Bump datatables.net from 1.13.4 to 2.0.8 in /components

[dependabot]

Bumps datatables.net from 1.13.4 to 2.0.8.

Release notes

Sourced from datatables.net's releases.

1.13.11

DataTables 1.13.11

Commits

• fd6230a Sync tag release - 2.0.8
• 1e90363 6abcccb9c0eae8042ed0ee1a7d199b8d1f81f417 Release 2.0.8
• 1aa43d2 81ad6956b1f59cd1fec4ec9310f5e9f635b0c93c Dev: Support for loading plugins in ...
• 5955366 5409cb063df85deaaf952d962333cef6e061f4d3 Fix: :visible on its own as a colu...
• d980044 51b19797b71eb355e827d02e3be041ed9ec999b7 Fix: Selector row indexes from the A...
• 2880044 7060769a9e52d1c4766a799e5e20e43a3bb77e85 Fix: Error when checking isShown()...
• 3b005a0 Sync tag release - 2.0.7
• c27b00b 2dbfcaac1f25b06c8aba6e9233eda9a22c8b1d32 Release 2.0.7
• 73095e1 40bc402b50f69e37be92b0f22ced34e9ab095471 Fix: Processing element could be clo...
• bc454cd 2126267999007dd1c95b2cb727a35be5cd75b8e7 Fix: Scrolling misalignment due to i...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Configured Codepaths Analyzer	✅	0 findings
Sensitive Files Analyzer	❕	1 finding
AppSec Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The provided code changes involve updating the version of the datatables.net dependency in the project's package.json and yarn.lock files. This is a significant version bump, going from 1.13.4 to 2.0.8, which may introduce changes in functionality or API. From an application security perspective, it's important to review the release notes and change logs for the new version to understand if there are any security-related fixes or improvements. Additionally, thorough testing should be conducted to ensure that the application's functionality and security posture have not been compromised by the dependency update.

Files Changed:

1. components/package.json: The datatables.net dependency has been updated from version ^1.13.4 to ^2.0.8. This is a significant version bump that should be reviewed carefully to ensure that the new version is compatible with the rest of the project's codebase and does not introduce any known security vulnerabilities. It's also recommended to regularly audit the project's dependencies for known security issues using tools like npm audit or yarn audit.

2. components/yarn.lock: This file indicates that the version of the datatables.net dependency has been updated from 1.13.4 to 2.0.8. As with the package.json change, it's important to review the release notes and change logs for the new version to understand if there are any security-related fixes or improvements, and to thoroughly test the application after the dependency update to ensure that there are no regressions or unexpected behavior.

Powered by DryRun Security

[mtesauro]

Related to #10152

[dependabot]

Superseded by #10631.