From 715c869bb7f009569d225c0247fc8d87cf6bf75b Mon Sep 17 00:00:00 2001 From: FabianLars Date: Mon, 8 Jul 2024 14:05:43 +0200 Subject: [PATCH 1/2] ci: Fix msrv check and audit check --- .../covector-version-or-publish-v1.yml | 4 ++-- tooling/api/package.json | 5 ++++- tooling/api/yarn.lock | 18 +++++++++--------- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/.github/workflows/covector-version-or-publish-v1.yml b/.github/workflows/covector-version-or-publish-v1.yml index 40631ddc3200..4150b8dc8893 100644 --- a/.github/workflows/covector-version-or-publish-v1.yml +++ b/.github/workflows/covector-version-or-publish-v1.yml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: MIT -name: covector version or publish +name: covector version or publish v1 on: push: @@ -66,7 +66,7 @@ jobs: cargo update -p serde_spanned --precise 0.6.1 cargo update -p winnow --precise 0.4.1 cargo update -p plist --precise 1.5.1 - cargo update -p serde_with:3.8.2 --precise 3.0.0 + cargo update -p serde_with:3.8.3 --precise 3.0.0 cargo update -p time --precise 0.3.15 cargo update -p ignore --precise 0.4.18 cargo update -p raw-window-handle --precise 0.5.0 diff --git a/tooling/api/package.json b/tooling/api/package.json index 9475bf82a8eb..f0b4fb404f33 100644 --- a/tooling/api/package.json +++ b/tooling/api/package.json @@ -47,10 +47,10 @@ "@rollup/plugin-typescript": "11.1.5", "@types/node": "20.10.5", "@typescript-eslint/eslint-plugin": "5.62.0", - "eslint-config-standard-with-typescript": "34.0.1", "@typescript-eslint/parser": "5.62.0", "eslint": "8.56.0", "eslint-config-prettier": "8.10.0", + "eslint-config-standard-with-typescript": "34.0.1", "eslint-plugin-import": "2.29.1", "eslint-plugin-n": "15.7.0", "eslint-plugin-node": "11.1.0", @@ -65,5 +65,8 @@ "node": ">= 14.6.0", "npm": ">= 6.6.0", "yarn": ">= 1.19.1" + }, + "resolutions": { + "braces": "3.0.3" } } diff --git a/tooling/api/yarn.lock b/tooling/api/yarn.lock index f8c1bab7a3d4..4d2c84fd9cd9 100644 --- a/tooling/api/yarn.lock +++ b/tooling/api/yarn.lock @@ -394,12 +394,12 @@ brace-expansion@^1.1.7: balanced-match "^1.0.0" concat-map "0.0.1" -braces@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" - integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== +braces@3.0.3, braces@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" + integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== dependencies: - fill-range "^7.0.1" + fill-range "^7.1.1" buffer-from@^1.0.0: version "1.1.2" @@ -918,10 +918,10 @@ file-entry-cache@^6.0.1: dependencies: flat-cache "^3.0.4" -fill-range@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" - integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== +fill-range@^7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" + integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== dependencies: to-regex-range "^5.0.1" From 02b22e904433f7dba90770b606f937f5fac3fcc4 Mon Sep 17 00:00:00 2001 From: FabianLars Date: Mon, 8 Jul 2024 14:10:50 +0200 Subject: [PATCH 2/2] fix cli js audit too --- .../covector-version-or-publish-v1.yml | 2 +- tooling/cli/node/package.json | 3 ++- tooling/cli/node/yarn.lock | 18 +++++++++--------- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/covector-version-or-publish-v1.yml b/.github/workflows/covector-version-or-publish-v1.yml index 4150b8dc8893..4cbfbef51b04 100644 --- a/.github/workflows/covector-version-or-publish-v1.yml +++ b/.github/workflows/covector-version-or-publish-v1.yml @@ -109,7 +109,7 @@ jobs: cargo update -p tokio-stream --precise 0.1.14 cargo update -p tokio-util --precise 0.7.10 cargo update -p os_pipe --precise 1.1.5 - cargo update -p syn:2.0.68 --precise 2.0.67 + cargo update -p syn:2.0.69 --precise 2.0.67 cargo update -p derive_more --precise 0.99.17 cargo update -p native-tls --precise 0.2.11 diff --git a/tooling/cli/node/package.json b/tooling/cli/node/package.json index 5b84a8ec5883..9b882e59b58e 100644 --- a/tooling/cli/node/package.json +++ b/tooling/cli/node/package.json @@ -47,7 +47,8 @@ "prettier": "2.8.8" }, "resolutions": { - "semver": ">=7.5.2" + "semver": ">=7.5.2", + "braces": "3.0.3" }, "engines": { "node": ">= 10" diff --git a/tooling/cli/node/yarn.lock b/tooling/cli/node/yarn.lock index 1760043a6781..ebf926c80fca 100644 --- a/tooling/cli/node/yarn.lock +++ b/tooling/cli/node/yarn.lock @@ -763,12 +763,12 @@ brace-expansion@^1.1.7: balanced-match "^1.0.0" concat-map "0.0.1" -braces@^3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" - integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== +braces@3.0.3, braces@^3.0.2: + version "3.0.3" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" + integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== dependencies: - fill-range "^7.0.1" + fill-range "^7.1.1" browserslist@^4.21.9: version "4.22.1" @@ -1038,10 +1038,10 @@ fb-watchman@^2.0.0: dependencies: bser "2.1.1" -fill-range@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" - integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== +fill-range@^7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" + integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== dependencies: to-regex-range "^5.0.1"