X Tutup
Skip to content

Bump karma from 6.3.8 to 6.3.15 in /build#39764

Merged
phil-davis merged 2 commits intomasterfrom
dependabot/npm_and_yarn/build/karma-6.3.15
Feb 9, 2022
Merged

Bump karma from 6.3.8 to 6.3.15 in /build#39764
phil-davis merged 2 commits intomasterfrom
dependabot/npm_and_yarn/build/karma-6.3.15

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 7, 2022

Bumps karma from 6.3.8 to 6.3.15.

Release notes

Sourced from karma's releases.

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

  • remove string template from client code (91d5acd)
  • warn when singleRun and autoWatch are false (69cfc76)
  • security: remove XSS vulnerability in returnUrl query param (839578c)

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

  • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

  • remove depreciation warning from log4js (41bed33)

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

  • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

v6.3.10

6.3.10 (2022-01-08)

Bug Fixes

  • logger: create parent folders if they are missing (0d24bd9), closes #3734

... (truncated)

Changelog

Sourced from karma's changelog.

6.3.15 (2022-02-05)

Bug Fixes

6.3.14 (2022-02-05)

Bug Fixes

  • remove string template from client code (91d5acd)
  • warn when singleRun and autoWatch are false (69cfc76)
  • security: remove XSS vulnerability in returnUrl query param (839578c)

6.3.13 (2022-01-31)

Bug Fixes

  • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

6.3.12 (2022-01-24)

Bug Fixes

  • remove depreciation warning from log4js (41bed33)

6.3.11 (2022-01-13)

Bug Fixes

  • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

6.3.10 (2022-01-08)

Bug Fixes

  • logger: create parent folders if they are missing (0d24bd9), closes #3734

6.3.9 (2021-11-16)

Bug Fixes

  • restartOnFileChange option not restarting the test run (92ffe60), closes #27 #3724
Commits
  • c1befa0 chore(release): 6.3.15 [skip ci]
  • d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
  • 653c762 ci: prevent duplicate CI tasks on creating a PR
  • c97e562 chore(release): 6.3.14 [skip ci]
  • 91d5acd fix: remove string template from client code
  • 69cfc76 fix: warn when singleRun and autoWatch are false
  • 839578c fix(security): remove XSS vulnerability in returnUrl query param
  • db53785 chore(release): 6.3.13 [skip ci]
  • 5bf2df3 fix(deps): bump log4js to resolve security issue
  • 36ad678 chore(release): 6.3.12 [skip ci]
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump karma from 6.3.8 to 6.3.15 in /build
efdcbf9 
Bumps [karma](https://github.com/karma-runner/karma) from 6.3.8 to 6.3.15.
- [Release notes](https://github.com/karma-runner/karma/releases)
- [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md)
- [Commits](karma-runner/karma@v6.3.8...v6.3.15)

---
updated-dependencies:
- dependency-name: karma
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@update-docs
Copy link

update-docs bot commented Feb 7, 2022

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@dependabot dependabot bot mentioned this pull request Feb 7, 2022
Closed
@phil-davis phil-davis mentioned this pull request Feb 8, 2022
Closed
@phil-davis
Copy link
Contributor

phil-davis commented Feb 8, 2022

Needs the changelog edited:https://github.com/owncloud/core/blob/master/changelog/unreleased/JSdependencies202201onward

@micbar @janackermann @JammingBen what are we doing these days about keeping JS dependencies up-to-date?

CI is passing, so there is no obvious "traditional" web UI regression.

@phil-davis phil-davis mentioned this pull request Feb 8, 2022
Merged
@phil-davis
Copy link
Contributor

phil-davis commented Feb 8, 2022

Note: PR #39763 is related and probably requires this PR being merged first.

@JammingBen
Copy link
Contributor

JammingBen commented Feb 9, 2022

@micbar @janackermann @JammingBen what are we doing these days about keeping JS dependencies up-to-date?

I don't see a reason why we shouldn't upgrade these. It's just a patch release, and CI is green -> I think we're good here.

@phil-davis
Copy link
Contributor

phil-davis commented Feb 9, 2022

I will add the changelog, and then merge...

@phil-davis phil-davis mentioned this pull request Feb 9, 2022
Merged
@phil-davis phil-davis merged commit f4f109e into master Feb 9, 2022
@delete-merged-branch delete-merged-branch bot deleted the dependabot/npm_and_yarn/build/karma-6.3.15 branch February 9, 2022 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@AlexAndBear AlexAndBear AlexAndBear approved these changes

@JammingBen JammingBen JammingBen approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies javascript

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@phil-davis @JammingBen @AlexAndBear
X Tutup