-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump follow-redirects from 1.15.5 to 1.15.6 #1221
Merged
seaerchin
merged 1 commit into
develop
from
dependabot/npm_and_yarn/follow-redirects-1.15.6
Mar 15, 2024
Merged
build(deps): bump follow-redirects from 1.15.5 to 1.15.6 #1221
seaerchin
merged 1 commit into
develop
from
dependabot/npm_and_yarn/follow-redirects-1.15.6
Mar 15, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
Pull requests that update a dependency file
label
Mar 15, 2024
seaerchin
approved these changes
Mar 15, 2024
dependabot
bot
deleted the
dependabot/npm_and_yarn/follow-redirects-1.15.6
branch
March 15, 2024 10:39
seaerchin
added a commit
that referenced
this pull request
Mar 21, 2024
* build(deps): bump @aws-sdk/client-secrets-manager (#1218) Bumps [@aws-sdk/client-secrets-manager](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-secrets-manager) from 3.501.0 to 3.533.0. - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-secrets-manager/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.533.0/clients/client-secrets-manager) --- updated-dependencies: - dependency-name: "@aws-sdk/client-secrets-manager" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: upgrade isomorphic-dompurify from 0.24.0 to 0.27.0 (#881) Snyk has created this PR to upgrade isomorphic-dompurify from 0.24.0 to 0.27.0. See this package in npm: https://www.npmjs.com/package/isomorphic-dompurify See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> Co-authored-by: seaerchin <[email protected]> * fix: upgrade dd-trace from 4.7.0 to 4.11.0 (#922) Snyk has created this PR to upgrade dd-trace from 4.7.0 to 4.11.0. See this package in npm: https://www.npmjs.com/package/dd-trace See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade @aws-sdk/client-amplify from 3.370.0 to 3.382.0 (#923) Snyk has created this PR to upgrade @aws-sdk/client-amplify from 3.370.0 to 3.382.0. See this package in npm: https://www.npmjs.com/package/@aws-sdk/client-amplify See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade @aws-sdk/client-secrets-manager from 3.370.0 to 3.389.0 (#932) Snyk has created this PR to upgrade @aws-sdk/client-secrets-manager from 3.370.0 to 3.389.0. See this package in npm: https://www.npmjs.com/package/@aws-sdk/client-secrets-manager See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade aws-sdk from 2.1428.0 to 2.1450.0 (#948) Snyk has created this PR to upgrade aws-sdk from 2.1428.0 to 2.1450.0. See this package in npm: https://www.npmjs.com/package/aws-sdk See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: package.json & package-lock.json to reduce vulnerabilities (#1161) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 Co-authored-by: snyk-bot <[email protected]> * feat(pino): removes extraneous stuff (#1212) * fix(logger): delete old files, shift to pino * fix(pino-pretty): intsall as dev deps * refactor(tracer): inject logs based on env * fix(ggsrepair): delete outdated import * fix(stats-spec): update error log * build(deps): bump follow-redirects from 1.15.5 to 1.15.6 (#1221) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/follow-redirects/follow-redirects/commit/35a517c5861d79dc8bff7db8626013d20b711b06"><code>35a517c</code></a> Release version 1.15.6 of the npm package.</li> <li><a href="https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b"><code>c4f847f</code></a> Drop Proxy-Authorization across hosts.</li> <li><a href="https://github.com/follow-redirects/follow-redirects/commit/8526b4a1b2ab3a2e4044299377df623a661caa76"><code>8526b4a</code></a> Use GitHub for disclosure.</li> <li>See full diff in <a href="https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.15.5&new-version=1.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/isomerpages/isomercms-backend/network/alerts). </details> * chore(admin): convert manual release creation steps into automated script (#1209) * chore(admin): convert manual release creation steps into automated script * feat: prepare the draft release * fix: correct spelling for "grouped" * feat: extract and present deploy notes * chore: slight comment update * feat: extract tests and notes in one pass * chore: add comment * fix: fix invalid string concat in subshells (use file holders instead) * feat: sync local tags to remote tags * chore: more comments * chore: remove empty line * chore: add more comments * fix: upgrade @aws-sdk/client-cloudwatch-logs from 3.501.0 to 3.521.0 (#1226) Snyk has created this PR to upgrade @aws-sdk/client-cloudwatch-logs from 3.501.0 to 3.521.0. See this package in npm: https://www.npmjs.com/package/@aws-sdk/client-cloudwatch-logs See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade @aws-sdk/lib-dynamodb from 3.501.0 to 3.521.0 (#1225) Snyk has created this PR to upgrade @aws-sdk/lib-dynamodb from 3.501.0 to 3.521.0. See this package in npm: https://www.npmjs.com/package/@aws-sdk/lib-dynamodb See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade aws-sdk from 2.1545.0 to 2.1565.0 (#1223) Snyk has created this PR to upgrade aws-sdk from 2.1545.0 to 2.1565.0. See this package in npm: https://www.npmjs.com/package/aws-sdk See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * fix: upgrade @aws-sdk/client-dynamodb from 3.501.0 to 3.521.0 (#1224) Snyk has created this PR to upgrade @aws-sdk/client-dynamodb from 3.501.0 to 3.521.0. See this package in npm: https://www.npmjs.com/package/@aws-sdk/client-dynamodb See this project in Snyk: https://app.snyk.io/org/isomer/project/676b9e26-cebf-4964-b7b3-d9843e3339ff?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * perf(I/O): rm blocking fs calls (#1220) ## Problem We have quite a number of blocking I/O calls that has lead to unwanted CPU spikes in the event pool thread. This PR scrapes any existence of I/O calls and ensures that there is no lingering sync fs calls made from node. ## Solution use `fs.promises` instead Looking at the spike after running the site checker ### NOTE: initial spike in event loop delay is due to the startup push to staging environment, this is not due to the site checker calls that were made ![Screenshot 2024-03-19 at 2 30 02 PM](https://github.com/isomerpages/isomercms-backend/assets/42832651/10604267-a702-4764-9ba4-e428987a8317) ![Screenshot 2024-03-19 at 1 30 03 PM](https://github.com/isomerpages/isomercms-backend/assets/42832651/fd9432b0-c83d-4a34-9c56-3e62d5d23a37) **Breaking Changes** <!-- Does this PR contain any backward incompatible changes? If so, what are they and should there be special considerations for release? --> - [ ] Yes - this PR contains breaking changes - Details ... - [X] No - this PR is backwards compatible with ALL of the following feature flags in this [doc](https://www.notion.so/opengov/Existing-feature-flags-518ad2cdc325420893a105e88c432be5) **Features**: when running the site repair form: - Details ... **Improvements**: - Details ... **Bug Fixes**: - Details ... ## Before & After Screenshots **BEFORE**: <!-- [insert screenshot here] --> **AFTER**: <!-- [insert screenshot here] --> ## Tests - [ ] Run the following command from the command line: ``` grep -rE '(accessSync|appendFileSync|chmodSync|chownSync|closeSync|copyFileSync|cpSync|existsSync|fchmodSync|fchownSync|fdatasyncSync|fstatSync|fsyncSync|ftruncateSync|futimesSync|lchmodSync|lchownSync|lutimesSync|linkSync|lstatSync|mkdirSync|mkdtempSync|opendirSync|openSync|readdirSync|readFileSync|readlinkSync|readSync|readvSync|realpathSync|renameSync|rmdirSync|rmSync|statSync|statfsSync|symlinkSync|truncateSync|unlinkSync|utimesSync|writeFileSync|writeSync|writevSync)\b' src ``` the only results should be from the `GitFileSystemService.spec.ts` which is fine since this test file runs locally and not in prod line - [ ] Submit a form [here](https://form.gov.sg/65e4a3d2c25a061b046f3f01) for a repo in staging efs, and assert that the attachments are sent properly - [ ] submit the site create form ## Deploy Notes <!-- Notes regarding deployment of the contained body of work. --> <!-- These should note any new dependencies, new scripts, etc. --> **New environment variables**: - `env var` : env var details - [ ] added env var to 1PW + SSM script (`fetch_ssm_parameters.sh`) **New scripts**: - `script` : script details **New dependencies**: - `dependency` : dependency details **New dev dependencies**: - `dependency` : dependency details * fix(tags): update tagging for dd (#1222) * fix(tags): update tagging for dd * fix(task-def): update to isomer * fix(link checker): wrong error reported (#1227) ## Problem when pages are empty, we currently throw a link checker error which trips up alarms it is ok for a page content to be empty (eg, newly created page) ## Solution remove the existing errors being reported **Breaking Changes** <!-- Does this PR contain any backward incompatible changes? If so, what are they and should there be special considerations for release? --> - [ ] Yes - this PR contains breaking changes - Details ... - [ ] No - this PR is backwards compatible with ALL of the following feature flags in this [doc](https://www.notion.so/opengov/Existing-feature-flags-518ad2cdc325420893a105e88c432be5) **Features**: - Details ... **Improvements**: - Details ... **Bug Fixes**: - Details ... ## Before & After Screenshots **BEFORE**: <!-- [insert screenshot here] --> **AFTER**: <!-- [insert screenshot here] --> ## Tests <!-- What tests should be run to confirm functionality? --> ## Deploy Notes <!-- Notes regarding deployment of the contained body of work. --> <!-- These should note any new dependencies, new scripts, etc. --> **New environment variables**: - `env var` : env var details - [ ] added env var to 1PW + SSM script (`fetch_ssm_parameters.sh`) **New scripts**: - `script` : script details **New dependencies**: - `dependency` : dependency details **New dev dependencies**: - `dependency` : dependency details * chore: bump version to v0.72.0 --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Hsu Zhong Jun <[email protected]> Co-authored-by: Isomer Admin <[email protected]> Co-authored-by: snyk-bot <[email protected]> Co-authored-by: Timothee Groleau <[email protected]> Co-authored-by: Kishore <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps follow-redirects from 1.15.5 to 1.15.6.
Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.