editorjs-toggle-block chore(deps): update all dependencies

chore(deps): update all dependencies

Open renovate[bot] opened this issue 9 months ago • 2 comments

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	minor	`v4.1.1` -> `v4.2.1`
actions/setup-node	action	patch	`v4.0.2` -> `v4.0.4`
actions/upload-artifact	action	minor	`v4.3.1` -> `v4.4.3`
coverallsapp/github-action	action	digest	`c203f01` -> `643bc37`
eslint (source)	devDependencies	major	`^8.57.0` -> `^9.0.0`
github/codeql-action	action	minor	`v3.24.10` -> `v3.26.12`
ossf/scorecard-action	action	minor	`v2.3.1` -> `v2.4.0`
step-security/harden-runner	action	minor	`v2.7.0` -> `v2.10.1`
uuid	dependencies	major	`^9.0.0` -> `^10.0.0`

Release Notes

actions/checkout (actions/checkout)

`v4.2.1`

Compare Source

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924

`v4.2.0`

Compare Source

Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872

`v4.1.7`

Compare Source

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
Check out other refs/* by commit by @orhantoy in https://github.com/actions/checkout/pull/1774
Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in https://github.com/actions/checkout/pull/1776

`v4.1.6`

Compare Source

Check platform to set archive extension appropriately by @cory-miller in https://github.com/actions/checkout/pull/1732

`v4.1.5`

Compare Source

What's Changed

Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in https://github.com/actions/checkout/pull/1707

Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5

`v4.1.4`

Compare Source

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in https://github.com/actions/checkout/pull/1692
Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643

`v4.1.3`

Compare Source

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in https://github.com/actions/checkout/pull/1650
Check git version before attempting to disable sparse-checkout by @jww3 in https://github.com/actions/checkout/pull/1656
Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685

Full Changelog: https://github.com/actions/checkout/compare/v4.1.2...v4.1.3

`v4.1.2`

Compare Source

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in https://github.com/actions/checkout/pull/1598

actions/setup-node (actions/setup-node)

`v4.0.3`

Compare Source

actions/upload-artifact (actions/upload-artifact)

`v4.4.3`

Compare Source

What's Changed

Undo indirect dependency updates from #627 by @joshmgross in https://github.com/actions/upload-artifact/pull/632

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3

`v4.4.2`

Compare Source

What's Changed

Bump @actions/artifact to 2.1.11 by @robherley in https://github.com/actions/upload-artifact/pull/627
- Includes fix for relative symlinks not resolving properly

Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v4.4.2

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1

`v4.3.4`

Compare Source

What's Changed

Update @actions/artifact version, bump dependencies by @robherley in https://github.com/actions/upload-artifact/pull/584

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4

`v4.3.3`

Compare Source

What's Changed

updating @actions/artifact dependency to v2.1.6 by @eggyhead in https://github.com/actions/upload-artifact/pull/565

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3

`v4.3.2`

Compare Source

What's Changed

Update release-new-action-version.yml by @konradpabjan in https://github.com/actions/upload-artifact/pull/516
Minor fix to the migration readme by @andrewakim in https://github.com/actions/upload-artifact/pull/523
Update readme with v3/v2/v1 deprecation notice by @robherley in https://github.com/actions/upload-artifact/pull/561
updating @actions/artifact dependency to v2.1.5 and @actions/core to v1.0.1 by @eggyhead in https://github.com/actions/upload-artifact/pull/562

New Contributors

@andrewakim made their first contribution in https://github.com/actions/upload-artifact/pull/523

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2

eslint/eslint (eslint)

`v9.12.0`

Compare Source

Features

5a6a053 feat: update to jiti v2 (#18954) (Arya Emami)
17a07fb feat: Hooks for test cases (RuleTester) (#18771) (Anna Bocharova)
2ff0e51 feat: Implement alternate config lookup (#18742) (Nicholas C. Zakas)
2d17453 feat: Implement modified cyclomatic complexity (#18896) (Dmitry Pashkevich)

Bug Fixes

ea380ca fix: Upgrade retry to avoid EMFILE errors (#18986) (Nicholas C. Zakas)
fdd6319 fix: Issues with type definitions (#18940) (Arya Emami)

Documentation

ecbd522 docs: Mention code explorer (#18978) (Nicholas C. Zakas)
7ea4ecc docs: Clarifying the Use of Meta Objects (#18697) (Amaresh S M)
d3e4b2e docs: Clarify how to exclude .js files (#18976) (Milos Djermanovic)
57232ff docs: Mention plugin-kit in language docs (#18973) (Nicholas C. Zakas)
b80ed00 docs: Update README (GitHub Actions Bot)
cb69ab3 docs: Update README (GitHub Actions Bot)
7fb0d95 docs: Update README (GitHub Actions Bot)
493348a docs: Update README (GitHub Actions Bot)
87a582c docs: fix typo in id-match rule (#18944) (Jay)

Chores

555aafd chore: upgrade to @eslint/[email protected] (#18987) (Francesco Trotta)
873ae60 chore: package.json update for @eslint/js release (Jenkins)
d0a5414 refactor: replace strip-ansi with native module (#18982) (Cristopher)
b827029 chore: Enable JSON5 linting (#18979) (Milos Djermanovic)
8f55ca2 chore: Upgrade espree, eslint-visitor-keys, eslint-scope (#18962) (Nicholas C. Zakas)
c1a2725 chore: update dependency mocha to ^10.7.3 (#18945) (Milos Djermanovic)

`v9.11.0`

Compare Source

Features

ec30c73 feat: add "eslint/universal" to export Linter (#18883) (唯然)
c591da6 feat: Add language to types (#18917) (Nicholas C. Zakas)
492eb8f feat: limit the name given to ImportSpecifier in id-length (#18861) (Tanuj Kanti)
19c6856 feat: Add no-useless-constructor suggestion (#18799) (Jordan Thomson)
a48f8c2 feat: add type FormatterFunction, update LoadedFormatter (#18872) (Francesco Trotta)

Bug Fixes

5e5f39b fix: add missing types for no-restricted-exports rule (#18914) (Kristóf Poduszló)
8f630eb fix: add missing types for no-param-reassign options (#18906) (Kristóf Poduszló)
d715781 fix: add missing types for no-extra-boolean-cast options (#18902) (Kristóf Poduszló)
2de5742 fix: add missing types for no-misleading-character-class options (#18905) (Kristóf Poduszló)
c153084 fix: add missing types for no-implicit-coercion options (#18903) (Kristóf Poduszló)
fa11b2e fix: add missing types for no-empty-function options (#18901) (Kristóf Poduszló)
a0deed1 fix: add missing types for camelcase options (#18897) (Kristóf Poduszló)

Documentation

e4e5709 docs: correct prefer-object-has-own type definition comment (#18924) (Nitin Kumar)
91cbd18 docs: add unicode abbreviations in no-irregular-whitespace rule (#18894) (Alix Royere)
59cfc0f docs: clarify resultsMeta in LoadedFormatter type (#18881) (Milos Djermanovic)
adcc50d docs: Update README (GitHub Actions Bot)
4edac1a docs: Update README (GitHub Actions Bot)

Build Related

959d360 build: Support updates to previous major versions (#18871) (Milos Djermanovic)

Chores

ca21a64 chore: upgrade @eslint/js @9.11.0 (#18927) (Milos Djermanovic)
a10f90a chore: package.json update for @eslint/js release (Jenkins)
e4e02cc refactor: Extract processor logic into ProcessorService (#18818) (Nicholas C. Zakas)
6d4484d chore: updates for v8.57.1 release (Jenkins)
71f37c5 refactor: use optional chaining when validating config rules (#18893) (lucasrmendonca)
2c2805f chore: Add PR note to all templates (#18892) (Nicholas C. Zakas)
7b852ce refactor: use Directive class from @eslint/plugin-kit (#18884) (Milos Djermanovic)
d594ddd chore: update dependency @eslint/core to ^0.6.0 (#18863) (renovate[bot])
78b2421 chore: Update change.yml (#18882) (Nicholas C. Zakas)
a416f0a chore: enable $ExpectType comments in .ts files (#18869) (Francesco Trotta)

`v9.9.0`

Compare Source

Features

41d0206 feat: Add support for TS config files (#18134) (Arya Emami)
3a4eaf9 feat: add suggestion to require-await to remove async keyword (#18716) (Dave)

Documentation

9fe068c docs: how to author plugins with configs that extend other configs (#18753) (Alec Gibson)
48117b2 docs: add version support page in the side navbar (#18738) (Amaresh S M)
fec2951 docs: add version support page to the dropdown (#18730) (Amaresh S M)
38a0661 docs: Fix typo (#18735) (Zaina Al Habash)
3c32a9e docs: Update yarn command for creating ESLint config (#18739) (Temitope Ogunleye)
f9ac978 docs: Update README (GitHub Actions Bot)

Chores

461b2c3 chore: upgrade to @eslint/[email protected] (#18765) (Francesco Trotta)
59dba1b chore: package.json update for @eslint/js release (Jenkins)
fea8563 chore: update dependency @eslint/core to ^0.3.0 (#18724) (renovate[bot])
aac191e chore: update dependency @eslint/json to ^0.3.0 (#18760) (renovate[bot])
b97fa05 chore: update wdio dependencies for more stable tests (#18759) (Christian Bromann)

`v9.7.0`

Compare Source

Features

7bd9839 feat: add support for es2025 duplicate named capturing groups (#18630) (Yosuke Ota)
1381394 feat: add regex option in no-restricted-imports (#18622) (Nitin Kumar)

Bug Fixes

14e9f81 fix: destructuring in catch clause in no-unused-vars (#18636) (Francesco Trotta)

Documentation

9f416db docs: Add Powered by Algolia label to the search. (#18633) (Amaresh S M)
c8d26cb docs: Open JS Foundation -> OpenJS Foundation (#18649) (Milos Djermanovic)
6e79ac7 docs: loadESLint does not support option cwd (#18641) (Francesco Trotta)

Chores

793b718 chore: upgrade @eslint/js @9.7.0 (#18680) (Francesco Trotta)
7ed6f9a chore: package.json update for @eslint/js release (Jenkins)
7bcda76 refactor: Add type references (#18652) (Nicholas C. Zakas)
51bf57c chore: add tech sponsors through actions (#18624) (Strek)
6320732 refactor: don't use parent property in NodeEventGenerator (#18653) (Milos Djermanovic)
9e6d640 refactor: move "Parsing error" prefix adding to Linter (#18650) (Milos Djermanovic)

`v8.57.1`

Compare Source

github/codeql-action (github/codeql-action)

`v3.24.11`

Compare Source

ossf/scorecard-action (ossf/scorecard-action)

This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the v5.0.0 release notes. Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation.

:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1410
:bug: lower license sarif alert threshold to 9 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1411

Documentation

docs: dogfooding badge by @jkowalleck in https://github.com/ossf/scorecard-action/pull/1399

New Contributors

@jkowalleck made their first contribution in https://github.com/ossf/scorecard-action/pull/1399

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0

`v2.3.3`

Compare Source

[!NOTE]
There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag

What's Changed

:seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1366
:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1374
:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1377

For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.

Documentation

:book: Move token discussion out of main README. by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1279
:book: link to ossf/scorecard workflow instead of maintaining an example by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1352
:book: update api links to new scorecard.dev site by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1376

Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3

`v2.3.2`

Compare Source

step-security/harden-runner (step-security/harden-runner)

`v2.10.1`

Compare Source

What's Changed

Release v2.10.1 by @varunsh-coder in https://github.com/step-security/harden-runner/pull/463 Bug fix: Resolves an issue where DNS resolution of .local domains was failing when using a Kind cluster in a GitHub Actions workflow.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.10.1

`v2.10.0`

Compare Source

What's Changed

Release v2.10.0 by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/455

ARM Support: Harden-Runner Enterprise tier now supports GitHub-hosted ARM runners. This includes all the features that apply to previously supported GitHub-hosted x64 Linux runners.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.10.0

`v2.9.1`

Compare Source

What's Changed

Release v2.9.1 by @h0x0er and @varunsh-coder in #440 This release includes two changes:

Updated markdown displayed in the job summary by the Harden-Runner Action.
Fixed a bug affecting Enterprise Tier customers where the agent attempted to upload telemetry for jobs with disable-telemetry set to true. No telemetry was uploaded as the endpoint was not in the allowed list.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.9.1

`v2.9.0`

Compare Source

What's Changed

Release v2.9.0 by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/435 This release includes:

Enterprise Tier - Telemetry Upload Enhancement: For the enterprise tier, this change helps overcome size constraints, allowing for more reliable telemetry uploads from the Harden-Runner agent to the StepSecurity backend API. No configuration change is needed to enable this.
Harden-Runner Agent Authentication: The Harden-Runner agent now uses a per-job key to authenticate to the StepSecurity backend API to submit telemetry. This change prevents the submission of telemetry data anonymously for a given job, improving the integrity of the data collection process. No configuration change is needed to enable this.
README Update: A Table of Contents has been added to the README file to improve navigation. This makes it easier for users to find the information they need quickly.
Dependency Update: Updated the braces npm package dependency to a non-vulnerable version. The vulnerability in braces did not affect the Harden Runner Action

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.9.0

`v2.8.1`

Compare Source

What's Changed

Bug fix: Update isGitHubHosted implementation by @varunsh-coder in https://github.com/step-security/harden-runner/pull/425 The previous implementation incorrectly identified large GitHub-hosted runners as self-hosted runners. As a result, harden-runner was not executing on these large GitHub-hosted runners.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.8.1

`v2.8.0`

Compare Source

What's Changed

Release v2.8.0 by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/416 This release includes:

File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process.
Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process.

These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.8.0

`v2.7.1`

Compare Source

What's Changed

Release v2.7.1 by @varunsh-coder, @h0x0er, @ashishkurmi in https://github.com/step-security/harden-runner/pull/397 This release:

Improves the capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners
Updates README to add link to case study video on how Harden-Runner detected a supply chain attack on a Google open-source project
Addresses minor bugs

Full Changelog: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1

uuidjs/uuid (uuid)

`v10.0.0`

Compare Source

⚠ BREAKING CHANGES

update node support (drop node@12, node@14, add node@20) (#750)

Features

support support rfc9562 MAX uuid (new in RFC9562) (#714) (0385cd3)
support rfc9562 v6 uuids (#754) (c4ed13e)
support rfc9562 v7 uuids (#681) (db76a12)
update node support matrix (only support node 16-20) (#750) (883b163)
support rfc9562 v8 uuids (#759) (35a5342)

Bug Fixes

revert "perf: remove superfluous call to toLowerCase (#677)" (#738) (e267b90)

`v9.0.1`

[Compare Source](https://redirect.github.com/uuidjs/uuid/compare/v9.0.0...v9

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

May 01 '24 00:05 renovate[bot]

editorjs-toggle-block editorjs-toggle-block copied to clipboard

chore(deps): update all dependencies

Release Notes

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

New Contributors

Features

Bug Fixes

Documentation

Chores

Features

Bug Fixes

Documentation

Build Related

Chores

Features

Documentation

Chores

Features

Bug Fixes

Documentation

Chores

What's Changed

Documentation

New Contributors

What's Changed

Documentation

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

⚠ BREAKING CHANGES

Features

Bug Fixes

Configuration

editorjs-toggle-block
editorjs-toggle-block copied to clipboard