Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump http-cache-semantics and @quasar/cli in /web #23

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 7, 2023

Bumps http-cache-semantics to 4.1.1 and updates ancestor dependency @quasar/cli. These dependencies need to be updated together.

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

Updates @quasar/cli from 1.1.2 to 2.0.0

Release notes

Sourced from @​quasar/cli's releases.

@​quasar/cli-v2.0.0

Changes

The optional global CLI is now in ESM format (was previously in commonjs), which is why we have bumped up the major version for this release. We have also upgraded all of its dependencies (including for security reasons).

The minimum supported Node.js version is now v14.15.

It has backward compatibility with Quasar v1 as well, so it is safe to upgrade to it, including bumping Node.js to minimum 14.15. We strongly recommend using only LTS versions of Node.js (major version should be an even number).

We have also extracted the legacy "quasar create" command into its own global CLI (@quasar/legacy-create - globally install it) should you still need it. This new package will not receive updates, including security ones, as it uses some dependencies that are now unmaintained. The effort to fork those packages is not worth it, especially for a legacy CLI command.

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

@​quasar/cli-v1.4.0

New

  • PNPM package manager support (especially for the "quasar upgrade" command)

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

Commits
  • 49f2ec3 feat(app-webpack): downgrade fork-ts-checker-plugin due to issues
  • 49db266 feat(docs): update "quasar create" command section
  • 52c394e chore(app-vite): allow for newer Node.js versions
  • 4fee617 feat(cli): bump min node version to 14.15 (matches q/app-vite and q/app-webpack)
  • 56c819d feat(app-vite): upgrade deps
  • 0d15d74 fix(app-vite): Capacitor/Cordova: www folder not cleaned up before build #15186
  • bea8d20 fix(app-webpack): Capacitor/Cordova: www folder not cleaned up before build #...
  • badc13f Merge branch 'dev' of github.com:quasarframework/quasar into dev
  • 23bffe9 feat(app-webpack): upgrade all deps (for security reasons too)
  • d59ef3c fix(QSlideTransition): set overflowY to hidden before calculationg height to ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) to 4.1.1 and updates ancestor dependency [@quasar/cli](https://github.com/quasarframework/quasar). These dependencies need to be updated together.


Updates `http-cache-semantics` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)
- [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1)

Updates `@quasar/cli` from 1.1.2 to 2.0.0
- [Release notes](https://github.com/quasarframework/quasar/releases)
- [Commits](https://github.com/quasarframework/quasar/compare/@quasar/cli-v1.1.2...@quasar/cli-v2.0.0)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-type: indirect
- dependency-name: "@quasar/cli"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants