Skip to content

Bump esbuild and @dfinity/identity in /archive/motoko/ios-notifications/dapp-demo #1092

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump esbuild and @dfinity/identity in /archive/motoko/ios-notifications/dapp-demo #1092

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 10, 2025

Removes esbuild. It's no longer used after updating ancestor dependency @dfinity/identity. These dependencies need to be updated together.

Removes esbuild

Updates @dfinity/identity from 0.14.0 to 2.3.0

Release notes

Sourced from @​dfinity/identity's releases.

Release 2.3.0

What's Changed

FetchRootKey

  • refactors logic so that fetchrootkey is awaited before the first async call is made if shouldFetchRootKey is set. This resolves potential race conditions during local development

ReadState Expiry Rollback

  • rolls back an intermittent bug introduced in v2.1.3, where a re-used readstate request would be sent with a mismatching ingress_expiry for a re-used signature. Should reduce the frequency of Invalid Signature errors. An improved strategy will be released in a future update

SyncTime

  • HttpAgent now uses an anonymous identity for syncTime calls, which the replica will allow to have an invalid ingress_expiry provided. This (at last) allows clients with clocks diverging by >5 minutes to sync their time with the replica and behave normally

Enhanced Errors

  • HttpAgent Errors now include more useful information when thrown, including the signature, the request id, the public key, and a stack trace. The agent's ObservableLog utility is now also exported, and can be used for testing or independently. Reminder that the log exists! You can subscribe to events in the agent, and it is helpful for debugging

New Contributors

Full Changelog: dfinity/agent-js@v2.2.0...v2.3.0

Release 2.2.0

What's Changed

Minor stability and documentation changes.

Shouldn't lead to any issues when updating, but tagged as a minor version due to changing the return types in pollForResponse from any to undefined of #958 .

Last release planned for 2024 - see you all in the new year!

... (truncated)

Changelog

Sourced from @​dfinity/identity's changelog.

[2.3.0] - 2025-02-07

Added

  • shouldFetchRootKey option added to HttpAgent constructor
  • ci: adds BOT_APPROVED_FILES config

Changed

  • feat: HttpAgent uses anonymous identity to make syncTime call, which can allow readState calls to work beyond 5 minutes
  • chore: bumps .nvmrc and nodejs version in CI to 22
  • HttpAgent now awaits fetching rootkey before making network calls if shouldFetchRootKey is set
  • chore: npm audit fixes
  • feat: enhanced details in agent call, query, and read_state errors
    • error now includes hex encoded response, requestId, sender_pubkey, and sender_sig in addition to message for improved debugging process

[2.2.1] - 2025-02-07

Changed

  • fix: reverts read_state polling expiry changes due to mismatched signature introduced in 2.1.3. Polling will re-use the original request as before, up to the point where the request expires

[2.2.0] - 2024-12-12

Added

  • fix: target_canister is used only for install_chunked_code of management canister, complying with internet computer specification
  • feat: Add support for effective target canister ID in management canister calls.

Changed

  • chore: pins nanoid dev dependency version to override warning
  • chore: Removes warning that users found unhelpful, when a message originates from other sources than the identity provider in AuthClient during authentication.
  • chore: fixes typo in DelegationIdentity jsdoc comment
  • chore: Removes warning that users found unhelpful, when a message originates from other sources than the identity provider in AuthClient during authentication.
  • fix: Make pollForResponse typesafe to avoid exceptions from unknown requests

[2.1.3] - 2024-10-23

Added

  • feat: allow for setting HttpAgent ingress expiry using ingressExpiryInMinutes option

  • feat: improved assertion options for agent errors using prototype, name, and instanceof

Changed

  • test: automatically deploys trap canister if it doesn't exist yet during e2e
  • fix: handle v3 traps correctly, pulling the reject_code and message from the certificate in the error response like v2. Example trap error message:

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump esbuild and @dfinity/identity
3a402a8 
Removes [esbuild](https://github.com/evanw/esbuild). It's no longer used after updating ancestor dependency [@dfinity/identity](https://github.com/dfinity/agent-js/tree/HEAD/packages/identity). These dependencies need to be updated together.


Removes `esbuild`

Updates `@dfinity/identity` from 0.14.0 to 2.3.0
- [Release notes](https://github.com/dfinity/agent-js/releases)
- [Changelog](https://github.com/dfinity/agent-js/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/dfinity/agent-js/commits/v2.3.0/packages/identity)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-type: indirect
- dependency-name: "@dfinity/identity"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner February 10, 2025 22:05
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants