mattermost-plugin-gitlab icon indicating copy to clipboard operation
mattermost-plugin-gitlab copied to clipboard
verified publisher icon mattermost

Bump nanoid and mattermost-redux in /webapp

Open dependabot[bot] opened this issue 9 months ago • 7 comments

Bumps nanoid to 3.3.8 and updates ancestor dependency mattermost-redux. These dependencies need to be updated together.

Updates nanoid from 2.1.11 to 3.3.8

Release notes

Sourced from nanoid's releases.

3.0 Migration Guide

Nano ID 3.0 is the biggest release in the project history. Unfortunately, you will need to change the code of your application. But the changes are very small in most cases. In return, you will have better performance, smaller size, ES modules and TypeScript support.

Known Issues

  • Only Create React App 4.0 supports dual ESM/CJS modules.

Simple Case

In simple cases, you just need to change default import to named import.

- import nanoid from 'nanoid'
+ import { nanoid } from 'nanoid'

nanoid() //=> "sSAi9F8yakJZPxOCr_WFb"

nanoid(5) //=> "ISe9l"

If you support IE, you need to transpile node_modules by Babel.

Non-secure and asynchronous Nano ID need only import changes as well.

- import nanoid from 'nanoid/non-secure'
+ import { nanoid } from 'nanoid/non-secure'

nanoid() //=> "sSAi9F8yakJZPxOCr_WFb"


- import nanoid from 'nanoid/async'
+ import { nanoid } from 'nanoid/async'

nanoid().then(id => {
id //=> "sSAi9F8yakJZPxOCr_WFb"
})

TypeScript

Remove @types/nanoid if you have it. Nano ID now have built-in types.

npm uninstall @types/nanoid

React Native

For Expo you need to load the file by direct path:

... (truncated)

Changelog

Sourced from nanoid's changelog.

3.3.8

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).

3.3.6

  • Fixed package.

3.3.5

  • Backport funding information.

3.3.4

3.3.3

  • Reduced size (by Anton Khlynovskiy).

3.3.2

  • Fixed enhanced-resolve support.

3.3.1

  • Reduced package size.

3.3

  • Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

  • Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

  • Reduced async exports size (by Artyom Arutyunyan).
  • Moved from Jest to uvu (by Vitaly Baev).

3.1.31

  • Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

3.1.30

  • Reduced size for project with brotli compression (by Anton Khlynovskiy).

3.1.29

  • Reduced npm package size.

3.1.28

  • Reduced npm package size.

3.1.27

  • Cleaned dependencies from development tools.

3.1.26

... (truncated)

Commits

Updates mattermost-redux from 5.33.1 to 10.6.0

Release notes

Sourced from mattermost-redux's releases.

v10.6.0

Mattermost Platform Release 10.6.0 contains multiple new quality of life improvements as well as PostgreSQL performance enhancements.

v10.6.0-rc3

Mattermost Platform Release 10.6.0-rc3

v10.6.0-rc2

Mattermost Platform Release 10.6.0-rc2

v10.6.0-rc1

Mattermost Platform Release 10.6.0-rc1

v10.5.3-rc1

Mattermost Platform Release 10.5.3-rc1

v10.5.2

Mattermost Platform Release 10.5.2 contains low to high severity level security fixes.

v10.5.1

Mattermost Platform Release 10.5.1 is the latest Extended Support Release and contains a Compliance Export overhaul as well as other improvements, bug fixes and breaking changes.

v10.5.1-rc2

Mattermost Platform Release 10.5.1-rc2

v10.5.1-rc1

Mattermost Platform Release 10.5.1-rc1

v10.5.0

Mattermost Platform Release 10.5.0

v10.5.0-rc6

Mattermost Platform Release 10.5.0-rc6

v10.5.0-rc5

Mattermost Platform Release 10.5.0-rc5

v10.5.0-rc4

Mattermost Platform Release 10.5.0-rc4

v10.5.0-rc3

Mattermost Platform Release 10.5.0-rc3

v10.5.0-rc2

Mattermost Platform Release 10.5.0-rc2

v10.5.0-rc1

Mattermost Platform Release 10.5.0-rc1

v10.4.5-rc1

Mattermost Platform Release 10.4.5-rc1

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by hmhealey, a new releaser for mattermost-redux since your current version.


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar Apr 07 '25 22:04 dependabot[bot]

Reviewers

The following users could not be added as reviewers: manland. Either the username does not exist or it does not have the correct permissions to be added as a reviewer.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot[bot] avatar Apr 07 '25 22:04 dependabot[bot]

@dependabot recreate

wiggin77 avatar Apr 14 '25 18:04 wiggin77

This PR has been automatically labelled "stale" because it hasn't had recent activity. A core team member will check in on the status of the PR to help with questions. Thank you for your contribution!

mattermost-build avatar Apr 25 '25 01:04 mattermost-build

@dependabot recreate

wiggin77 avatar May 16 '25 18:05 wiggin77

@Kshitij-Katiyar dependabot has created PRs for a bunch of plugins to update mattermost-redux. Unfortunately, these plugins have not kept up with dependencies and the version jump includes breaking changes. It looks like we've held off on upgrading but we can't keep pushing this out. I'll be assigning you the tickets.

wiggin77 avatar May 16 '25 18:05 wiggin77

@Kshitij-Katiyar dependabot has created PRs for a bunch of plugins to update mattermost-redux. Unfortunately, these plugins have not kept up with dependencies and the version jump includes breaking changes. It looks like we've held off on upgrading but we can't keep pushing this out. I'll be assigning you the tickets.

@wiggin77 Sure, we will be looking into it

Kshitij-Katiyar avatar May 19 '25 06:05 Kshitij-Katiyar

This PR has been automatically labelled "stale" because it hasn't had recent activity. A core team member will check in on the status of the PR to help with questions. Thank you for your contribution!

mattermost-build avatar May 30 '25 01:05 mattermost-build