Skip to content

Commit

Permalink
chore(deps): bump ssri from 10.0.6 to 11.0.0 (#1084)
Browse files Browse the repository at this point in the history 
Bumps [ssri](https://github.com/npm/ssri) from 10.0.6 to 11.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/ssri/releases">ssri's
releases</a>.</em></p>
<blockquote>
<h2>v11.0.0</h2>
<h2><a
href="https://github.com/npm/ssri/compare/v10.0.6...v11.0.0">11.0.0</a>
(2024-09-03)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>ssri</code> is now compatible with the following semver range
for node: <code>^16.14.0 || &gt;=18.0.0</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/ssri/commit/29a6e2c2e0d919f595ab1d9e0b685e9627f7ec41"><code>29a6e2c</code></a>
Address breaking engine change in dependency (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="https://github.com/npm/ssri/commit/db4219f28ab4576c32cde8ef008f2fc408b7f577"><code>db4219f</code></a>
bump <code>@​npmcli/eslint-config</code> from 4.0.5 to 5.0.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="https://github.com/npm/ssri/commit/f2dd0125e4381f54ce97d4e03e57c21b3ff0aa3d"><code>f2dd012</code></a>
template-oss-apply (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
<li><a
href="https://github.com/npm/ssri/commit/f2a2a9d09fd8956180b8aaf30b69481f61da0e2d"><code>f2a2a9d</code></a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
<li><a
href="https://github.com/npm/ssri/commit/4508f71d8a873a2d3cee9369fa6117530bee6b6c"><code>4508f71</code></a>
bump <code>@​npmcli/template-oss</code> from 4.22.0 to 4.23.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/ssri/blob/main/CHANGELOG.md">ssri's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/ssri/compare/v10.0.6...v11.0.0">11.0.0</a>
(2024-09-03)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>ssri</code> is now compatible with the following semver range
for node: <code>^16.14.0 || &gt;=18.0.0</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/ssri/commit/29a6e2c2e0d919f595ab1d9e0b685e9627f7ec41"><code>29a6e2c</code></a>
Address breaking engine change in dependency (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="https://github.com/npm/ssri/commit/db4219f28ab4576c32cde8ef008f2fc408b7f577"><code>db4219f</code></a>
bump <code>@​npmcli/eslint-config</code> from 4.0.5 to 5.0.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="https://github.com/npm/ssri/commit/f2dd0125e4381f54ce97d4e03e57c21b3ff0aa3d"><code>f2dd012</code></a>
template-oss-apply (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
<li><a
href="https://github.com/npm/ssri/commit/f2a2a9d09fd8956180b8aaf30b69481f61da0e2d"><code>f2a2a9d</code></a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/hashtagchris"><code>@​hashtagchris</code></a>)</li>
<li><a
href="https://github.com/npm/ssri/commit/4508f71d8a873a2d3cee9369fa6117530bee6b6c"><code>4508f71</code></a>
bump <code>@​npmcli/template-oss</code> from 4.22.0 to 4.23.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/npm/ssri/commit/ba65b07e5bb3b4041c71bb499a1e76d82c0fa367"><code>ba65b07</code></a>
chore: release 11.0.0 (<a
href="https://redirect.github.com/npm/ssri/issues/138">#138</a>)</li>
<li><a
href="https://github.com/npm/ssri/commit/db4219f28ab4576c32cde8ef008f2fc408b7f577"><code>db4219f</code></a>
chore: bump <code>@​npmcli/eslint-config</code> from 4.0.5 to 5.0.0</li>
<li><a
href="https://github.com/npm/ssri/commit/f2a2a9d09fd8956180b8aaf30b69481f61da0e2d"><code>f2a2a9d</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="https://github.com/npm/ssri/commit/4508f71d8a873a2d3cee9369fa6117530bee6b6c"><code>4508f71</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.22.0 to
4.23.3</li>
<li><a
href="https://github.com/npm/ssri/commit/f2dd0125e4381f54ce97d4e03e57c21b3ff0aa3d"><code>f2dd012</code></a>
chore: template-oss-apply</li>
<li><a
href="https://github.com/npm/ssri/commit/29a6e2c2e0d919f595ab1d9e0b685e9627f7ec41"><code>29a6e2c</code></a>
fix!: Address breaking engine change in dependency</li>
<li>See full diff in <a
href="https://github.com/npm/ssri/compare/v10.0.6...v11.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ssri&package-manager=npm_and_yarn&previous-version=10.0.6&new-version=11.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Sep 18, 2024
1 parent 6139934 commit 573a5db
Show file tree
Hide file tree
Showing 2 changed files with 111 additions and 6 deletions.
115 changes: 110 additions & 5 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/node/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
"find-cache-dir": "^3.3.2",
"flat-cache": "^3.0.4",
"lodash": "^4.17.15",
"ssri": "^10.0.1",
"ssri": "^11.0.0",
"timeout-signal": "^1.1.0",
"type-is": "^1.6.18"
},
Expand Down

0 comments on commit 573a5db

Please sign in to comment.