Nidhi
fc6ded0c5f
chore: Add OTLP traces to RTS ( #36788 )
2024-10-10 17:44:02 +05:30
Valera Melnikov
3484a7b74c
fix: removing unused dependencies and explicitly installing used ones ( #36573 )
...
## Description
Removing unused dependencies and explicitly installing used ones.
The identification of dependencies was done using the
[knip](https://knip.dev/ ). Dependency lists are provided in the
appropriate files.
- [Unused
dependencies.txt](https://github.com/user-attachments/files/17161963/Unused.dependencies.txt )
- [Unused
devDependencies.txt](https://github.com/user-attachments/files/17161964/Unused.devDependencies.txt )
- [Unlisted
dependencies.txt](https://github.com/user-attachments/files/17161965/Unlisted.dependencies.txt )
EE PR — https://github.com/appsmithorg/appsmith-ee/pull/5229
## Automation
/ok-to-test tags="@tag.All"
### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/11100669672 >
> Commit: 31b8da3dd07e452c8921526cd8e1336b11add27f
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11100669672&attempt=3 "
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Mon, 30 Sep 2024 09:15:27 UTC
<!-- end of auto-generated comment: Cypress test results -->
## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
- **New Features**
- Introduced new dependencies to enhance functionality and
observability.
- **Bug Fixes**
- Removed outdated or unnecessary dependencies to streamline the
application.
- **Documentation**
- Updated configuration files to improve clarity and maintainability.
- **Chores**
- Cleaned up various package files by removing unused dependencies
across multiple modules.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-09-30 12:28:46 +03:00
Hetu Nandu
ce75cae779
chore: Upgrade vulnerable express dependency ( #36265 )
...
## Description
Upgrade dependency as per
https://github.com/appsmithorg/appsmith/pull/36250
## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ x ] No
2024-09-12 10:34:47 +03:00
dependabot[bot]
049216787c
chore(deps): bump axios from 1.7.2 to 1.7.4 in /app/client ( #35681 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.7.2 to 1.7.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases ">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.7.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>sec:</strong> CVE-2024-39338 (<a
href="https://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)
(<a
href="https://redirect.github.com/axios/axios/issues/6543 ">#6543</a>)
(<a
href="6b6b605eafhttps://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)
(<a
href="07a661a2a6https://github.com/levpachmanov "
title="+47/-11 ([#6543 ](https://github.com/axios/axios/issues/6543 )
)">Lev Pachmanov</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/hainenber "
title="+49/-4 ([#6539 ](https://github.com/axios/axios/issues/6539 ) )">Đỗ
Trọng Hải</a></li>
</ul>
<h2>Release v1.7.3</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>adapter:</strong> fix progress event emitting; (<a
href="https://redirect.github.com/axios/axios/issues/6518 ">#6518</a>)
(<a
href="e3c76fc9bdhttps://redirect.github.com/axios/axios/issues/6505 ">#6505</a>)
(<a
href="85d4d0ea0ahttps://redirect.github.com/axios/axios/issues/6515 ">#6515</a>)
(<a
href="8966ee7ea6https://github.com/DigitalBrainJS " title="+211/-159
([#6518 ](https://github.com/axios/axios/issues/6518 )
[#6519 ](https://github.com/axios/axios/issues/6519 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/ValeraS "
title="+3/-3 ([#6515 ](https://github.com/axios/axios/issues/6515 )
)">Valerii Sidorenko</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/prianyu "
title="+2/-2 ([#6505 ](https://github.com/axios/axios/issues/6505 )
)">prianYu</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md ">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.7.3...v1.7.4 ">1.7.4</a>
(2024-08-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>sec:</strong> CVE-2024-39338 (<a
href="https://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)
(<a
href="https://redirect.github.com/axios/axios/issues/6543 ">#6543</a>)
(<a
href="6b6b605eafhttps://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)
(<a
href="07a661a2a6https://github.com/levpachmanov "
title="+47/-11 ([#6543 ](https://github.com/axios/axios/issues/6543 )
)">Lev Pachmanov</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/hainenber "
title="+49/-4 ([#6539 ](https://github.com/axios/axios/issues/6539 ) )">Đỗ
Trọng Hải</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.7.2...v1.7.3 ">1.7.3</a>
(2024-08-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>adapter:</strong> fix progress event emitting; (<a
href="https://redirect.github.com/axios/axios/issues/6518 ">#6518</a>)
(<a
href="e3c76fc9bdhttps://redirect.github.com/axios/axios/issues/6505 ">#6505</a>)
(<a
href="85d4d0ea0ahttps://redirect.github.com/axios/axios/issues/6515 ">#6515</a>)
(<a
href="8966ee7ea6https://github.com/DigitalBrainJS " title="+211/-159
([#6518 ](https://github.com/axios/axios/issues/6518 )
[#6519 ](https://github.com/axios/axios/issues/6519 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/ValeraS "
title="+3/-3 ([#6515 ](https://github.com/axios/axios/issues/6515 )
)">Valerii Sidorenko</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/prianyu "
title="+2/-2 ([#6505 ](https://github.com/axios/axios/issues/6505 )
)">prianYu</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="abd24a7367https://redirect.github.com/axios/axios/issues/6544 ">#6544</a>)</li>
<li><a
href="6b6b605eafhttps://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)
(<a
href="https://redirect.github.com/axios/axios/issues/6543 ">#6543</a>)</li>
<li><a
href="07a661a2a6https://redirect.github.com/axios/axios/issues/6539 ">#6539</a>)</li>
<li><a
href="c6cce43cd9https://redirect.github.com/axios/axios/issues/6521 ">#6521</a>)</li>
<li><a
href="e3c76fc9bdhttps://redirect.github.com/axios/axios/issues/6518 ">#6518</a>)</li>
<li><a
href="85d4d0ea0ahttps://redirect.github.com/axios/axios/issues/6505 ">#6505</a>)</li>
<li><a
href="92cd8ed943https://redirect.github.com/axios/axios/issues/6519 ">#6519</a>)</li>
<li><a
href="8966ee7ea6https://redirect.github.com/axios/axios/issues/6515 ">#6515</a>)</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.7.2...v1.7.4 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts ).
</details>
<!-- This is an auto-generated comment: Cypress test results -->
> [!WARNING]
> Tests have not run on the HEAD
95afb4e55624a56691d3b9ab73225d541f6f9ed4 yet
> <hr>Wed, 14 Aug 2024 05:37:58 UTC
<!-- end of auto-generated comment: Cypress test results -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated the `axios` library to version `1.7.4`, which may enhance
performance and introduce new features.
- **Bug Fixes**
- Included improvements and bug fixes associated with the recent version
of `axios`.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-14 15:03:14 +05:30
dependabot[bot]
3e20868a85
chore: bump axios from 0.21.4 to 1.7.2 in /app/client ( #35266 )
2024-07-31 22:29:43 +05:30
Ilia
1dc6944504
chore: upgrade Typescipt to 5.5.4 ( #35314 )
...
## Description
Fixes #35296
## Automation
/ok-to-test tags="@tag.All"
### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/10182307436 >
> Commit: 8b0aa1a644769cd28161b92a21f7426d0d94cf4f
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10182307436&attempt=2 "
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Wed, 31 Jul 2024 15:48:59 UTC
<!-- end of auto-generated comment: Cypress test results -->
## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Summary by CodeRabbit
- **New Features**
- Updated TypeScript dependency across multiple modules to support newer
features and improvements.
- Updated `colorjs.io` dependency in design system packages to enhance
functionality.
- **Bug Fixes**
- Enhanced type-checking and overall code quality through dependency
updates.
- Refined color values in both `LightModeTheme` and `DarkModeTheme` to
improve visual accuracy.
- **Chores**
- Improved flexibility in dependency management by allowing minor and
patch updates for TypeScript and `colorjs.io`.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-07-31 17:49:46 +02:00
Ilia
c7a7c3fa3f
chore: upgrade typescript to 5.4 ( #35181 )
...
## Description
Upgrade Typescript from 4.9.5 to 5.4
Upgrading to 5.5 is not possible until we upgrade colors.js lib. It will
be done in separate PR
More details here
https://github.com/color-js/color.js/issues/560#issuecomment-2182819685
## Automation
/ok-to-test tags="@tag.All"
### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/10163124159 >
> Commit: 8d2e93f2e2913e715686ccb058d3efddd55aabc9
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10163124159&attempt=1 "
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Tue, 30 Jul 2024 14:11:42 UTC
<!-- end of auto-generated comment: Cypress test results -->
## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [x] No
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Summary by CodeRabbit
- **New Features**
- Updated TypeScript dependency to the latest version (5.4), enhancing
overall functionality with potential new features and improvements.
- **Improvements**
- Enhanced type safety by refining the `isString` function, allowing
better type inference and preventing runtime errors.
- Improved comments and annotations in the `indirectEval` function for
better clarity on its usage and intent.
- Corrected typographical errors in error handling logic across multiple
controllers, improving reliability in error messaging.
- Updated export style for `IconNames` to clarify its purpose as a type,
enhancing developer experience.
- **Configuration Changes**
- Updated Jest configurations to better support ECMAScript Modules
(ESM), improving compatibility and allowing for more flexible module
handling.
- Adjusted TypeScript configuration to enhance module handling and
compatibility.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-07-30 16:15:48 +02:00
dependabot[bot]
7346cfda8c
chore: bump socket.io from 4.6.1 to 4.6.2 in /app/client ( #34350 )
...
Bumps [socket.io](https://github.com/socketio/socket.io ) from 4.6.1 to
4.6.2.
## Automation
/ok-to-test tags="@tag.Sanity"
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/socketio/socket.io/releases ">socket.io's
releases</a>.</em></p>
<blockquote>
<h2>4.6.2</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>exports:</strong> move <code>types</code> condition to the
top (<a
href="https://redirect.github.com/socketio/socket.io/issues/4698 ">#4698</a>)
(<a
href="3d44aae381https://github.com/socketio/socket.io/compare/4.6.1...4.6.2 ">https://github.com/socketio/socket.io/compare/4.6.1...4.6.2 </a></li>
<li>Client release: <a
href="https://github.com/socketio/socket.io-client/releases/tag/4.6.2 ">4.6.2</a></li>
<li><a
href="https://github.com/socketio/engine.io/releases/tag/6.4.2 "><code>engine.io@~6.4.2</code></a>
(<a
href="https://github.com/socketio/engine.io/compare/6.4.1...6.4.2 ">diff</a>)</li>
<li><a
href="https://github.com/websockets/ws/releases/tag/8.11.0 "><code>ws@~8.11.0</code></a>
(no change)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/socketio/socket.io/blob/main/CHANGELOG.md ">socket.io's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/socketio/socket.io/compare/4.6.1...4.6.2 ">4.6.2</a>
(2023-05-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>exports:</strong> move <code>types</code> condition to the
top (<a
href="https://redirect.github.com/socketio/socket.io/issues/4698 ">#4698</a>)
(<a
href="3d44aae381https://github.com/socketio/engine.io/releases/tag/6.4.0 "><code>engine.io@~6.4.2</code></a>
(<a
href="https://github.com/socketio/engine.io/compare/6.4.1...6.4.2 ">diff</a>)</li>
<li><a
href="https://github.com/websockets/ws/releases/tag/8.11.0 "><code>ws@~8.11.0</code></a>
(no change)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="faf914c9ab15af22fc22d3658944e512b0de4f523d44aae381https://redirect.github.com/socketio/socket.io/issues/4698 ">#4698</a>)</li>
<li><a
href="cbf036247659280da20b50a4d37cb86458b2bef1b56da8a99fhttps://github.com/socketio/socket.io/compare/4.6.1...4.6.2 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts ).
</details>
<!-- This is an auto-generated comment: Cypress test results -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/9591866384 >
> Commit: dd65e5111bb195514a815908757f6864b39625be
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=9591866384&attempt=1 "
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.Sanity`
<!-- end of auto-generated comment: Cypress test results -->
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 16:25:38 +05:30
dependabot[bot]
af71de91fe
chore(deps): bump express from 4.18.2 to 4.19.2 in /app/client ( #32070 )
...
Bumps [express](https://github.com/expressjs/express ) from 4.18.2 to
4.19.2.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-29 14:34:03 +05:30
dependabot[bot]
037d2fabb0
chore(deps): bump axios from 0.27.2 to 1.6.0 in /app/client ( #28776 )
...
Bumps [axios](https://github.com/axios/axios ) from 0.27.2 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases ">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.0</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>CSRF:</strong> fixed CSRF vulnerability CVE-2023-45857 (<a
href="https://redirect.github.com/axios/axios/issues/6028 ">#6028</a>)
(<a
href="96ee232bd3https://redirect.github.com/axios/axios/issues/6011 ">#6011</a>)
(<a
href="5aaff532a6https://redirect.github.com/axios/axios/issues/5931 ">#5931</a>)
(<a
href="a1c8ad008bhttps://api.github.com/repos/axios/axios/pulls/6028 ">#6028</a>
)</li>
</ul>
<pre><code>
⚠️ Critical vulnerability fix. See
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
</code></pre>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS " title="+449/-114
([#6032 ](https://github.com/axios/axios/issues/6032 )
[#6021 ](https://github.com/axios/axios/issues/6021 )
[#6011 ](https://github.com/axios/axios/issues/6011 )
[#5932 ](https://github.com/axios/axios/issues/5932 )
[#5931 ](https://github.com/axios/axios/issues/5931 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/valentin-panov " title="+4/-4
([#6028 ](https://github.com/axios/axios/issues/6028 ) )">Valentin
Panov</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/therealrinku "
title="+1/-1 ([#5889 ](https://github.com/axios/axios/issues/5889 )
)">Rinku Chaudhari</a></li>
</ul>
<h2>Release v1.5.1</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>adapters:</strong> improved adapters loading logic to have
clear error messages; (<a
href="https://redirect.github.com/axios/axios/issues/5919 ">#5919</a>)
(<a
href="e4107797a7https://redirect.github.com/axios/axios/issues/5917 ">#5917</a>)
(<a
href="bc9af51b18https://redirect.github.com/axios/axios/issues/5890 ">#5890</a>)
(<a
href="https://redirect.github.com/axios/axios/issues/5892 ">#5892</a>)
(<a
href="4c89f251969e6205630ehttps://github.com/DigitalBrainJS " title="+89/-18
([#5919 ](https://github.com/axios/axios/issues/5919 )
[#5917 ](https://github.com/axios/axios/issues/5917 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/DavidJDallas "
title="+11/-5 ()">David Dallas</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/fb-sean "
title="+2/-8 ()">Sean Sattler</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/0o001 "
title="+4/-4 ()">Mustafa Ateş Uzun</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/sfc-gh-pmotacki " title="+2/-1
([#5892 ](https://github.com/axios/axios/issues/5892 ) )">Przemyslaw
Motacki</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/Cadienvan "
title="+1/-1 ()">Michael Di Prisco</a></li>
</ul>
<h2>Release v1.5.0</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>adapter:</strong> make adapter loading error more clear by
using platform-specific adapters explicitly (<a
href="https://redirect.github.com/axios/axios/issues/5837 ">#5837</a>)
(<a
href="9a414bb6c8https://redirect.github.com/axios/axios/issues/5836 ">#5836</a>)
(<a
href="b3e327dcc9https://redirect.github.com/axios/axios/issues/5831 ">#5831</a>)
(<a
href="d8b4ca0ea5https://redirect.github.com/axios/axios/issues/5832 ">#5832</a>)
(<a
href="8fda2766b1https://github.com/axios/axios/blob/v1.x/CHANGELOG.md ">axios's
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/axios/axios/compare/v1.5.1...v1.6.0 ">1.6.0</a>
(2023-10-26)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>CSRF:</strong> fixed CSRF vulnerability CVE-2023-45857 (<a
href="https://redirect.github.com/axios/axios/issues/6028 ">#6028</a>)
(<a
href="96ee232bd3https://redirect.github.com/axios/axios/issues/6011 ">#6011</a>)
(<a
href="5aaff532a6https://redirect.github.com/axios/axios/issues/5931 ">#5931</a>)
(<a
href="a1c8ad008bhttps://api.github.com/repos/axios/axios/pulls/6028 ">#6028</a>
)</li>
</ul>
<pre><code>
⚠️ Critical vulnerability fix. See
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
</code></pre>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS " title="+449/-114
([#6032 ](https://github.com/axios/axios/issues/6032 )
[#6021 ](https://github.com/axios/axios/issues/6021 )
[#6011 ](https://github.com/axios/axios/issues/6011 )
[#5932 ](https://github.com/axios/axios/issues/5932 )
[#5931 ](https://github.com/axios/axios/issues/5931 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/valentin-panov " title="+4/-4
([#6028 ](https://github.com/axios/axios/issues/6028 ) )">Valentin
Panov</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/therealrinku "
title="+1/-1 ([#5889 ](https://github.com/axios/axios/issues/5889 )
)">Rinku Chaudhari</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.5.0...v1.5.1 ">1.5.1</a>
(2023-09-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>adapters:</strong> improved adapters loading logic to have
clear error messages; (<a
href="https://redirect.github.com/axios/axios/issues/5919 ">#5919</a>)
(<a
href="e4107797a7https://redirect.github.com/axios/axios/issues/5917 ">#5917</a>)
(<a
href="bc9af51b18https://redirect.github.com/axios/axios/issues/5890 ">#5890</a>)
(<a
href="https://redirect.github.com/axios/axios/issues/5892 ">#5892</a>)
(<a
href="4c89f251969e6205630ehttps://github.com/DigitalBrainJS " title="+89/-18
([#5919 ](https://github.com/axios/axios/issues/5919 )
[#5917 ](https://github.com/axios/axios/issues/5917 ) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/DavidJDallas "
title="+11/-5 ()">David Dallas</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/fb-sean "
title="+2/-8 ()">Sean Sattler</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/0o001 "
title="+4/-4 ()">Mustafa Ateş Uzun</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/sfc-gh-pmotacki " title="+2/-1
([#5892 ](https://github.com/axios/axios/issues/5892 ) )">Przemyslaw
Motacki</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/Cadienvan "
title="+1/-1 ()">Michael Di Prisco</a></li>
</ul>
<h3>PRs</h3>
<ul>
<li>CVE 2023 45857 ( <a
href="https://api.github.com/repos/axios/axios/pulls/6028 ">#6028</a>
)</li>
</ul>
<pre><code>
⚠️ Critical vulnerability fix. See
https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
</code></pre>
<h1><a
href="https://github.com/axios/axios/compare/v1.4.0...v1.5.0 ">1.5.0</a>
(2023-08-26)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f7adacdbaahttps://redirect.github.com/axios/axios/issues/6031 ">#6031</a>)</li>
<li><a
href="9917e67cbbhttps://redirect.github.com/axios/axios/issues/6032 ">#6032</a>)</li>
<li><a
href="96ee232bd3https://redirect.github.com/axios/axios/issues/6028 ">#6028</a>)</li>
<li><a
href="7d45ab2e2a5aaff532a6https://redirect.github.com/axios/axios/issues/6011 ">#6011</a>)</li>
<li><a
href="a48a63ad82https://redirect.github.com/axios/axios/issues/5932 ">#5932</a>)</li>
<li><a
href="a1c8ad008bhttps://redirect.github.com/axios/axios/issues/5931 ">#5931</a>)</li>
<li><a
href="2ac731d605https://redirect.github.com/axios/axios/issues/5889 ">#5889</a>)</li>
<li><a
href="88fb52b5fahttps://redirect.github.com/axios/axios/issues/5920 ">#5920</a>)</li>
<li><a
href="e4107797a7https://github.com/axios/axios/compare/v0.27.2...v1.6.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/appsmithorg/appsmith/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hetu Nandu <hetunandu@gmail.com>
Co-authored-by: Hetu Nandu <hetu@appsmith.com>
2023-11-23 18:12:28 +05:30
Shrikant Sharat Kandula
14f4bae198
chore: Use separate specific esbuild for RTS ( #27764 )
...
Use separate specifici `esbuild` for building RTS, instead of reusing
the one coming from storybook.
As recommended in [this
comment](https://github.com/appsmithorg/appsmith/pull/27310#pullrequestreview-1652734575 ).
2023-10-03 12:37:23 +05:30
Valera Melnikov
9f607d250d
chore: move local dependency to packages ( #23395 )
...
## Description
1. Move everything related to client from app folder to client folder
(`.yarn`, `yarn.lock`, package.json, .gitignore)
2. Move `ast` and `rst` to client packages
3. Fix running scripts in packages
4. Add running unit tests in packages in CI
TODO: It is necessary to consider enabling the `nmHoistingLimits:
workspaces` option, since now all packages are hoisted to the root,
there may be issues with dependencies in workspaces. Also, there is a
possibility of implicit use of packages.
https://yarnpkg.com/configuration/yarnrc#nmHoistingLimits
#### PR fixes following issue(s)
Fixes #23333
#### Type of change
- Chore (housekeeping or task changes that don't impact user perception)
## Testing
#### How Has This Been Tested?
- [x] Manual
- [x] Jest
- [x] Cypress
## Checklist:
#### Dev activity
- [x] My code follows the style guidelines of this project
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] PR is being merged under a feature flag
Co-authored-by: Valera Melnikov <melnikov.vv@greendatasoft.ru>
2023-05-22 15:55:46 +03:00
Nidhi