)</li> <li>Restrict <code>rand::rngs::adapter</code> to <code>std</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1027">#1027</a>; see also <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/928">#928</a>)</li> <li><code>StdRng</code>: add new <code>std_rng</code> feature flag (enabled by default, but might need to be used if disabling default crate features) (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/948">#948</a>)</li> <li><code>StdRng</code>: Switch from ChaCha20 to ChaCha12 for better performance (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1028">#1028</a>)</li> <li><code>SmallRng</code>: Replace PCG algorithm with xoshiro{128,256}++ (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1038">#1038</a>)</li> </ul> <h3>Sequences</h3> <ul> <li>Add <code>IteratorRandom::choose_stable</code> as an alternative to <code>choose</code> which does not depend on size hints (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1057">#1057</a>)</li> <li>Improve accuracy and performance of <code>IteratorRandom::choose</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1059">#1059</a>)</li> <li>Implement <code>IntoIterator</code> for <code>IndexVec</code>, replacing the <code>into_iter</code> method (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1007">#1007</a>)</li> <li>Add value stability tests for <code>seq</code> module (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/933">#933</a>)</li> </ul> <h3>Misc</h3> <ul> <li>Support <code>PartialEq</code> and <code>Eq</code> for <code>StdRng</code>, <code>SmallRng</code> and <code>StepRng</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/979">#979</a>)</li> <li>Added a <code>serde1</code> feature and added Serialize/Deserialize to <code>UniformInt</code> and <code>WeightedIndex</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/974">#974</a>)</li> <li>Drop some unsafe code (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/962">#962</a>, <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/963">#963</a>, <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1011">#1011</a>)</li> <li>Reduce packaged crate size (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/983">#983</a>)</li> <li>Migrate to GitHub Actions from Travis+AppVeyor (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1073">#1073</a>)</li> </ul> <h3>Distributions</h3> <ul> <li><code>Alphanumeric</code> samples bytes instead of chars (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/935">#935</a>)</li> <li><code>Uniform</code> now supports <code>char</code>, enabling <code>rng.gen_range('A'..='Z')</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1068">#1068</a>)</li> <li>Add <code>UniformSampler::sample_single_inclusive</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1003">#1003</a>)</li> </ul> <h4>Weighted sampling</h4> <ul> <li>Implement weighted sampling without replacement (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/976">#976</a>, <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1013">#1013</a>)</li> <li><code>rand::distributions::alias_method::WeightedIndex</code> was moved to <code>rand_distr::WeightedAliasIndex</code>. The simpler alternative <code>rand::distribution::WeightedIndex</code> remains. (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/945">#945</a>)</li> <li>Improve treatment of rounding errors in <code>WeightedIndex::update_weights</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/956">#956</a>)</li> <li><code>WeightedIndex</code>: return error on NaN instead of panic (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1005">#1005</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Document types supported by <code>random</code> (<a href="https://github-redirect.dependabot.com/rust-random/rand/issues/994">#994</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/98a1aaf28e7bc272c12796d96401c177bf2205e4"><code>98a1aaf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1076">#1076</a> from dhardy/work</li> <li><a href="https://github.com/rust-random/rand/commit/46082d51d23050569b0d7b75ee8eef5e7a181fc0"><code>46082d5</code></a> Fix installation of multilib</li> <li><a href="https://github.com/rust-random/rand/commit/d109f1852f8c3d86be7d472eb47ff672b3503ed2"><code>d109f18</code></a> Update changelog for rand v0.8</li> <li><a href="https://github.com/rust-random/rand/commit/cc93dae4ed1a1de74c5ba5c5f03081b84d65e174"><code>cc93dae</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1079">#1079</a> from JJPennington/master</li> <li><a href="https://github.com/rust-random/rand/commit/9aa8bc1047b1e61c9bc810956523af40a776d1f2"><code>9aa8bc1</code></a> Modified the StdRng documentation</li> <li><a href="https://github.com/rust-random/rand/commit/34423a6bc8688449fcd5b445870ace574f3b2902"><code>34423a6</code></a> Use cp to create redirect</li> <li><a href="https://github.com/rust-random/rand/commit/d4b180db8ebfc0eb6adb14a93517594268df46c1"><code>d4b180d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rust-random/rand/issues/1078">#1078</a> from rust-random/work2</li> <li><a href="https://github.com/rust-random/rand/commit/1959b1adacc94a3f9887b62c50b1288e3806abea"><code>1959b1a</code></a> Adjust homepage to point at the book</li> <li><a href="https://github.com/rust-random/rand/commit/e9adf451c56d64d2911fe7d6da570ed1094f5a3e"><code>e9adf45</code></a> Switch documentation links to docs.rs</li> <li><a href="https://github.com/rust-random/rand/commit/da3458becbf67eec4b98e0c949db819c638f62c0"><code>da3458b</code></a> Add HTML redirect</li> <li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/0.7.3...0.8.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand&package-manager=cargo&previous-version=0.7.3&new-version=0.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually </details> 3437: Bump ajv from 6.12.6 to 7.0.2 in /tests r=mergify[bot] a=dependabot[bot] Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.6 to 7.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ajv-validator/ajv/releases">ajv's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <p>Remove duplicate functions from standalone validation code (<a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</p> <h2>v7.0.1</h2> <p>Update error message for <code>maxLength</code>/<code>minLength</code> keywords</p> <h2>v7.0.0</h2> <p>Please note: this document covers the changes from v6.12.6.</p> <h1>The main changes</h1> <ul> <li>support of JSON Schema draft-2019-09 features: <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#unevaluatedproperties"><code>unevaluatedProperties</code></a> and <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#unevaluateditems"><code>unevaluatedItems</code></a>, <a href="https://github.com/ajv-validator/ajv/blob/HEAD/validation.md#extending-recursive-schemas">dynamic recursive references</a> and other <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#json-schema-draft-2019-09">additional keywords</a>.</li> <li>comprehensive support for <a href="">standalone validation code</a> - compiling one or multiple schemas to standalone modules with one or multiple exports.</li> <li>to reduce the mistakes in JSON schemas and unexpected validation results, <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md">strict mode</a> is added - it prohibits ignored or ambiguous JSON Schema elements. See <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md">Strict mode</a> and <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/api.md">Options</a> for more details</li> <li>to make code injection from untrusted schemas impossible, <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/codegen.md">code generation</a> is fully re-written to be type-level safe against code injection.</li> <li>to simplify Ajv extensions, the new keyword API that is used by pre-defined keywords is available to user-defined keywords - it is much easier to define any keywords now, especially with subschemas.</li> <li>schemas are compiled to ES6 code (ES5 code generation is supported with an option).</li> <li>to improve reliability and maintainability the code is migrated to TypeScript.</li> <li>separate Ajv classes from draft-07 and draft-2019-09 support with different default imports (see <a href="https://github.com/ajv-validator/ajv#usage">Getting started</a> or <a href="https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.5">v7.0.0-beta.5</a> for the details).</li> </ul> <p><strong>Please note</strong>:</p> <ul> <li>the support for JSON-Schema draft-04 is removed - if you have schemas using "id" attributes you have to replace them with "$id" (or continue using version 6 that will be supported until 02/28/2021).</li> <li>all formats are separated to <a href="https://github.com/ajv-validator/ajv-formats">ajv-formats</a> package - they have to be explicitly added if you use them.</li> <li>Ajv instance can only be created with <code>new</code> keyword, as Ajv is now ES6 class.</li> <li>browser bundles are automatically published to ajv-dist package (but still available on cdnjs.com).</li> </ul> <h2>Better TypeScript support:</h2> <ul> <li>Methods <code>compile</code> and <code>compileAsync</code> now return type-guards - see <a href="https://github.com/ajv-validator/ajv/tree/v7-beta#usage">Getting started</a>.</li> <li>Method <code>validate</code> is a type-guard.</li> <li>Better separation of asynchronous schemas on type level.</li> <li>Type utility JSONSchemaType<!-- raw HTML omitted --> that generates the type for JSON Schema for type interface in the type parameter - it simplifies writing schemas (no unions support at the moment).</li> </ul> <h2>API changes:</h2> <ul> <li>addVocabulary - NEW method that allows to add an array of keyword definitions.</li> <li>addKeyword - keyword name should be passed as property in definition object, not as the first parameter (old API works with "deprecated" warning). Also "inline" keywords support is removed, code generation keywords can now be defined with "code" keyword - the same definition format that is used by all pre-defined keywords</li> <li>Ajv no longer allows to create the instance without <code>new</code> keyword (it is ES6 class).</li> </ul> <h3>Added options (and defaults):</h3> <ul> <li>strict: true - strict mode</li> <li>strictTypes: "log" - prevent mistakes related to type keywords and keyword applicability (see <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md#strict-types">Strict Types</a>)</li> <li>strictTuples: "log" - prevent incomplete tuple schemas (see <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md#prohibit-unconstrained-tuples">Prohibit unconstrained tuples</a>)</li> <li>allowUnionTypes: false - allow multiple non-null types in "type" keyword</li> <li>allowMatchingProperties: false - allow overlap between "properties" and "patternProperties" keywords</li> <li>loopEnum: Infinity - optimise validation of enums, similar to <code>loopRequired</code></li> <li>validateFormats: true - enable format validation</li> <li>code: {optimize: number|boolean} - control <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/codegen.md#code-optimization">code optimisation</a></li> <li>code: {es5: true} - generate ES5 code, the default is to generate ES6 code.</li> <li>code: {lines: true} - add line breaks to generated code - simplifies debugging of compiled schemas when you need it</li> </ul> <h3>Changed options:</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ajv-validator/ajv/commit/5c28d853673948c86ab3d876a31c14dae9d63d32"><code>5c28d85</code></a> 7.0.2</li> <li><a href="https://github.com/ajv-validator/ajv/commit/832fee18d39dd1e7c3db4766c029474b81530db9"><code>832fee1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1362">#1362</a> from ajv-validator/fix-standalone</li> <li><a href="https://github.com/ajv-validator/ajv/commit/0b89a00fc36d9e618c79b464bf4efff08cc26eb9"><code>0b89a00</code></a> fix: standalone code generation creating duplicate functions (closes <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</li> <li><a href="https://github.com/ajv-validator/ajv/commit/eae2d5d47426e8b4c355e6613fcf2c3f5e61eec2"><code>eae2d5d</code></a> test: failing test for standalone code (duplicate functions, <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</li> <li><a href="https://github.com/ajv-validator/ajv/commit/e446893f5bc1711fa782839eb760ca2c04c1cbfe"><code>e446893</code></a> test: duplicate function in standalone code, it should fail but it does not (...</li> <li><a href="https://github.com/ajv-validator/ajv/commit/5fe4bc04dda46ff289b58b6192cfecc0fece728c"><code>5fe4bc0</code></a> ci: only update website on push to master (not on PR), closes <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1358">#1358</a></li> <li><a href="https://github.com/ajv-validator/ajv/commit/bd9578377bc22f327a491a2df0833f0f15d8118a"><code>bd95783</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1355">#1355</a> from orgads/readme-links</li> <li><a href="https://github.com/ajv-validator/ajv/commit/53022710b1b8d121600e40da1f491b50e94a9d43"><code>5302271</code></a> README: Fix broken links</li> <li><a href="https://github.com/ajv-validator/ajv/commit/616a725993d6d271ada3845f8b050ac226f3a217"><code>616a725</code></a> 7.0.1</li> <li><a href="https://github.com/ajv-validator/ajv/commit/dc55ff2a7e138ff69b84e2c52f1bffdcee984075"><code>dc55ff2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1353">#1353</a> from nicksrandall/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/ajv-validator/ajv/compare/v6.12.6...v7.0.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv&package-manager=npm_and_yarn&previous-version=6.12.6&new-version=7.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually </details> 3438: Bump urijs from 1.19.2 to 1.19.3 in /tests r=mergify[bot] a=dependabot[bot] Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.2 to 1.19.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/medialize/URI.js/releases">urijs's releases</a>.</em></p> <blockquote> <h2>1.19.3 (December 20th 2020)</h2> <ul> <li><strong>SECURITY</strong> fixing <a href="http://medialize.github.io/URI.js/docs.html#static-parseAuthority"><code>URI.parseAuthority()</code></a> to rewrite <code>\</code> to <code>/</code> as Node and Browsers do - disclosed privately, relates to [Issue <a href="https://github-redirect.dependabot.com/medialize/URI.js/issues/233">#233</a>](<a href="https://github-redirect.dependabot.com/medialize/URI.js/pull/233">medialize/URI.js#233</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md">urijs's changelog</a>.</em></p> <blockquote> <h3>1.19.3 (December 20th 2020)</h3> <ul> <li><strong>SECURITY</strong> fixing <a href="http://medialize.github.io/URI.js/docs.html#static-parseAuthority"><code>URI.parseAuthority()</code></a> to rewrite <code>\</code> to <code>/</code> as Node and Browsers do - disclosed privately, relates to [Issue <a href="https://github-redirect.dependabot.com/medialize/URI.js/issues/233">#233</a>](<a href="https://github-redirect.dependabot.com/medialize/URI.js/pull/233">medialize/URI.js#233</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/medialize/URI.js/commit/d7064ab9acbbdf8d8acc35d9dc2454cf1606ff98"><code>d7064ab</code></a> chore(build): bumping to version 1.19.3</li> <li><a href="https://github.com/medialize/URI.js/commit/4f45fafedec9fea4d65c2562721ec94343a33c2b"><code>4f45faf</code></a> fix(parse): treat backslash as forwardslash in authority</li> <li>See full diff in <a href="https://github.com/medialize/URI.js/compare/v1.19.2...v1.19.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urijs&package-manager=npm_and_yarn&previous-version=1.19.2&new-version=1.19.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Build failed (retrying...): |
bors bot
added a commit
that referenced
this pull request
Dec 20, 2020
3437: Bump ajv from 6.12.6 to 7.0.2 in /tests r=mergify[bot] a=dependabot[bot] Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.6 to 7.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ajv-validator/ajv/releases">ajv's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <p>Remove duplicate functions from standalone validation code (<a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</p> <h2>v7.0.1</h2> <p>Update error message for <code>maxLength</code>/<code>minLength</code> keywords</p> <h2>v7.0.0</h2> <p>Please note: this document covers the changes from v6.12.6.</p> <h1>The main changes</h1> <ul> <li>support of JSON Schema draft-2019-09 features: <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#unevaluatedproperties"><code>unevaluatedProperties</code></a> and <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#unevaluateditems"><code>unevaluatedItems</code></a>, <a href="https://github.com/ajv-validator/ajv/blob/HEAD/validation.md#extending-recursive-schemas">dynamic recursive references</a> and other <a href="https://github.com/ajv-validator/ajv/blob/HEAD/json-schema.md#json-schema-draft-2019-09">additional keywords</a>.</li> <li>comprehensive support for <a href="">standalone validation code</a> - compiling one or multiple schemas to standalone modules with one or multiple exports.</li> <li>to reduce the mistakes in JSON schemas and unexpected validation results, <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md">strict mode</a> is added - it prohibits ignored or ambiguous JSON Schema elements. See <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md">Strict mode</a> and <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/api.md">Options</a> for more details</li> <li>to make code injection from untrusted schemas impossible, <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/codegen.md">code generation</a> is fully re-written to be type-level safe against code injection.</li> <li>to simplify Ajv extensions, the new keyword API that is used by pre-defined keywords is available to user-defined keywords - it is much easier to define any keywords now, especially with subschemas.</li> <li>schemas are compiled to ES6 code (ES5 code generation is supported with an option).</li> <li>to improve reliability and maintainability the code is migrated to TypeScript.</li> <li>separate Ajv classes from draft-07 and draft-2019-09 support with different default imports (see <a href="https://github.com/ajv-validator/ajv#usage">Getting started</a> or <a href="https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.5">v7.0.0-beta.5</a> for the details).</li> </ul> <p><strong>Please note</strong>:</p> <ul> <li>the support for JSON-Schema draft-04 is removed - if you have schemas using "id" attributes you have to replace them with "$id" (or continue using version 6 that will be supported until 02/28/2021).</li> <li>all formats are separated to <a href="https://github.com/ajv-validator/ajv-formats">ajv-formats</a> package - they have to be explicitly added if you use them.</li> <li>Ajv instance can only be created with <code>new</code> keyword, as Ajv is now ES6 class.</li> <li>browser bundles are automatically published to ajv-dist package (but still available on cdnjs.com).</li> </ul> <h2>Better TypeScript support:</h2> <ul> <li>Methods <code>compile</code> and <code>compileAsync</code> now return type-guards - see <a href="https://github.com/ajv-validator/ajv/tree/v7-beta#usage">Getting started</a>.</li> <li>Method <code>validate</code> is a type-guard.</li> <li>Better separation of asynchronous schemas on type level.</li> <li>Type utility JSONSchemaType<!-- raw HTML omitted --> that generates the type for JSON Schema for type interface in the type parameter - it simplifies writing schemas (no unions support at the moment).</li> </ul> <h2>API changes:</h2> <ul> <li>addVocabulary - NEW method that allows to add an array of keyword definitions.</li> <li>addKeyword - keyword name should be passed as property in definition object, not as the first parameter (old API works with "deprecated" warning). Also "inline" keywords support is removed, code generation keywords can now be defined with "code" keyword - the same definition format that is used by all pre-defined keywords</li> <li>Ajv no longer allows to create the instance without <code>new</code> keyword (it is ES6 class).</li> </ul> <h3>Added options (and defaults):</h3> <ul> <li>strict: true - strict mode</li> <li>strictTypes: "log" - prevent mistakes related to type keywords and keyword applicability (see <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md#strict-types">Strict Types</a>)</li> <li>strictTuples: "log" - prevent incomplete tuple schemas (see <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/strict-mode.md#prohibit-unconstrained-tuples">Prohibit unconstrained tuples</a>)</li> <li>allowUnionTypes: false - allow multiple non-null types in "type" keyword</li> <li>allowMatchingProperties: false - allow overlap between "properties" and "patternProperties" keywords</li> <li>loopEnum: Infinity - optimise validation of enums, similar to <code>loopRequired</code></li> <li>validateFormats: true - enable format validation</li> <li>code: {optimize: number|boolean} - control <a href="https://github.com/ajv-validator/ajv/blob/v7-beta/docs/codegen.md#code-optimization">code optimisation</a></li> <li>code: {es5: true} - generate ES5 code, the default is to generate ES6 code.</li> <li>code: {lines: true} - add line breaks to generated code - simplifies debugging of compiled schemas when you need it</li> </ul> <h3>Changed options:</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ajv-validator/ajv/commit/5c28d853673948c86ab3d876a31c14dae9d63d32"><code>5c28d85</code></a> 7.0.2</li> <li><a href="https://github.com/ajv-validator/ajv/commit/832fee18d39dd1e7c3db4766c029474b81530db9"><code>832fee1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1362">#1362</a> from ajv-validator/fix-standalone</li> <li><a href="https://github.com/ajv-validator/ajv/commit/0b89a00fc36d9e618c79b464bf4efff08cc26eb9"><code>0b89a00</code></a> fix: standalone code generation creating duplicate functions (closes <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</li> <li><a href="https://github.com/ajv-validator/ajv/commit/eae2d5d47426e8b4c355e6613fcf2c3f5e61eec2"><code>eae2d5d</code></a> test: failing test for standalone code (duplicate functions, <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1361">#1361</a>)</li> <li><a href="https://github.com/ajv-validator/ajv/commit/e446893f5bc1711fa782839eb760ca2c04c1cbfe"><code>e446893</code></a> test: duplicate function in standalone code, it should fail but it does not (...</li> <li><a href="https://github.com/ajv-validator/ajv/commit/5fe4bc04dda46ff289b58b6192cfecc0fece728c"><code>5fe4bc0</code></a> ci: only update website on push to master (not on PR), closes <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1358">#1358</a></li> <li><a href="https://github.com/ajv-validator/ajv/commit/bd9578377bc22f327a491a2df0833f0f15d8118a"><code>bd95783</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1355">#1355</a> from orgads/readme-links</li> <li><a href="https://github.com/ajv-validator/ajv/commit/53022710b1b8d121600e40da1f491b50e94a9d43"><code>5302271</code></a> README: Fix broken links</li> <li><a href="https://github.com/ajv-validator/ajv/commit/616a725993d6d271ada3845f8b050ac226f3a217"><code>616a725</code></a> 7.0.1</li> <li><a href="https://github.com/ajv-validator/ajv/commit/dc55ff2a7e138ff69b84e2c52f1bffdcee984075"><code>dc55ff2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/ajv-validator/ajv/issues/1353">#1353</a> from nicksrandall/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/ajv-validator/ajv/compare/v6.12.6...v7.0.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv&package-manager=npm_and_yarn&previous-version=6.12.6&new-version=7.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually </details> 3438: Bump urijs from 1.19.2 to 1.19.3 in /tests r=mergify[bot] a=dependabot[bot] Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.2 to 1.19.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/medialize/URI.js/releases">urijs's releases</a>.</em></p> <blockquote> <h2>1.19.3 (December 20th 2020)</h2> <ul> <li><strong>SECURITY</strong> fixing <a href="http://medialize.github.io/URI.js/docs.html#static-parseAuthority"><code>URI.parseAuthority()</code></a> to rewrite <code>\</code> to <code>/</code> as Node and Browsers do - disclosed privately, relates to [Issue <a href="https://github-redirect.dependabot.com/medialize/URI.js/issues/233">#233</a>](<a href="https://github-redirect.dependabot.com/medialize/URI.js/pull/233">medialize/URI.js#233</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md">urijs's changelog</a>.</em></p> <blockquote> <h3>1.19.3 (December 20th 2020)</h3> <ul> <li><strong>SECURITY</strong> fixing <a href="http://medialize.github.io/URI.js/docs.html#static-parseAuthority"><code>URI.parseAuthority()</code></a> to rewrite <code>\</code> to <code>/</code> as Node and Browsers do - disclosed privately, relates to [Issue <a href="https://github-redirect.dependabot.com/medialize/URI.js/issues/233">#233</a>](<a href="https://github-redirect.dependabot.com/medialize/URI.js/pull/233">medialize/URI.js#233</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/medialize/URI.js/commit/d7064ab9acbbdf8d8acc35d9dc2454cf1606ff98"><code>d7064ab</code></a> chore(build): bumping to version 1.19.3</li> <li><a href="https://github.com/medialize/URI.js/commit/4f45fafedec9fea4d65c2562721ec94343a33c2b"><code>4f45faf</code></a> fix(parse): treat backslash as forwardslash in authority</li> <li>See full diff in <a href="https://github.com/medialize/URI.js/compare/v1.19.2...v1.19.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urijs&package-manager=npm_and_yarn&previous-version=1.19.2&new-version=1.19.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Build failed (retrying...): |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps urijs from 1.19.2 to 1.19.3.
Release notes
Sourced from urijs's releases.
Changelog
Sourced from urijs's changelog.
Commits
d7064ab
chore(build): bumping to version 1.19.34f45faf
fix(parse): treat backslash as forwardslash in authorityDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually