-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group across 1 directory with 25 updates #33
Open
dependabot
wants to merge
1
commit into
master
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-54b4d922f7
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 20 updates in the / directory: | Package | From | To | | --- | --- | --- | | [moment](https://github.com/moment/moment) | `2.22.2` | `2.29.4` | | [moment-timezone](https://github.com/moment/moment-timezone) | `0.5.21` | `0.5.35` | | [node-sass](https://github.com/sass/node-sass) | `4.9.3` | `7.0.0` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [color-string](https://github.com/Qix-/color-string) | `1.5.3` | `1.9.1` | | [css-what](https://github.com/fb55/css-what) | `2.1.0` | `2.1.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [dns-packet](https://github.com/mafintosh/dns-packet) | `1.3.1` | `1.3.4` | | [express](https://github.com/expressjs/express) | `4.16.3` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.5.8` | `1.15.6` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.12` | `4.7.8` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.7.1` | `2.8.9` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.0.8` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.8.1` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.4.3` | `1.5.10` | | [y18n](https://github.com/yargs/y18n) | `3.2.1` | `3.2.2` | Updates `moment` from 2.22.2 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.22.2...2.29.4) Updates `moment-timezone` from 0.5.21 to 0.5.35 - [Release notes](https://github.com/moment/moment-timezone/releases) - [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md) - [Commits](moment/moment-timezone@0.5.21...0.5.35) Updates `node-sass` from 4.9.3 to 7.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v4.9.3...v7.0.0) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `color-string` from 1.5.3 to 1.9.1 - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.9.1) Updates `css-what` from 2.1.0 to 2.1.3 - [Release notes](https://github.com/fb55/css-what/releases) - [Commits](fb55/css-what@v2.1.0...v2.1.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `dns-packet` from 1.3.1 to 1.3.4 - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4) Updates `express` from 4.16.3 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.16.3...4.19.2) Updates `follow-redirects` from 1.5.8 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.8...v1.15.6) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `handlebars` from 4.0.12 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.12...v4.7.8) Updates `hosted-git-info` from 2.7.1 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.7.1...v2.8.9) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `minimatch` from 3.0.4 to 3.0.8 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.0.8) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.5.1 to 6.5.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.1...v6.5.2) Updates `semver` from 5.3.0 to 5.5.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v5.3.0...v5.5.1) Updates `shell-quote` from 1.6.1 to 1.8.1 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.6.1...v1.8.1) Updates `tar` from 2.2.1 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v2.2.1...v6.2.1) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `trim-newlines` from 1.0.0 to 3.0.1 - [Release notes](https://github.com/sindresorhus/trim-newlines/releases) - [Commits](https://github.com/sindresorhus/trim-newlines/commits) Updates `url-parse` from 1.4.3 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.3...1.5.10) Updates `y18n` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `yargs-parser` from 5.0.0 to 9.0.2 - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md) - [Commits](yargs/yargs-parser@v5.0.0...v9.0.2) --- updated-dependencies: - dependency-name: moment dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: moment-timezone dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: color-string dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: css-what dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dns-packet dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmpl dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: trim-newlines dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yargs-parser dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
This was referenced May 1, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 20 updates in the / directory:
2.22.2
2.29.4
0.5.21
0.5.35
4.9.3
7.0.0
4.0.4
4.2.3
1.5.3
1.9.1
2.1.0
2.1.3
0.2.0
0.2.2
1.3.1
1.3.4
4.16.3
4.19.2
1.5.8
1.15.6
1.2.4
1.2.13
4.0.12
4.7.8
2.7.1
2.8.9
1.1.5
1.1.9
3.0.4
3.0.8
1.0.6
1.0.7
1.6.1
1.8.1
1.0.4
1.0.5
1.4.3
1.5.10
3.2.1
3.2.2
Updates
moment
from 2.22.2 to 2.29.4Changelog
Sourced from moment's changelog.
... (truncated)
Commits
000ac18
Build 2.24.4f2006b6
Bump version to 2.24.4536ad0c
Update changelog for 2.29.49a3b589
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)6374fd8
Merge branch 'master' into developb4e6153
Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"7aebb16
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)57c9062
Build 2.29.3aaf50b6
Fixup release complaints26f4aef
Bump version to 2.29.3Updates
moment-timezone
from 0.5.21 to 0.5.35Release notes
Sourced from moment-timezone's releases.
... (truncated)
Changelog
Sourced from moment-timezone's changelog.
... (truncated)
Commits
b8fb1ba
Build moment-timezone 0.5.35f1b5e5a
Add changelog for 0.5.358b0eb0c
Bump version to 0.5.357915ac5
Bugfix: Prevent cleartext transmission of tz data during buildce955a3
Bugfix: Fix command injection vulnerability in grunt tzdata pipeline9430b4c
Merge remote-tracking branch 'origin/master' into developfeaf900
Updated contributing.md + added 2021e files704cfac
updated contributing.md877c863
Updated contributing.md + added 2021e files5a3015c
updated contributing.mdUpdates
node-sass
from 4.9.3 to 7.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Changelog
Sourced from node-sass's changelog.
Commits
918dcb3
Lint fix0a21792
Set rejectUnauthorized to true by default (#3149)e80d4af
chore: Drop EOL Node 15 (#3122)d753397
feat: Add Node 17 support (#3195)dcf2e75
build(deps-dev): bump eslint from 7.32.0 to 8.0.0bfa1a3c
build(deps): bump actions/setup-node from 2.4.0 to 2.4.180d6c00
chore: Windows x86 on GitHub Actions (#3041)566dc27
build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)7bb5157
build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)2efb38f
build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)Updates
browserify-sign
from 4.0.4 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
... (truncated)
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
color-string
from 1.5.3 to 1.9.1Release notes
Sourced from color-string's releases.
... (truncated)
Commits
Updates
css-what
from 2.1.0 to 2.1.3Commits
2db00ca
2.1.3dc51092
fix(css-selectors): extend regex to include superscript in range, fix #27 (#28)a5f1991
Test on node LTSb2a2117
2.1.2e9ef3f1
Run prettier070b2f8
Add remaining parsed outputs (#25)af801e4
update license references to match license file (#23)2d495d0
Update to node 10 in .travis.yml (#22)c636f0d
Allow escaped parentheses in pseudo selectors (#20)4e255c9
Update .travis.ymlUpdates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
dns-packet
from 1.3.1 to 1.3.4Commits
ebdf849
1.3.4ac57872
move all allocUnsafes to allocs for easier maintenancec64c950
1.3.30598ba1
fix .. in encodingLength010aedb
1.3.20d0d593
backport encodingLength fix to v1Updates
express
from 4.16.3 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: [email protected]Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
follow-redirects
from 1.5.8 to 1.15.6Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.Updates
fsevents
from 1.2.4 to 1.2.13Release notes
Sourced from fsevents's releases.
Commits
844a05d
Version Bumpf393f2a
Only build fsevents on macOS (#322)6a281a7
[publish binary]acc2bce
[publish binary]f532b6e
[publish binary]4c6a1c0
Add node 13 to travis matrix.92e40aa
Release 1.2.12.909af26
Release v1.2.117074adb
Release v1.2.100a052f6
Node.js v12 support for v1.x (#274)Updates
handlebars
from 4.0.12 to 4.7.8Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
8dc3d25
v4.7.8668c4fb
Fix browser tests in CI pipelinec65c6cc
Test on Node 183d3796c
Make library compatible with workers075b354
Fix sync issue with npm lock-file30dbf04
Fix compiling of each block params in strict modee3a5448
Fix bundler issue with webpack 58e23642
Fix integration-tests issue with npm >= 788ac068
use https instead of git for mustache submodulec68bc08
Fix typoMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
hosted-git-info
from 2.7.1 to 2.8.9Changelog
Sourced from hosted-git-info's changelog.
... (truncated)
Commits
8d4b369
chore(release): 2.8.929adfe5
fix: backport regex fix from #76afeaefd
chore(release): 2.8.85038b18
fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...7440afa
chore(release): 2.8.72d0bb66
fix: Do not attempt to use url.URL when unavailablef2cdfcf
fix: Do not pass scp-style URLs to the WhatWG url.URLe1b83df
chore(release): 2.8.6