-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group with 25 updates #34
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-70b237c20f
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 25 updates: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.10.5` | `7.24.5` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.0` | `4.2.3` | | [browserslist](https://github.com/browserslist/browserslist) | `4.13.0` | `4.23.0` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `6.5.5` | | [ini](https://github.com/npm/ini) | `1.3.5` | `1.3.8` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.19` | `4.17.21` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [nanoid](https://github.com/ai/nanoid) | `3.1.10` | `3.3.7` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.0` | `2.7.0` | | [parse-path](https://github.com/IonicaBizau/parse-path) | `4.0.1` | `7.0.0` | | [parse-url](https://github.com/IonicaBizau/parse-url) | `5.0.1` | `8.1.0` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `2.1.2` | `3.1.0` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.2` | `1.8.1` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` | | [terser](https://github.com/terser/terser) | `4.8.0` | `4.8.1` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.21` | `1.0.37` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `3.7.2` | `5.3.4` | | [ws](https://github.com/websockets/ws) | `6.2.1` | `7.5.9` | | [y18n](https://github.com/yargs/y18n) | `4.0.0` | `4.0.3` | Updates `@babel/traverse` from 7.10.5 to 7.24.5 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse) Updates `browserify-sign` from 4.2.0 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.0...v4.2.3) Updates `browserslist` from 4.13.0 to 4.23.0 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.13.0...4.23.0) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `elliptic` from 6.5.3 to 6.5.5 - [Commits](indutny/elliptic@v6.5.3...v6.5.5) Updates `ini` from 1.3.5 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.5...v1.3.8) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `lodash` from 4.17.19 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.19...4.17.21) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `nanoid` from 3.1.10 to 3.3.7 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.10...3.3.7) Updates `node-fetch` from 2.6.0 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.0...v2.7.0) Updates `parse-path` from 4.0.1 to 7.0.0 - [Release notes](https://github.com/IonicaBizau/parse-path/releases) - [Commits](IonicaBizau/parse-path@4.0.1...7.0.0) Updates `parse-url` from 5.0.1 to 8.1.0 - [Release notes](https://github.com/IonicaBizau/parse-url/releases) - [Commits](IonicaBizau/parse-url@5.0.1...8.1.0) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `serialize-javascript` from 2.1.2 to 3.1.0 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v2.1.2...v3.1.0) Updates `shell-quote` from 1.7.2 to 1.8.1 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.2...v1.8.1) Updates `ssri` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) Updates `terser` from 4.8.0 to 4.8.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.8.0...v4.8.1) Updates `ua-parser-js` from 0.7.21 to 1.0.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/1.0.37/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.21...1.0.37) Updates `webpack-dev-middleware` from 3.7.2 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.2...v5.3.4) Updates `ws` from 6.2.1 to 7.5.9 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...7.5.9) Updates `y18n` from 4.0.0 to 4.0.3 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md) - [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserslist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: parse-path dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: parse-url dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serialize-javascript dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update Javascript code
labels
May 1, 2024
This was referenced May 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update Javascript code
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 25 updates:
7.10.5
7.24.5
4.2.0
4.2.3
4.13.0
4.23.0
0.2.0
0.2.2
6.5.3
6.5.5
1.3.5
1.3.8
1.1.5
1.1.9
1.0.1
1.0.2
1.4.0
1.4.2
4.17.19
4.17.21
1.2.5
1.2.8
3.1.10
3.3.7
2.6.0
2.7.0
4.0.1
7.0.0
5.0.1
8.1.0
1.0.6
1.0.7
5.7.1
5.7.2
2.1.2
3.1.0
1.7.2
1.8.1
6.0.1
6.0.2
4.8.0
4.8.1
0.7.21
1.0.37
3.7.2
5.3.4
6.2.1
7.5.9
4.0.0
4.0.3
Updates
@babel/traverse
from 7.10.5 to 7.24.5Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
ddbea7d
v7.24.5e779cad
fix: TypeScript annotation affects output (#16377)ee48754
Use multiple TypeScript projects (#16430)4d8b2d0
MakeNodePath\<T | U>
distributive (#16439)a84ec28
Enableeqeqeq
rule (#16404)822b025
v7.24.1fc0d5ad
Update typescript and lint tools (#16351)69e7928
Consider well-known and registered symbols as literals (#16342)40110e9
Update source map deps (#16327)ce59160
v7.24.0Updates
browserify-sign
from 4.2.0 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
browserslist
from 4.13.0 to 4.23.0Release notes
Sourced from browserslist's releases.
Changelog
Sourced from browserslist's changelog.
... (truncated)
Commits
a23d971
Release 4.23 version61e7712
Update dependencies2c313aa
Add Github release workflow3caf908
Update CIb58ae05
feat: add BROWSERSLIST_ROOT_PATH (#819)8ddc4d8
Update grammar definition file (#817)65ad382
Release 4.22.3 version0efec9b
Add Node.js 21 to CIaaf5f2b
Update dependenciesa3ba90b
Updated regex to have the option of adding an extension after@companyName
bu...Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
elliptic
from 6.5.3 to 6.5.5Commits
7570078
6.5.5206da2e
lib: lint0a78e03
[Fix] restore node < 4 compat43ac7f2
6.5.4f4bc72b
package: bump deps441b742
ec: validate that a point before deriving keyse71b2d9
lib: relint using eslint8421a01
build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)Updates
ini
from 1.3.5 to 1.3.8Commits
a2c5da8
1.3.8af5c6bb
Do not use Object.create(null)8b648a1
don't test where our devdeps don't even workc74c8af
1.3.7024b8b5
update deps, add linting032fbaf
Use Object.create(null) to avoid default object property hazards2da9039
1.3.6cfea636
better git push script, before publish instead of after56d2805
do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Updates
ip
from 1.1.5 to 1.1.9Commits
1ecbf2f
1.1.96a3ada9
lib: fixed CVE-2023-42282 and added unit test5dc3b2f
1.1.88e6f28b
lib: even better node 6 support088c9e5
1.1.71a4ca35
lib: add back support for Node.js 6af82ef4
1.1.6dba19f6
package: exclude test folder from publishing7cd7f30
ci: use github workflows4de50ae
lib: node 18 supportUpdates
json5
from 1.0.1 to 1.0.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
... (truncated)
Commits
a62db1e
1.0.2e0c23fe
docs: update CHANGELOG for v1.0.262a6540
fix: add proto to objects and arraysUpdates
loader-utils
from 1.4.0 to 1.4.2Release notes
Sourced from loader-utils's releases.
Changelog
Sourced from loader-utils's changelog.
Commits
331ad50
chore(release): 1.4.217cbf8f
fix: ReDoS problem (#226)8f082b3
chore(release): 1.4.14504e34
fix: security problem (#220)Updates
lodash
from 4.17.19 to 4.17.21Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
minimist
from 1.2.5 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
nanoid
from 3.1.10 to 3.3.7Changelog
Sourced from nanoid's changelog.
... (truncated)
Commits
89d82d2
Release 3.3.7 version5022c35
Update dual-publish3e7a8e5
Remove benchmark from CI for v3d356144
Fix CI for v337b25df
Move to pnpm 8d96f392
Release 3.3.6 version8210dfb
Release 3.3.5 versionf083d01
Backport funding option9a967ea
Update dependencies21728dc
Update IE polyfill to fix last improve with reduce (#362)Updates
node-fetch
from 2.6.0 to 2.7.0Release notes
Sourced from node-fetch's releases.
... (truncated)
Commits
9b9d458
feat:AbortError
(#1744)65ae25a
fix: Remove the default connection close header (#1765)8bc3a7c
fix: socket variable testing for undefined (#1726)afb36f6
Revert "fix: handle bom in text and json (#1739)" (#1741)29909d7
fix: handle bom in text and json (#1739)70f592d
fix: "global is not defined" (#1704)0f1ebb0
Prevent error when response is null (#1699)6e9464d
ci(release): install dependenciesdd2a0ba
ci(release): install dependencies49bef02
ci(release): use latest Node LTS