Phraseanet
Phraseanet copied to clipboard
Bump tar, node-sass and npm-check-updates in /Phraseanet-production-client
Bumps tar to 6.1.13 and updates ancestor dependencies tar, node-sass and npm-check-updates. These dependencies need to be updated together.
Updates tar
from 2.2.1 to 6.1.13
Release notes
Sourced from tar's releases.
v6.1.13
6.1.13 (2022-12-07)
Dependencies
v6.1.12
6.1.12 (2022-10-31)
Bug Fixes
57493ee
#332 ensuring close event is emited after stream has ended (@webark
)b003c64
#314 replace deprecated String.prototype.substr() (#314) (@CommanderRoot
,@lukekarrys
)Documentation
Changelog
Sourced from tar's changelog.
6.1.13 (2022-12-07)
Dependencies
6.1.12 (2022-10-31)
Bug Fixes
57493ee
#332 ensuring close event is emited after stream has ended (@webark
)b003c64
#314 replace deprecated String.prototype.substr() (#314) (@CommanderRoot
,@lukekarrys
)Documentation
f129929
#313 remove dead link to benchmarks (#313) (@yetzt
)c1faa9f
add examples/explanation of using tar.t (@isaacs
)6.0
- Drop support for node 6 and 8
- fix symlinks and hardlinks on windows being packed with
\
-style path targets5.0
- Address unpack race conditions using path reservations
- Change large-numbers errors from TypeError to Error
- Add
TAR_*
error codes- Raise
TAR_BAD_ARCHIVE
warning/error when there are no valid entries found in an archive- do not treat ignored entries as an invalid archive
- drop support for node v4
- unpack: conditionally use a file mapping to write files on Windows
- Set more portable 'mode' value in portable mode
- Set
portable
gzip option in portable mode4.4
- Add 'mtime' option to tar creation to force mtime
- unpack: only reuse file fs entries if nlink = 1
- unpack: rename before unlinking files on Windows
- Fix encoding/decoding of base-256 numbers
- Use
stat
instead oflstat
when checking CWD- Always provide a callback to fs.close()
4.3
- Add 'transform' unpack option
... (truncated)
Commits
a044a87
chore: release 6.1.13 (#344)cc4e0dd
deps: bump minipass from 3.3.6 to 4.0.05dcfcb3
chore: bump events-to-array from 1.1.2 to 2.0.3329caed
chore: postinstall for dependabot template-oss PR72f6e39
chore: bump@npmcli/template-oss
from 4.8.0 to 4.10.0001eafb
chore: release 6.1.12ac1026a
chore: dry up template-oss config2e45b11
chore: use a local instead of remote file for test79378ef
chore: postinstall for dependabot template-oss PReaea26d
chore: bump@npmcli/template-oss
from 4.7.1 to 4.8.0- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by lukekarrys, a new releaser for tar since your current version.
Updates node-sass
from 4.14.0 to 8.0.0
Release notes
Sourced from node-sass's releases.
v8.0.0
What's Changed
- Fix binaries being partially downloaded by
@xzyfer
in sass/node-sass#3313- Bump node-gyp and nan for node 19 support by
@xzyfer
in sass/node-sass#3314- feat: Node 18 and 19 support and drop Node 17 by
@nschonni
in sass/node-sass#3257Breaking changes
- Drop support for Node 12 (
@nschonni
)- Drop support for Node 17 (
@nschonni
)- Set
rejectUnauthorized
totrue
by default (@scott-ut
, #3149)Features
- Add support for Node 18 (
@nschonni
)- Add support for Node 19 (
@nschonni
)- Replace
request
withmake-fetch-happen
(@CamilleDrapier
@xzyfer
, #3193, #3313)Dependencies
- Bump [email protected]
- Bump node-gyp
@9
.0.0- Bump nan@^2.17.0
- Bump sass-graph@^4.0.1
Misc
- Bump various GitHub Actions dependencies (
@nschonni
)Supported Environments
OS Architecture Node Windows x86 & x64 14, 16, 18, 19 OSX x64 14, 16, 18, 19 Linux* x64 14, 16, 18, 19 Alpine Linux x64 14, 16, 18, 19 FreeBSD i386 amd64 12, 14 *Linux support refers to major distributions like Ubuntu, and Debian
v7.0.3
Dependencies
- Bump sass-graph from 4.0.0 to ^4.0.1
Supported Environments
| OS | Architecture | Node |
... (truncated)
Commits
ee13eb9
8.0.098e75b3
feat: Node 18 and 19 support and drop Node 17 (#3257)e9bb866
Bump node-gyp and nan for node 19 support (#3314)ab7840b
Fix binaries being partially downloaded (#3313)d595abf
7.0.33b556c1
7.0.2c716359
Bump sass-graph@^4.0.1 (#3292)24741b3
docs(readme): fix docpad plugin link1523330
feat: Drop Node 12365d357
update https://registry.npm.taobao.org to https://registry.npmmirror.com- Additional commits viewable in compare view
Updates npm-check-updates
from 2.14.2 to 16.6.3
Release notes
Sourced from npm-check-updates's releases.
v16.4.0
Feature
Added
--cacheClear
option for—you guessed it—clearing the cache 🫥.This brings the suite of cache-related options to:
--cache
: Cache versions to the cache file.--cacheClear
: Clear the default cache, or the cache file specified by --cacheFile.--cacheExpiration <min>
: Cache expiration in minutes (default: 10).--cacheFile <path>
: Filepath for the cache file (default: "~/.ncu-cache.json").Thanks to
@ly3xqhl8g9
whose code is gratefully more lucid than his username.v16.3.0
Feature
- Added workspace support! 🚢
Upgrade all workspaces:
ncu --workspaces ncu -ws
Upgrade a single workspace:
ncu --workspace a ncu -w a
Upgrade more than one workspace:
ncu --workspace a --workspace b ncu -w a -w b
Upgrade all workspaces AND the root project:
ncu --workspaces --root
Upgrade a single workspace AND the root project:
ncu --workspace a --root </tr></table>
... (truncated)
Changelog
Sourced from npm-check-updates's changelog.
Changelog
This file documents all major version releases. For other releases, please read the commit history.
[16.0.0] - 2022-07-23
Breaking
- Automatic detection of package data on stdin has been removed. This feature was deprecated in
v14.0.0
. Add--stdin
for old behavior.- Wild card filters now apply to scoped packages. Previously,
ncu -f '*vite*'
would not include@vitejs/plugin-react
. Now, filters will match any part of the package name, including the scope. Use a more specific glob or regex expression for old behavior.https://github.com/raineorshine/npm-check-updates/compare/v15.3.4...v16.0.0
[15.0.0] - 2022-06-30
Breaking
- node >= 14.14 is now required (#1145)
- Needed to upgrade
update-notifier
with has a moderate severity vulnerability- yarn autodetect has been improved (#1148)
- This is a patch, though technically it is breaking. In the obscure case where
--packageManager
is not given, there is nopackage-lock.json
in the current folder, and there is ayarn.lock
in an ancestor directory, npm-check-updates will now use yarn.- More practically, if you needed to specify
--packageManager yarn
explicitly before, you may not have to nowhttps://github.com/raineorshine/npm-check-updates/compare/v14.1.1...v15.0.0
[14.0.0] - 2022-06-16
Breaking
Prerelease versions are now "upgraded" to versions with a different preid.
For example, if you have a dependency at
1.3.3-next.1
and the version fetched by ncu is1.2.3-dev.2
, ncu will suggest an "upgrade" to1.2.3-dev.2
. This is because prerelease versions with different preids are incomparable. Since they are incomparable, ncu now assumes the fetched version is desired.Since this change affects only prereleases, there is no impact on default
ncu
usage that fetches thelatest
version. With--pre 1
or--target newest
or--target greatest
, this change could affect which version is suggested if versions with different preids are published. The change was made to support the new--target @[tag]
feature.If you have a use case where this change is not what is desired, please report an issue. The intention is for zero disruption to current usage.
Features
- You can now upgrade to a specific tag, e.g.
--target @next
. Thanks to IMalyugin.https://github.com/raineorshine/npm-check-updates/compare/v13.1.5...v14.0.0
[13.0.0] - 2022-05-15
Breaking
- node >= 14 is now required
- Several options which have long been deprecated have been removed:
--greatest
- Instead use--target greatest
... (truncated)
Commits
55d4ca3
16.6.3e7677c9
support doctorTest command that includes quotes7455026
Fix rc-config test temp dir.f207a60
Add auto detect ncurc tests. Minor cleanup.cecce57
post-commit: strip color from linter outpute8f0c3e
16.6.216ef562
Bump dependencies2d1c1a9
16.6.19e92537
Remove erroneous --dep bundle option (#1256).8f71eb4
README- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.