[PR #1484] [MERGED] build(deps): Bump tar and bcrypt in /server #1311

New Issue

OVERLORD · 2026-02-04T22:02:52+03:00

OVERLORD commented

2026-02-04 22:02:52 +03:00

📋 Pull Request Information

Original PR: https://github.com/plankanban/planka/pull/1484
Author: @dependabot[bot]
Created: 1/17/2026
Status: ✅ Merged
Merged: 1/19/2026
Merged by: @meltyshev

Base: master ← Head: dependabot/npm_and_yarn/server/multi-516376c24b

📝 Commits (1)

38d319a build(deps): Bump tar and bcrypt in /server

📊 Changes

2 files changed (+23 additions, -367 deletions)

View changed files

📝 server/package-lock.json (+22 -366)
📝 server/package.json (+1 -1)

📄 Description

Removes tar. It's no longer used after updating ancestor dependency bcrypt. These dependencies need to be updated together.

Removes tar

Updates bcrypt from 5.1.1 to 6.0.0

Release notes

Sourced from bcrypt's releases.

v6.0.0

What's Changed

Include platform, arch, and libc in module path by @johanholmerin in kelektiv/node.bcrypt.js#1002

Remove node-pre-gyp, use prebuildify by @thom-nic in kelektiv/node.bcrypt.js#890

Add string encoding to README by @veigaribo in kelektiv/node.bcrypt.js#1009

Fix redefine variable in async_compare.js by @asportnoy in kelektiv/node.bcrypt.js#1045

fix/typo-overridden-word by @nikhilnishadoo7 in kelektiv/node.bcrypt.js#1043

fix:typo error in comments in bcrypt.js file by @alokranjan609 in kelektiv/node.bcrypt.js#1036

update libs for security reasons by @tbo47 in kelektiv/node.bcrypt.js#1049

Prepare for v6 by @recrsn in kelektiv/node.bcrypt.js#1186

New Contributors

@johanholmerin made their first contribution in kelektiv/node.bcrypt.js#1002

@thom-nic made their first contribution in kelektiv/node.bcrypt.js#890

@veigaribo made their first contribution in kelektiv/node.bcrypt.js#1009

@asportnoy made their first contribution in kelektiv/node.bcrypt.js#1045

@nikhilnishadoo7 made their first contribution in kelektiv/node.bcrypt.js#1043

@alokranjan609 made their first contribution in kelektiv/node.bcrypt.js#1036

@tbo47 made their first contribution in kelektiv/node.bcrypt.js#1049

Full Changelog: https://github.com/kelektiv/node.bcrypt.js/compare/v5.1.1...v6.0.0

Changelog

Sourced from bcrypt's changelog.

6.0.0 (2025-02-28)

Drop support for NodeJS <= 16

Remove node-pre-gyp in favor of prebuildify, prebuilt binaries are now shipped with the package

Update node-addon-api to 8.3.0

Update JS code to newer ES syntax

Commits

17894bd Merge pull request #1186 from recrsn/v6-release
473c150 Update changelog
7e93b78 Test package
8fc0cea Exclude Windows x86 as it is no longer supported
1bbb5ae Also compile linux against Node 18
5517028 Use Node 18/20 for macos/windows
271035a Modernize JS
efe4968 Prepare for v6
cf4269a Merge pull request #1049 from tbo47/update-libs
5e9afd4 Merge pull request #1036 from alokranjan609/fix/typo-in-comments
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/plankanban/planka/pull/1484 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 1/17/2026 **Status:** ✅ Merged **Merged:** 1/19/2026 **Merged by:** [@meltyshev](https://github.com/meltyshev) **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/server/multi-516376c24b` --- ### 📝 Commits (1) - [`38d319a`](https://github.com/plankanban/planka/commit/38d319a75b1674bd49ad94b8f0af91d51355136d) build(deps): Bump tar and bcrypt in /server ### 📊 Changes **2 files changed** (+23 additions, -367 deletions) <details> <summary>View changed files</summary> 📝 `server/package-lock.json` (+22 -366) 📝 `server/package.json` (+1 -1) </details> ### 📄 Description Removes [tar](https://github.com/isaacs/node-tar). It's no longer used after updating ancestor dependency [bcrypt](https://github.com/kelektiv/node.bcrypt.js). These dependencies need to be updated together. Removes `tar` Updates `bcrypt` from 5.1.1 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kelektiv/node.bcrypt.js/releases">bcrypt's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Include platform, arch, and libc in module path by <a href="https://github.com/johanholmerin"><code>@johanholmerin</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1002">kelektiv/node.bcrypt.js#1002</a></li> <li>Remove node-pre-gyp, use prebuildify by <a href="https://github.com/thom-nic"><code>@thom-nic</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/890">kelektiv/node.bcrypt.js#890</a></li> <li>Add string encoding to README by <a href="https://github.com/veigaribo"><code>@veigaribo</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1009">kelektiv/node.bcrypt.js#1009</a></li> <li>Fix redefine variable in async_compare.js by <a href="https://github.com/asportnoy"><code>@asportnoy</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1045">kelektiv/node.bcrypt.js#1045</a></li> <li>fix/typo-overridden-word by <a href="https://github.com/nikhilnishadoo7"><code>@nikhilnishadoo7</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1043">kelektiv/node.bcrypt.js#1043</a></li> <li>fix:typo error in comments in bcrypt.js file by <a href="https://github.com/alokranjan609"><code>@alokranjan609</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1036">kelektiv/node.bcrypt.js#1036</a></li> <li>update libs for security reasons by <a href="https://github.com/tbo47"><code>@tbo47</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1049">kelektiv/node.bcrypt.js#1049</a></li> <li>Prepare for v6 by <a href="https://github.com/recrsn"><code>@recrsn</code></a> in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1186">kelektiv/node.bcrypt.js#1186</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/johanholmerin"><code>@johanholmerin</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1002">kelektiv/node.bcrypt.js#1002</a></li> <li><a href="https://github.com/thom-nic"><code>@thom-nic</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/890">kelektiv/node.bcrypt.js#890</a></li> <li><a href="https://github.com/veigaribo"><code>@veigaribo</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1009">kelektiv/node.bcrypt.js#1009</a></li> <li><a href="https://github.com/asportnoy"><code>@asportnoy</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1045">kelektiv/node.bcrypt.js#1045</a></li> <li><a href="https://github.com/nikhilnishadoo7"><code>@nikhilnishadoo7</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1043">kelektiv/node.bcrypt.js#1043</a></li> <li><a href="https://github.com/alokranjan609"><code>@alokranjan609</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1036">kelektiv/node.bcrypt.js#1036</a></li> <li><a href="https://github.com/tbo47"><code>@tbo47</code></a> made their first contribution in <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/pull/1049">kelektiv/node.bcrypt.js#1049</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/kelektiv/node.bcrypt.js/compare/v5.1.1...v6.0.0">https://github.com/kelektiv/node.bcrypt.js/compare/v5.1.1...v6.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md">bcrypt's changelog</a>.</em></p> <blockquote> <h1>6.0.0 (2025-02-28)</h1> <ul> <li>Drop support for NodeJS <= 16</li> <li>Remove <code>node-pre-gyp</code> in favor of <code>prebuildify</code>, prebuilt binaries are now shipped with the package</li> <li>Update <code>node-addon-api</code> to 8.3.0</li> <li>Update JS code to newer ES syntax</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/17894bd434f2466a1dd1b1384c904a1aa1de9a32"><code>17894bd</code></a> Merge pull request <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/issues/1186">#1186</a> from recrsn/v6-release</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/473c150024037eb8de5f09d5cdf166884606ffcd"><code>473c150</code></a> Update changelog</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/7e93b789b54789f0e5c2b93c2aa02ff26cab14f6"><code>7e93b78</code></a> Test package</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/8fc0ceaf75b1a91fce8786339c94bb3163ec80b2"><code>8fc0cea</code></a> Exclude Windows x86 as it is no longer supported</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/1bbb5ae4456ed1c8458a0a22be538e0c2436ad91"><code>1bbb5ae</code></a> Also compile linux against Node 18</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/5517028ed3d484c9c75c3061cd7c8edc10ab5c9b"><code>5517028</code></a> Use Node 18/20 for macos/windows</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/271035aa7af11fc675040b9d635c0553663bd9cc"><code>271035a</code></a> Modernize JS</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/efe49688c47472265847c5ed522bc379af77fc9c"><code>efe4968</code></a> Prepare for v6</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/cf4269ab89ce3cc8b0891b26bc963898831bf16d"><code>cf4269a</code></a> Merge pull request <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/issues/1049">#1049</a> from tbo47/update-libs</li> <li><a href="https://github.com/kelektiv/node.bcrypt.js/commit/5e9afd418553766be8a1688395e3118f261825cd"><code>5e9afd4</code></a> Merge pull request <a href="https://redirect.github.com/kelektiv/node.bcrypt.js/issues/1036">#1036</a> from alokranjan609/fix/typo-in-comments</li> <li>Additional commits viewable in <a href="https://github.com/kelektiv/node.bcrypt.js/compare/v5.1.1...v6.0.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/plankanban/planka/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2026-02-04 22:02:52 +03:00

OVERLORD closed this issue

2026-02-04 22:02:54 +03:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#1311