Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump minimist, lerna, solidity-coverage and truffle #277

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 3, 2023

Bumps minimist to 1.2.8 and updates ancestor dependencies minimist, lerna, solidity-coverage and truffle. These dependencies need to be updated together.

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates lerna from 2.11.0 to 6.5.1

Release notes

Sourced from lerna's releases.

6.5.1

6.5.1 (2023-02-14)

Bug Fixes

  • add missing dependency on js-yaml (187f480)

6.5.0

6.5.0 (2023-02-13)

Bug Fixes

  • create: normalize quotes and indents in generated test and lib files (#3529) (ad39fe2)
  • repair: re-enable repair generators (#3497) (510c3e9)

Features

  • publish: add --include-private option for testing private packages (#3503) (fa1f490)
  • publish: recover from network failure (#3513) (f03ee3e)
  • run: allow multiple script targets to be triggered at once (#3527) (937b02a)

v6.4.1

6.4.1 (2023-01-12)

Bug Fixes

v6.4.0

6.4.0 (2023-01-05)

Bug Fixes

  • run: add explicit nx dependency (#3486) (7e39397)
  • version: recognize .prettierignore when formatting files (#3482) (4e2c7a9)

Features

  • create: support relative path from root as lerna create location (#3478) (82825ce)
  • watch: Add lerna watch command (#3466) (008b995)

v6.3.0

6.3.0 (2022-12-26)

... (truncated)

Changelog

Sourced from lerna's changelog.

6.5.1 (2023-02-14)

Bug Fixes

  • add missing dependency on js-yaml (187f480)

6.5.0 (2023-02-13)

Features

  • publish: add --include-private option for testing private packages (#3503) (fa1f490)

6.4.1 (2023-01-12)

Bug Fixes

6.4.0 (2023-01-05)

Features

6.3.0 (2022-12-26)

Features

  • version: use npmClientArgs in npm install after lerna version (#3434) (e019e3f)

6.2.0 (2022-12-13)

Bug Fixes

  • schema: add the other format changelogPreset can assume (#3441) (d286973)

Features

6.1.0 (2022-11-29)

Features

  • version: bump prerelease versions from conventional commits (#3362) (2288b3a)

6.0.3 (2022-11-07)

Note: Version bump only for package lerna

... (truncated)

Commits
  • 0a7ac45 chore(misc): publish 6.5.1
  • 187f480 fix: add missing dependency on js-yaml
  • 5eafb62 chore: release 6.5.0
  • 02c534e chore: remove unnecessary write-json-file dep (#3534)
  • fa1f490 feat(publish): add --include-private option for testing private packages (#3503)
  • 6b50725 chore: remove non-runtime deps from lerna package.json (#3528)
  • aea79df chore(docs): add lerna watch -- build --include-dependents example (#3512)
  • fc094da chore: initial codebase refactor (#3517)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by jameshenry, a new releaser for lerna since your current version.


Updates solidity-coverage from 0.5.11 to 0.8.2

Release notes

Sourced from solidity-coverage's releases.

0.8.2

What's Changed

New Contributors

Full Changelog: sc-forks/solidity-coverage@v0.8.1...v0.8.2

0.8.1

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.0...v0.8.1

0.8.0

Hi!

⚠️ This version requires Hardhat >= 2.11.0 (Ethereum Merge)

New Features

A central focus of the 0.8.0 release is improving the coverage tool's branch detection.

Beginning with this version the following syntax is measured as a branch:

OR conditions

When a logical expression is composed with the || operator, both sides can be considered branches. To test the entire expression

if (a == 1 || a == 2)

... a must equal 1, 2 and neither of those values. (Thanks to Gnosis engineer @​rmeissner for proposing this in #175)

Screen Shot 2021-01-12 at 9 41 09 PM

Ternary Conditionals

Long ago, when Solidity was 0.4, solidity-coverage treated ternary conditionals like regular if/else statements. Some language improvements v0.5 subsequently made this impossible. Now it's back...

Screen Shot 2021-01-12 at 9 47 43 PM

Modifier Invocations

Solidity-coverage already covers the code within modifier definitions. However, each modifier invocation at the function level should really be considered its own branch. Some of the most critical logic in Solidity contracts is handled this way (ex: onlyOwner). Testing the pass/fail cases for each occurrence of these gates protects you from accidentally removing them during a refactor.

Because it's possible to write a modifier which performs a preparatory task and never reverts, there's a new option (modifierWhitelist) which allows you to exclude specific modifiers from branch measurement.

... (truncated)

Changelog

Sourced from solidity-coverage's changelog.

Changelog

0.8.1 / 2022-09-06

0.8.0 / 2022-09-05

0.7.21 / 2022-04-24

0.7.20 / 2022-02-15

0.7.19 / 2022-02-09

0.7.18 2022-01-17

0.7.16 / 2021-03-04

0.7.15 / 2021-02-16

0.7.14 / 2021-01-14

  • Support file scoped function definitions for solc >= 0.7.4
  • Upgrade @​solidity-parser/parser to v0.11.0

0.7.13 / 2020-12-03

  • Use default artifact paths for hardhat >= 2.0.4 (Fixes hardhat-deploy bug)

... (truncated)

Commits

Updates truffle from 5.4.2 to 5.7.9

Release notes

Sourced from truffle's releases.

v5.7.9 — Cabbage tart

Hey everyone, we hope you enjoy today's release which contains some library updates and a bug fix related to @​truffle/from-hardhat. We hope you all have a nice weekend!

How to upgrade

We recommend upgrading to the latest version of Truffle by running:

npm uninstall -g truffle
npm install -g truffle

Changelog

Bug fixes

Internal improvement

  • add a warning when unable to save the solidity compiler to disk instead of throwing (#5934 by @​eggplantzzz)

Dependency update

v5.7.8 — Cinnamon roll soup

Welcome back! 👋 Another Truffle release is out in the wild today. Once again it is mostly a maintenance-type release with some bug fixes and internal improvements. We have to give a shout-out 🔈 to @​sandakersmann for updating the copyright information in Truffle's LICENSE file. Thanks so much for helping keep everything tidy and up-to-date! We'll see you next time and we wish you all a beautiful weekend!🦚

How to upgrade

We recommend upgrading to the latest version of Truffle by running:

npm uninstall -g truffle
npm install -g truffle

Changelog

Enhancement

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.8 and updates ancestor dependencies [minimist](https://github.com/minimistjs/minimist), [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna), [solidity-coverage](https://github.com/sc-forks/solidity-coverage) and [truffle](https://github.com/trufflesuite/truffle/tree/HEAD/packages/truffle). These dependencies need to be updated together.


Updates `minimist` from 1.2.5 to 1.2.8
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `lerna` from 2.11.0 to 6.5.1
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/6.5.1/packages/lerna)

Updates `solidity-coverage` from 0.5.11 to 0.8.2
- [Release notes](https://github.com/sc-forks/solidity-coverage/releases)
- [Changelog](https://github.com/sc-forks/solidity-coverage/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sc-forks/solidity-coverage/commits/v0.8.2)

Updates `truffle` from 5.4.2 to 5.7.9
- [Release notes](https://github.com/trufflesuite/truffle/releases)
- [Commits](https://github.com/trufflesuite/truffle/commits/[email protected]/packages/truffle)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: lerna
  dependency-type: direct:production
- dependency-name: solidity-coverage
  dependency-type: direct:development
- dependency-name: truffle
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants