Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixes #156

Open
wants to merge 43 commits into
base: master
Choose a base branch
from
Open

fixes #156

wants to merge 43 commits into from

Conversation

philipjonsen
Copy link

No description provided.

deepsourcebot and others added 30 commits March 24, 2022 11:29
@deepsourcebot
Add .deepsource.toml
e8d47fa
@philipjonsen
Create SECURITY.md
2fa56e7 
Upgraded and fixed flaws in package.json
@dependabot
Bump tmpl from 1.0.4 to 1.0.5 in /sdk/javascript
9020dc1 
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump simple-get from 2.8.1 to 2.8.2 in /sdk/javascript
12817d3 
Bumps [simple-get](https://github.com/feross/simple-get) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/feross/simple-get/releases)
- [Commits](feross/simple-get@v2.8.1...v2.8.2)

---
updated-dependencies:
- dependency-name: simple-get
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump node-fetch from 2.6.0 to 2.6.7 in /sdk/javascript
91931cb 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.0 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.0...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump lodash from 4.17.15 to 4.17.21 in /sdk/javascript
19c9256 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.15...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump tar from 4.4.13 to 4.4.19 in /sdk/javascript
a386b3d 
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v4.4.13...v4.4.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #4 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
f9ff131 
…avascript/node-fetch-2.6.7

Bump node-fetch from 2.6.0 to 2.6.7 in /sdk/javascript
@dependabot
Bump path-parse from 1.0.6 to 1.0.7 in /sdk/javascript
6dc892a 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #3 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
052d7f4 
…avascript/simple-get-2.8.2

Bump simple-get from 2.8.1 to 2.8.2 in /sdk/javascript
@philipjonsen
Merge pull request #6 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
0fb5f39 
…avascript/tar-4.4.19

Bump tar from 4.4.13 to 4.4.19 in /sdk/javascript
@dependabot
Bump normalize-url from 4.5.0 to 4.5.1 in /sdk/javascript
6b09ad5 
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases)
- [Commits](https://github.com/sindresorhus/normalize-url/commits)

---
updated-dependencies:
- dependency-name: normalize-url
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump hosted-git-info from 2.8.5 to 2.8.9 in /sdk/javascript
2cab7eb 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.8.5...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump handlebars from 4.5.3 to 4.7.7 in /sdk/javascript
8225c9f 
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.5.3...v4.7.7)

---
updated-dependencies:
- dependency-name: handlebars
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump ajv from 6.10.2 to 6.12.6 in /sdk/javascript
ad72576 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.10.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Create codeql-analysis.yml
ee5f8fe 
updated
@philipjonsen
Merge pull request #11 from cryptosweden/dependabot/npm_and_yarn/sdk/…
7ba2b11 
…javascript/ajv-6.12.6

Bump ajv from 6.10.2 to 6.12.6 in /sdk/javascript
@philipjonsen
Merge pull request #10 from cryptosweden/dependabot/npm_and_yarn/sdk/…
49ec73d 
…javascript/handlebars-4.7.7

Bump handlebars from 4.5.3 to 4.7.7 in /sdk/javascript
@philipjonsen
Merge pull request #9 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
e74e539 
…avascript/hosted-git-info-2.8.9

Bump hosted-git-info from 2.8.5 to 2.8.9 in /sdk/javascript
@philipjonsen
Merge pull request #8 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
786a0cf 
…avascript/normalize-url-4.5.1

Bump normalize-url from 4.5.0 to 4.5.1 in /sdk/javascript
@philipjonsen
Merge pull request #2 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
866428d 
…avascript/tmpl-1.0.5

Bump tmpl from 1.0.4 to 1.0.5 in /sdk/javascript
@philipjonsen
Merge pull request #7 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
8e52061 
…avascript/path-parse-1.0.7

Bump path-parse from 1.0.6 to 1.0.7 in /sdk/javascript
@deepsource-autofix
Fix explicit type declarations
49f169a
@philipjonsen
Merge pull request #12 from cryptosweden/deepsource-fix-b843e89a
c08e7df 
Fix explicit type declarations
@philipjonsen
Merge pull request #5 from cryptosweden/dependabot/npm_and_yarn/sdk/j…
794d669 
…avascript/lodash-4.17.21

Bump lodash from 4.17.15 to 4.17.21 in /sdk/javascript
@dependabot
Bump y18n from 4.0.0 to 4.0.3 in /sdk/javascript
61e0547 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md)
- [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump ini from 1.3.5 to 1.3.8 in /sdk/javascript
c4960a0 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.8)

---
updated-dependencies:
- dependency-name: ini
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #15 from cryptosweden/dependabot/npm_and_yarn/sdk/…
1497aaf 
…javascript/ini-1.3.8

Bump ini from 1.3.5 to 1.3.8 in /sdk/javascript
@dependabot
Bump decompress from 4.2.0 to 4.2.1 in /sdk/javascript
3438fa7 
Bumps [decompress](https://github.com/kevva/decompress) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/kevva/decompress/releases)
- [Commits](kevva/decompress@v4.2.0...v4.2.1)

---
updated-dependencies:
- dependency-name: decompress
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #16 from cryptosweden/dependabot/npm_and_yarn/sdk/…
821ccb5 
…javascript/decompress-4.2.1

Bump decompress from 4.2.0 to 4.2.1 in /sdk/javascript
philipjonsen and others added 13 commits March 24, 2022 14:40
@philipjonsen
Merge pull request #14 from cryptosweden/dependabot/npm_and_yarn/sdk/…
99a02f2 
…javascript/y18n-4.0.3

Bump y18n from 4.0.0 to 4.0.3 in /sdk/javascript
@deepsource-autofix
Replace if-else with ternary operator
253a1f2
@deepsource-autofix
Removes the console expressions
1432764
@philipjonsen
Merge pull request #18 from cryptosweden/deepsource-fix-95b86e23
56a748c 
Removes the console expressions
@deepsource-autofix
Replace if-else with ternary operator
44bfbee
@philipjonsen
Merge pull request #19 from cryptosweden/deepsource-fix-9ecc701e
860e08d 
Replace `if-else` with ternary operator
@dependabot
Bump tar from 4.4.13 to 4.4.19 in /poster
6c7bb96 
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v4.4.13...v4.4.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump minimist from 1.2.5 to 1.2.6 in /poster
c080920 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #21 from cryptosweden/dependabot/npm_and_yarn/post…
85ec42a 
…er/minimist-1.2.6

Bump minimist from 1.2.5 to 1.2.6 in /poster
@philipjonsen
Merge pull request #20 from cryptosweden/dependabot/npm_and_yarn/post…
69fc6d9 
…er/tar-4.4.19

Bump tar from 4.4.13 to 4.4.19 in /poster
@philipjonsen
Merge pull request #17 from cryptosweden/deepsource-fix-08ebbea0
7b5fa71 
Replace `if-else` with ternary operator
@dependabot
Bump minimist from 1.2.5 to 1.2.6
53e959e 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@philipjonsen
Merge pull request #22 from cryptosweden/dependabot/npm_and_yarn/mini…
04df838 
…mist-1.2.6

Bump minimist from 1.2.5 to 1.2.6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vin757 Vin757 Vin757 approved these changes

@coburncoburn coburncoburn Awaiting requested review from coburncoburn coburncoburn is a code owner

@jflatow jflatow Awaiting requested review from jflatow

@hayesgm hayesgm Awaiting requested review from hayesgm hayesgm is a code owner

@torreyatcitty torreyatcitty Awaiting requested review from torreyatcitty torreyatcitty is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@philipjonsen @Vin757 @deepsourcebot