LocalAI icon indicating copy to clipboard operation
LocalAI copied to clipboard

Published 20 hours ago verified publisher icon mudler

build(deps): bump the npm_and_yarn group across 1 directory with 3 updates

Open dependabot[bot] opened this issue 1 year ago • 8 comments

Bumps the npm_and_yarn group with 2 updates in the /examples/langchain/langchainjs-localai-example directory: axios and langchain.

Removes axios

Updates langchain from 0.0.67 to 0.1.33

Release notes

Sourced from langchain's releases.

Release 0.1.33

What's Changed

Full Changelog: https://github.com/langchain-ai/langchainjs/compare/0.1.32...0.1.33

Release 0.1.32

What's Changed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jacoblee93, a new releaser for langchain since your current version.


Updates zod from 3.21.4 to 3.22.4

Release notes

Sourced from zod's releases.

v3.22.4

Commits:

  • d931ea3f0f15a6ae64f5f68e3c03912dffb2269d Lint
  • 8e634bd600093b7161487bed705279c892395118 Fix prettier
  • 4018d88f0e94992b2987428c4fda387b99ae2a53 docs: add @​sanity-typed/zod to ecosystem (#2731)
  • 15ba5a4d4cb5be5af23771de0ba1346b4ba20a0e docs: add zod-sandbox to README ecosystem links (#2707)
  • 699ccae13b875d4fcadac268fd789c93b6ce8aef Export jsdoc with @deprecated when building (#2717)
  • dfe3719eae250ab3eca2d276da6c292867899cc6 Fix sanity-typed links (#2840)
  • cd7991e04a550868bfcb5b5d46e5eb5bc7edf5f3 fix ulid regex (#2225)
  • 7cb4ba2f85dd6b28290dda5de80ed54dfd2a793c Remove stalebot
  • 9340fd51e48576a75adc919bff65dbc4a5d4c99b Lazy emojiRegex
  • e7a9b9b3033991be6b4225f1be21da39c250bbb0 3.22.4

v3.22.3

Commits:

  • 1e23990bcdd33d1e81b31e40e77a031fcfd87ce1 Commit
  • 9bd3879b482f139fd03d5025813ee66a04195cdd docs: remove obsolete text about readonly types (#2676)
  • f59be093ec21430d9f32bbcb628d7e39116adf34 clarify datetime ISO 8601 (#2673)
  • 64dcc8e2b16febe48fa8e3c82c47c92643e6c9e3 Update sponsors
  • 18115a8f128680b4526df58ce96deab7dce93b93 Formatting
  • 28c19273658b164c53c149785fa7a8187c428ad4 Update sponsors
  • ad2ee9ccf723c4388158ff6b8669c2a6cdc85643 2718 Updated Custom Schemas documentation example to use type narrowing (#2778)
  • ae0f7a2c15e7741ee1b23c03a3bfb9acebd86551 docs: update ref to discriminated-unions docs (#2485)
  • 2ba00fe2377f4d53947a84b8cdb314a63bbd6dd4 [2609] fix ReDoS vulnerability in email regex (#2824)
  • 1e61d76cdec05de9271fc0df58798ddf9ce94923 3.22.3

v3.22.2

Commits:

  • 13d9e6bda286cbd4c1b177171273695d8309e5de Fix lint
  • 0d49f10b3c25a8e4cbb6534cc0773b195c56d06d docs: add typeschema to ecosystem (#2626)
  • 8e4af7b56df6f2e3daf0dd825b986f1d963025ce X to Zod: add app.quicktype.io (#2668)
  • 792b3ef0d41c144cd10641c6966b98dae1222d82 Fix superrefine types

v3.22.1

Commits:

Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

const methodObject = z.object({
  property: z.number(),
  method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
  property: 3,
  method: function (s: string) {
    return s.length + this.property;
</tr></table>

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Apr 12 '24 04:04 dependabot[bot]

Deploy Preview for localai canceled.

Name Link
Latest commit b51608abeb81942b9aaac6bbc3354dd599d446d6
Latest deploy log https://app.netlify.com/sites/localai/deploys/6618bebb8ed80c00082183c6

netlify[bot] avatar Apr 12 '24 04:04 netlify[bot]

@dependabot rebase

dave-gray101 avatar Apr 12 '24 05:04 dave-gray101

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

dependabot[bot] avatar Apr 12 '24 05:04 dependabot[bot]

@mudler looks like the dependabot PR are reliably snagging on the security scanner PR due to permissions.

Based on the other one I was testing with, any commit authored by a "real person" seems to go through, so it looks like there may be a permissions issue here.

dave-gray101 avatar Apr 12 '24 05:04 dave-gray101

let's try, I've changed CI settings now

mudler avatar Apr 12 '24 13:04 mudler

@dependabot recreate

mudler avatar Apr 12 '24 13:04 mudler

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Apr 12 '24 13:04 dependabot[bot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Apr 12 '24 15:04 dependabot[bot]

Looks like these dependencies are no longer updatable, so this is no longer needed.

dependabot[bot] avatar Apr 25 '24 22:04 dependabot[bot]