Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the dependencies group across 1 directory with 4 updates #328

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the dependencies group across 1 directory with 4 updates #328

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 9, 2024
edited
Loading

Bumps the dependencies group with 4 updates in the / directory: dotenv, better-sqlite3, croner and pino.

Updates dotenv from 16.4.5 to 16.4.7

Changelog

Sourced from dotenv's changelog.

16.4.7 (2024-12-03)

Changed

  • Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #848

16.4.6 (2024-12-02)

Changed

  • Clean up stale dev dependencies #847
  • Various README updates clarifying usage and alternative solutions using dotenvx
Commits

Updates better-sqlite3 from 11.3.0 to 11.7.0

Release notes

Sourced from better-sqlite3's releases.

v11.7.0

What's Changed

Full Changelog: WiseLibs/better-sqlite3@v11.6.0...v11.7.0

v11.6.0

What's Changed

New Contributors

Full Changelog: WiseLibs/better-sqlite3@v11.5.0...v11.6.0

v11.5.0

What's Changed

Full Changelog: WiseLibs/better-sqlite3@v11.4.0...v11.5.0

v11.4.0

What's Changed

New Contributors

Full Changelog: WiseLibs/better-sqlite3@v11.3.0...v11.4.0

Commits

Updates croner from 8.1.2 to 9.0.0

Release notes

Sourced from croner's releases.

9.0.0

Croner 9.0.0

This major release brings significant changes to Croner, improving consistency, fixing bugs, and modernizing the codebase.

Changes

  • Bug Fixes:

    • Fixed an issue where "every X seconds" crons would fail with a "maximum call stack exceeded" error (#260).
    • Fixed an issue where types were not supported when using ES module via jsr.io (#258).

  • API Changes:

    • The new keyword is now mandatory when instantiating Croner (e.g., new Cron(/* ... */)).
    • The default export has been removed. You now need to use import { Cron } from 'croner'; or const { Cron } = require('croner');.

  • File Structure Changes (relevant for direct file access):

    • All files in the /dist directory are now minified. croner.min.js has been renamed to croner.js.
    • Typings have been moved from /types to /dist.
    • Only the /src directory is exposed in the jsr module jsr.io/@​hexagon/croner.

  • Codebase Modernization:

    • The entire codebase has been migrated from JavaScript with JSDoc to TypeScript.
    • Deno is now used for formatting, type checking, and linting, resulting in a cleaner and more maintainable repository. Esbuild is used to build the npm module and typings.

Upgrade Notice:

Due to the API and file structure changes, upgrading from 8.x to 9.x may require modifications to your existing code. Please review the above changes carefully before migrating.

9.0.0-dev.12

  • Test new release workflow
Commits

Updates pino from 9.4.0 to 9.5.0

Release notes

Sourced from pino's releases.

v9.5.0

What's Changed

New Contributors

Full Changelog: pinojs/pino@v9.4.0...v9.5.0

Commits
  • bb68e01 Bumped v9.5.0
  • 84bbd35 fix: Ensure silent log level is respected with browser.transmit option (#2052)
  • 5bc0a92 feature: allow sync flag to be passed to ThreadStream for synchronous… (#2063)
  • f220965 docs -> #2061 Alphabetize transport list and reorder sections in documentatio...
  • d32fd55 docs->added pino-hana transport (#2059)
  • 7cff45a build(deps-dev): bump @​yao-pkg/pkg from 5.13.0 to 5.15.0 (#2050)
  • cd09737 doc: Add Transport @​macfja/pino-fingers-crossed (#2047)
  • 0ab1bdd Update transports.md (#2041)
  • de5a697 build(deps): bump pino-abstract-transport from 1.2.0 to 2.0.0 (#2043)
  • eef2f87 build(deps-dev): bump @​yao-pkg/pkg from 5.12.1 to 5.13.0 (#2042)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 9, 2024
@socket-security Socket Security
Copy link

socket-security bot commented Dec 9, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/[email protected] filesystem Transitive: environment, network, shell +36 10.8 MB joshuawise
npm/[email protected] None 0 104 kB hexagon
npm/[email protected] environment, filesystem 0 75.8 kB motdotla
npm/[email protected] environment, unsafe Transitive: eval, filesystem +12 1.18 MB matteo.collina

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@dependabot
chore(deps): bump the dependencies group across 1 directory with 4 up…
e1b9dc7 
…dates

Bumps the dependencies group with 4 updates in the / directory: [dotenv](https://github.com/motdotla/dotenv), [better-sqlite3](https://github.com/WiseLibs/better-sqlite3), [croner](https://github.com/hexagon/croner) and [pino](https://github.com/pinojs/pino).


Updates `dotenv` from 16.4.5 to 16.4.7
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.4.5...v16.4.7)

Updates `better-sqlite3` from 11.3.0 to 11.7.0
- [Release notes](https://github.com/WiseLibs/better-sqlite3/releases)
- [Commits](WiseLibs/better-sqlite3@v11.3.0...v11.7.0)

Updates `croner` from 8.1.2 to 9.0.0
- [Release notes](https://github.com/hexagon/croner/releases)
- [Commits](Hexagon/croner@8.1.2...9.0.0)

Updates `pino` from 9.4.0 to 9.5.0
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](pinojs/pino@v9.4.0...v9.5.0)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: better-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: croner
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: pino
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dependencies-6ff7deaa2b branch from 6758a88 to e1b9dc7 Compare December 16, 2024 07:57
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 30, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 30, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/dependencies-6ff7deaa2b branch December 30, 2024 07:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants