Magick icon indicating copy to clipboard operation
Magick copied to clipboard
Published 7 months ago verified publisher icon Oneirocom

Bump import-in-the-middle and @hyperdx/node-opentelemetry

Open dependabot[bot] opened this issue 1 year ago • 2 comments

Bumps import-in-the-middle to 1.7.1 and updates ancestor dependency @hyperdx/node-opentelemetry. These dependencies need to be updated together.

Updates import-in-the-middle from 1.3.5 to 1.7.1

Release notes

Sourced from import-in-the-middle's releases.

v1.7.1

v1.7.0

  • Fix loader cyclical dependency bug for Node.js >= v16.0.0 (#36)

v1.6.0

  • Fix ESM in Node v18.19.0 (#44)
  • Add extensionless support in 18.19 (#41)

v1.5.0

  • Support Node.js v21 (#40)

v1.4.2

Bug Fixes

  • sanitizes URLs passed to import, fixing a security vulnerability: CVE-2023-38704

v1.4.1

Warning This version of the library contains a known security vulnerability: CVE-2023-38704. We recommend upgrading immediately to at least v1.4.2.

Build Changes

  • remove windows-specific test, add macos to matrix

v1.4.0

Warning This version of the library contains a known security vulnerability: CVE-2023-38704. We recommend upgrading immediately to at least v1.4.2.

Features

  • add Node.js v20 support (#28)
Commits

Updates @hyperdx/node-opentelemetry from 0.4.2 to 0.6.1

Release notes

Sourced from @​hyperdx/node-opentelemetry's releases.

@​hyperdx/node-opentelemetry@​0.6.1

What's Changed

Full Changelog: https://github.com/hyperdxio/hyperdx-js/compare/@​hyperdx/node-opentelemetry@​0.6.0...@​hyperdx/node-opentelemetry@​0.6.1

@​hyperdx/node-opentelemetry@​0.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/hyperdxio/hyperdx-js/compare/@​hyperdx/node-logger@​0.3.1...@​hyperdx/node-opentelemetry@​0.6.0

@​hyperdx/node-opentelemetry@​0.5.0

What's Changed

Full Changelog: https://github.com/hyperdxio/hyperdx-js/compare/@​hyperdx/node-logger@​0.3.1...@​hyperdx/node-opentelemetry@​0.5.0

Commits
  • f283da7 chore: release node-opentelemetry v0.6.1
  • ed6ac60 fix: rename getWinsonTransport to getWinstonTransport (#90)
  • 45de526 chore: release node-opentelemetry v0.6.0
  • ff4beab chore(deps): bump protobufjs from 6.11.3 to 6.11.4 (#82)
  • 24fa4ef chore: release node-opentelemetry v0.6.0-next.0
  • c8df2e5 feat: add pkg version to resource (node-opentelemetry) (#89)
  • 80f1646 chore: bump @​opentelemetry/auto-instrumentations-node to v0.41.1 (#88)
  • 5d2ae91 chore: release node-opentelemetry v0.5.0 + browser v0.20.0
  • b0ab3d8 chore: bump hdx otel web + session-recorder deps (#87)
  • 2efb1d3 chore: release node-opentelemetry v0.5.0-next.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Mar 16 '24 22:03 dependabot[bot]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
magick ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 16, 2024 10:52pm
magick-client ❌ Failed (Inspect) Mar 16, 2024 10:52pm
magick-docs ❌ Failed (Inspect) Mar 16, 2024 10:52pm

vercel[bot] avatar Mar 16 '24 22:03 vercel[bot]

☁️ Nx Cloud Report

CI is running/has finished running commands for commit 16dd9c47e4864795cf13e4dfc1778182703cb907. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this CI Pipeline Execution

✅ Successfully ran 3 targets

Sent with 💌 from NxCloud.

nx-cloud[bot] avatar Mar 16 '24 22:03 nx-cloud[bot]