Bump datatables.net-dt from 1.13.4 to 2.0.7 in /components#10147
Bump datatables.net-dt from 1.13.4 to 2.0.7 in /components#10147dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [datatables.net-dt](https://github.com/DataTables/Dist-DataTables-DataTables) from 1.13.4 to 2.0.7. - [Release notes](https://github.com/DataTables/Dist-DataTables-DataTables/releases) - [Commits](DataTables/Dist-DataTables-DataTables@1.13.4...2.0.7) --- updated-dependencies: - dependency-name: datatables.net-dt dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Summary: The code changes in this pull request primarily focus on updating the versions of the From an application security perspective, it is important to review the release notes and change logs for the new versions of these dependencies to ensure that there are no known security vulnerabilities that have been addressed. Additionally, it is recommended to thoroughly test the application after the library updates to ensure that the changes do not introduce any unintended behavior or security issues. While the version updates do not immediately raise any major security concerns, it is always crucial to stay vigilant and review the changes carefully, especially for security-critical components, to maintain the overall security posture of the application. Files Changed:
Powered by DryRun Security |
|
Superseded by #10297. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/components/dev/datatables.net-dt-2.0.7
branch
Bumps datatables.net-dt from 1.13.4 to 2.0.7.
Release notes
Sourced from datatables.net-dt's releases.
Commits
8970e73Sync tag release - 2.0.7e11813a2dbfcaac1f25b06c8aba6e9233eda9a22c8b1d32 Release 2.0.7e952dac40bc402b50f69e37be92b0f22ced34e9ab095471 Fix: Processing element could be clo...1c386352126267999007dd1c95b2cb727a35be5cd75b8e7 Fix: Scrolling misalignment due to i...653e4de3b1818412093adfa54e35a2004ac8b298054a6fe DOC spelling mistake fix in the docs2d29215Sync tag release - 2.0.6c8672fbc779e7a1a5d00821b2a50438fc3eb62b77673b5e Release 2.0.655a86fef177bf68c48474da299b8339e672e3035aed45a0 Fix: A\<table>inside the first ro...781712fc5082522d26409699bb6f505e2f2f6bb544de125 Performance: Do not apply sort when ...24c9776fb843bc457eab49d77b7c0765239685f15bf3b26 Examples: Ensure that jQuery is not ...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)