Skip to content
This repository has been archived by the owner on Dec 15, 2022. It is now read-only.

Bump prebuild-install from 6.1.2 to 7.0.1 #441

Closed
wants to merge 1 commit into from
Closed

Bump prebuild-install from 6.1.2 to 7.0.1 #441

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 31, 2022
edited
Loading

Bumps prebuild-install from 6.1.2 to 7.0.1.

Release notes

Sourced from prebuild-install's releases.

v7.0.1

Changed

  • Upgrade to the latest version of detect-libc (#166) (f71c6b9) (Lovell Fuller).

v7.0.0

Changed

  • Breaking: bump node-abi so that Electron 14+ gets correct ABI (#161) (477f347) (csett86). Drops support of Node.js < 10.
  • Bump simple-get (7468c14) (Vincent Weevers).

v6.1.4

Fixed

  • Move auth token to header instead of query param (#160) (b3fad76) (nicolai-nordic)
  • Remove _ prefix as it isn't allowed by npm config (#153) (a964e5b) (Tom Boothman)
  • Make rc.path absolute (#158) (57bcc06) (George Waters).

v6.1.3

Changed

  • Inline no longer maintained noop-logger (#155) (e08d75a) (Alexandru Dima)
  • Point users towards prebuildify in README (#150) (5ee1a2f) (Vincent Weevers)
Changelog

Sourced from prebuild-install's changelog.

[7.0.1] - 2022-01-28

Changed

  • Upgrade to the latest version of detect-libc (#166) (f71c6b9) (Lovell Fuller).

[7.0.0] - 2021-11-12

Changed

  • Breaking: bump node-abi so that Electron 14+ gets correct ABI (#161) (477f347) (csett86). Drops support of Node.js < 10.
  • Bump simple-get (7468c14) (Vincent Weevers).

[6.1.4] - 2021-08-11

Fixed

  • Move auth token to header instead of query param (#160) (b3fad76) (nicolai-nordic)
  • Remove _ prefix as it isn't allowed by npm config (#153) (a964e5b) (Tom Boothman)
  • Make rc.path absolute (#158) (57bcc06) (George Waters).

[6.1.3] - 2021-06-03

Changed

  • Inline no longer maintained noop-logger (#155) (e08d75a) (Alexandru Dima)
  • Point users towards prebuildify in README (#150) (5ee1a2f) (Vincent Weevers)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 31, 2022
@dependabot dependabot bot mentioned this pull request Jan 31, 2022
Closed
@joaomoreno joaomoreno mentioned this pull request Jan 31, 2022
Closed
@andyleejordan
Copy link

@sergiou87, @sbatten, and @shiftkey could you please take a look at this ASAP? It's propagating a high-level CVE up to vsce, a dependency for practically every VS Code extension.

@dependabot
Bump prebuild-install from 6.1.2 to 7.0.1
0e01492 
Bumps [prebuild-install](https://github.com/prebuild/prebuild-install) from 6.1.2 to 7.0.1.
- [Release notes](https://github.com/prebuild/prebuild-install/releases)
- [Changelog](https://github.com/prebuild/prebuild-install/blob/master/CHANGELOG.md)
- [Commits](prebuild/prebuild-install@v6.1.2...v7.0.1)

---
updated-dependencies:
- dependency-name: prebuild-install
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prebuild-install-7.0.1 branch from 7c8a47d to 0e01492 Compare February 1, 2022 12:45
@sergiou87 sergiou87 mentioned this pull request Feb 1, 2022
Merged
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 1, 2022

Looks like prebuild-install is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Feb 1, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/prebuild-install-7.0.1 branch February 1, 2022 13:11
@hectorvp
Copy link

hectorvp commented Feb 2, 2022
edited
Loading

@sergiou87 shouldn't this bumped version go as patch update on npm?

@sergiou87
Copy link
Collaborator

Yes, soon 😄

# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@andyleejordan @hectorvp @sergiou87