Bump the npm_and_yarn group with 9 updates #70
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 9 updates:
4.1.0
5.0.1
2.6.3
3.2.4
3.0.2
3.0.3
4.7.6
4.7.8
2.29.1
2.30.1
3.2.3
3.2.4
0.11.5
0.11.8
6.5.2
6.13.0
1.19.6
1.19.11
Updates
ansi-regex
from 4.1.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce
5.0.14657833
fix incorrect formatc3c0b3f
Fix potential ReDoS (#37)178363b
Move to GitHub Actions (#35)0755e66
Add@Qix
- to funding.yml2b56fb0
5.0.0f26f7fe
Meta tweakse77ea17
Add TypeScript definition (#32)166a0d5
Require Node.js 8f115fca
Tidelift tasksUpdates
async
from 2.6.3 to 3.2.4Changelog
Sourced from async's changelog.
... (truncated)
Commits
f3ab51a
Version 3.2.47ea2cec
Update built filesbef7bef
update changelog03eeab3
Bump yargs from 17.4.1 to 17.5.1 (#1843)387efcf
Bump eslint from 8.14.0 to 8.17.0 (#1849)131225a
Bump karma from 6.3.19 to 6.3.20 (#1844)4cfa89c
Bump eslint from 8.14.0 to 8.16.0 (#1845)90e940c
Bump rollup from 2.71.1 to 2.75.5 (#1846)dd72cf5
Bump@babel/eslint-parser
from 7.17.0 to 7.18.2 (#1847)4ae026e
Bump babel-minify from 0.5.1 to 0.5.2 (#1848)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
handlebars
from 4.7.6 to 4.7.8Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
Commits
8dc3d25
v4.7.8668c4fb
Fix browser tests in CI pipelinec65c6cc
Test on Node 183d3796c
Make library compatible with workers075b354
Fix sync issue with npm lock-file30dbf04
Fix compiling of each block params in strict modee3a5448
Fix bundler issue with webpack 58e23642
Fix integration-tests issue with npm >= 788ac068
use https instead of git for mustache submodulec68bc08
Fix typoMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
moment
from 2.29.1 to 2.30.1Changelog
Sourced from moment's changelog.
Commits
485d9a7
Build 2.30.1e048b09
Bump version to 2.30.1f9f2d58
Update changelog for 2.30.1a52ffb2
Revert "Merge pull request #5827 from BobZombie:feature/fix_d.ts"ddd6809
Build 2.30.0be64d00
Bump version to 2.30.0ad41179
Update changelog for 2.30.063fe479
[misc] Make code ES6 compatible0f0195f
Revert "Merge pull request #5599 from Alanscut:issue_4985"15b82f5
Revert "Merge pull request #5597 from Alanscut:issue-5596"Updates
nunjucks
from 3.2.3 to 3.2.4Release notes
Sourced from nunjucks's releases.
Changelog
Sourced from nunjucks's changelog.
Commits
86a77f4
Release v3.2.4ec16d21
fix: html encode backslashes if used with escape filter or autoescape (#1437)Updates
object-path
from 0.11.5 to 0.11.8Commits
Updates
qs
from 6.5.2 to 6.13.0Changelog
Sourced from qs's changelog.
... (truncated)
Commits
5cf516c
v6.13.08d56df2
[New]parse
: addstrictDepth
optionc9a6694
[Tests] usenpm audit
instead ofaud
f90cc35
v6.12.31bf9f7a
[Fix]parse
: properly account forstrictNullHandling
whenallowEmptyArrays
7ebf48b
[meta] fix changelog indentationd0dff11
v6.12.2f0b8d03
[Dev Deps] update@ljharb/eslint-config
,object-inspect
,tape
81835ff
[Fix]:parse
: parse encoded square bracketsdb47dcc
[readme] add CII best practices badgeUpdates
urijs
from 1.19.6 to 1.19.11Release notes
Sourced from urijs's releases.
Changelog
Sourced from urijs's changelog.
Commits
b655c1b
chore(build): bumping to version 1.19.11b0c9796
fix(parse): handle CR,LF,TAB88805fd
fix(parse): handle excessive slashes in scheme-relative URLs926b2aa
chore(build): bumping to version 1.19.10a8166fe
fix(parse): handle excessive colons in scheme delimiter01920b5
chore(build): bumping to version 1.19.986d1052
fix(parse): remove leading whitespaceefae1e5
chore(build): bumping to version 1.19.86ea641c
fix(parse): case insensitive scheme - #41219e54c7
chore(build): bumping to version 1.19.7Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.