Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump shell-quote and next #10

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 12, 2022

Bumps shell-quote and next. These dependencies needed to be updated together.
Updates shell-quote from 1.7.2 to 1.7.3

Changelog

Sourced from shell-quote's changelog.

1.7.3

  • Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)
Commits

Updates next from 11.1.2 to 12.2.5

Release notes

Sourced from next's releases.

v12.2.5

Core Changes

  • Change invalid internal upstream image error code: #39334
  • Hoist styles for Route Announcer: #39331
  • fix: wrong reference url for disableStaticImages: #39362
  • fix: skip resizing image if it's animated: #39325
  • Fix catchall rewrites for _next/data routes: #39370
  • Fix next/future/image alt text: #39366
  • refactor: add named export in next/server: #39381
  • fix(ts): More strict Redirect type: #38277
  • fix(next): dev server starting when importing a file using get-projec…: #38274
  • Add runtime to PageConfig type: #37453
  • fix: improve logging for _devPagesManifest.json loading failures: #38046
  • Allow custom path for preview mode cookies: #38313
  • Fix removing whitespacing in dev overlay: #28277
  • Fix emotion labelFormat and sourcemap options: #39389
  • Fix emotion shouldForwardProp options breaks component selectors: #39390
  • next/image imgix loader can use multiple auto params: #34808
  • Adds eslint-plugin-eslint-plugin to ensure eslint-plugin-next rules follow ESLint rule best practices along with enforcing some consistency.: #37920
  • [ESLint] Adds --output-file flag: #36420
  • Update polyfill for eslint no-unwanted-polyfillio rule: #33170
  • fix(ts): Middleware type tweaks: #38625
  • Fix Link generation for SSG pages if locale domains are used: #36818
  • Setup require hook in next-server for styled-jsx resolving: #39305
  • fix: ensure trailing slash on registry URL when fetching wasm fallback: #39427
  • typing: upgrade styled-jsx to remove workaround in build script: #39408
  • Extract redirect utils into a separate file: #39433
  • Ensure locale redirects are not applied in minimal mode: #39436
  • feat(middleware): augments / matcher with /index: #39397
  • Bump edge-runtime packages: #39450
  • Ensure default _app is used when falling back to default _error: #39467
  • Handle rewriting WebSocket requests: #39463
  • App Build Stats: #38884
  • Tweak styled-jsx type declarations: #39474
  • FIX GAUSSIAN BLUR IN FUTURE\IMAGE: #39190
  • Add hot-reloading for env file changes: #38483
  • feat(next-swc/modularize_imports): Add Kebab case: #38583
  • Make dev watch ignore more specific: #39504
  • Bump styled-jsx and remove manual types creation: #39506
  • Add position styling to future fill images: #39438
  • fix: ensure hidden iframe apps render in development mode: #39514
  • Enable @​typescript-eslint/no-use-before-define variables,enums,typedefs for core files: #39511
  • Re-add styled-jsx as a normal dependency: #39518

Documentation Changes

  • docs: update When section of getStaticProps page: #39393
  • Update script.md: #39400
  • API Routes Request Helpers docs.: #39407

... (truncated)

Commits
  • 911ba23 v12.2.5
  • d06fc0f v12.2.5-canary.7
  • 4049cd7 Re-add styled-jsx as a normal dependency (#39518)
  • de1bf3e v12.2.5-canary.6
  • 249f429 fix(examples/with-wdyr): example config to support SWC (#39465)
  • db9040b Enable @​typescript-eslint/no-use-before-define variables,enums,typedefs for ...
  • d510758 fix: ensure hidden iframe apps render in development mode (#39514)
  • 13a5eb2 Add position styling to future fill images (#39438)
  • a9b415b v12.2.5-canary.5
  • 1f6bc34 Fixed issues with environment variables for Windows users (#37853)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by vercel-release-bot, a new releaser for next since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the type-dependencies Pull requests that update a dependency file (Dependabot) label Aug 12, 2022
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/shell-quote-and-next-1.7.3 branch from df784ec to ebfe274 Compare August 12, 2022 16:56
Bumps [shell-quote](https://github.com/substack/node-shell-quote) and [next](https://github.com/vercel/next.js). These dependencies needed to be updated together.

Updates `shell-quote` from 1.7.2 to 1.7.3
- [Release notes](https://github.com/substack/node-shell-quote/releases)
- [Changelog](https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md)
- [Commits](https://github.com/substack/node-shell-quote/compare/v1.7.2...1.7.3)

Updates `next` from 11.1.2 to 12.2.5
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v11.1.2...v12.2.5)

---
updated-dependencies:
- dependency-name: shell-quote
  dependency-type: indirect
- dependency-name: next
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/shell-quote-and-next-1.7.3 branch from ebfe274 to 644e5bb Compare August 12, 2022 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type-dependencies Pull requests that update a dependency file (Dependabot)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

0 participants