Skip to content

Bump pathval from 1.1.0 to 1.1.1 in /example#368

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/example/pathval-1.1.1
Open

Bump pathval from 1.1.0 to 1.1.1 in /example#368
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/example/pathval-1.1.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2022
edited
Loading

Bumps pathval from 1.1.0 to 1.1.1.

Release notes

Sourced from pathval's releases.

v1.1.1

Fixes a security issue around prototype pollution.

Commits
  • db6c3e3 chore: v1.1.1
  • 7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution
  • 49ce1f4 style: correct rule in package.json
  • c77b9d2 fix: prototype pollution vulnerability + working tests
  • 49031e4 chore: remove very old nodejs
  • 57730a9 chore: update deps and tool configuration
  • a123018 Merge pull request #55 from chaijs/remove-lgtm
  • 07eb4a8 Delete MAINTAINERS
  • a0147cd Merge pull request #54 from astorije/patch-1
  • aebb278 Center repo name on README
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by chai, a new releaser for pathval since your current version.


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 11, 2022
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 2 times, most recently from 68e761d to 32112fa Compare February 16, 2022 08:21
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 3 times, most recently from 2c84713 to 57c6aa0 Compare May 20, 2022 11:43
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 2 times, most recently from d6e5f14 to 29a21ef Compare June 8, 2022 14:47
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 2 times, most recently from 1a0d4bc to 59db715 Compare July 29, 2022 18:56
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 3 times, most recently from 841a4ab to 545d741 Compare August 24, 2022 19:41
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from 545d741 to a69d351 Compare September 9, 2022 13:30
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from a69d351 to acf4702 Compare September 30, 2022 13:37
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from acf4702 to d4f5910 Compare November 27, 2022 16:46
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from d4f5910 to 2a9d873 Compare December 8, 2022 22:20
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from 2a9d873 to df89375 Compare December 19, 2022 13:20
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from df89375 to 80e55c6 Compare February 6, 2023 01:45
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch 2 times, most recently from 5a774ad to fbec2d4 Compare March 10, 2023 13:26
@dependabot
Bump pathval from 1.1.0 to 1.1.1 in /example
b4a5f28 
Bumps [pathval](https://github.com/chaijs/pathval) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/chaijs/pathval/releases)
- [Changelog](https://github.com/chaijs/pathval/blob/master/CHANGELOG.md)
- [Commits](chaijs/pathval@v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: pathval
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/example/pathval-1.1.1 branch from fbec2d4 to b4a5f28 Compare March 27, 2023 22:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants