Skip to content

[Snyk] Upgrade @formatjs/intl-locale from 2.4.21 to 2.4.36 #5109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
snyk-bot wants to merge 1 commit into from
Closed

[Snyk] Upgrade @formatjs/intl-locale from 2.4.21 to 2.4.36 #5109

snyk-bot wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Sep 6, 2021

Snyk has created this PR to upgrade @formatjs/intl-locale from 2.4.21 to 2.4.36.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 15 versions ahead of your current version.
  • The recommended version was released 23 days ago, on 2021-08-15.
Release notes
Package name: @formatjs/intl-locale
  • 2.4.36 - 2021-08-15
  • 2.4.35 - 2021-08-06
  • 2.4.34 - 2021-07-24
  • 2.4.33 - 2021-06-26
  • 2.4.32 - 2021-06-05
  • 2.4.31 - 2021-06-05
  • 2.4.30 - 2021-06-04
  • 2.4.29 - 2021-06-01
  • 2.4.28 - 2021-05-23
  • 2.4.27 - 2021-05-20
  • 2.4.26 - 2021-05-17
  • 2.4.25 - 2021-05-14
  • 2.4.24 - 2021-05-10
  • 2.4.23 - 2021-04-26
  • 2.4.22 - 2021-04-12
  • 2.4.21 - 2021-03-26
from @formatjs/intl-locale GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot snyk-bot requested a review from a team as a code owner September 6, 2021 20:04
@MelvinBot MelvinBot requested review from Beamanator and removed request for a team September 6, 2021 20:04
@Beamanator
Copy link
Contributor

Beamanator commented Sep 7, 2021

I looked at a few releases here and found the notes to mostly be Note: Version bump only for package @formatjs/intl-locale

I think nothing of interest changed, so might as well bump the version

@Beamanator
Copy link
Contributor

Beamanator commented Sep 7, 2021

I guess this isn't fixing any vulnerability, so @marcaaron do you think I should just close this? (coming from your comment here)

@Beamanator Beamanator added Weekly KSv2 and removed Weekly KSv2 labels Sep 7, 2021
@marcaaron
Copy link
Contributor

marcaaron commented Sep 7, 2021

Closing because I don't think Snyk should be creating PRs and might mean someone accidentally enabled this feature.

@marcaaron marcaaron closed this Sep 7, 2021
@marcaaron
Copy link
Contributor

marcaaron commented Sep 7, 2021

I am actually confused about why these PRs are being created. We should only update dependencies that have medium-high vulnerabilities. AFAIK this process has not changed. Which means someone accidentally turned on the auto-fix PRs or there's something wrong with Synk's service or something else...

@Beamanator
Copy link
Contributor

Beamanator commented Sep 8, 2021

Yeah I was reading that and got a bit confused since these PRs didn't mention anything about vulnerabilities, just version bumps

@flodnv flodnv deleted the snyk-upgrade-e557f97bc30a27f62584c6314c342ab3 branch February 17, 2023 19:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Beamanator Beamanator Beamanator approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@snyk-bot @Beamanator @marcaaron