Bump the npm_and_yarn group across 1 directory with 14 updates#2
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps the npm_and_yarn group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [bootstrap](https://github.com/twbs/bootstrap) | `4.0.0` | `4.3.1` | | [hoek](https://github.com/hapijs/hoek) | `5.0.3` | `6.1.3` | | [debug](https://github.com/debug-js/debug) | `2.6.8` | `2.6.9` | | [browser-sync](https://github.com/BrowserSync/browser-sync) | `2.24.5` | `2.29.3` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.23` | `0.10.64` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [gulp](https://github.com/gulpjs/gulp) | `3.9.1` | `4.0.2` | | [semver](https://github.com/npm/node-semver) | `5.4.1` | `5.7.2` | | [gulp-imagemin](https://github.com/sindresorhus/gulp-imagemin) | `4.1.0` | `9.0.0` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.3.2` | `` | | [gulp-sass](https://github.com/dlmanning/gulp-sass) | `4.0.1` | `5.1.0` | Updates `bootstrap` from 4.0.0 to 4.3.1 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v4.0.0...v4.3.1) Updates `hoek` from 5.0.3 to 6.1.3 - [Release notes](https://github.com/hapijs/hoek/releases) - [Commits](hapijs/hoek@v5.0.3...v6.1.3) Updates `debug` from 2.6.8 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.8...2.6.9) Updates `browser-sync` from 2.24.5 to 2.29.3 - [Release notes](https://github.com/BrowserSync/browser-sync/releases) - [Changelog](https://github.com/BrowserSync/browser-sync/blob/master/CHANGELOG.md) - [Commits](BrowserSync/browser-sync@v2.24.5...v2.29.3) Updates `es5-ext` from 0.10.23 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.23...v0.10.64) Updates `follow-redirects` from 1.5.0 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.0...v1.15.6) Updates `fsevents` from 1.1.1 to 2.3.3 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.1...v2.3.3) Updates `lodash` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `gulp` from 3.9.1 to 4.0.2 - [Release notes](https://github.com/gulpjs/gulp/releases) - [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md) - [Commits](gulpjs/gulp@v3.9.1...v4.0.2) Updates `qs` from 6.2.3 to 6.3.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.2.3...v6.3.2) Updates `semver` from 5.4.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.4.1...v5.7.2) Updates `gulp-imagemin` from 4.1.0 to 9.0.0 - [Release notes](https://github.com/sindresorhus/gulp-imagemin/releases) - [Commits](sindresorhus/gulp-imagemin@v4.1.0...v9.0.0) Removes `tough-cookie` Updates `gulp-sass` from 4.0.1 to 5.1.0 - [Release notes](https://github.com/dlmanning/gulp-sass/releases) - [Changelog](https://github.com/dlmanning/gulp-sass/blob/master/CHANGELOG.md) - [Commits](dlmanning/gulp-sass@v4.0.1...v5.1.0) --- updated-dependencies: - dependency-name: bootstrap dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: hoek dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: debug dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browser-sync dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gulp dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gulp-imagemin dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gulp-sass dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 11 updates in the / directory:
4.0.04.3.15.0.36.1.32.6.82.6.92.24.52.29.30.10.230.10.644.17.104.17.213.9.14.0.25.4.15.7.24.1.09.0.02.3.24.0.15.1.0Updates
bootstrapfrom 4.0.0 to 4.3.1Release notes
Sourced from bootstrap's releases.
... (truncated)
Commits
8fa0d30Release v4.3.1. (#28252)dae20daRemove unneeded glob. (#28249)10b97f6Fix npm package contents7bc4d2eAdd sanitize template option for tooltip/popover plugins.bf2515aUpdate RFS to v8.0.1 (#28245)45ced60Update font size (#28232)1ded0d6Release v4.3.0 (#28228)3aa0770docs snippets: a few more minor tweaks (#28225)adf16datoasts.md: Remove uselessdivs.2bfe581Remove stray parameter from capture.Maintainer changes
This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version.
Updates
hoekfrom 5.0.3 to 6.1.3Commits
47d63066.1.3eef9740cleanupfc934afCleanupf2eb7fdClone without prototype. Closes #2905bfe5b66.1.217fe9a1Revert all symbol handlings to false by default. Closes #283542939b6.1.1947a326Ignore symbols in deepEqual() by default. Closes #28127ac6306.1.0b3b5134Merge pull request #281 from kanongil/symbol-supportUpdates
debugfrom 2.6.8 to 2.6.9Release notes
Sourced from debug's releases.
Changelog
Sourced from debug's changelog.
Commits
13abeaeRelease 2.6.9f53962eremove ReDoS regexp in %o formatter (#504)Updates
browser-syncfrom 2.24.5 to 2.29.3Release notes
Sourced from browser-sync's releases.
... (truncated)
Commits
02efdffv2.29.362d906efix: append to head if body not present yet - fixes #2031 (#2041)f91440ev2.29.2d0c50e0deps: drop qs (#2040)6ffc212v2.29.17b07798v2.29.1-alpha.0497f216remove client depsbed04d4v2.29.087421b5fix: ie11 support (#2024)59eb01av2.28.3Updates
es5-extfrom 0.10.23 to 0.10.64Release notes
Sourced from es5-ext's releases.
... (truncated)
Changelog
Sourced from es5-ext's changelog.
... (truncated)
Commits
f76b03dchore: Release v0.10.642881acdchore: Bump dependenciesc2e2bb9fix: Revert update meant to fix Powershell issue, as it's a regression16f2b72docs: Fix date in the changelogde4e03cchore: Release v0.10.633fd53b7chore: Upgradelint-stagedto v13bf8ed79chore: Ensure postinstall script does not crash on Windows2cbbb07chore: Bump dependencies22d0416chore: Bump LICENSE yeara52e957fix: Support ES2015+ function definitions infunction#toStringTokens()Updates
follow-redirectsfrom 1.5.0 to 1.15.6Commits
35a517cRelease version 1.15.6 of the npm package.c4f847fDrop Proxy-Authorization across hosts.8526b4aUse GitHub for disclosure.b1677ceRelease version 1.15.5 of the npm package.d8914f7Preserve fragment in responseUrl.6585820Release version 1.15.4 of the npm package.7a6567eDisallow bracketed hostnames.05629afPrefer native URL instead of deprecated url.parse.1cba8e8Prefer native URL instead of legacy url.resolve.72bc2a4Simplify _processResponse error handling.Updates
fseventsfrom 1.1.1 to 2.3.3Release notes
Sourced from fsevents's releases.
... (truncated)
Commits
2db891eRelease v2.3.38ec87bfUpdate nodejs.yml (#392)c20c3afreadme63709dfMerge pull request #384 from aleksanb/subdirsa77340fHandle MustScanSubDirs for large projects66be519Update README.md (#371)2f2a858Update README.md (#364)a7f5d00Release v2.3.2fab136afix: issue #355 (#356)328ae39Release v2.3.1Maintainer changes
This version was pushed to npm by pipobscure, a new releaser for fsevents since your current version.
Updates
lodashfrom 4.17.10 to 4.17.21Commits
f299b52Bump to v4.17.21c4847ebImprove performance oftoNumber,trimandtrimEndon large input strings3469357Prevent command injection through_.template'svariableoptionded9bc6Bump to v4.17.20.63150efDocumentation fixes.00f0f62test.js: Remove trailing comma.846e434Temporarily use a custom fork oflodash-cli.5d046f3Re-enable Travis tests on4.17branch.aa816b3Remove/npm-package.d7fbc52Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
gulpfrom 3.9.1 to 4.0.2Release notes
Sourced from gulp's releases.
... (truncated)
Changelog
Sourced from gulp's changelog.
Commits
069350aRelease: 4.0.2b4b5a68Build: Add node 12 to Travis & Azure5667666Fix: Bind src/dest/symlink to the gulp instance to support esm exports (ref s...4091bd3Docs: Add notes about esm support (closes #2278)3c66d95Docs: Fix the Negative Globs section & examples (closes #2297)1693a11Docs: Remove next tag from recipes (closes #2277)d916276Docs: Add default task wrappers to Watching Files examples to make runnable (...ea52a92Docs: Fix syntax error in lastRun API docs (closes #2315)5d81f42Docs: Fix typo in Explaining Globs (#2326)ea3bba4Release: 4.0.1Updates
qsfrom 6.2.3 to 6.3.2Changelog
Sourced from qs's changelog.
Commits
9ee5612v6.3.20a63fc8[Tests] up tonodev7.7,v6.10,v4.8; disable osx builds since they b...8e1f3e7[Fix] support keys starting with brackets.febe81a[Fix] chmod a-xe54c5ec[Dev Deps] updateeslint8e2af08[Fix] followallowPrototypesoption during merge153ce84v6.3.1d73b7a6[Dev Deps] updateeslint,@ljharb/eslint-config,browserifybeade02[Fix] ensure thatallowPrototypes: falsedoes not ever shadow Object.protot...8bd4c6cDocument allowDots option for stringifyUpdates
semverfrom 5.4.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313chore: release 5.7.22f8fd41fix: better handling of whitespace (#585)deb5ad5chore:@npmcli/template-oss@4.16.0c83c18c5.7.1956e228Correct typo in README8055dda5.7.0604e73dauto-publishing scriptsbed01e2remove the nomin comments, since we don't minify any more anyway9cb68f1document parse method38d42ca5.7 changelogMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
gulp-imageminfrom 4.1.0 to 9.0.0Release notes
Sourced from gulp-imagemin's releases.
... (truncated)
Commits
7e6fcb09.0.070e07e8Require Node.js 182f7ecc98.0.01b4baf6Require Node.js 12.20 and move to ESMed39463Move to GitHub Actions (#351)8b40da0Update readme lossless note (#346)1cbb7c57.1.067cceb3Updateimagemin-gifsicleoptional dependency97432ea7.0.0aacca91Require Node.js 10Removes
tough-cookieUpdates
gulp-sassfrom 4.0.1 to 5.1.0Release notes
Sourced from gulp-sass's releases.