From a981b208eca10d442f8aab81876465cdc7c95a00 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 1 Dec 2023 16:30:08 +0000 Subject: [PATCH 1/7] fix: upgrade axios from 1.6.0 to 1.6.1 Snyk has created this PR to upgrade axios from 1.6.0 to 1.6.1. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/qdraw/project/531476d7-c53d-4654-a630-aa2a1fee2cf9?utm_source=github&utm_medium=referral&page=upgrade-pr --- starsky-tools/dropbox-import/package-lock.json | 18 +++++++++--------- starsky-tools/dropbox-import/package.json | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/starsky-tools/dropbox-import/package-lock.json b/starsky-tools/dropbox-import/package-lock.json index fb8673d909..799b1d4c65 100644 --- a/starsky-tools/dropbox-import/package-lock.json +++ b/starsky-tools/dropbox-import/package-lock.json @@ -1,15 +1,15 @@ { "name": "dropbox-import", - "version": "0.5.10", + "version": "0.5.12", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "dropbox-import", - "version": "0.5.10", + "version": "0.5.12", "license": "ISC", "dependencies": { - "axios": "^1.6.0", + "axios": "^1.6.1", "dotenv": "^16.3.1" } }, @@ -19,9 +19,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", + "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", "dependencies": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", @@ -122,9 +122,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", + "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", "requires": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", diff --git a/starsky-tools/dropbox-import/package.json b/starsky-tools/dropbox-import/package.json index cdb7f59fc4..b01029f58f 100644 --- a/starsky-tools/dropbox-import/package.json +++ b/starsky-tools/dropbox-import/package.json @@ -10,7 +10,7 @@ "update:install": "npx --yes npm-check-updates -u && npm install" }, "dependencies": { - "axios": "^1.6.0", + "axios": "^1.6.1", "dotenv": "^16.3.1" }, "author": "", From ce224e63793cc2fbe98c5e8cbcd2e45d412b7e05 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 2 Dec 2023 15:33:27 +0000 Subject: [PATCH 2/7] fix: upgrade axios from 1.6.0 to 1.6.1 Snyk has created this PR to upgrade axios from 1.6.0 to 1.6.1. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/qdraw/project/5c9cb22c-a212-4c16-b714-e86ec9ccb2c4?utm_source=github&utm_medium=referral&page=upgrade-pr --- starsky-tools/thumbnail/package-lock.json | 14 +++++++------- starsky-tools/thumbnail/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/starsky-tools/thumbnail/package-lock.json b/starsky-tools/thumbnail/package-lock.json index 07983ed3f1..184b2e11b9 100644 --- a/starsky-tools/thumbnail/package-lock.json +++ b/starsky-tools/thumbnail/package-lock.json @@ -10,7 +10,7 @@ "license": "ISC", "dependencies": { "@types/jpeg-autorotate": "^5.0.3", - "axios": "^1.6.0", + "axios": "^1.6.1", "cwait": "^1.1.2", "dotenv": "^16.3.1", "jimp": "^0.22.10", @@ -476,9 +476,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", + "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", "dependencies": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", @@ -1848,9 +1848,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "axios": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", - "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", + "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", "requires": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", diff --git a/starsky-tools/thumbnail/package.json b/starsky-tools/thumbnail/package.json index 8951d66a83..da55ca2d32 100644 --- a/starsky-tools/thumbnail/package.json +++ b/starsky-tools/thumbnail/package.json @@ -19,7 +19,7 @@ "license": "ISC", "dependencies": { "@types/jpeg-autorotate": "^5.0.3", - "axios": "^1.6.0", + "axios": "^1.6.1", "cwait": "^1.1.2", "dotenv": "^16.3.1", "jimp": "^0.22.10", From 03ca6e0e6451f12cee44bf47be8f579620d36c00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Dec 2023 09:54:54 +0000 Subject: [PATCH 3/7] Bump actions/setup-dotnet from 3 to 4 Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3 to 4. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](https://github.com/actions/setup-dotnet/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-update-swagger-dotnet.yml | 2 +- .github/workflows/release-on-tag-netcore-desktop-electron.yml | 2 +- .github/workflows/starsky-codecov-clientapp-netcore.yml | 2 +- .github/workflows/starsky-dotnetcore-ubuntu.yml | 2 +- .github/workflows/starsky-dotnetcore-windows.yml | 2 +- .github/workflows/starsky-sonarqube-clientapp-netcore.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/auto-update-swagger-dotnet.yml b/.github/workflows/auto-update-swagger-dotnet.yml index 65d51befee..46020571f4 100644 --- a/.github/workflows/auto-update-swagger-dotnet.yml +++ b/.github/workflows/auto-update-swagger-dotnet.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 diff --git a/.github/workflows/release-on-tag-netcore-desktop-electron.yml b/.github/workflows/release-on-tag-netcore-desktop-electron.yml index 0a0909cf1f..2fd883d966 100644 --- a/.github/workflows/release-on-tag-netcore-desktop-electron.yml +++ b/.github/workflows/release-on-tag-netcore-desktop-electron.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 diff --git a/.github/workflows/starsky-codecov-clientapp-netcore.yml b/.github/workflows/starsky-codecov-clientapp-netcore.yml index 9cbeceda88..d707255229 100644 --- a/.github/workflows/starsky-codecov-clientapp-netcore.yml +++ b/.github/workflows/starsky-codecov-clientapp-netcore.yml @@ -31,7 +31,7 @@ jobs: ref: ${{ github.HEAD_REF }} - name: Setup .NET - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 diff --git a/.github/workflows/starsky-dotnetcore-ubuntu.yml b/.github/workflows/starsky-dotnetcore-ubuntu.yml index f9ba85deb9..e0d1a4a287 100644 --- a/.github/workflows/starsky-dotnetcore-ubuntu.yml +++ b/.github/workflows/starsky-dotnetcore-ubuntu.yml @@ -36,7 +36,7 @@ jobs: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 diff --git a/.github/workflows/starsky-dotnetcore-windows.yml b/.github/workflows/starsky-dotnetcore-windows.yml index 0fde7f0981..1668c0dccd 100644 --- a/.github/workflows/starsky-dotnetcore-windows.yml +++ b/.github/workflows/starsky-dotnetcore-windows.yml @@ -33,7 +33,7 @@ jobs: - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 diff --git a/.github/workflows/starsky-sonarqube-clientapp-netcore.yml b/.github/workflows/starsky-sonarqube-clientapp-netcore.yml index 093bbf1377..c4e8875132 100644 --- a/.github/workflows/starsky-sonarqube-clientapp-netcore.yml +++ b/.github/workflows/starsky-sonarqube-clientapp-netcore.yml @@ -41,7 +41,7 @@ jobs: git fetch --prune --unshallow - name: Setup .NET SDK - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: 6.0.417 From 9b9944b207f2c743cce2179c958a884d01003c1c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Dec 2023 09:55:01 +0000 Subject: [PATCH 4/7] Bump actions/deploy-pages from 2 to 3 Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages) from 2 to 3. - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](https://github.com/actions/deploy-pages/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/deploy-pages dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/documentation-gh-pages.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/documentation-gh-pages.yml b/.github/workflows/documentation-gh-pages.yml index 0d126b183a..4a04347312 100644 --- a/.github/workflows/documentation-gh-pages.yml +++ b/.github/workflows/documentation-gh-pages.yml @@ -66,4 +66,4 @@ jobs: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v2 + uses: actions/deploy-pages@v3 From dbef3e8ba0ecd85bef90f8d7167fad2666478ea2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Dec 2023 09:55:10 +0000 Subject: [PATCH 5/7] Bump actions/configure-pages from 3 to 4 Bumps [actions/configure-pages](https://github.com/actions/configure-pages) from 3 to 4. - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](https://github.com/actions/configure-pages/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/configure-pages dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/documentation-gh-pages.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/documentation-gh-pages.yml b/.github/workflows/documentation-gh-pages.yml index 0d126b183a..c33b6ce5a3 100644 --- a/.github/workflows/documentation-gh-pages.yml +++ b/.github/workflows/documentation-gh-pages.yml @@ -56,7 +56,7 @@ jobs: npm run build - name: Setup Pages - uses: actions/configure-pages@v3 + uses: actions/configure-pages@v4 - name: Upload artifact uses: actions/upload-pages-artifact@v2 From 504956dba7ab42ec6083e1301aaa8071c13aa750 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Dec 2023 00:13:12 +0000 Subject: [PATCH 6/7] Bump vite from 4.5.0 to 4.5.1 in /starsky/starsky/clientapp Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v4.5.1/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v4.5.1/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- starsky/starsky/clientapp/package-lock.json | 14 +++++++------- starsky/starsky/clientapp/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/starsky/starsky/clientapp/package-lock.json b/starsky/starsky/clientapp/package-lock.json index 6641c8cb7b..9bf190a2db 100644 --- a/starsky/starsky/clientapp/package-lock.json +++ b/starsky/starsky/clientapp/package-lock.json @@ -52,7 +52,7 @@ "ts-jest": "^29.1.1", "ts-node": "^10.9.1", "typescript": "^5.2.2", - "vite": "^4.4.10" + "vite": "^4.5.1" } }, "node_modules/@aashutoshrathi/word-wrap": { @@ -18774,9 +18774,9 @@ } }, "node_modules/vite": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/vite/-/vite-4.5.0.tgz", - "integrity": "sha512-ulr8rNLA6rkyFAlVWw2q5YJ91v098AFQ2R0PRFwPzREXOUJQPtFUG0t+/ZikhaOCDqFoDhN6/v8Sq0o4araFAw==", + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/vite/-/vite-4.5.1.tgz", + "integrity": "sha512-AXXFaAJ8yebyqzoNB9fu2pHoo/nWX+xZlaRwoeYUxEqBO+Zj4msE5G+BhGBll9lYEKv9Hfks52PAF2X7qDYXQA==", "dev": true, "dependencies": { "esbuild": "^0.18.10", @@ -32784,9 +32784,9 @@ "dev": true }, "vite": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/vite/-/vite-4.5.0.tgz", - "integrity": "sha512-ulr8rNLA6rkyFAlVWw2q5YJ91v098AFQ2R0PRFwPzREXOUJQPtFUG0t+/ZikhaOCDqFoDhN6/v8Sq0o4araFAw==", + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/vite/-/vite-4.5.1.tgz", + "integrity": "sha512-AXXFaAJ8yebyqzoNB9fu2pHoo/nWX+xZlaRwoeYUxEqBO+Zj4msE5G+BhGBll9lYEKv9Hfks52PAF2X7qDYXQA==", "dev": true, "requires": { "esbuild": "^0.18.10", diff --git a/starsky/starsky/clientapp/package.json b/starsky/starsky/clientapp/package.json index edf1c453eb..845763d981 100644 --- a/starsky/starsky/clientapp/package.json +++ b/starsky/starsky/clientapp/package.json @@ -66,7 +66,7 @@ "ts-jest": "^29.1.1", "ts-node": "^10.9.1", "typescript": "^5.2.2", - "vite": "^4.4.10" + "vite": "^4.5.1" }, "jest": { "testEnvironment": "jest-environment-jsdom", From d9f45efcf8129ff53c30436fd9f564cb1b24cf3c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 6 Dec 2023 16:09:39 +0000 Subject: [PATCH 7/7] fix: upgrade axios from 1.6.1 to 1.6.2 Snyk has created this PR to upgrade axios from 1.6.1 to 1.6.2. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/qdraw/project/531476d7-c53d-4654-a630-aa2a1fee2cf9?utm_source=github&utm_medium=referral&page=upgrade-pr --- starsky-tools/dropbox-import/package-lock.json | 14 +++++++------- starsky-tools/dropbox-import/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/starsky-tools/dropbox-import/package-lock.json b/starsky-tools/dropbox-import/package-lock.json index 799b1d4c65..6f058078ac 100644 --- a/starsky-tools/dropbox-import/package-lock.json +++ b/starsky-tools/dropbox-import/package-lock.json @@ -9,7 +9,7 @@ "version": "0.5.12", "license": "ISC", "dependencies": { - "axios": "^1.6.1", + "axios": "^1.6.2", "dotenv": "^16.3.1" } }, @@ -19,9 +19,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", - "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz", + "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==", "dependencies": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", @@ -122,9 +122,9 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "axios": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.1.tgz", - "integrity": "sha512-vfBmhDpKafglh0EldBEbVuoe7DyAavGSLWhuSm5ZSEKQnHhBf0xAAwybbNH1IkrJNGnS/VG4I5yxig1pCEXE4g==", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz", + "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==", "requires": { "follow-redirects": "^1.15.0", "form-data": "^4.0.0", diff --git a/starsky-tools/dropbox-import/package.json b/starsky-tools/dropbox-import/package.json index b01029f58f..8b30863786 100644 --- a/starsky-tools/dropbox-import/package.json +++ b/starsky-tools/dropbox-import/package.json @@ -10,7 +10,7 @@ "update:install": "npx --yes npm-check-updates -u && npm install" }, "dependencies": { - "axios": "^1.6.1", + "axios": "^1.6.2", "dotenv": "^16.3.1" }, "author": "",