Skip to content

254 Dependency Updates #682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bmuniswamy merged 33 commits into from
Apr 3, 2025
Merged

254 Dependency Updates #682

bmuniswamy merged 33 commits into from
Apr 3, 2025

Conversation

@AndersonTarren
Copy link
Contributor

@AndersonTarren AndersonTarren commented Dec 17, 2024

Critical Changes

Changes

Issues Closed

New Metadata

Deleted Metadata

Definition of Done

Refer to Asteroids DoD document to see any additional details for the items below

  • Any net new LWC work has Sa11y tests & 50% or above lines JEST test coverage
  • CRUD/FLS is enforced in Apex
  • Permission sets are updated to account for CRUD|FLS|Tab|Classes
  • Field sets are updated to account for new fields
  • UX approval or UX not necessary
  • Link the pull request and work item by PR comment and Chatter post respectively, e.g. GUS: W-0000000: Work Name (Reorganize code; use custom iterator #303)
  • All acceptance criteria have been met
    • Developer
    • Code Reviewer
    • QA
  • PR contains draft release notes
  • QE story level testing completed

dependabot bot and others added 19 commits July 21, 2022 03:15
@dependabot
Bump terser from 4.8.0 to 4.8.1
3f62dd7 
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump decode-uri-component from 0.2.0 to 0.2.2
7c9e477 
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump minimist from 1.2.5 to 1.2.8
922cba4 
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8.
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump @sideway/formula from 3.0.0 to 3.0.1
ed07dee 
Bumps [@sideway/formula](https://github.com/sideway/formula) from 3.0.0 to 3.0.1.
- [Commits](hapijs/formula@v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: "@sideway/formula"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump word-wrap from 1.2.3 to 1.2.4
5ef717a 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@AndersonTarren
Merge pull request #671 from SalesforceFoundation/dependabot/npm_and_…
455b4fd 
…yarn/word-wrap-1.2.4

Bump word-wrap from 1.2.3 to 1.2.4
@AndersonTarren
Update label_audit.yml python value
9929c55
@AndersonTarren
Update python.yml Python Value
8cb9ade
@AndersonTarren
Merge pull request #670 from SalesforceFoundation/dependabot/npm_and_…
eea5d4a 
…yarn/sideway/formula-3.0.1

Bump @sideway/formula from 3.0.0 to 3.0.1
@AndersonTarren
Merge pull request #666 from SalesforceFoundation/dependabot/npm_and_…
c2ca09e 
…yarn/minimist-1.2.8

Bump minimist from 1.2.5 to 1.2.8
@AndersonTarren
Merge pull request #661 from SalesforceFoundation/dependabot/npm_and_…
8f8832d 
…yarn/decode-uri-component-0.2.2

Bump decode-uri-component from 0.2.0 to 0.2.2
@AndersonTarren
Merge pull request #637 from SalesforceFoundation/dependabot/npm_and_…
9e90471 
…yarn/terser-4.8.1

Bump terser from 4.8.0 to 4.8.1
@AndersonTarren
Readme Update
9574065
@AndersonTarren
Proposed package changes with label audit disabled
31e6b6f
@AndersonTarren
Lockfile lint issue
bf074f3
@AndersonTarren
Update Node Version
a525f64
@AndersonTarren
Update Node to 18
60dc3fb
@AndersonTarren
Updating Parser
e4085af
update a word.
3afb286
@salesforce-cla
Copy link

salesforce-cla bot commented Feb 4, 2025

Thanks for the contribution! Unfortunately we can't verify the commit author(s): jjbennett <j***@j***.i***.s***.com>. One possible solution is to add that email to your GitHub account. Alternatively you can change your commits to another email and force push the change. After getting your commits associated with your GitHub account, sign the Salesforce Inc. Contributor License Agreement and this Pull Request will be revalidated.

@jjbennett jjbennett marked this pull request as ready for review February 4, 2025 17:54
@jjbennett jjbennett requested a review from a team as a code owner February 4, 2025 17:54
@jjbennett jjbennett requested a review from jstvz February 4, 2025 17:54
@jjbennett
Copy link
Contributor

jjbennett commented Feb 4, 2025

@jstvz - We are working on the issues reported by the dependabot. None of these changes will go into the package itself. It's more around our workflow for git. Do you know if it would be ok to merge this to main now vs waiting for the typically package release schedule?

@jstvz
Copy link
Member

jstvz commented Feb 4, 2025
edited
Loading

@jstvz - Do you know if it would be ok to merge this to main now vs waiting for the typically package release schedule?

@jjbennett Certainly okay, technically. Probably okay policy-wise, but I don't have enough day to day involvement with release management to give you an authoritative answer on that, sorry.

@bmuniswamy bmuniswamy merged commit 0dd71ff into main Apr 3, 2025
18 of 22 checks passed
@bmuniswamy bmuniswamy deleted the feature/254-dependency-update branch April 3, 2025 17:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jstvz jstvz Awaiting requested review from jstvz jstvz is a code owner automatically assigned from SalesforceFoundation/release-engineering-reviewers

Assignees

No one assigned

Labels

cla:missing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@AndersonTarren @jjbennett @jstvz @bmuniswamy