convos icon indicating copy to clipboard operation
convos copied to clipboard
verified publisher icon convos-chat

Dependency Dashboard

Open renovate[bot] opened this issue 3 years ago • 2 comments

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

  • [ ] Select this checkbox to let Renovate create an automated Config Migration PR.

Deprecations / Replacements

[!WARNING] These dependencies are either deprecated or have replacements available:

Datasource Name Replacement PR?
npm querystring Unavailable

Other Branches

The following updates are pending. To force the creation of a PR, click on a checkbox below.

  • [ ] chore(deps): update dependency vite to v6.0.12 [security]

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

  • [ ] chore(deps): update all non-major dependencies (@fortawesome/fontawesome-free, docker/login-action, docker/metadata-action)
  • [ ] chore(deps): update actions/checkout action to v6
  • [ ] chore(deps): update actions/setup-node action to v6
  • [ ] chore(deps): update dependency @fortawesome/fontawesome-free to v7
  • [ ] chore(deps): update dependency @sveltejs/vite-plugin-svelte to v6
  • [ ] chore(deps): update dependency eslint-plugin-svelte to v3
  • [ ] chore(deps): update dependency jsdom to v27
  • [ ] chore(deps): update dependency vitest to v4
  • [ ] chore(deps): update docker/build-push-action action to v6
  • [ ] Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

  • [ ] chore(deps): update dependency svelte to v5

Detected Dependencies

dockerfile (1)
Dockerfile (0)
github-actions (3)
.github/workflows/alpha.yml (6)
  • actions/checkout v4
  • docker/login-action v3.3.0
  • docker/setup-qemu-action v3
  • docker/setup-buildx-action v3
  • docker/metadata-action v5.5.1
  • docker/build-push-action v5.4.0
.github/workflows/docker.yml (5)
  • actions/checkout v4
  • docker/login-action v3.3.0
  • docker/setup-qemu-action v3
  • docker/setup-buildx-action v3
  • docker/build-push-action v5
.github/workflows/linux.yml (3)
  • actions/checkout v3
  • actions/setup-node v4
  • actions/checkout v3
npm (1)
package.json (18)
  • svelte-check ^4.0.0
  • @fortawesome/fontawesome-free 6.6.0
  • @sveltejs/vite-plugin-svelte ^5.0.0
  • eslint ^9.0.0
  • eslint-plugin-svelte ^2.34.0
  • highlight.js ^11.9.0
  • js-cookie ^3.0.5
  • jsdoc ^4.0.2
  • jsdom ^25.0.0
  • jsonhtmlify ^0.1.0
  • lodash ^4.17.21
  • qs ^6.11.2
  • querystring ^0.2.1
  • sass ^1.69.3
  • svelte ^4.2.19
  • svelte-preprocess ^6.0.0
  • vite ^6.0.0
  • vitest ^2.1.9
  • [ ] Check this box to trigger a request for Renovate to run again on this repository

renovate[bot] avatar Aug 23 '22 06:08 renovate[bot]

I don't understand this change. What's the point of pinning package.json when you have a lock file? Same goes for

  • #769
  • #770
  • #772
  • #779
  • #780

jhthorsen avatar Aug 27 '22 00:08 jhthorsen

I don't understand this change. What's the point of pinning package.json when you have a lock file? Same goes for

So, there's a discussion here on the pros/cons https://docs.renovatebot.com/dependency-pinning/ - i actually wanted to discuss with you if we should configure renovate to not do this but suddenly busy at work which is why they were left open. If you're opposed to pinning we can turn it off in the config and close related prs

marcusramberg avatar Aug 27 '22 06:08 marcusramberg