From 34bf16e30ff864d6b560b7db16d5e53893493aff Mon Sep 17 00:00:00 2001 From: Jen Jones Arnesen Date: Tue, 23 Jan 2024 10:01:54 +0100 Subject: [PATCH 1/4] chore: use the repo default branch for dependabot (#2887) --- .github/dependabot.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ce57a13d7..51a5c167d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,5 +5,4 @@ updates: schedule: interval: weekly open-pull-requests-limit: 10 - target-branch: master versioning-strategy: increase From 252a0cf3dc286c8c808eaa3ef517322f5ef5b60e Mon Sep 17 00:00:00 2001 From: Jen Jones Arnesen Date: Tue, 23 Jan 2024 10:54:00 +0100 Subject: [PATCH 2/4] chore: include patch packages in cache-key (#2855) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Related to https://dhis2.atlassian.net/browse/LIBS-383 Add package patches to the yarn cache key. If a new patch is added, then this ensures that that the yarn cache gets invalidated and forces yarn install, which will then do the postinstall step that applies the patches. From user perspective, the e2e-prod tests might fail if it is depending on a patch that didn't get installed. Co-authored-by: Jan Henrik Ă˜verland --- .github/workflows/dhis2-verify-app.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dhis2-verify-app.yml b/.github/workflows/dhis2-verify-app.yml index 94079da06..76626630b 100644 --- a/.github/workflows/dhis2-verify-app.yml +++ b/.github/workflows/dhis2-verify-app.yml @@ -94,7 +94,7 @@ jobs: id: yarn-cache with: path: '**/node_modules' - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} + key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('patches/*.patch') }} - name: End-to-End tests uses: cypress-io/github-action@v2 @@ -104,7 +104,7 @@ jobs: start: ${{ env.SERVER_START_CMD }} wait-on: ${{ env.SERVER_URL }} wait-on-timeout: 300 - cache-key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} + cache-key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('patches/*.patch') }} group: 'e2e' tag: ${{ github.event_name }} env: From b99c5ac972e64a3539770272766d19ffba8369ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 10:54:38 +0100 Subject: [PATCH 3/4] chore(deps): bump react-redux from 7.2.4 to 7.2.9 (#2893) Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.2.4 to 7.2.9. - [Release notes](https://github.com/reduxjs/react-redux/releases) - [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.4...v7.2.9) --- updated-dependencies: - dependency-name: react-redux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jen Jones Arnesen --- package.json | 2 +- yarn.lock | 24 ++++++++++++------------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/package.json b/package.json index bd5cf52cb..8b16a1fd0 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "react": "^16.14.0", "react-dom": "^16.13.1", "react-grid-layout": "1.2.2", - "react-redux": "^7.2.4", + "react-redux": "^7.2.9", "react-router-dom": "^5.2.0", "redux": "^4.1.0", "redux-logger": "^3.0.6", diff --git a/yarn.lock b/yarn.lock index 93972cb82..2c47353d5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3645,10 +3645,10 @@ dependencies: "@types/react" "^17" -"@types/react-redux@^7.1.16": - version "7.1.18" - resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.18.tgz#2bf8fd56ebaae679a90ebffe48ff73717c438e04" - integrity sha512-9iwAsPyJ9DLTRH+OFeIrm9cAbIj1i2ANL3sKQFATqnPWRbg+jEFXyZOKHiQK/N86pNRXbb4HRxAxo0SIX1XwzQ== +"@types/react-redux@^7.1.20": + version "7.1.33" + resolved "https://registry.yarnpkg.com/@types/react-redux/-/react-redux-7.1.33.tgz#53c5564f03f1ded90904e3c90f77e4bd4dc20b15" + integrity sha512-NF8m5AjWCkert+fosDsN3hAlHzpjSiXlVy9EgQEmLoBhaNXbmyeGs/aj5dQzKuF+/q+S7JQagorGDW8pJ28Hmg== dependencies: "@types/hoist-non-react-statics" "^3.3.0" "@types/react" "*" @@ -13415,7 +13415,7 @@ react-is@^16.13.1, react-is@^16.6.0, react-is@^16.6.3, react-is@^16.7.0: resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4" integrity sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ== -react-is@^17.0.1: +react-is@^17.0.1, react-is@^17.0.2: version "17.0.2" resolved "https://registry.yarnpkg.com/react-is/-/react-is-17.0.2.tgz#e691d4a8e9c789365655539ab372762b0efb54f0" integrity sha512-w2GsyukL62IJnlaff/nRegPQR94C/XXamvMWmSHRJ4y7Ts/4ocGRmTHvOs8PSE6pB3dWOrD/nueuU5sduBsQ4w== @@ -13467,17 +13467,17 @@ react-redux@^5.0.7: react-is "^16.6.0" react-lifecycles-compat "^3.0.0" -react-redux@^7.2.4: - version "7.2.4" - resolved "https://registry.yarnpkg.com/react-redux/-/react-redux-7.2.4.tgz#1ebb474032b72d806de2e0519cd07761e222e225" - integrity sha512-hOQ5eOSkEJEXdpIKbnRyl04LhaWabkDPV+Ix97wqQX3T3d2NQ8DUblNXXtNMavc7DpswyQM6xfaN4HQDKNY2JA== +react-redux@^7.2.9: + version "7.2.9" + resolved "https://registry.yarnpkg.com/react-redux/-/react-redux-7.2.9.tgz#09488fbb9416a4efe3735b7235055442b042481d" + integrity sha512-Gx4L3uM182jEEayZfRbI/G11ZpYdNAnBs70lFVMNdHJI76XYtR+7m0MN+eAs7UHBPhWXcnFPaS+9owSCJQHNpQ== dependencies: - "@babel/runtime" "^7.12.1" - "@types/react-redux" "^7.1.16" + "@babel/runtime" "^7.15.4" + "@types/react-redux" "^7.1.20" hoist-non-react-statics "^3.3.2" loose-envify "^1.4.0" prop-types "^15.7.2" - react-is "^16.13.1" + react-is "^17.0.2" react-refresh@^0.11.0: version "0.11.0" From 56fcaa4f54db13cc5153643e689461f7af430abe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 10:55:08 +0100 Subject: [PATCH 4/4] chore(deps): bump moment from 2.29.4 to 2.30.1 (#2892) Bumps [moment](https://github.com/moment/moment) from 2.29.4 to 2.30.1. - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](https://github.com/moment/moment/compare/2.29.4...2.30.1) --- updated-dependencies: - dependency-name: moment dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jen Jones Arnesen --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 8b16a1fd0..3bf7f9f76 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "d2-utilizr": "^0.2.16", "i18next": "^20.3.5", "lodash": "^4.17.21", - "moment": "^2.29.4", + "moment": "^2.30.1", "react": "^16.14.0", "react-dom": "^16.13.1", "react-grid-layout": "1.2.2", diff --git a/yarn.lock b/yarn.lock index 2c47353d5..700f8c8eb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11597,10 +11597,10 @@ module-deps@^6.0.0, module-deps@^6.2.3: through2 "^2.0.0" xtend "^4.0.0" -moment@^2.24.0, moment@^2.29.1, moment@^2.29.4: - version "2.29.4" - resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108" - integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w== +moment@^2.24.0, moment@^2.29.1, moment@^2.30.1: + version "2.30.1" + resolved "https://registry.yarnpkg.com/moment/-/moment-2.30.1.tgz#f8c91c07b7a786e30c59926df530b4eac96974ae" + integrity sha512-uEmtNhbDOrWPFS+hdjFCBfy9f2YoyzRpwcl+DqpC6taX21FzsTLQVbMV/W7PzNSX6x/bhC1zA3c2UQ5NzH6how== ms@2.0.0: version "2.0.0"