build(deps): bump rollup from 2.79.1 to 2.79.2 in /POCUploadStream/ClientApp in the npm_and_yarn group across 1 directory #247
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps the npm_and_yarn group with 1 update in the /POCUploadStream/ClientApp directory: [rollup](https://github.com/rollup/rollup). Updates `rollup` from 2.79.1 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) --- updated-dependencies: - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the |
|
Review changes with SemanticDiff. Analyzed 1 of 1 files.
|
|
Hi there! 👋 Thanks for opening a PR. It looks like you've already reached the 5 review limit on our Basic Plan for the week. If you still want a review, feel free to upgrade your subscription in the Web App and then reopen the PR |
Reviewed 👀 Everything looks good. The dependency `rollup` has been successfully updated from `2.79.1` to `2.79.2` 🚀 |
Potential issues, bugs, and flaws that can introduce unwanted behavior:
Code suggestions and improvements for better exception handling, logic, standardization, and consistency:
|
👋 Hi there!Everything looks good!
|
Please double check the following review of the pull request:Issues counts
Changes in the diff
Identified IssuesNo issues were identified in the proposed changes. The update from Missing TestsSince the change is a dependency update and does not involve direct code changes, there are no specific tests to be generated for this update. However, it is recommended to run the existing test suite to ensure that the update does not introduce any regressions. Summon me to re-review when updated! Yours, Gooroo.dev |
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
We have skipped reviewing this pull request. Here's why:
- It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!
- We don't review packaging changes - Let us know if you'd like us to change this.
![gstraccini[bot]](https://avatars.githubusercontent.com/in/480132?s=60&v=4){kind=small}
|
@dependabot squash and merge |
|
Infisical secrets check: ✅ No secrets leaked! Scan results: |
|
guibranco
deleted the
dependabot/npm_and_yarn/POCUploadStream/ClientApp/npm_and_yarn-dcddfe2757
branch
Bumps the npm_and_yarn group with 1 update in the /POCUploadStream/ClientApp directory: rollup.
Updates
rollupfrom 2.79.1 to 2.79.2Changelog
Sourced from rollup's changelog.
... (truncated)
Commits
c9bd03d2.79.248aef33fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (#5677)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot will merge this PR once CI passes on it, as requested by @guibranco.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.