Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump js-sha256 from 0.9.0 to 0.10.1 #19437

Merged
merged 1 commit into from
Oct 5, 2023
Merged

Bump js-sha256 from 0.9.0 to 0.10.1 #19437

merged 1 commit into from
Oct 5, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 5, 2023
edited
Loading

Bumps js-sha256 from 0.9.0 to 0.10.1.

Changelog

Sourced from js-sha256's changelog.

v0.10.1 / 2023-08-31

Added

  • Disable webpack polyfill.

v0.10.0 / 2023-08-30

Fixed

  • Chrome bug by workaround. #40
  • deprecated new Buffer, replace with Buffer.from. #34
  • dependencies and security issues. #32, #36

Changed

  • TypeScript interface, secretKey can be bytes like message. #23, #25
  • remove eval and use require directly. #18, #26
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot temporarily deployed to npm-update October 5, 2023 05:49 Inactive
@github-actions github-actions bot changed the title [no-test]: Bump js-sha256 from 0.9.0 to 0.10.1 Bump js-sha256 from 0.9.0 to 0.10.1 Oct 5, 2023
@martinpitt martinpitt force-pushed the dependabot/npm_and_yarn/js-sha256-0.10.1 branch from 48ac550 to 15568bc Compare October 5, 2023 05:51
@martinpitt
Copy link
Member

Temporarily adding no-test to avoid CI DDoS due to the many parallel updates. But drop this once it's this PR's turn to be rebased.

@martinpitt martinpitt added the no-test For doc/workflow changes, or experiments which don't need a full CI run, label Oct 5, 2023
@martinpitt
Copy link
Member

Tests are all green, so doing the rebase with no-test.

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/js-sha256-0.10.1 branch from 15568bc to e6047ea Compare October 5, 2023 08:18
@martinpitt martinpitt temporarily deployed to npm-update October 5, 2023 08:32 — with GitHub Actions Inactive
@martinpitt martinpitt force-pushed the dependabot/npm_and_yarn/js-sha256-0.10.1 branch from e6047ea to 876a145 Compare October 5, 2023 08:34
@martinpitt martinpitt temporarily deployed to npm-update October 5, 2023 13:14 — with GitHub Actions Inactive
@dependabot
Bump js-sha256 from 0.9.0 to 0.10.1
327104b 
Bumps [js-sha256](https://github.com/emn178/js-sha256) from 0.9.0 to 0.10.1.
- [Changelog](https://github.com/emn178/js-sha256/blob/master/CHANGELOG.md)
- [Commits](emn178/js-sha256@v0.9.0...v0.10.1)

---
updated-dependencies:
- dependency-name: js-sha256
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@martinpitt martinpitt force-pushed the dependabot/npm_and_yarn/js-sha256-0.10.1 branch from 876a145 to 327104b Compare October 5, 2023 13:16
@martinpitt martinpitt merged commit a51990f into main Oct 5, 2023
36 checks passed
@martinpitt martinpitt deleted the dependabot/npm_and_yarn/js-sha256-0.10.1 branch October 5, 2023 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinpitt martinpitt martinpitt approved these changes

Assignees
No one assigned
Labels
no-test For doc/workflow changes, or experiments which don't need a full CI run,
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@martinpitt