Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion)
from 1.1.11 to 1.1.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/juliangruber/brace-expansion/releases">brace-expansion's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.12</h2>
<ul>
<li>pkg: publish on tag 1.x c460dbd</li>
<li>fmt ccb8ac6</li>
<li>Fix potential ReDoS Vulnerability or Inefficient Regular Expression
(<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)
c3c73c8</li>
</ul>
<hr />
<p><a
href="https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12">https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c85b8ad3f5"><code>c85b8ad</code></a>
4.0.1</li>
<li><a
href="5a5cc176c0"><code>5a5cc17</code></a>
fmt</li>
<li><a
href="0b6a9781e1"><code>0b6a978</code></a>
Fix potential ReDoS Vulnerability or Inefficient Regular Expression (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)</li>
<li><a
href="6a39bdddcf"><code>6a39bdd</code></a>
4.0.0</li>
<li><a
href="dd72a59047"><code>dd72a59</code></a>
fmt</li>
<li><a
href="278132b187"><code>278132b</code></a>
feat: use string replaces instead of splits (<a
href="https://redirect.github.com/juliangruber/brace-expansion/issues/64">#64</a>)</li>
<li><a
href="70e4c1baf9"><code>70e4c1b</code></a>
add <code>tea.yaml</code></li>
<li><a
href="b01a637b05"><code>b01a637</code></a>
3.0.0</li>
<li><a
href="9e781e913f"><code>9e781e9</code></a>
node 16 is EOL</li>
<li><a
href="6dad2093f8"><code>6dad209</code></a>
docs</li>
<li>Additional commits viewable in <a
href="https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Unleash/unleash/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This removes a strategy that was already deprecated, but only for new
installations.
I tested starting with an installation with this strategy being used and
then updating, and I was still able to edit the strategy, so this should
not impact current users.
On a fresh install the strategy is no longer available.
---------
Co-authored-by: Nuno Góis <github@nunogois.com>
## About the changes
Our health implementation always returns GOOD if the server is up:
beb29f5b5b/src/lib/routes/health-check.ts (L46-L51)
Currently our documentation of the endpoint is misleading saying that it
will return BAD if unable to connect to PostgreSQL
Closes#9965
Bumps [image-size](https://github.com/image-size/image-size) from 1.1.1
to 1.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/image-size/image-size/releases">image-size's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.1</h2>
<h2>Fixes</h2>
<ul>
<li>fix potential Denial of Service via specially crafted payloads in <a
href="640a67d9e8</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/image-size/image-size/compare/v1.2.0...v1.2.1">https://github.com/image-size/image-size/compare/v1.2.0...v1.2.1</a></p>
<h2>v1.2.0</h2>
<p>This release adds support for JPEG-XL ( <a
href="https://redirect.github.com/image-size/image-size/issues/409">#409</a>
)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a4178fbb33"><code>a4178fb</code></a>
1.2.1</li>
<li><a
href="640a67d9e8"><code>640a67d</code></a>
fix potential Denial of Service via specially crafted payloads</li>
<li><a
href="9d41448d78"><code>9d41448</code></a>
1.2.0</li>
<li><a
href="405a244dae"><code>405a244</code></a>
fixups</li>
<li><a
href="76c5c9a8aa"><code>76c5c9a</code></a>
mention jpeg-xl in the readme</li>
<li><a
href="a10262c7c3"><code>a10262c</code></a>
Add support for JPEG XL (<a
href="https://redirect.github.com/image-size/image-size/issues/409">#409</a>)</li>
<li><a
href="a7a24a3fc4"><code>a7a24a3</code></a>
(app): Fix typo in comments (<a
href="https://redirect.github.com/image-size/image-size/issues/411">#411</a>)</li>
<li><a
href="9f482134b3"><code>9f48213</code></a>
update dependencies, and reformat code with eslint 9</li>
<li><a
href="64dda84cca"><code>64dda84</code></a>
refactor formats that use a ISO-BMFF container</li>
<li><a
href="e3ea53801d"><code>e3ea538</code></a>
no need to create hex strings in j2c</li>
<li>Additional commits viewable in <a
href="https://github.com/image-size/image-size/compare/v1.1.1...v1.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Unleash/unleash/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR starts an ADR for logging levels, and how to make your
coworkers' days who are on-call less noisy.
This is my initial suggestion. Please feel free to help me with fleshing
out both the table for what log levels means to you or if you disagree
with what I've put as a background.
My impression is that we are pretty good at this, but we could be
better, and having an ADR to lean on when pushing back on PR's log
levels could help us.
Thanks to @kwasniew for the push to start the ADR.
Examples:
*
038c10f612/src/lib/db/account-store.ts (L164-L173)
And probably the storeFootprint method in our
client-feature-toggle-delta
*
038c10f612/src/lib/features/client-feature-toggles/delta/client-feature-toggle-delta.ts (L363-L370)
*
293304a5d6/src/traffic-data/traffic-data-usage-service.ts (L69)
---------
Co-authored-by: Melinda Fekete <melinda.fekete@getunleash.io>
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->
## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->
[Preview
Link](https://unleash-docs-git-use-case-security-v2-unleash-team.vercel.app/feature-flag-tutorials/use-cases/security-and-compliance)
Created a use case on Feature Flag Security & Compliance for
Enterprises.
WIP in this PR:
- [x] Transferring diagrams from [Google
Doc](https://docs.google.com/document/d/1uA5Xb2NOdJjqwleicS_u088YXLCm81Y6norJzEYlwuE/edit?tab=t.0)
to this document
- [x] Add in remaining images/screenshots used as seen in Google Docs
<!-- Does it close an issue? Multiple? -->
Closes #
<!-- (For internal contributors): Does it relate to an issue on public
roadmap? -->
<!--
Relates to [roadmap](https://github.com/orgs/Unleash/projects/10) item:
#
-->
### Important files
<!-- PRs can contain a lot of changes, but not all changes are equally
important. Where should a reviewer start looking to get an overview of
the changes? Are any files particularly important? -->
## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->
So far, we will consider Unleash Edge for data privacy topic for a quick
2nd iteration or altogether separate piece.
---------
Co-authored-by: Melinda Fekete <melinda.fekete@getunleash.io>
Co-authored-by: Gastón Fournier <gaston@getunleash.io>
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.29.0 to 1.30.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/PrismJS/prism/releases">prismjs's
releases</a>.</em></p>
<blockquote>
<h2>v1.30.0</h2>
<h2>What's Changed</h2>
<ul>
<li>check that <code>currentScript</code> is set by a script tag by <a
href="https://github.com/lkuechler"><code>@lkuechler</code></a> in <a
href="https://redirect.github.com/PrismJS/prism/pull/3863">PrismJS/prism#3863</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lkuechler"><code>@lkuechler</code></a>
made their first contribution in <a
href="https://redirect.github.com/PrismJS/prism/pull/3863">PrismJS/prism#3863</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0">https://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/PrismJS/prism/blob/master/CHANGELOG.md">prismjs's
changelog</a>.</em></p>
<blockquote>
<h1>Prism Changelog</h1>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="76dde18a57"><code>76dde18</code></a>
Release 1.30.0</li>
<li><a
href="93cca40b36"><code>93cca40</code></a>
npm pkg fix</li>
<li><a
href="99c5ca970f"><code>99c5ca9</code></a>
Add release script</li>
<li><a
href="8e8b9352da"><code>8e8b935</code></a>
check that currentScript is set by a script tag (<a
href="https://redirect.github.com/PrismJS/prism/issues/3863">#3863</a>)</li>
<li><a
href="f894dc2cbb"><code>f894dc2</code></a>
Fix logo in the footer</li>
<li><a
href="ac38dcec9b"><code>ac38dce</code></a>
Delete CNAME</li>
<li><a
href="9b5b09aef4"><code>9b5b09a</code></a>
Enable CORS</li>
<li>See full diff in <a
href="https://github.com/PrismJS/prism/compare/v1.29.0...v1.30.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~dmitrysharabin">dmitrysharabin</a>, a new
releaser for prismjs since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Unleash/unleash/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
