build(deps): bump the npm_and_yarn group across 1 directory with 3 updates#77
Open
dependabot[bot] wants to merge 51 commits into
Open
build(deps): bump the npm_and_yarn group across 1 directory with 3 updates#77dependabot[bot] wants to merge 51 commits into
dependabot[bot] wants to merge 51 commits into
Conversation
Signed-off-by: Andrew Prokhorenkov <aprokh@uchicago.edu> ...at 6a6e63c
…s for users TODO: This should be made configurable in the future...
…te access to a global shared artifact reader role that would be given to all users. Next steps are to 1) make this configurable, 2) allow users to configure the global author role if they want only some users to be able to grant global read access, and 3) set up global read role for all users as a default assigned system role Other commit messages squashed in here: - first working configuration of sharing using an authoring role - some fixes to global sharing after testing; moved the shared reader role to a new roleid. - started to implement the ability to hide the share-global buttons but then decided not to - changed the 'shared artifact reader' role checked by Atlas to be the 'public' role since this would remove the need to change WebAPI to add a new system role that pretty much duplicates 'public' - added the configurable ability to restrict generation of a given cohort to only persons who have been granted permission to change the same cohort.
…bal sharing ...and introduce some other fixes: - fix: correct styling for sharing buttons on access modal ui - fix: cleanup/remove unnecessary parts - fix: adjust permission name to "artifact:global:share:put" to better reflect its real purpose - fix: better name for isPermittedGlobalShareArtifact (previous name isPermittedGlobalShareCohort did not reflect the fact that it is about all kind of artifacts) - fix: move isOwner() check and make sure it is only applied when !config.limitedPermissionManagement - fix: move isOwner() check for conceptset-manager
based on this discussion OHDSI#2929 (comment)
until we have a final solution for storing cohortdefinitions as part of a workflow run. TODO - remove this once a solution is in place. See https://ctds-planx.atlassian.net/browse/VADC-1177
...because of 508 issues and also because they are not needed
...to improve accessibility
...by adding keyboard support for opening dropdown and submenu and allowing items in submenu to be selected
Security updates
dep: upgrade express to 4.21.2
...at the same time making them more 508 compliant
…n pages ...simplifying them and making them more 508 compliant
Fix: 508/accessibility issues in Atlas UI
Fix: remove unnecessary parts, improving 508
Create NOTICE file
Display a warning when session expires and force refresh the page
…dates Bumps the npm_and_yarn group with 3 updates in the / directory: [bootstrap](https://github.com/twbs/bootstrap), [jquery](https://github.com/jquery/jquery) and [prismjs](https://github.com/PrismJS/prism). Updates `bootstrap` from 3.4.1 to 5.0.0 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v3.4.1...v5.0.0) Updates `jquery` from 1.12.4 to 3.5.0 - [Release notes](https://github.com/jquery/jquery/releases) - [Changelog](https://github.com/jquery/jquery/blob/main/changelog.md) - [Commits](jquery/jquery@1.12.4...3.5.0) Updates `prismjs` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](PrismJS/prism@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: bootstrap dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: jquery dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: prismjs dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
pieterlukasse
force-pushed
the
2.15.0-DEV
branch
from
0ba76b1 to
49f4f94
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 3 updates in the / directory: bootstrap, jquery and prismjs.
Updates
bootstrapfrom 3.4.1 to 5.0.0Release notes
Sourced from bootstrap's releases.
... (truncated)
Commits
bf09367Release v5.0.0 (#33647)48ae5a7Rewrite migration guide (#33834)f086572refactor(docs): Added form file input variables (#33833)1a54286Fix doc typo and Bootstrap Icons link (#33832)e2df73fUpdate migration guide for some v5 changes (#33829)1e6356aNeutralise more words from placeholder text (#33731)6633845Bump eslint-config-xo from 0.35.0 to 0.36.0 (#33646)cb38744Tweak toast docs (#33810)c2ff225Bump rollup from 2.46.0 to 2.47.0 (#33818)c090ea2Bump@babel/preset-envfrom 7.14.0 to 7.14.1 (#33819)Updates
jqueryfrom 1.12.4 to 3.5.0Release notes
Sourced from jquery's releases.
Commits
7a0a8503.5.08570a08Release: Update AUTHORS.txtda3dd85Ajax: Do not execute scripts for unsuccessful HTTP responses065143cAjax: Overwrite s.contentType with content-type header value, if any1a4f10dTests: Blacklist one focusin test in IE9e15d6bEvent: Use only one focusin/out handler per matching window & document966a709Manipulation: Skip the select wrapper for <option> outside of IE 91d61fd9Manipulation: Make jQuery.htmlPrefilter an identity function04bf577Selector: Update Sizzle from 2.3.4 to 2.3.57506c9cBuild: Resolve Travis config warningsMaintainer changes
This version was pushed to npm by mgol, a new releaser for jquery since your current version.
Updates
prismjsfrom 1.29.0 to 1.30.0Release notes
Sourced from prismjs's releases.
Changelog
Sourced from prismjs's changelog.
Commits
76dde18Release 1.30.093cca40npm pkg fix99c5ca9Add release script8e8b935check that currentScript is set by a script tag (#3863)f894dc2Fix logo in the footerac38dceDelete CNAME9b5b09aEnable CORSMaintainer changes
This version was pushed to npm by dmitrysharabin, a new releaser for prismjs since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.