Skip to content

Commit

Permalink
[Snyk] Upgrade date-fns from 2.30.0 to 3.6.0 (#14)
Browse files Browse the repository at this point in the history 
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)


<h3>Snyk has created this PR to upgrade date-fns from 2.30.0 to
3.6.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.

<hr/>

⚠️ **Warning:** This PR contains major version upgrade(s), and may be a
breaking change.

- The recommended version is **21 versions** ahead of your current
version.

- The recommended version was released on **6 months ago**.



<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>date-fns</b></summary>
    <ul>
      <li>
<b>3.6.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.6.0">2024-03-18</a></br><p>On
this release worked <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a> and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/world1dan/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/world1dan">@ world1dan</a>. Also, thanks to <a
class="user-mention notranslate" data-hovercard-type="organization"
data-hovercard-url="/orgs/seated/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/seated">@
seated</a> <a href="https://github.com/sponsors/kossnocorp">for
sponsoring me</a>.</p>
<h3>Fixed</h3>
<ul>
<li><a href="date-fns/date-fns#3720"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3720/hovercard">Fixed weeks
in the Belarisuan locale's <code>formatDistance</code>.</a></li>
</ul>
<h3>Added</h3>
<ul>
<li><a href="date-fns/date-fns#3737"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3737/hovercard">Added CDN
versions of modules compatible with older browsers.</a> <a
href="https://date-fns.org/docs/CDN" rel="nofollow">See the CDN
guide.</a></li>
</ul>
      </li>
      <li>
<b>3.5.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.5.0">2024-03-15</a></br><p>Kudos
to <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/fturmel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/fturmel">@ fturmel</a>, <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/makstyle119/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/makstyle119">@ makstyle119</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/tan75/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/tan75">@
tan75</a>, <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/marcreichel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/marcreichel">@ marcreichel</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/tareknatsheh/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/tareknatsheh">@ tareknatsheh</a> and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/audunru/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/audunru">@ audunru</a> for working on the
release. Also, thanks to <a class="user-mention notranslate"
data-hovercard-type="organization"
data-hovercard-url="/orgs/seated/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/seated">@
seated</a> <a href="https://github.com/sponsors/kossnocorp">for
sponsoring me</a>.</p>
<h3>Fixed</h3>
<ul>
<li>
<p><a href="date-fns/date-fns#3730"
data-hovercard-type="issue"
data-hovercard-url="/date-fns/date-fns/issues/3730/hovercard">Fixed
functions that use current date internally and made them work with date
extensions like <code>UTCDate</code>.</a></p>
</li>
<li>
<p><a
href="https://github.com/date-fns/date-fns/commit/882ced61c692c7c4a79eaaec6eb07cb9c8c9195b">Fixed
<code>daysToWeeks</code> returning negative 0.</a></p>
</li>
<li>
<p><a href="date-fns/date-fns#3715"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3715/hovercard">Fixed German
grammar for the "half a minute" string.</a></p>
</li>
</ul>
<h3>Added</h3>
<ul>
<li>
<p><a href="date-fns/date-fns#3724"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3724/hovercard">Added the
Northern Sámi (<code>se</code>) locale.</a></p>
</li>
<li>
<p>Added the <code>constructNow</code> function that creates the current
date using the passed reference date's constructor.</p>
</li>
</ul>
      </li>
      <li>
<b>3.4.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.4.0">2024-03-11</a></br><p>Kudos
to <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/sakamossan/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/sakamossan">@ sakamossan</a>, and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/Revan99/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/Revan99">@ Revan99</a> for working on the
release. Also, thanks to <a class="user-mention notranslate"
data-hovercard-type="organization"
data-hovercard-url="/orgs/seated/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/seated">@
seated</a> for sponsoring me.</p>
<h3>Added</h3>
<ul>
<li>
<p><a href="date-fns/date-fns#2752"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/2752/hovercard">Added
<code>roundToNearestHours</code> function.</a></p>
</li>
<li>
<p><a href="date-fns/date-fns#3421"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3421/hovercard">Added
Central Kurdish (<code>ckb</code>) locale.</a></p>
</li>
</ul>
      </li>
      <li>
<b>3.3.1</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.3.1">2024-01-22</a></br><p>Kudos
to <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a> and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/fturmel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/fturmel">@ fturmel</a> for working on the
release.</p>
<h3>Fixed</h3>
<ul>
<li>
<p>Fixed DST issue in <code>getOverlappingDaysInIntervals</code>,
resulting in an inconsistent number of days returned for intervals
starting and ending in different DST periods.</p>
</li>
<li>
<p>Fixed functions incorrectly using <code>trunc</code> instead of
<code>round</code>. The bug was introduced in v3.3.0. The affected
functions: <code>differenceInCalendarDays</code>,
<code>differenceInCalendarISOWeeks</code>,
<code>differenceInCalendarWeeks</code>, <code>getISOWeek</code>,
<code>getWeek</code>, and <code>getISOWeeksInYear</code>.</p>
</li>
</ul>
      </li>
      <li>
<b>3.3.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.3.0">2024-01-20</a></br><p>On
this release worked <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/TheKvikk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/TheKvikk">@ TheKvikk</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/fturmel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/fturmel">@ fturmel</a> and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ckcherry23/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/ckcherry23">@ ckcherry23</a>.</p>
<h3>Fixed</h3>
<ul>
<li>
<p>Fixed the bug in <code>getOverlappingDaysInIntervals</code> caused by
incorrect sorting of interval components that led to 0 for timestamps of
different lengths.</p>
</li>
<li>
<p>Fixed bugs when working with negative numbers caused by using
<code>Math.floor</code> (<code>-1.1</code> → <code>-2</code>) instead of
<code>Math.trunc</code> (<code>-1.1</code> → <code>-1</code>). Most of
the conversion functions (i.e., <code>hoursToMinutes</code>) were
affected when passing some negative fractional input. Also, some other
functions that could be possibly affected by unfortunate timezone/date
combinations were fixed.</p>
<p>The functions that were affected: <code>format</code>,
<code>parse</code>, <code>getUnixTime</code>, <code>daysToWeeks</code>,
<code>hoursToMilliseconds</code>, <code>hoursToMinutes</code>,
<code>hoursToSeconds</code>, <code>milliseconds</code>,
<code>minutesToMilliseconds</code>, <code>millisecondsToMinutes</code>,
<code>monthsToYears</code>, <code>millisecondsToHours</code>,
<code>millisecondsToSeconds</code>, <code>minutesToHours</code>,
<code>minutesToSeconds</code>, <code>yearsToQuarters</code>,
<code>yearsToMonths</code>, <code>yearsToDays</code>,
<code>weeksToDays</code>, <code>secondsToMinutes</code>,
<code>secondsToHours</code>, <code>quartersToYears</code>,
<code>quartersToMonths</code> and <code>monthsToQuarters</code>.</p>
</li>
<li>
<p><a href="date-fns/date-fns#3269"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3269/hovercard">Fixed the
Czech locale's <code>formatDistance</code> to include <code>1</code> in
<code>formatDistance</code>.</a></p>
</li>
<li>
<p>Fixed <code>differenceInSeconds</code> and other functions relying on
rounding options that can produce a negative 0.</p>
</li>
<li>
<p><a href="date-fns/date-fns#3662"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3662/hovercard">Added a
preprocessor to the locales API, enabling fixing a long-standing bug in
the French locale.</a> (<a
href="date-fns/date-fns#1391"
data-hovercard-type="issue"
data-hovercard-url="/date-fns/date-fns/issues/1391/hovercard">#1391</a>)</p>
</li>
<li>
<p>Added missing <code>yearsToDays</code> to the FP submodule.</p>
</li>
<li>
<p>Made functions using rounding methods always return <code>0</code>
instead of <code>-0</code>.</p>
</li>
</ul>
<h3>Added</h3>
<ul>
<li><a href="date-fns/date-fns#3653"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3653/hovercard">Added
<code>format</code> alias <code>formatDate</code> with corresponding
<code>FormatDateOptions</code> interface</a>.</li>
</ul>
      </li>
      <li>
<b>3.2.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.2.0">2024-01-09</a></br><p>This
release is brought to you by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/fturmel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/fturmel">@ fturmel</a>, <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/grossbart/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/grossbart">@ grossbart</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MelvinVermeer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/MelvinVermeer">@ MelvinVermeer</a>, and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/jcarstairs-scottlogic/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/jcarstairs-scottlogic">@
jcarstairs-scottlogic</a>.</p>
<h3>Fixed</h3>
<ul>
<li>
<p>Fixed types compatibility with Lodash's <code>flow</code> and fp-ts's
<code>pipe</code>. (<a
href="date-fns/date-fns#3641"
data-hovercard-type="issue"
data-hovercard-url="/date-fns/date-fns/issues/3641/hovercard">#3641</a>)</p>
</li>
<li>
<p><a href="date-fns/date-fns#3132"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3132/hovercard">Fixed
inconsistent behavior of <code>roundToNearestMinutes</code>.</a></p>
</li>
</ul>
<h3>Added</h3>
<ul>
<li>Added exports of <code>format</code>, <code>lightFormat</code>, and
<code>parse</code> internals that enable 3rd-parties to consume
those.</li>
</ul>
      </li>
      <li>
<b>3.1.0</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.1.0">2024-01-05</a></br><p>This
release is brought to you by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/kossnocorp/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/kossnocorp">@ kossnocorp</a>, <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/makstyle119/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/makstyle119">@ makstyle119</a> and <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/dmgawel/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/dmgawel">@ dmgawel</a>.</p>
<h3>Fixed</h3>
<ul>
<li><a href="date-fns/date-fns#3448"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3448/hovercard">Fixed the
plural form of weeks in Swedish</a>.</li>
</ul>
<h3>Added</h3>
<ul>
<li>
<p><a href="date-fns/date-fns#3540"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3540/hovercard">Added
<code>yearsToDays</code> function</a>.</p>
</li>
<li>
<p>Added a warning about using protected tokens like <code>Y</code> or
<code>D</code> without passing a corresponding option. <a
href="date-fns/date-fns#2950"
data-hovercard-type="issue"
data-hovercard-url="/date-fns/date-fns/issues/2950/hovercard">See
#2950</a>.</p>
</li>
</ul>
      </li>
      <li>
<b>3.0.6</b> - <a
href="https://github.com/date-fns/date-fns/releases/tag/v3.0.6">2023-12-22</a></br><p>On
this release worked <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/imwh0im/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/imwh0im">@ imwh0im</a>, <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/jamcry/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/jamcry">@
jamcry</a> and <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/tyrw/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self" href="https://github.com/tyrw">@
tyrw</a>.</p>
<h3>Fixed</h3>
<ul>
<li><a href="date-fns/date-fns#3628"
data-hovercard-type="pull_request"
data-hovercard-url="/date-fns/date-fns/pull/3628/hovercard">Fixed bug in
<code>areIntervalsOverlapping</code> caused by incorrect sorting</a> (<a
href="date-fns/date-fns#3614"
data-hovercard-type="issue"
data-hovercard-url="/date-fns/date-fns/issues/3614/hovercard">#3614</a>)</li>
</ul>
      </li>
      <li>
        <b>3.0.5</b> - 2023-12-21
      </li>
      <li>
        <b>3.0.4</b> - 2023-12-21
      </li>
      <li>
        <b>3.0.3</b> - 2023-12-21
      </li>
      <li>
        <b>3.0.2</b> - 2023-12-21
      </li>
      <li>
        <b>3.0.2-rc.1</b> - 2023-12-20
      </li>
      <li>
        <b>3.0.1</b> - 2023-12-19
      </li>
      <li>
        <b>3.0.1-rc.1</b> - 2023-12-19
      </li>
      <li>
        <b>3.0.0</b> - 2023-12-18
      </li>
      <li>
        <b>3.0.0-rc.2</b> - 2023-12-04
      </li>
      <li>
        <b>3.0.0-rc.1</b> - 2023-12-03
      </li>
      <li>
        <b>3.0.0-beta.1</b> - 2023-12-03
      </li>
      <li>
        <b>3.0.0-alpha.2</b> - 2023-12-02
      </li>
      <li>
        <b>3.0.0-alpha.1</b> - 2023-11-15
      </li>
      <li>
        <b>2.30.0</b> - 2023-04-30
      </li>
    </ul>
from <a href="https://github.com/date-fns/date-fns/releases">date-fns
GitHub release notes</a>
  </details>
</details>

---

> [!IMPORTANT]
>
> - **Warning:** This PR contains a major version upgrade, and may be a
breaking change.
> - Check the changes in this PR to ensure they won't cause issues with
your project.
> - This PR was automatically created by Snyk using the credentials of a
real user.

---

**Note:** _You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs._

**For more information:** <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIzYjQ2NmZkZC1kZGVkLTQyZWMtOGMxMS1iM2NlNGVjMThmNTUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjNiNDY2ZmRkLWRkZWQtNDJlYy04YzExLWIzY2U0ZWMxOGY1NSJ9fQ=="
width="0" height="0"/>

> - 🧐 [View latest project
report](https://app.snyk.io/org/otherguy/project/8757423a-894a-444c-ba30-fe625db0d474?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 📜 [Customise PR
templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
> - 🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/otherguy/project/8757423a-894a-444c-ba30-fe625db0d474/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/otherguy/project/8757423a-894a-444c-ba30-fe625db0d474/settings/integration?pkg&#x3D;date-fns&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

[//]: #
'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"date-fns","from":"2.30.0","to":"3.6.0"}],"env":"prod","hasFixes":false,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[],"prId":"3b466fdd-dded-42ec-8c11-b3ce4ec18f55","prPublicId":"3b466fdd-dded-42ec-8c11-b3ce4ec18f55","packageManager":"npm","priorityScoreList":[],"projectPublicId":"8757423a-894a-444c-ba30-fe625db0d474","projectUrl":"https://app.snyk.io/org/otherguy/project/8757423a-894a-444c-ba30-fe625db0d474?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":21,"publishedDate":"2024-03-18T01:32:48.324Z"},"vulns":[]}'

Co-authored-by: snyk-bot <[email protected]>
  • Loading branch information
@otherguy @snyk-bot
otherguy and snyk-bot authored Oct 1, 2024
1 parent 8962b75 commit 03670e8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
"reportFile": "test-report.xml"
},
"dependencies": {
"date-fns": "^2.30.0",
"date-fns": "^3.6.0",
"date-fns-tz": "^3.1.3",
"elysia": "^0.8.17"
},
Expand Down

0 comments on commit 03670e8

Please sign in to comment.