Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps) Updated packages for security vulnerabilities #387

Open
wants to merge 17 commits into
base: develop
Choose a base branch
from

Conversation

sarvex
Copy link

@sarvex sarvex commented May 19, 2023

No description provided.

dependabot bot and others added 16 commits May 19, 2023 05:51
Bumps [yaml](https://github.com/eemeli/yaml) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.2.1...v2.2.2)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.
- [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.14 to 3.9.19.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](patriksimek/vm2@3.9.14...3.9.19)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
…-service/yaml-2.2.2

build(deps): bump yaml from 2.2.1 to 2.2.2 in /server/node-service
Bumps [json](https://github.com/douglascrockford/JSON-java) from 20200518 to 20230227.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](https://github.com/douglascrockford/JSON-java/commits)

---
updated-dependencies:
- dependency-name: org.json:json
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
…/org.json-json-20230227

build(deps): bump json from 20200518 to 20230227 in /server/api-service
…-service/vm2-3.9.19

build(deps): bump vm2 from 3.9.14 to 3.9.19 in /server/node-service
…-service/http-cache-semantics-4.1.1

build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 in /server/node-service
Bumps [snowflake-jdbc](https://github.com/snowflakedb/snowflake-jdbc) from 3.13.27 to 3.13.29.
- [Release notes](https://github.com/snowflakedb/snowflake-jdbc/releases)
- [Changelog](https://github.com/snowflakedb/snowflake-jdbc/blob/master/CHANGELOG.rst)
- [Commits](snowflakedb/snowflake-jdbc@v3.13.27...v3.13.29)

---
updated-dependencies:
- dependency-name: net.snowflake:snowflake-jdbc
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [spring-boot-starter-webflux](https://github.com/spring-projects/spring-boot) from 2.5.5 to 2.5.12.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v2.5.5...v2.5.12)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-webflux
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
…/openblocks-plugins/graphqlPlugin/org.springframework.boot-spring-boot-starter-webflux-2.5.12

build(deps-dev): bump spring-boot-starter-webflux from 2.5.5 to 2.5.12 in /server/api-service/openblocks-plugins/graphqlPlugin
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.11 to 3.9.19.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](patriksimek/vm2@3.9.11...3.9.19)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
…/openblocks-plugins/snowflakePlugin/net.snowflake-snowflake-jdbc-3.13.29

build(deps): bump snowflake-jdbc from 3.13.27 to 3.13.29 in /server/api-service/openblocks-plugins/snowflakePlugin
…3.9.19

chore(deps): bump vm2 from 3.9.11 to 3.9.19 in /client
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 1.0.2 to 1.0.33.
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md)
- [Commits](faisalman/ua-parser-js@1.0.2...1.0.33)

---
updated-dependencies:
- dependency-name: ua-parser-js
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@CLAassistant
Copy link

CLAassistant commented May 19, 2023

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ sarvex
❌ dependabot[bot]
You have signed the CLA already but the status is still pending? Let us recheck it.

…parser-js-1.0.33

chore(deps): bump ua-parser-js from 1.0.2 to 1.0.33 in /client
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants