Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot change bundle #516

Merged
merged 17 commits into from
Sep 19, 2024
Merged

Dependabot change bundle #516

merged 17 commits into from
Sep 19, 2024

Conversation

seansica
Copy link
Contributor

Description of what has changed

  • Upgrade several attack-search npm dependencies per Dependabot. See commit messages for details.

Testing

  • Built Dockerfile successfully on localhost
  • Tested basic search functionality in Firefox and Chrome

dependabot bot and others added 17 commits March 16, 2024 23:19
@dependabot
Bump follow-redirects from 1.15.4 to 1.15.6 in /attack-search
ddc73c0 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /attack-search
cbf40b0 
Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump ws from 8.12.0 to 8.17.1 in /attack-search
1487632 
Bumps [ws](https://github.com/websockets/ws) from 8.12.0 to 8.17.1.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.12.0...8.17.1)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump braces from 3.0.2 to 3.0.3 in /attack-search
dfecc38 
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@jondricek
Merge pull request #511 from mitre-attack/develop
917657b 
Update home page
@dependabot
Bump webpack from 5.76.0 to 5.94.0 in /attack-search
1e94e11 
Bumps [webpack](https://github.com/webpack/webpack) from 5.76.0 to 5.94.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.76.0...v5.94.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump body-parser and express in /attack-search
111185a 
Bumps [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `body-parser` from 1.20.1 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.1...1.20.3)

Updates `express` from 4.18.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.18.2...4.21.0)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump serve-static and express in /attack-search
8442440 
Bumps [serve-static](https://github.com/expressjs/serve-static) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `express` from 4.18.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.18.2...4.21.0)

---
updated-dependencies:
- dependency-name: serve-static
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump send and express in /attack-search
36a1ad9 
Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `express` from 4.18.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.18.2...4.21.0)

---
updated-dependencies:
- dependency-name: send
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@seansica
Merge pull request #493 from mitre-attack/dependabot/npm_and_yarn/att…
e5370e1 
…ack-search/follow-redirects-1.15.6

Bump follow-redirects from 1.15.4 to 1.15.6 in /attack-search
@seansica
Merge pull request #497 from mitre-attack/dependabot/npm_and_yarn/att…
022244e 
…ack-search/webpack-dev-middleware-5.3.4

Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /attack-search
@seansica
Merge pull request #503 from mitre-attack/dependabot/npm_and_yarn/att…
e5119f5 
…ack-search/ws-8.17.1

Bump ws from 8.12.0 to 8.17.1 in /attack-search
@seansica
Merge pull request #505 from mitre-attack/dependabot/npm_and_yarn/att…
b3fb538 
…ack-search/braces-3.0.3

Bump braces from 3.0.2 to 3.0.3 in /attack-search
@seansica
Merge pull request #512 from mitre-attack/dependabot/npm_and_yarn/att…
45f8242 
…ack-search/webpack-5.94.0

Bump webpack from 5.76.0 to 5.94.0 in /attack-search
@seansica
Merge pull request #513 from mitre-attack/dependabot/npm_and_yarn/att…
b516875 
…ack-search/multi-9423f4c335

Bump body-parser and express in /attack-search
@seansica
Merge pull request #514 from mitre-attack/dependabot/npm_and_yarn/att…
328d993 
…ack-search/multi-d66d039ac5

Bump serve-static and express in /attack-search
@seansica
Merge pull request #515 from mitre-attack/dependabot/npm_and_yarn/att…
22653a6 
…ack-search/multi-cf87d80143

Bump send and express in /attack-search
@seansica seansica self-assigned this Sep 19, 2024
@seansica seansica requested a review from jondricek September 19, 2024 16:05
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@jondricek jondricek merged commit 9f3d4fe into develop Sep 19, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jondricek jondricek Awaiting requested review from jondricek

Assignees

@seansica seansica

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@seansica @jondricek