Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump @mui/x-date-pickers from 6.20.2 to 7.22.1 in /demos/jans-tarp #10012

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump @mui/x-date-pickers from 6.20.2 to 7.22.1 in /demos/jans-tarp #10012

wants to merge 1 commit into from
+1 −1

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2024

Bumps @mui/x-date-pickers from 6.20.2 to 7.22.1.

Release notes

Sourced from @​mui/x-date-pickers's releases.

v7.22.1

Nov 1, 2024

We'd like to offer a big thanks to the 7 contributors who made this release possible. Here are some highlights ✨:

  • 🐞 Bugfixes
  • 📚 Documentation improvements
  • 🌍 Improve Polish (pl-PL) locale on the Date Pickers

Special thanks go out to the community contributors who have helped make this release possible: @​wojtkolos, @​dpak-maurya, @​k-rajat19. Following are all team members who have contributed to this release: @​LukasTy, @​arminmeh, @​MBilalShafi, @​KenanYusuf, @​flaviendelangle.

Data Grid

@mui/[email protected]

@mui/[email protected] pro

Same changes as in @mui/[email protected], plus:

@mui/[email protected] premium

Date and Time Pickers

@mui/[email protected]

@mui/[email protected] pro

Same changes as in @mui/[email protected].

Tree View

@mui/[email protected]

... (truncated)

Changelog

Sourced from @​mui/x-date-pickers's changelog.

7.22.1

Nov 1, 2024

We'd like to offer a big thanks to the 7 contributors who made this release possible. Here are some highlights ✨:

  • 🐞 Bugfixes
  • 📚 Documentation improvements
  • 🌍 Improve Polish (pl-PL) locale on the Date Pickers

Special thanks go out to the community contributors who have helped make this release possible: @​wojtkolos, @​dpak-maurya, @​k-rajat19. Following are all team members who have contributed to this release: @​LukasTy, @​arminmeh, @​MBilalShafi, @​KenanYusuf, @​flaviendelangle.

Data Grid

@mui/[email protected]

@mui/[email protected] pro

Same changes as in @mui/[email protected], plus:

@mui/[email protected] premium

Date and Time Pickers

@mui/[email protected]

@mui/[email protected] pro

Same changes as in @mui/[email protected].

Tree View

@mui/[email protected]

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump @mui/x-date-pickers in /demos/jans-tarp
0298746 
Bumps [@mui/x-date-pickers](https://github.com/mui/mui-x/tree/HEAD/packages/x-date-pickers) from 6.20.2 to 7.22.1.
- [Release notes](https://github.com/mui/mui-x/releases)
- [Changelog](https://github.com/mui/mui-x/blob/v7.22.1/CHANGELOG.md)
- [Commits](https://github.com/mui/mui-x/commits/v7.22.1/packages/x-date-pickers)

---
updated-dependencies:
- dependency-name: "@mui/x-date-pickers"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from duttarnab as a code owner November 1, 2024 10:40
@dependabot dependabot bot added javascript Pull requests that update Javascript code kind-dependencies Pull requests that update a dependency file labels Nov 1, 2024
@dependabot dependabot bot mentioned this pull request Nov 1, 2024
Closed
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 1, 2024

DryRun Security Summary

The pull request updates the @mui/x-date-pickers dependency in the package.json file from version 6.19.5 to 7.22.1, which is a major version update that may include breaking changes and should be reviewed and tested to ensure no security vulnerabilities or unintended consequences are introduced.

Expand for full summary

Summary:

The code change in this pull request updates the version of the @mui/x-date-pickers dependency in the package.json file from 6.19.5 to 7.22.1. This is a major version update, which may include breaking changes that could impact the application's functionality. As an application security engineer, it's important to review this change and ensure that the update does not introduce any security vulnerabilities or unintended consequences.

The key points to consider are:

  1. Dependency Update: Keeping dependencies up-to-date is a security best practice, as newer versions often include bug fixes and security patches. Regularly updating dependencies helps mitigate potential vulnerabilities in the application.

  2. Semantic Versioning: The major version update (from 6.x to 7.x) may include breaking changes, which could impact the application's functionality. It's crucial to thoroughly test the application after updating a major dependency to ensure everything is working as expected.

  3. Release Notes: When updating a dependency, it's recommended to review the release notes or change log to understand what has changed, including any security-related fixes or improvements. This can help assess the impact of the update and identify any potential security implications.

  4. Dependency Audit: In addition to updating dependencies, it's important to regularly audit the application's dependencies for known vulnerabilities using tools like npm audit or yarn audit. This can help identify and address any security issues in the dependencies.

Files Changed:

  • demos/jans-tarp/package.json: This file has been updated to change the version of the @mui/x-date-pickers dependency from 6.19.5 to 7.22.1. This is a major version update that should be thoroughly reviewed and tested to ensure the application's functionality is not impacted.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Sensitive Files Analyzer 1 finding

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@duttarnab duttarnab Awaiting requested review from duttarnab duttarnab is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
javascript Pull requests that update Javascript code kind-dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants