Skip to content

Bump buffer from 5.6.0 to 6.0.3#406

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/buffer-6.0.3
Open

Bump buffer from 5.6.0 to 6.0.3#406
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/buffer-6.0.3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2022

Bumps buffer from 5.6.0 to 6.0.3.

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the c:deps Category: external dependencies label Mar 4, 2022
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch from 93307c9 to 7e7c0b5 Compare March 5, 2022 00:44
Copy link
Contributor

@pro-wh pro-wh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • no release notes
  • major version change
  • we have no automated integration test
  • this seems to add a copy of buffer to the package lock without removing an older one

I have no excuse to merge this blindly, and believe me, I really tried to find one

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch from 7e7c0b5 to 1517842 Compare March 5, 2022 01:15
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 15 times, most recently from 8546506 to 4e80a60 Compare March 25, 2022 22:20
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 3 times, most recently from 06b3d44 to f3bafc9 Compare April 5, 2022 21:22
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 8 times, most recently from b25374d to 6f13be1 Compare April 20, 2022 17:56
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 7 times, most recently from dfb42ed to 636b240 Compare September 17, 2022 00:36
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 9 times, most recently from 5876bd1 to 5130415 Compare September 28, 2022 23:28
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 7 times, most recently from 60fbf46 to d1e4550 Compare October 6, 2022 19:40
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch 4 times, most recently from c231ce5 to 68d2b83 Compare October 28, 2022 23:52
@pro-wh
Copy link
Contributor

pro-wh commented Aug 7, 2023

@dependabot rebase

Bumps [buffer](https://github.com/feross/buffer) from 5.6.0 to 6.0.3.
- [Release notes](https://github.com/feross/buffer/releases)
- [Commits](feross/buffer@v5.6.0...v6.0.3)

---
updated-dependencies:
- dependency-name: buffer
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/buffer-6.0.3 branch from 68d2b83 to 39861a6 Compare August 7, 2023 22:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

c:deps Category: external dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant