Bump ip from 1.1.8 to 1.1.9 in /js/react_native/e2e #19583
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9. - [Commits](indutny/node-ip@v1.1.8...v1.1.9) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
/azp run Windows ARM64 QNN CI Pipeline,Windows x64 QNN CI Pipeline,Windows CPU CI Pipeline,Windows GPU CI Pipeline,Windows GPU TensorRT CI Pipeline,ONNX Runtime Web CI Pipeline,Linux CPU CI Pipeline,Linux CPU Minimal Build E2E CI Pipeline,Linux GPU CI Pipeline,Linux GPU TensorRT CI Pipeline |
|
/azp run Linux OpenVINO CI Pipeline,Linux QNN CI Pipeline,MacOS CI Pipeline,orttraining-amd-gpu-ci-pipeline,orttraining-linux-ci-pipeline,orttraining-linux-gpu-ci-pipeline,orttraining-ortmodule-distributed,onnxruntime-python-checks-ci-pipeline,onnxruntime-binary-size-checks-ci-pipeline,Big Models |
|
/azp run Android CI Pipeline,iOS CI Pipeline,ONNX Runtime React Native CI Pipeline |
fs-eire
approved these changes
Feb 21, 2024
|
Azure Pipelines successfully started running 3 pipeline(s). |
|
@dependabot squash and merge |
|
Azure Pipelines successfully started running 9 pipeline(s). |
|
One of your CI runs failed on this pull request, so Dependabot won't merge it. Dependabot will still automatically merge this pull request if you amend it and your tests pass. |
|
/azp run Windows ARM64 QNN CI Pipeline,Windows x64 QNN CI Pipeline,Windows CPU CI Pipeline,Windows GPU CI Pipeline,Windows GPU TensorRT CI Pipeline,ONNX Runtime Web CI Pipeline,Linux CPU CI Pipeline,Linux CPU Minimal Build E2E CI Pipeline,Linux GPU CI Pipeline,Linux GPU TensorRT CI Pipeline |
|
/azp run orttraining-amd-gpu-ci-pipeline,onnxruntime-python-checks-ci-pipeline,Android CI Pipeline,iOS CI Pipeline,ONNX Runtime React Native CI Pipeline |
|
Azure Pipelines successfully started running 4 pipeline(s). |
|
Azure Pipelines successfully started running 10 pipeline(s). |
fs-eire
deleted the
dependabot/npm_and_yarn/js/react_native/e2e/ip-1.1.9
branch
fs-eire
pushed a commit
that referenced
this pull request
Mar 15, 2024
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/node-ip/commit/1ecbf2fd8c0cc85e44c3b587d2de641f50dc0217"><code>1ecbf2f</code></a> 1.1.9</li> <li><a href="https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894"><code>6a3ada9</code></a> lib: fixed CVE-2023-42282 and added unit test</li> <li>See full diff in <a href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) Dependabot will merge this PR once CI passes on it, as requested by @fs-eire. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/onnxruntime/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fs-eire
pushed a commit
that referenced
this pull request
Mar 15, 2024
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/node-ip/commit/1ecbf2fd8c0cc85e44c3b587d2de641f50dc0217"><code>1ecbf2f</code></a> 1.1.9</li> <li><a href="https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894"><code>6a3ada9</code></a> lib: fixed CVE-2023-42282 and added unit test</li> <li>See full diff in <a href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) Dependabot will merge this PR once CI passes on it, as requested by @fs-eire. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/onnxruntime/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
YUNQIUGUO
pushed a commit
that referenced
this pull request
Mar 29, 2024
### Description This PR is a preview of cherry-picks for ort-web to `rel-1.17.3` based on `rel-1.17.2`. <details> <summary>Changes of ort-web to cherry-pick</summary> The following commits are from main branch. `o` stands for pick, and `x` stands for skip. ``` o 2e0a388 [js/webgpu] Add HardSigmoid support (#19215) o d226e40 [js/webgpu] set query type in onRunStart (#19202) o 61610ff [js/webgpu] Add FusedConv clip test case (#18900) o a33b5bd [JS/WebGPU] Added Uniforms to SkipLayerNorm. (#18788) o 591f90c [js/webgpu] Fix issue of timestamp query (#19258) o 7252c6e [WebNN EP] Support WebNN async API with Asyncify (#19145) o 5b06505 [js/webgpu] Fix Tanh explosion (#19201) o 656ca66 [js/webgpu] Support uniforms for conv, conv transpose, conv grouped (#18753) o a3f0e24 [js/webgpu] Support f16 uniform (#19098) o 9e69606 fix f16 for attention, enable slice and flatten for more types (#19262) o 624b4e2 [js/webgpu] Remove enableShapesUniforms (#19279) o 90883a3 [js/webgpu] Add hardSigmoid activation for fusedConv (#19233) o 85cef0a [js/webgpu] Support capture and replay for jsep (#18989) o d73131c [js/webgpu] Use DataType as uniform cpu type (#19281) o dd1f6cc [js/webgpu] resolve codescan alert (#19343) o 3a2ab19 [js/webgpu] Refactor createTensorShapeVariables (#18883) o efc17e7 [js/webgpu] Fix the undefined push error (#19366) x 50806a7 [js/web] support external data in npm test (#19377) o ccbe264 [js/webgpu] Add LeakyRelu activation for fusedConv (#19369) o 5ff27ef [js/webgpu] support customop FastGelu (#19392) x 03be65e [js/web] fix types exports in package.json (#19458) o 06269a3 [js/webgpu] allow uint8 tensors for webgpu (#19545) o dfeda90 [JS/WebGPU] Add MatMulNBits (#19446) o 1b48054 [js/webgpu] Create Split indices helpers by rank, not by shape (#19554) o 3fe2c13 [js] small fix to workaround formatter (#19400) x 70567a4 [js/web] use ApiTensor insteadof onnxjs Tensor in TensorResultValidator (#19358) o 6e04e36 [js/common] upgrade tsc in common from 4.9.5 to 5.2.2 (#19317) o 58f4921 [js] changes to allow Float16Array if any polyfill is available (#19305) o 57d6819 [js/web] Fix fused-conv is not included in npm test (#19581) o ebd220b Misspelling in README.md (#19433) o 38c3432 Bump ip from 1.1.8 to 1.1.9 in /js/react_native (#19582) o fe82fcc [js/webgpu] Fix Conv2DTransposeMatMul f16 compilation failure (#19596) o 76a2a48 Bump ip from 1.1.8 to 1.1.9 in /js/react_native/e2e (#19583) o 29b1106 [node] Switch to setImmediate to avoid starving the Node.js event loop (#19610) o ae3d73c [JS/WebGPU] Fix Split and Where to handle corner cases. (#19613) o aec2389 [js/webgpu] allows a ProgramInfo's RunData to use zero sized output (#19614) o bb43a0f [js/webgpu] minor fixes to make tinyllama work (#19564) o 0edb035 [js/web] fix suite test list for zero sized tensor (#19638) o 3cb81cd [js/common] move 'env.wasm.trace' to 'env.trace' (#19617) o e30618d [js/webgpu] use Headless for webgpu test by default (#19702) o f06164e [js/web] transfer input buffer back to caller thread (#19677) x a788514 [js/web] dump debug logs for karma for diagnose purpose (#19785) o 24b72d2 [JS/WebGPU] Preserve zero size input tensor dims. (#19737) o 4538d31 [js/webgpu] expose a few properties in WebGPU API (#19857) o 53de2d8 [js/webgpu] Enable GroupedConvVectorize path (#19791) o ed250b8 [JS/WebGPU] Optimize MatMulNBits (#19852) x e771a76 [js/test] align web test runner flags with ort.env (#19790) o 79e50ae [js/web] rewrite backend resolve to allow multiple EPs (#19735) o acb0df2 Fix #19931 broken Get Started link of "ONNX Runtime JavaScript API" page (#19932) o b29849a [js/common] fix typedoc warnings (#19933) o afdab62 Bump follow-redirects from 1.15.4 to 1.15.6 in /js/web (#19949) o 28ad6c3 Bump follow-redirects from 1.15.4 to 1.15.6 in /js/node (#19951) o 7e0d424 accumulate in fp32 for Reduce* (#19868) o 4c6a6a3 [js/webgpu] Fix NAN caused by un-initialized buffer in instance-norm (#19387) o 01c7aaf [js/webgpu] allow setting env.webgpu.adapter (#19940) o c45cff6 [js/webgpu] fix maxpool / fp16 (#19981) ``` </details> <details> <summary>Cherry-pick commandlines</summary> ```sh git cherry-pick 2e0a388 git cherry-pick d226e40 git cherry-pick 61610ff git cherry-pick a33b5bd git cherry-pick 591f90c git cherry-pick 7252c6e git cherry-pick 5b06505 git cherry-pick 656ca66 git cherry-pick a3f0e24 git cherry-pick 9e69606 git cherry-pick 624b4e2 git cherry-pick 90883a3 git cherry-pick 85cef0a #<<<<< Note: conflicts git cherry-pick d73131c git cherry-pick dd1f6cc git cherry-pick 3a2ab19 git cherry-pick efc17e7 git cherry-pick ccbe264 git cherry-pick 5ff27ef git cherry-pick 06269a3 git cherry-pick dfeda90 git cherry-pick 1b48054 git cherry-pick 3fe2c13 git cherry-pick 6e04e36 git cherry-pick 58f4921 git cherry-pick 57d6819 git cherry-pick ebd220b git cherry-pick 38c3432 git cherry-pick fe82fcc git cherry-pick 76a2a48 git cherry-pick 29b1106 git cherry-pick ae3d73c git cherry-pick aec2389 git cherry-pick bb43a0f git cherry-pick 0edb035 git cherry-pick 3cb81cd git cherry-pick e30618d git cherry-pick f06164e git cherry-pick 24b72d2 git cherry-pick 4538d31 git cherry-pick 53de2d8 git cherry-pick ed250b8 git cherry-pick 79e50ae git cherry-pick acb0df2 git cherry-pick b29849a git cherry-pick afdab62 git cherry-pick 28ad6c3 git cherry-pick 7e0d424 git cherry-pick 4c6a6a3 git cherry-pick 01c7aaf git cherry-pick c45cff6 ``` </details> <details> <summary>Cherry-pick conflicts</summary> - 85cef0a #18989 this change is for enabling graph capture feature for JSEP, and it is done after ROCM EP enabled graph capture feature. However, the ROCM EP graph capture feature is not cherry-picked in rel-1.17.2. </details> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Jiajia Qin <[email protected]> Co-authored-by: Xu Xing <[email protected]> Co-authored-by: satyajandhyala <[email protected]> Co-authored-by: Yang Gu <[email protected]> Co-authored-by: Wanming Lin <[email protected]> Co-authored-by: Jiajie Hu <[email protected]> Co-authored-by: Guenther Schmuelling <[email protected]> Co-authored-by: Matttttt <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Segev Finer <[email protected]> Co-authored-by: Belem Zhang <[email protected]>
siweic0
pushed a commit
to siweic0/onnxruntime-web
that referenced
this pull request
May 9, 2024
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.8 to 1.1.9. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/node-ip/commit/1ecbf2fd8c0cc85e44c3b587d2de641f50dc0217"><code>1ecbf2f</code></a> 1.1.9</li> <li><a href="https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894"><code>6a3ada9</code></a> lib: fixed CVE-2023-42282 and added unit test</li> <li>See full diff in <a href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) Dependabot will merge this PR once CI passes on it, as requested by @fs-eire. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/onnxruntime/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps ip from 1.1.8 to 1.1.9.
Commits
1ecbf2f1.1.96a3ada9lib: fixed CVE-2023-42282 and added unit testDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot will merge this PR once CI passes on it, as requested by @fs-eire.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.