Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency path-to-regexp to v7.1.0 #1979

Merged
merged 1 commit into from
Jul 16, 2024
Merged

Update dependency path-to-regexp to v7.1.0 #1979

merged 1 commit into from
Jul 16, 2024

Conversation

gardener-ci-robot
Copy link
Contributor

This PR contains the following updates:

Package Type Update Change
path-to-regexp devDependencies minor 7.0.0 -> 7.1.0

Release Notes

pillarjs/path-to-regexp (path-to-regexp)

v7.1.0: Strict mode

Compare Source

Added

  • Adds a strict option to detect potential ReDOS issues

Fixed

  • Fixes separator to default to suffix + prefix when not specified
  • Allows separator to be undefined in TokenData
    • This is only relevant if you are building TokenData manually, previously parse filled it in automatically

Comments

  • I highly recommend enabling strict: true and I'm probably releasing a V8 with it enabled by default ASAP as a necessary security mitigation

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@gardener-ci-robot gardener-ci-robot requested a review from grolu as a code owner July 13, 2024 23:55
@gardener-ci-robot gardener-ci-robot added kind/enhancement Enhancement, improvement, extension renovate labels Jul 13, 2024
@gardener-robot gardener-robot added the needs/review Needs review label Jul 13, 2024
@gardener-robot-ci-1 gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Jul 13, 2024
@gardener-robot
Copy link

@gardener-ci-robot Thank you for your contribution.

@gardener-robot gardener-robot added the size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) label Jul 13, 2024
@gardener-robot-ci-3 gardener-robot-ci-3 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Jul 13, 2024
@gardener-ci-robot gardener-ci-robot force-pushed the renovate/path-to-regexp-7.x-lockfile branch from f33db98 to 091d2fb Compare July 15, 2024 13:04
@gardener-robot-ci-1 gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Jul 15, 2024
@petersutter petersutter merged commit c18ceb8 into master Jul 16, 2024
8 checks passed
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Jul 16, 2024
@gardener-ci-robot gardener-ci-robot deleted the renovate/path-to-regexp-7.x-lockfile branch July 16, 2024 10:05
holgerkoser added a commit that referenced this pull request Jul 25, 2024
@holgerkoser
Merge branch 'master' into openmfp
5c2cc4d 
* master: (32 commits)
  Fixed broken links + updated markdown (#1998)
  Fixes some problems with latest dependency updates (#2000)
  Cleanup GShootStatus component (#1983)
  Update dependency eslint-plugin-promise to v7 (#2002)
  Fixed worker group zone configuration for existing azure clusters (#1999)
  Update dependency @vitejs/plugin-vue to v5.1.0 (#2001)
  Add YAML line selection highlighting in GShootEditor (#1982)
  Update dependency universal-cookie to v7.2.0 (#1997)
  Update dependency codemirror to v5.65.17 (#1995)
  Update dependency eslint-plugin-promise to v6.6.0 (#1994)
  Update dependency vuetify to v3.6.13 (#1984)
  Update dependency vitest-fetch-mock to ^0.3.0 (#1973)
  Update dependency semver to v7.6.3 (#1985)
  Update dependency jsdom to v24.1.1 (#1996)
  Update dependency dayjs to v1.11.12 (#1990)
  Update dependency vue to v3.4.33 (#1993)
  Update dependency vue to v3.4.32 (#1986)
  Refactor Project Services and Routes (#1946)
  Dockerfile: fix LegacyKeyValueFormat warning (#1980)
  Update dependency path-to-regexp to v7.1.0 (#1979)
  ...

# Conflicts:
#	.pnp.cjs
#	.yarn/cache/@babel-types-npm-7.24.9-5c021bc930-4970b3481c.zip
#	.yarn/cache/@vue-compiler-core-npm-3.4.33-60a5f78a6b-5f3e97b9bf.zip
#	.yarn/cache/@vue-compiler-dom-npm-3.4.33-c65b16ab1e-78b92901c1.zip
#	.yarn/cache/@vue-compiler-ssr-npm-3.4.33-bc74b83c94-cbab397abc.zip
#	.yarn/cache/@vue-server-renderer-npm-3.4.33-0e097c06b7-24b3b57bdb.zip
#	.yarn/cache/@vue-shared-npm-3.4.33-28b977b008-010603f80b.zip
#	.yarn/cache/acorn-walk-npm-8.3.3-868c75184d-4a9e24313e.zip
#	.yarn/cache/deep-eql-npm-4.1.3-020a64f862-ff34e8605d.zip
#	.yarn/cache/deep-eql-npm-4.1.4-bc4d39c2ca-264e061349.zip
#	.yarn/cache/deep-eql-npm-5.0.2-3bce58289f-7102cf3b7b.zip
#	.yarn/cache/electron-to-chromium-npm-1.4.812-4e84ce97b2-d5cff49155.zip
#	.yarn/cache/es-abstract-npm-1.23.3-ffd85665f7-d27e9afafb.zip
#	.yarn/cache/https-proxy-agent-npm-7.0.5-94c14d4619-2490e3acec.zip
#	.yarn/cache/is-core-module-npm-2.14.0-24e925b9e1-ae8dbc82bd.zip
#	.yarn/cache/js-tokens-npm-9.0.0-35a2868eaf-4ad1c12f47.zip
#	.yarn/cache/mlly-npm-1.7.1-c00aa0548e-d836a7b0ad.zip
#	.yarn/cache/object-inspect-npm-1.13.2-3c6e11a536-b97835b4c9.zip
#	.yarn/cache/strip-literal-npm-2.1.0-3503c34c5f-bc8b8c8346.zip
#	.yarn/cache/tinypool-npm-0.8.3-546e741566-c219d0cfb6.zip
#	.yarn/cache/tinypool-npm-0.8.4-043dfecb16-779c790adc.zip
#	.yarn/cache/tinypool-npm-1.0.0-01bf44ef1d-71b20b9c54.zip
#	.yarn/cache/tinyspy-npm-2.2.1-1079b8de54-0b4cfd07c0.zip
#	.yarn/cache/typed-array-length-npm-1.0.6-867a36a1ac-74253d7dc4.zip
#	.yarn/cache/ufo-npm-1.5.3-8c9d710312-1df1070258.zip
#	.yarn/cache/ws-npm-8.17.0-05fb441faf-55241ec93a.zip
#	.yarn/cache/ws-npm-8.17.1-f57fb24a2c-f4a49064af.zip
#	.yarn/cache/ws-npm-8.18.0-56f68bc4d6-25eb33aff1.zip
#	backend/lib/services/projects.js
#	frontend/src/components/dialogs/GProjectDialog.vue
#	yarn.lock
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petersutter petersutter petersutter approved these changes

@grolu grolu Awaiting requested review from grolu grolu is a code owner

@holgerkoser holgerkoser Awaiting requested review from holgerkoser holgerkoser is a code owner

Assignees
No one assigned
Labels
kind/enhancement Enhancement, improvement, extension needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/review Needs review renovate size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@gardener-ci-robot @gardener-robot @petersutter @gardener-robot-ci-1 @gardener-robot-ci-3