Skip to content
This repository was archived by the owner on May 15, 2023. It is now read-only.

Bump shell-quote, react-scripts and @storybook/react in /example#30

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/example/shell-quote-and-react-scripts-and-storybook/react-1.7.3
Open

Bump shell-quote, react-scripts and @storybook/react in /example#30
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/example/shell-quote-and-react-scripts-and-storybook/react-1.7.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Sep 13, 2022

Copy link
Copy Markdown

Bumps shell-quote, react-scripts and @storybook/react. These dependencies needed to be updated together.
Updates shell-quote from 1.6.1 to 1.7.3

Release notes

Sourced from shell-quote's releases.

v1.7.2

  • Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)

v1.7.1

  • Fix $ being removed when not part of an environment variable name. (@​Adman in #32)

v1.7.0

  • Add support for parsing >> and >& redirection operators. (@​forivall in #16)
  • Add support for parsing <( process substitution operator. (@​cuonglm in #15)

v1.6.3

  • Fix Windows path quoting problems. (@​dy in #34)

v1.6.2

  • Remove dependencies in favour of native methods. (@​zertosh in #21)
Changelog

Sourced from shell-quote's changelog.

1.7.3

  • Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)

1.7.2

  • Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)

1.7.1

  • Fix $ being removed when not part of an environment variable name. (@​Adman in #32)

1.7.0

  • Add support for parsing >> and >& redirection operators. (@​forivall in #16)
  • Add support for parsing <( process substitution operator. (@​cuonglm in #15)

1.6.3

  • Fix Windows path quoting problems. (@​dy in #34)

1.6.2

  • Remove dependencies in favour of native methods. (@​zertosh in #21)
Commits

Updates react-scripts from 3.0.1 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.4

or

yarn add --exact react-scripts@3.4.4

3.4.3 (2020-08-12)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.3

or

yarn add --exact react-scripts@3.4.3

3.4.2 (2020-08-11)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.1 to 3.4.2

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.2

or

... (truncated)

Commits

Updates @storybook/react from 5.1.9 to 6.5.11

Release notes

Sourced from @​storybook/react's releases.

v6.5.11

Bug Fixes

  • CLI: Fix race condition in sb init #19083
  • Core: Fix WebProjectAnnotations export in preview-web for back-compat #19048
  • Addon-interactions: Fix IE support by replacing array includes #18993
  • Vue: Fix enum check in extractArgTypes #18959
  • React: Fix callback behavior in react@18 #18737
  • Store: always call composeConfigs in setProjectAnnotations #18916
  • Telemetry: improve addon extraction logic #18868
  • Addon-docs: Check for undefined before reading property in extractArgTypes.ts #18710nance

v6.5.11-alpha.2

Bug Fixes

  • CLI: Fix race condition in sb init #19083
  • Core: Fix WebProjectAnnotations export in preview-web for back-compat #19048
  • Addon-interactions: Fix IE support by replacing array includes #18993

v6.5.11-alpha.1

Bug Fixes

  • Vue: Fix enum check in extractArgTypes #18959

v6.5.11-alpha.0

Bug Fixes

  • React: Fix callback behavior in react@18 #18737
  • Store: always call composeConfigs in setProjectAnnotations #18916
  • Telemetry: improve addon extraction logic #18868
  • Addon-docs: Check for undefined before reading property in extractArgTypes.ts #18710

v6.5.10

Maintenance

  • Interactions: Run conditionally based on query param #18706
  • Components: Re-bundle the syntax highlighter #18425
  • Svelte: Make svelte-loader optional dependency #18645
  • Theming: Replace references to themes.normal with themes.light #17034

Bug Fixes

  • HTML: Fix missing ability to set docs.extractArgTypes #18831
  • CLI: Throw error on failure in sb init #18816
  • CLI: Hook up the npm7 migration #18522
  • Preview: Ensure docs container re-renders when globals change #18711
  • Toolbars: Fall back to name if both title and icon are not specified #17430
  • CLI: Fix addons register in RN template #18693
  • CLI: Fix detection of type: module when initializing storybook #18714
  • CLI/Svelte: Always create main with cjs extension #18648

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

6.5.11 (September 13, 2022)

Bug Fixes

  • CLI: Fix race condition in sb init #19083
  • Core: Fix WebProjectAnnotations export in preview-web for back-compat #19048
  • Addon-interactions: Fix IE support by replacing array includes #18993
  • Vue: Fix enum check in extractArgTypes #18959
  • React: Fix callback behavior in react@18 #18737
  • Store: always call composeConfigs in setProjectAnnotations #18916
  • Telemetry: improve addon extraction logic #18868
  • Addon-docs: Check for undefined before reading property in extractArgTypes.ts #18710nance

6.5.11-alpha.2 (September 7, 2022)

Bug Fixes

  • CLI: Fix race condition in sb init #19083
  • Core: Fix WebProjectAnnotations export in preview-web for back-compat #19048
  • Addon-interactions: Fix IE support by replacing array includes #18993

6.5.11-alpha.1 (August 23, 2022)

Bug Fixes

  • Vue: Fix enum check in extractArgTypes #18959

6.5.11-alpha.0 (August 17, 2022)

Bug Fixes

  • React: Fix callback behavior in react@18 #18737
  • Store: always call composeConfigs in setProjectAnnotations #18916
  • Telemetry: improve addon extraction logic #18868
  • Addon-docs: Check for undefined before reading property in extractArgTypes.ts #18710

6.5.10 (August 3, 2022)

Maintenance

  • Interactions: Run conditionally based on query param #18706
  • Components: Re-bundle the syntax highlighter #18425
  • Svelte: Make svelte-loader optional dependency #18645
  • Theming: Replace references to themes.normal with themes.light #17034

Bug Fixes

  • HTML: Fix missing ability to set docs.extractArgTypes #18831
  • CLI: Throw error on failure in sb init #18816
  • CLI: Hook up the npm7 migration #18522

... (truncated)

Commits
  • db56a25 v6.5.11
  • 0a584e6 Update git head to 6.5.11-alpha.2, update yarn.lock [ci skip]
  • 0691348 v6.5.11-alpha.2
  • acef373 Update git head to 6.5.11-alpha.1, update yarn.lock [ci skip]
  • 26cfe20 v6.5.11-alpha.1
  • 203b1cf Update git head to 6.5.11-alpha.0, update yarn.lock [ci skip]
  • 32945d1 v6.5.11-alpha.0
  • 4ea87f0 Merge branch 'main' into main-prerelease
  • f17999b Merge pull request #18737 from storybookjs/fix-react-18-docs-tests
  • ef5be92 Update git head to 6.5.10, update yarn.lock [ci skip]
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [shell-quote](https://github.com/substack/node-shell-quote), [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts) and [@storybook/react](https://github.com/storybookjs/storybook/tree/HEAD/app/react). These dependencies needed to be updated together.

Updates `shell-quote` from 1.6.1 to 1.7.3
- [Release notes](https://github.com/substack/node-shell-quote/releases)
- [Changelog](https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md)
- [Commits](https://github.com/substack/node-shell-quote/compare/1.6.1...1.7.3)

Updates `react-scripts` from 3.0.1 to 5.0.1
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-3.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/react-scripts@5.0.1/packages/react-scripts)

Updates `@storybook/react` from 5.1.9 to 6.5.11
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v6.5.11/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v6.5.11/app/react)

---
updated-dependencies:
- dependency-name: shell-quote
  dependency-type: indirect
- dependency-name: react-scripts
  dependency-type: direct:production
- dependency-name: "@storybook/react"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Sep 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants