From 0f84d65f0df3c8f4591c387e14c71520539bcedb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 18 Jul 2024 09:06:23 -0700
Subject: [PATCH] deps: bump the dependency-updates group with 3 updates
(#1197)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the dependency-updates group with 3 updates:
[framer-motion](https://github.com/framer/motion),
[@npmcli/template-oss](https://github.com/npm/template-oss) and
[eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier).
Updates `framer-motion` from 11.3.4 to 11.3.6
Changelog
Sourced from framer-motion's
changelog.
[11.3.6] 2024-07-17
Changed
- Minor performance improvements for layout animations.
[11.3.5] 2024-07-16
Fixed
- Ensuring DOM bundle doesn't include
react and
react-dom as dependencies.
Commits
Updates `@npmcli/template-oss` from 4.23.0 to 4.23.1
Release notes
Sourced from @npmcli/template-oss's
releases.
v4.23.1
4.23.1
(2024-07-17)
Bug Fixes
Changelog
Sourced from @npmcli/template-oss's
changelog.
4.23.1
(2024-07-17)
Bug Fixes
Commits
Updates `eslint-plugin-prettier` from 5.1.3 to 5.2.1
Release notes
Sourced from eslint-plugin-prettier's
releases.
v5.2.1
Patch Changes
Changelog
Sourced from eslint-plugin-prettier's
changelog.
5.2.1
Patch Changes
5.2.0
Minor Changes
Commits
51324d9
chore: fix CHANGELOG.md formatting issue24288c7
chore: release eslint-plugin-prettier (#669)ac036cc
build(deps): Bump synckit from 0.8.6 to 0.9.1 (#668)a1e6f4a
build(deps): Bump braces from 3.0.2 to 3.0.3 (#665)de9751c
build(deps): Bump pnpm/action-setup from 2 to 4 in the actions group (#661)02c21a5
chore: release eslint-plugin-prettier (#653)f170011
feat: support parsing html via
@html-eslint/parser natively (#652)- See full diff in compare
view
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
---------
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gar
---
.github/actions/create-check/action.yml | 2 +-
.github/actions/install-latest-npm/action.yml | 2 +-
.github/workflows/post-dependabot.yml | 2 +-
SECURITY.md | 2 +-
cli/package.json | 4 +-
package-lock.json | 46 ++++++-------------
package.json | 4 +-
7 files changed, 23 insertions(+), 39 deletions(-)
diff --git a/.github/actions/create-check/action.yml b/.github/actions/create-check/action.yml
index aa24a5b0f05..d1220c90cfb 100644
--- a/.github/actions/create-check/action.yml
+++ b/.github/actions/create-check/action.yml
@@ -25,7 +25,7 @@ runs:
with:
result-encoding: string
script: |
- const { repo: { owner, repo}, runId, serverUrl } = context
+ const { repo: { owner, repo}, runId, serverUrl } = context
const { JOB_NAME, SHA } = process.env
const job = await github.rest.actions.listJobsForWorkflowRun({
diff --git a/.github/actions/install-latest-npm/action.yml b/.github/actions/install-latest-npm/action.yml
index 8339dbf0388..580603dd40c 100644
--- a/.github/actions/install-latest-npm/action.yml
+++ b/.github/actions/install-latest-npm/action.yml
@@ -44,7 +44,7 @@ runs:
MATCH=$SPEC
echo "Found compatible version: npm@$MATCH"
break
- fi
+ fi
done
if [ -z $MATCH ]; then
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
index 23dd57b84ea..5376925eac6 100644
--- a/.github/workflows/post-dependabot.yml
+++ b/.github/workflows/post-dependabot.yml
@@ -50,7 +50,7 @@ jobs:
id: flags
run: |
dependabot_dir="${{ steps.metadata.outputs.directory }}"
- if [[ "$dependabot_dir" == "/" ]]; then
+ if [[ "$dependabot_dir" == "/" || "$dependabot_dir" == "/main" ]]; then
echo "workspace=-iwr" >> $GITHUB_OUTPUT
else
# strip leading slash from directory so it works as a
diff --git a/SECURITY.md b/SECURITY.md
index 9cd2deaf4fd..4fe06a2a32c 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,7 +2,7 @@
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
-If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
+If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly through [opensource-security@github.com](mailto:opensource-security@github.com).
diff --git a/cli/package.json b/cli/package.json
index 29c0e7bbefb..3c6963d0a94 100644
--- a/cli/package.json
+++ b/cli/package.json
@@ -31,7 +31,7 @@
},
"devDependencies": {
"@npmcli/eslint-config": "^4.0.4",
- "@npmcli/template-oss": "4.23.0",
+ "@npmcli/template-oss": "4.23.1",
"tap": "^16.3.9"
},
"author": "GitHub Inc.",
@@ -40,7 +40,7 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
- "version": "4.23.0",
+ "version": "4.23.1",
"content": "./scripts/template-oss"
},
"files": [
diff --git a/package-lock.json b/package-lock.json
index e79fbc5d425..ebb32ef844e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -49,7 +49,7 @@
"@babel/plugin-proposal-private-property-in-object": "^7.21.11",
"@github/prettier-config": "^0.0.6",
"@npmcli/eslint-config": "^4.0.4",
- "@npmcli/template-oss": "4.23.0",
+ "@npmcli/template-oss": "4.23.1",
"@testing-library/jest-dom": "^6.2.0",
"@testing-library/react": "^15.0.1",
"babel-jest": "^29.7.0",
@@ -91,7 +91,7 @@
},
"devDependencies": {
"@npmcli/eslint-config": "^4.0.4",
- "@npmcli/template-oss": "4.23.0",
+ "@npmcli/template-oss": "4.23.1",
"tap": "^16.3.9"
},
"engines": {
@@ -5423,9 +5423,9 @@
}
},
"node_modules/@npmcli/template-oss": {
- "version": "4.23.0",
- "resolved": "https://registry.npmjs.org/@npmcli/template-oss/-/template-oss-4.23.0.tgz",
- "integrity": "sha512-hv+Z17S2BEbEIRsnZt+eC14GtyBV1kV2NoCRHpibnFkaX7PPRtrgVyZImd6XQYyQjeRPoYRdW0rCg/YzO1h54g==",
+ "version": "4.23.1",
+ "resolved": "https://registry.npmjs.org/@npmcli/template-oss/-/template-oss-4.23.1.tgz",
+ "integrity": "sha512-9IoziGswJTKz8mi7wNQxXRSXXSC/17WzsOsNzkOrzkM0qkq/wwZg5M6JKgOU3IUImcUdXywWNeqfG9VQ1o52Yg==",
"dev": true,
"hasInstallScript": true,
"dependencies": {
@@ -14485,13 +14485,13 @@
}
},
"node_modules/eslint-plugin-prettier": {
- "version": "5.1.3",
- "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.1.3.tgz",
- "integrity": "sha512-C9GCVAs4Eq7ZC/XFQHITLiHJxQngdtraXaM+LoUFoFp/lHNl2Zn8f3WQbe9HvTBBQ9YnKFB0/2Ajdqwo5D1EAw==",
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/eslint-plugin-prettier/-/eslint-plugin-prettier-5.2.1.tgz",
+ "integrity": "sha512-gH3iR3g4JfF+yYPaJYkN7jEl9QbweL/YfkoRlNnuIEHEz1vHVlCmWOS+eGGiRuzHQXdJFCOTxRgvju9b8VUmrw==",
"dev": true,
"dependencies": {
"prettier-linter-helpers": "^1.0.0",
- "synckit": "^0.8.6"
+ "synckit": "^0.9.1"
},
"engines": {
"node": "^14.18.0 || >=16.0.0"
@@ -14514,22 +14514,6 @@
}
}
},
- "node_modules/eslint-plugin-prettier/node_modules/synckit": {
- "version": "0.8.8",
- "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.8.8.tgz",
- "integrity": "sha512-HwOKAP7Wc5aRGYdKH+dw0PRRpbO841v2DENBtjnR5HFWoiNByAl7vrx3p0G/rCyYXQsrxqtX48TImFtPcIHSpQ==",
- "dev": true,
- "dependencies": {
- "@pkgr/core": "^0.1.0",
- "tslib": "^2.6.2"
- },
- "engines": {
- "node": "^14.18.0 || >=16.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/unts"
- }
- },
"node_modules/eslint-plugin-primer-react": {
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/eslint-plugin-primer-react/-/eslint-plugin-primer-react-5.3.0.tgz",
@@ -16154,9 +16138,9 @@
}
},
"node_modules/framer-motion": {
- "version": "11.3.4",
- "resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-11.3.4.tgz",
- "integrity": "sha512-LC+luwNmz4zEg0AU0rol3yLUFKSJ9GDmIyvigXBAwEbUBG59EWmcRQ2Xh+0py7IkmvWxFUH0TN42v1Dda8xgUg==",
+ "version": "11.3.6",
+ "resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-11.3.6.tgz",
+ "integrity": "sha512-olpX48qfoSIDjhw0RbolhOGBQmdMAXHHpSI0PFdTj5LeXChcf5F4ApShs0mQ6FPEPOj7dnEvSyB07UgRK5G9Jw==",
"dependencies": {
"tslib": "^2.4.0"
},
@@ -36813,9 +36797,9 @@
"dev": true
},
"node_modules/synckit": {
- "version": "0.9.0",
- "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.9.0.tgz",
- "integrity": "sha512-7RnqIMq572L8PeEzKeBINYEJDDxpcH8JEgLwUqBd3TkofhFRbkq4QLR0u+36avGAhCRbk2nnmjcW9SE531hPDg==",
+ "version": "0.9.1",
+ "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.9.1.tgz",
+ "integrity": "sha512-7gr8p9TQP6RAHusBOSLs46F4564ZrjV8xFmw5zCmgmhGUcw2hxsShhJ6CEiHQMgPDwAQ1fWHPM0ypc4RMAig4A==",
"dev": true,
"dependencies": {
"@pkgr/core": "^0.1.0",
diff --git a/package.json b/package.json
index bc0beab554f..b3005a1b149 100644
--- a/package.json
+++ b/package.json
@@ -68,7 +68,7 @@
"@babel/plugin-proposal-private-property-in-object": "^7.21.11",
"@github/prettier-config": "^0.0.6",
"@npmcli/eslint-config": "^4.0.4",
- "@npmcli/template-oss": "4.23.0",
+ "@npmcli/template-oss": "4.23.1",
"@testing-library/jest-dom": "^6.2.0",
"@testing-library/react": "^15.0.1",
"babel-jest": "^29.7.0",
@@ -97,7 +97,7 @@
},
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
- "version": "4.23.0",
+ "version": "4.23.1",
"content": "./scripts/template-oss"
}
}