Bump the npm_and_yarn group across 1 directory with 30 updates#3
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 30 updates#3dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 23 updates in the / directory: | Package | From | To | | --- | --- | --- | | [bootstrap](https://github.com/twbs/bootstrap) | `4.0.0` | `4.3.1` | | [hoek](https://github.com/hapijs/hoek) | `5.0.3` | `6.1.3` | | [chownr](https://github.com/isaacs/chownr) | `1.0.1` | `1.1.4` | | [clean-css](https://github.com/clean-css/clean-css) | `4.1.3` | `4.1.11` | | [concat-with-sourcemaps](https://github.com/floridoo/concat-with-sourcemaps) | `1.0.4` | `1.1.0` | | [debug](https://github.com/debug-js/debug) | `2.6.8` | `2.6.9` | | [browser-sync](https://github.com/BrowserSync/browser-sync) | `2.24.5` | `2.29.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.23` | `0.10.64` | | [extend](https://github.com/justmoon/node-extend) | `2.0.1` | `2.0.2` | | [fstream](https://github.com/npm/fstream) | `1.0.11` | `1.0.12` | | [is-my-json-valid](https://github.com/mafintosh/is-my-json-valid) | `2.16.0` | `2.20.6` | | [is-url](https://github.com/segmentio/is-url) | `1.2.2` | `1.2.4` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [gulp](https://github.com/gulpjs/gulp) | `3.9.1` | `5.0.0` | | [macaddress](https://github.com/scravy/node-macaddress) | `0.2.8` | `0.2.9` | | [no-case](https://github.com/blakeembrey/change-case) | `2.3.1` | `2.3.2` | | [request](https://github.com/request/request) | `2.79.0` | `removed` | | [gulp-sass](https://github.com/dlmanning/gulp-sass) | `4.0.1` | `5.1.0` | | [semver](https://github.com/npm/node-semver) | `4.3.6` | `5.7.2` | | [gulp-imagemin](https://github.com/sindresorhus/gulp-imagemin) | `4.1.0` | `9.0.0` | Updates `bootstrap` from 4.0.0 to 4.3.1 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v4.0.0...v4.3.1) Updates `hoek` from 5.0.3 to 6.1.3 - [Release notes](https://github.com/hapijs/hoek/releases) - [Commits](hapijs/hoek@v5.0.3...v6.1.3) Updates `chownr` from 1.0.1 to 1.1.4 - [Commits](isaacs/chownr@v1.0.1...v1.1.4) Updates `clean-css` from 4.1.3 to 4.1.11 - [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md) - [Commits](clean-css/clean-css@v4.1.3...v4.1.11) Updates `concat-with-sourcemaps` from 1.0.4 to 1.1.0 - [Commits](https://github.com/floridoo/concat-with-sourcemaps/commits) Updates `debug` from 2.6.8 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.8...2.6.9) Updates `browser-sync` from 2.24.5 to 2.29.3 - [Release notes](https://github.com/BrowserSync/browser-sync/releases) - [Changelog](https://github.com/BrowserSync/browser-sync/blob/master/CHANGELOG.md) - [Commits](BrowserSync/browser-sync@v2.24.5...v2.29.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `engine.io` from 3.2.0 to 6.5.4 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@3.2.0...6.5.4) Updates `es5-ext` from 0.10.23 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.23...v0.10.64) Updates `extend` from 2.0.1 to 2.0.2 - [Changelog](https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md) - [Commits](justmoon/node-extend@v2.0.1...v2.0.2) Updates `follow-redirects` from 1.5.0 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.0...v1.15.6) Updates `fsevents` from 1.1.1 to 2.3.3 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.1...v2.3.3) Updates `fstream` from 1.0.11 to 1.0.12 - [Commits](npm/fstream@v1.0.11...v1.0.12) Updates `is-my-json-valid` from 2.16.0 to 2.20.6 - [Commits](mafintosh/is-my-json-valid@v2.16.0...v2.20.6) Updates `is-url` from 1.2.2 to 1.2.4 - [Changelog](https://github.com/segmentio/is-url/blob/master/History.md) - [Commits](segmentio/is-url@v1.2.2...v1.2.4) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `lodash` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `gulp` from 3.9.1 to 5.0.0 - [Release notes](https://github.com/gulpjs/gulp/releases) - [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md) - [Commits](gulpjs/gulp@v3.9.1...v5.0.0) Updates `macaddress` from 0.2.8 to 0.2.9 - [Release notes](https://github.com/scravy/node-macaddress/releases) - [Commits](scravy/node-macaddress@0.2.8...0.2.9) Updates `no-case` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/blakeembrey/change-case/releases) - [Commits](https://github.com/blakeembrey/change-case/commits) Updates `qs` from 6.2.3 to 6.3.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.2.3...v6.3.2) Removes `request` Updates `gulp-sass` from 4.0.1 to 5.1.0 - [Release notes](https://github.com/dlmanning/gulp-sass/releases) - [Changelog](https://github.com/dlmanning/gulp-sass/blob/master/CHANGELOG.md) - [Commits](dlmanning/gulp-sass@v4.0.1...v5.1.0) Updates `semver` from 4.3.6 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v4.3.6...v5.7.2) Updates `gulp-imagemin` from 4.1.0 to 9.0.0 - [Release notes](https://github.com/sindresorhus/gulp-imagemin/releases) - [Commits](sindresorhus/gulp-imagemin@v4.1.0...v9.0.0) Updates `socket.io-parser` from 3.1.3 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@3.1.3...4.2.4) Updates `tunnel-agent` from 0.4.3 to 0.6.0 - [Commits](request/tunnel-agent@v0.4.3...v0.6.0) Updates `ua-parser-js` from 0.7.17 to 1.0.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/1.0.37/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.17...1.0.37) --- updated-dependencies: - dependency-name: bootstrap dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: hoek dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: chownr dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: clean-css dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: concat-with-sourcemaps dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: debug dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browser-sync dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: extend dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fstream dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: is-my-json-valid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: is-url dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: gulp dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: macaddress dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: no-case dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: gulp-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: gulp-imagemin dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tunnel-agent dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 23 updates in the / directory:
4.0.04.3.15.0.36.1.31.0.11.1.44.1.34.1.111.0.41.1.02.6.82.6.92.24.52.29.30.2.00.2.20.10.230.10.642.0.12.0.21.0.111.0.122.16.02.20.61.2.21.2.40.2.30.4.01.4.11.4.24.17.104.17.213.9.15.0.00.2.80.2.92.3.12.3.22.79.0removed4.0.15.1.04.3.65.7.24.1.09.0.0Updates
bootstrapfrom 4.0.0 to 4.3.1Release notes
Sourced from bootstrap's releases.
... (truncated)
Commits
8fa0d30Release v4.3.1. (#28252)dae20daRemove unneeded glob. (#28249)10b97f6Fix npm package contents7bc4d2eAdd sanitize template option for tooltip/popover plugins.bf2515aUpdate RFS to v8.0.1 (#28245)45ced60Update font size (#28232)1ded0d6Release v4.3.0 (#28228)3aa0770docs snippets: a few more minor tweaks (#28225)adf16datoasts.md: Remove uselessdivs.2bfe581Remove stray parameter from capture.Maintainer changes
This version was pushed to npm by xhmikosr, a new releaser for bootstrap since your current version.
Updates
hoekfrom 5.0.3 to 6.1.3Commits
47d63066.1.3eef9740cleanupfc934afCleanupf2eb7fdClone without prototype. Closes #2905bfe5b66.1.217fe9a1Revert all symbol handlings to false by default. Closes #283542939b6.1.1947a326Ignore symbols in deepEqual() by default. Closes #28127ac6306.1.0b3b5134Merge pull request #281 from kanongil/symbol-supportUpdates
chownrfrom 1.0.1 to 1.1.4Commits
814f6421.1.4a0d7ae0push to github before npm1a3667aignore stuff147eac4Full tests, handle errors properly in many cases578fb9fupdate tap, fix rimraf version5bbda8cfeat: ignore ENOENT errors during chowndeaa0581.1.3190e311Don't early-capture the fs.lchownSync methoddf2826apush to git with 1 command, not 2cf3b27b1.1.2Updates
clean-cssfrom 4.1.3 to 4.1.11Changelog
Sourced from clean-css's changelog.
Commits
7812d59Version 4.1.11.0440b4aFixes ReDOS vulnerabilities.c601ebdVersion 4.1.10.9e0a38eFixes #1006 - handling invalid input source maps.913d72cFixes #1008 - edge case in breaking upfont.bedd8a9Adds@abarrefix to #1001 to release notes.e944a2b#1001 Fix corrupted state of tokenizer (#1010)8be4084Fixes #989 - edge case in removing unused at-rules.21a5df0Fixes #988 - edge case in droppinganimation-duration.5f6cbc6Version 4.1.9.Updates
concat-with-sourcemapsfrom 1.0.4 to 1.1.0Commits
Maintainer changes
This version was pushed to npm by floridoo, a new releaser for concat-with-sourcemaps since your current version.
Updates
debugfrom 2.6.8 to 2.6.9Release notes
Sourced from debug's releases.
Changelog
Sourced from debug's changelog.
Commits
13abeaeRelease 2.6.9f53962eremove ReDoS regexp in %o formatter (#504)Updates
browser-syncfrom 2.24.5 to 2.29.3Release notes
Sourced from browser-sync's releases.
... (truncated)
Commits
02efdffv2.29.362d906efix: append to head if body not present yet - fixes #2031 (#2041)f91440ev2.29.2d0c50e0deps: drop qs (#2040)6ffc212v2.29.17b07798v2.29.1-alpha.0497f216remove client depsbed04d4v2.29.087421b5fix: ie11 support (#2024)59eb01av2.28.3Updates
decode-uri-componentfrom 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea460.2.2980e0bfPrevent overwriting previously decoded tokens3c8a3730.2.176abc93Switch to GitHub workflows746ca5dFix issue where decode throws - fixes #6486d7e2Update license (#1)a650457Tidelift tasks66e1c28Meta tweaksUpdates
engine.iofrom 3.2.0 to 6.5.4Release notes
Sourced from engine.io's releases.
... (truncated)
Changelog
Sourced from engine.io's changelog.
... (truncated)
Commits
ff0fbfbchore(release): 6.5.409acb17ci: add Node.js 20 in the test matrix39937f8refactor: minor cleanups43c1c1crefactor: simplify code3b5e79erefactor: remove useless referencesf27a6c3refactor: remove useless reference2da559achore(release): 6.5.39545b44refactor: add cache-control header in the polling responseff1c861fix(webtransport): properly handle abruptly closed connectionsc6bf8c0fix: improve compatibility with node16 module resolution (#689)Updates
es5-extfrom 0.10.23 to 0.10.64Release notes
Sourced from es5-ext's releases.
... (truncated)
Changelog
Sourced from es5-ext's changelog.
... (truncated)
Commits
f76b03dchore: Release v0.10.642881acdchore: Bump dependenciesc2e2bb9fix: Revert update meant to fix Powershell issue, as it's a regression16f2b72docs: Fix date in the changelogde4e03cchore: Release v0.10.633fd53b7chore: Upgradelint-stagedto v13bf8ed79chore: Ensure postinstall script does not crash on Windows2cbbb07chore: Bump dependencies22d0416chore: Bump LICENSE yeara52e957fix: Support ES2015+ function definitions infunction#toStringTokens()Updates
extendfrom 2.0.1 to 2.0.2Changelog
Sourced from extend's changelog.
Commits
a439429v2.0.25f23117[Dev Deps] addsafe-publish-latest92f406dRevert "Merge pull request #32 from greelgorke/master"8d106d2v3.0.2e97091f[Dev Deps] updatetapee841aac[Tests] up tonodev10.70e68e71[Fix] Prevent merging proto propertya689700Only apps should have lockfilesf13c1c4[Dev Deps] updateeslint,@ljharb/eslint-config,tapef3570fe[Tests] up tonodev10.0,v9.11,v8.11,v7.10,v6.14,v4.9; use...Updates
follow-redirectsfrom 1.5.0 to 1.15.6Commits
35a517cRelease version 1.15.6 of the npm package.c4f847fDrop Proxy-Authorization across hosts.8526b4aUse GitHub for disclosure.b1677ceRelease version 1.15.5 of the npm package.d8914f7Preserve fragment in responseUrl.6585820Release version 1.15.4 of the npm package.7a6567eDisallow bracketed hostnames.05629afPrefer native URL instead of deprecated url.parse.1cba8e8Prefer native URL instead of legacy url.resolve.72bc2a4Simplify _processResponse error handling.Updates
fseventsfrom 1.1.1 to 2.3.3Release notes
Sourced from fsevents's releases.
... (truncated)
Commits
2db891eRelease v2.3.38ec87bfUpdate nodejs.yml (#392)c20c3afreadme63709dfMerge pull request #384 from aleksanb/subdirsa77340fHandle MustScanSubDirs for large projects66be519Update README.md (#371)2f2a858Update README.md (#364)a7f5d00Release v2.3.2fab136afix: issue #355 (#356)328ae39Release v2.3.1Maintainer changes
This version was pushed to npm by pipobscure, a new releaser for fsevents since your current version.
Updates
fstreamfrom 1.0.11 to 1.0.12Commits
42354591.0.126a77d2fClobber a Link if it's in the way of a FileUpdates
is-my-json-validfrom 2.16.0 to 2.20.6Commits
58d30cb2.20.6f76edf0Merge pull request #188 from axelniklasson/master4eef089Upgrade jsonpointer to address security vulnerability441f8122.20.5d36a1b1Merge pull request #182 from ChALkeR/chalker/fix-commab6ea484Fix uri prefix detection5389c5bMerge pull request #181 from ChALkeR/chalker/fix-undefdf5b313add funding filec224619Fix 'required' implementation2534af42.20.4Maintainer changes
This version was pushed to npm by linusu, a new releaser for is-my-json-valid since your current version.
Updates
is-urlfrom 1.2.2 to 1.2.4Commits
d2048281.2.4a524d7fMerge pull request #20 from davisjam/FixUndefb33cac4handle undefined string8585facMerge pull request #23 from segmentio/fix-testse572e5dadd travis confige1c30e1remove cruft and fix the test scriptf1c83cf1.2.355ee8eeMerge pull request #18 from davisjam/FixREDOS1495509security: Fix REDOS vulnerabilityUpdates
json-schemafrom 0.2.3 to 0.4.0Commits
f6f6a3bUse a little more robust method of checking instancesef60987Update versionb62f1daProtect against constructor modification, #84fb427cdLink to json-schema-org repository in addition to site, fixes #5422f1461Don't allow proto property to be used for schema default/coerce, fixes #84c52a27cGet basic test to passb3f42b3Add security policy3b0cec3Update versionc28470fUpdate readme to acknowledge the state of the package7dff9cdMerge pull request #81 from hodovani/patch-1Updates
jsprimfrom 1.4.1 to 1.4.2Changelog
Sourced from jsprim's changelog.
Commits
5c8475fjoyent/node-jsprim#35 Backport json-schema 0.4.0 to version 1.4.xMaintainer changes
This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.
Updates
lodashfrom 4.17.10 to 4.17.21Commits
f299b52Bump to v4.17.21c4847ebImprove performance oftoNumber,trimandtrimEndon large input strings3469357Prevent command injection through_.template'svariableoptionded9bc6Bump to v4.17.20.63150efDocumentation fixes.00f0f62test.js: Remove trailing comma.846e434Temporarily use a custom fork oflodash-cli.5d046f3Re-enable Travis tests on4.17branch.aa816b3Remove/npm-package.d7fbc52Bump to v4.17.19Description has been truncated