fix(deps): bump immutable from 5.0.3 to 5.1.5#818
Conversation
Bumps [immutable](https://github.com/immutable-js/immutable-js) from 5.0.3 to 5.1.5. - [Release notes](https://github.com/immutable-js/immutable-js/releases) - [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md) - [Commits](immutable-js/immutable-js@v5.0.3...v5.1.5) --- updated-dependencies: - dependency-name: immutable dependency-version: 5.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
✅ Deploy Preview for phillips-seldon ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
davidicus
left a comment
There was a problem hiding this comment.
@dependabot squash and merge
|
🚀 Storybook preview is ready. • Preview: https://68b9f094608b90f3cfec5a06-ibtkftluin.chromatic.com/ |
Dependency Upgrade Risk AssessmentRisk Level: What This Library Does & How We Use ItImmutable.js provides persistent immutable data structures. In seldon it appears as a transitive dependency (not a direct dep in package.json). What Changed5.0.3 → 5.1.5 (minor) Risk Rationale
Regression Tests ChecklistBefore merging, confirm:
|
Dependency Upgrade Risk AssessmentRisk Level: What This Library Does & How We Use ItImmutable.js provides persistent immutable data structures. In seldon it appears as a transitive dependency (not a direct dep in package.json). What Changed5.0.3 → 5.1.5 (minor) Risk Rationale
Regression Tests ChecklistBefore merging, confirm:
|
Bumps immutable from 5.0.3 to 5.1.5.
Release notes
Sourced from immutable's releases.
... (truncated)
Changelog
Sourced from immutable's changelog.
... (truncated)
Commits
b37b8555.1.516b3313Merge commit from forkfd2ef49fix new proto key injection6734b7bfix Prototype Pollution in mergeDeep, toJS, etc.6f772deMerge pull request #2175 from immutable-js/dependabot/npm_and_yarn/rollup-4.59.05f3dc61Bump rollup from 4.34.8 to 4.59.0049a594Merge pull request #2173 from immutable-js/dependabot/npm_and_yarn/lodash-4.1...2481a77Merge pull request #2172 from mrazauskas/update-tstycheeb04779Bump lodash from 4.17.21 to 4.17.23b973bf3formatMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for immutable since your current version.
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.