chore: cherry-pick dependabot updates from master by jdstrand · Pull Request #6995 · influxdata/ui

jdstrand · 2025-01-23T16:40:21Z

Closes https://github.com/influxdata/edge/issues/779

This pulls back the following from ui master:

PR build(deps): bump semver from 5.7.1 to 5.7.2 #6756 - semver - cherry-pick d625f5e
PR build(deps): bump word-wrap from 1.2.3 to 1.2.4 #6768 - word-wrap - cherry-pick 73f0cde
PR build(deps): bump @adobe/css-tools from 4.0.1 to 4.3.1 #6795 - @adobe/css-tools - cherry-pick b7ba6e9
PR build(deps): bump postcss from 8.4.19 to 8.4.31 #6815 - postcss - cherry-pick 66fe1d1
PR build(deps): bump @babel/traverse from 7.16.3 to 7.23.2 #6820 - @babel/traverse - cherry-pick 16fbfc2
PR build(deps): bump crypto-js from 4.1.1 to 4.2.0 #6825 - crypto-js - cherry-pick 407a31e
PR build(deps): bump @adobe/css-tools from 4.3.1 to 4.3.2 #6843 - @adobe/css-tools - cherry-pick 32976ea
PR build(deps): bump follow-redirects from 1.14.8 to 1.15.4 #6849 - follow-redirects - cherry-pick 2c92b88
PR build(deps): bump webpack-dev-middleware from 5.3.3 to 5.3.4 #6878 - webpack-dev-middleware - cherry-pick 3491b83
PR build(deps): bump express from 4.18.2 to 4.19.2 #6880 - express - cherry-pick dbd1597
PR build(deps): bump braces from 3.0.2 to 3.0.3 #6895 - braces - cherry-pick 343d5c9
PR build(deps): bump ws from 6.2.2 to 6.2.3 #6897 - ws - cherry-pick f643131
PR chore(deps): Pin auth0 superagent version #6903 - Pin auth0 superagent version - cherry-pick be7552b - needed for clean cherry-picks after
PR build(deps): bump micromatch from 4.0.5 to 4.0.8 #6937 - micromatch - cherry-pick 1721b8f
PR build(deps): bump express from 4.19.2 to 4.21.0 #6949 - express - unclean cherry-pick 461933a
PR build(deps): bump dompurify from 2.3.4 to 2.5.6 #6950 - dompurify - cherry-pick a58f10e
yarn install - this updates yarn.lock for oats and influxdb-templates, needed in next steps; this was forgotten and needed for clean cherry-picks after
PR build(deps): bump http-proxy-middleware from 2.0.6 to 2.0.7 #6966 - http-proxy-middleware - cherry-pick 29428a2
PR build(deps): bump nanoid from 3.2.0 to 3.3.8 #6988 - nanoid - cherry-pick d2027a7
PR fix: wait for focus on monacotype support cmd #6992 - fix: do not force focus on uses of monacotype support cmd - cherry-pick 5cfee32; added since it addresses flakiness in the tests
PR fix: correct tests to be handled by faster ci runner #6911, PR chore: add delay to tasks-searching test #6913, PR fix: flake in scriptquerybuilder, tasks e2es #6917, PR fix: combat flake on two most frequently flaking e2es #6919 - added since they address flakiness in the tests

After applying the above I did rm -rf ./node_modules && yarn install and compared that against master's yarn.lock and there were minimal differences.

Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chunchun <14298407+appletreeisyellow@users.noreply.github.com>

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.0.1 to 4.3.1. - [Changelog](https://github.com/adobe/css-tools/blob/main/History.md) - [Commits](https://github.com/adobe/css-tools/commits) --- updated-dependencies: - dependency-name: "@adobe/css-tools" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [postcss](https://github.com/postcss/postcss) from 8.4.19 to 8.4.31. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.19...8.4.31) --- updated-dependencies: - dependency-name: postcss dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.16.3 to 7.23.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [crypto-js](https://github.com/brix/crypto-js) from 4.1.1 to 4.2.0. - [Commits](brix/crypto-js@4.1.1...4.2.0) --- updated-dependencies: - dependency-name: crypto-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.3.1 to 4.3.2. - [Changelog](https://github.com/adobe/css-tools/blob/main/History.md) - [Commits](https://github.com/adobe/css-tools/commits) --- updated-dependencies: - dependency-name: "@adobe/css-tools" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.8 to 1.15.4. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.8...v1.15.4) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump braces from 3.0.2 to 3.0.3 Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore: empty commit --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chunchun <14298407+appletreeisyellow@users.noreply.github.com>

* build(deps): bump ws from 6.2.2 to 6.2.3 Bumps [ws](https://github.com/websockets/ws) from 6.2.2 to 6.2.3. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.2...6.2.3) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore: empty commit --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chunchun <14298407+appletreeisyellow@users.noreply.github.com>

Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: micromatch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.21.0. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.19.2...4.21.0) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.3.4 to 2.5.6. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](cure53/DOMPurify@2.3.4...2.5.6) --- updated-dependencies: - dependency-name: dompurify dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) from 2.0.6 to 2.0.7. - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7) --- updated-dependencies: - dependency-name: http-proxy-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [nanoid](https://github.com/ai/nanoid) from 3.2.0 to 3.3.8. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.2.0...3.3.8) --- updated-dependencies: - dependency-name: nanoid dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

chore: skip clone-and-immediately-activate-task-test chore: skip flaky scriptquery test

wdoconnell

Looks good. Changes just reflect test updates, and pinning the superagent version.

dependabot bot and others added 19 commits January 23, 2025 08:13

chore(deps): Pin auth0 superagent version (#6903)

21db5aa

chore: update yarn.lock for oats and influxdb-templates (yarn install)

af328ab

jdstrand requested a review from a team as a code owner January 23, 2025 16:40

wdoconnell added 5 commits January 23, 2025 10:53

fix: do not force focus on uses of monacotype support cmd (#6992)

e901635

chore: bump CI permitted retry, disable two flaky tests (#6919)

2c739dd

chore: skip clone-and-immediately-activate-task-test chore: skip flaky scriptquery test

fix: correct tests to be handled by faster ci runner (#6911)

2a068b0

chore: add delay to tasks-searching test (#6913)

4a2a771

fix: flake in scriptquerybuilder, tasks e2es (#6917)

7eb16e2

jdstrand requested a review from wdoconnell January 23, 2025 18:07

wdoconnell approved these changes Jan 23, 2025

View reviewed changes

jdstrand merged commit cae6955 into release/OSS Jan 23, 2025
7 of 8 checks passed

jdstrand deleted the jdstrand/update-oss-for-depbot branch January 23, 2025 18:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: cherry-pick dependabot updates from master#6995

chore: cherry-pick dependabot updates from master#6995
jdstrand merged 24 commits intorelease/OSSfrom
jdstrand/update-oss-for-depbot

jdstrand commented Jan 23, 2025 •

edited

Loading

Uh oh!

wdoconnell left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

jdstrand commented Jan 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

wdoconnell left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

jdstrand commented Jan 23, 2025 •

edited

Loading