slsa-github-generator icon indicating copy to clipboard operation
slsa-github-generator copied to clipboard

Published 20 hours ago verified publisher icon slsa-framework

Update dependency @vercel/ncc to v0.34.0

Open renovate-bot opened this issue 3 years ago • 3 comments
trafficstars

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@vercel/ncc 0.31.1 -> 0.34.0 age adoption passing confidence

Release Notes

vercel/ncc

v0.34.0

Compare Source

Changes

Add support for TS 4.7

  • Chore(deps-dev): bump ts-loader from 8.3.0 to 9.3.0: #​921
  • Chore(deps-dev): bump express from 4.17.1 to 4.18.1: #​917
  • Chore: add memory-fs to the devDependencies: #​927
Credits

Huge thanks to @​stscoundrel and @​shogo82148 for helping!

v0.33.4

Compare Source

Changes
  • Fix: Add missing variable declaration: #​773
  • Chore: add windows to CI: #​896
  • Chore: bump webpack-asset-relocator-loader to 1.7.2: #​912
  • Chore(deps-dev): bump vm2 from 3.9.4 to 3.9.6: #​872
  • Chore(deps): bump url-parse from 1.5.3 to 1.5.7: #​875
  • Chore(deps): bump url-parse from 1.5.7 to 1.5.10: #​879
  • Chore(deps-dev): bump stripe from 8.167.0 to 8.205.0: #​882
  • Chore(deps-dev): bump typescript from 4.4.2 to 4.6.2: #​881
  • Chore(deps-dev): bump twilio from 3.66.1 to 3.75.0: #​884
  • Chore(deps): bump actions/setup-node from 2 to 3: #​880
  • Chore(deps-dev): bump graphql from 15.5.1 to 15.8.0: #​885
  • Chore: replace deprecated String.prototype.substr(): #​894
  • Chore(deps): bump actions/checkout from 2 to 3: #​902
  • Chore(deps-dev): bump @​azure/cosmos from 3.12.3 to 3.15.1: #​905
  • Chore(deps-dev): bump stripe from 8.205.0 to 8.214.0: #​906
  • Chore(deps-dev): bump @​google-cloud/bigquery from 5.7.0 to 5.12.0: #​903
  • Chore(deps-dev): bump tsconfig-paths from 3.10.1 to 3.14.1: #​904
Credits

Huge thanks to @​CommanderRoot for helping!

v0.33.3

Compare Source

Patches
  • Fix: bump license-webpack-plugin: #​871
  • Chore(deps): bump follow-redirects from 1.14.7 to 1.14.8: #​870

v0.33.2

Compare Source

Patches
  • Fix: use sha256 instead of deprecated md5 for hash algorithm: #​868
  • Fix: typo in build script: #​835
  • Chore(test) Add Node.js 16 to CI: #​801
  • Chore(deps): bump nodemailer from 6.5.0 to 6.7.2: #​833
  • Chore(deps-dev): bump terser from 5.7.1 to 5.10.0: #​840
  • Chore(deps-dev): bump passport from 0.4.1 to 0.5.2: #​839
  • Chore(deps-dev): bump sequelize from 6.6.5 to 6.12.4: #​843
  • Chore(deps-dev): bump analytics-node from 5.0.0 to 6.0.0: #​838
  • Chore(deps): bump follow-redirects from 1.14.5 to 1.14.7: #​846
  • Chore(deps): bump cached-path-relative from 1.0.2 to 1.1.0: #​854
  • Chore(deps-dev): bump license-webpack-plugin from 2.3.20 to 4.0.1: #​859
  • Chore(deps): bump simple-get from 3.1.0 to 3.1.1: #​864
  • Chore(deps-dev): bump aws-sdk from 2.1024.0 to 2.1068.0: #​867
Credits

Huge thanks to @​shakefu for helping!

v0.33.1

Compare Source

Patches
  • Allow configuring mainFields for nccing browser modules: #​832

v0.33.0

Compare Source

Minor Changes
Patches
  • Chore(deps-dev): bump koa from 2.13.1 to 2.13.4: #​822
  • Chore(deps-dev): bump mariadb from 2.5.4 to 2.5.5: #​823
Credits

Huge thanks to @​fenix20113 for helping!

v0.32.0

Compare Source

Changes
  • Feat: bump to [email protected]: #​809
  • Docs: add debug command description: #​800
  • Chore(deps): bump object-path from 0.11.7 to 0.11.8: #​778
  • Chore(deps): bump tmpl from 1.0.4 to 1.0.5: #​779
  • Chore(deps-dev): bump vm2 from 3.9.3 to 3.9.4: #​795
  • Chore(deps-dev): bump axios from 0.21.1 to 0.21.2: #​810
  • Chore(deps-dev): bump aws-sdk from 2.958.0 to 2.1024.0: #​812
  • Chore(deps-dev): bump webpack from 5.61.0 to 5.62.1: #​813
  • Chore(deps): bump passport-oauth2 from 1.5.0 to 1.6.1: #​811
  • Chore(deps): bump url-parse from 1.5.1 to 1.5.3: #​815
Credits

Huge thanks to @​fireairforce and @​jesec for helping!

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

renovate-bot avatar Jul 30 '22 05:07 renovate-bot

I anticipated this may become a problem. What do you suggest? Do we even care about updating this package regularity? Maybe it's something we should do one / month at best?

laurentsimon avatar Aug 02 '22 16:08 laurentsimon

Yeah, I'm ok with being less prompt about upgrading. 1/mo or bi-weekly is probably good. We can also just mentally deprioritize them and let these PRs sit here until we can get around to them.

ianlewis avatar Aug 03 '22 00:08 ianlewis

Created https://github.com/slsa-framework/slsa-github-generator/issues/656 for tracking.

laurentsimon avatar Aug 03 '22 01:08 laurentsimon