Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump crypto-js and aws-iot-device-sdk in /demo/client/react-cargoplane-demo #113

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 13, 2023

Bumps crypto-js to 4.0.0 and updates ancestor dependency aws-iot-device-sdk. These dependencies need to be updated together.

Updates crypto-js from 3.1.6 to 4.0.0

Commits
  • 31d0012 Merge branch 'release/4.0.0'
  • ba08310 Add release notes.
  • 38b74c0 Bump major reslease version.
  • 1d30318 Pull 3.3.0 from master into develop.
  • fc90e5a Reverse the rollback to head on with a 4.x.x version.
  • 4db30e7 Merge branch 'release/3.3.0'
  • 887dcaa Rollback.
  • b60b80c Add test page which uses the created bundle after build to run the tests.
  • 79209bc Merge branch 'release/3.2.1'
  • 61b6a4e Merge branch 'release/3.2.1' into develop
  • Additional commits viewable in compare view

Updates aws-iot-device-sdk from 2.2.1 to 2.2.12

Release notes

Sourced from aws-iot-device-sdk's releases.

Dependency Update

  • Updated minimist version

Restore examples in npm

  • Adds examples folder back to npm package

Custom auth query support

  • Add support for custom auth connections via query params, intended for browser environments
  • Bind and propagate mqtt-js 'end' event
  • Misc unit test wording and reliability fixes

Dependency updates and new CD flow

  • Updated crypto-js version
  • Updated mqtt-js version
  • Removed reserved topic checks from subscribe calls

Update mqtt client implementation

  • Update 'mqtt' dependency to 4.2.6
Changelog

Sourced from aws-iot-device-sdk's changelog.

2.2.12 (July 30 2021)

Bugfixes/Improvements

  • Updated minimist version

2.2.11 (July 30 2021)

Bugfixes/Improvements

  • Added examples back into npm package

2.2.10 (July 9 2021)

Bugfixes/Improvements

  • Merged support for custom auth connections via query parameters
  • Bound/propagated the mqtt-js 'end' event
  • Unit test reliability and wording updates

2.2.9 (July 8, 2021)

Bugfixes/Improvements

  • Updated crypto-js version
  • Updated mqtt-js version
  • Removed reserved topic checks from subscribe calls

2.2.8 (May 20, 2021)

Bugfixes/Improvements

  • Updated mqtt dependency to latest version

2.2.7 (Sep 15, 2020)

Bugfixes/Improvements

  • send SNI string while connecting to AWS IoT
  • README warns about MacOS storing certificate in keychain

2.2.6 (May 18, 2020)

Bugfixes/Improvements

  • Require only the necessary modules from crypto-js to optimize bundle

2.2.5 (Apr 7, 2020)

Bugfixes/Improvements

  • Re-adding github related templates and readme change.

2.2.4 (Mar 31, 2020)

Bugfixes/Improvements

  • Bumping minimist version to 1.2.5 to address security issue

... (truncated)

Commits
  • ee40578 Added v2.2.12 release info to ChangeLog (#403)
  • 3bf2eed update minimist (#402)
  • d1b1016 Add examples back into npm package (#390)
  • 7cebf95 Update changelog (#385)
  • f636b45 Add missing device's 'end' event propagation. (#384)
  • 1eaeb85 Allow authorization using queryString when using wss-custom-auth. (#383)
  • fda92f8 Reenable custom auth integration tests and add to CI (#382)
  • 9c0b4db Credentials profile error messaging (#381)
  • 5979a84 Remove AWS_PROFILE from the process environment in a test that is affected by...
  • 4dfaea9 correct wording in unit test (#379)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [crypto-js](https://github.com/brix/crypto-js) to 4.0.0 and updates ancestor dependency [aws-iot-device-sdk](https://github.com/aws/aws-iot-device-sdk-js). These dependencies need to be updated together.


Updates `crypto-js` from 3.1.6 to 4.0.0
- [Commits](brix/crypto-js@3.1.6...4.0.0)

Updates `aws-iot-device-sdk` from 2.2.1 to 2.2.12
- [Release notes](https://github.com/aws/aws-iot-device-sdk-js/releases)
- [Changelog](https://github.com/aws/aws-iot-device-sdk-js/blob/master/CHANGELOG.md)
- [Commits](aws/aws-iot-device-sdk-js@v2.2.1...v2.2.12)

---
updated-dependencies:
- dependency-name: crypto-js
  dependency-type: indirect
- dependency-name: aws-iot-device-sdk
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants