Bump the npm_and_yarn group across 1 directory with 16 updates#3
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 16 updates#3dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [debug](https://github.com/debug-js/debug) | `2.6.3` | `2.6.9` | | [diff](https://github.com/kpdecker/jsdiff) | `3.2.0` | `3.5.1` | | [extend](https://github.com/justmoon/node-extend) | `3.0.0` | `3.0.2` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.6` | `4.7.9` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.4.1` | `2.8.9` | | [lodash](https://github.com/lodash/lodash) | `4.17.4` | `4.18.1` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.3` | `3.1.5` | | [nwmatcher](https://github.com/dperini/nwmatcher) | `1.3.9` | `1.4.4` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.5` | `1.0.7` | | [sshpk](https://github.com/joyent/node-sshpk) | `1.11.0` | `1.18.0` | | [stringstream](https://github.com/mhart/StringStream) | `0.0.5` | `0.0.6` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.12` | `0.7.41` | | [y18n](https://github.com/yargs/y18n) | `3.2.1` | `3.2.2` | | [yargs-parser](https://github.com/yargs/yargs-parser) | `5.0.0` | `5.0.1` | Updates `debug` from 2.6.3 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.3...2.6.9) Updates `diff` from 3.2.0 to 3.5.1 - [Changelog](https://github.com/kpdecker/jsdiff/blob/master/release-notes.md) - [Commits](kpdecker/jsdiff@v3.2.0...v3.5.1) Updates `extend` from 3.0.0 to 3.0.2 - [Changelog](https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md) - [Commits](justmoon/node-extend@v3.0.0...v3.0.2) Updates `handlebars` from 4.0.6 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.6...v4.7.9) Updates `hosted-git-info` from 2.4.1 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.4.1...v2.8.9) Updates `lodash` from 4.17.4 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.4...4.18.1) Updates `minimatch` from 3.0.3 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.3...v3.1.5) Updates `ms` from 0.7.2 to 2.0.0 - [Release notes](https://github.com/vercel/ms/releases) - [Commits](vercel/ms@0.7.2...2.0.0) Updates `nwmatcher` from 1.3.9 to 1.4.4 - [Release notes](https://github.com/dperini/nwmatcher/releases) - [Commits](https://github.com/dperini/nwmatcher/commits) Updates `path-parse` from 1.0.5 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `sshpk` from 1.11.0 to 1.18.0 - [Release notes](https://github.com/joyent/node-sshpk/releases) - [Commits](TritonDataCenter/node-sshpk@v1.11.0...v1.18.0) Updates `stringstream` from 0.0.5 to 0.0.6 - [Commits](mhart/StringStream@v0.0.5...v0.0.6) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `ua-parser-js` from 0.7.12 to 0.7.41 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.12...0.7.41) Updates `y18n` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `yargs-parser` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md) - [Commits](yargs/yargs-parser@v5.0.0...v5.0.1) --- updated-dependencies: - dependency-name: debug dependency-version: 2.6.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: diff dependency-version: 3.5.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: extend dependency-version: 3.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-version: 2.8.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ms dependency-version: 2.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nwmatcher dependency-version: 1.4.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-version: 1.0.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: sshpk dependency-version: 1.18.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: stringstream dependency-version: 0.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmpl dependency-version: 1.0.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-version: 0.7.41 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-version: 3.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yargs-parser dependency-version: 5.0.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 15 updates in the / directory:
2.6.32.6.93.2.03.5.13.0.03.0.24.0.64.7.92.4.12.8.94.17.44.18.13.0.33.1.51.3.91.4.41.0.51.0.71.11.01.18.00.0.50.0.61.0.41.0.50.7.120.7.413.2.13.2.25.0.05.0.1Updates
debugfrom 2.6.3 to 2.6.9Release notes
Sourced from debug's releases.
Changelog
Sourced from debug's changelog.
Commits
13abeaeRelease 2.6.9f53962eremove ReDoS regexp in %o formatter (#504)52e1f21Release 2.6.82482e08Check for undefined on browser globals (#462)6bb07f7release 2.6.715850cbFix Regular Expression Denial of Service (ReDoS)4a6c85cupdate "debug" to v1.0.0 (#454)b68dbf8Fix typo (#455)1351d2fInline extend function in node implementation (#452)c211947update version for componentUpdates
difffrom 3.2.0 to 3.5.1Changelog
Sourced from diff's changelog.
Commits
e8bb422v3.5.12f5bf5eBackport kpdecker/jsdiff#649c9f00dbBackport kpdecker/jsdiff#647e9ab948v3.5.0b73884cUpdate release notes8953021Update release notes1023590Omit redundant slice in join method of diffArraysc72ef4aAdd missing test coverageb9ef24fSupport patches with empty lines10aaabbSupport patches with empty linesMaintainer changes
This version was pushed to npm by explodingcabbage, a new releaser for diff since your current version.
Updates
extendfrom 3.0.0 to 3.0.2Changelog
Sourced from extend's changelog.
Commits
8d106d2v3.0.2e97091f[Dev Deps] updatetapee841aac[Tests] up tonodev10.70e68e71[Fix] Prevent merging proto propertya689700Only apps should have lockfilesf13c1c4[Dev Deps] updateeslint,@ljharb/eslint-config,tapef3570fe[Tests] up tonodev10.0,v9.11,v8.11,v7.10,v6.14,v4.9; use...138b515v3.0.17e19a6f[Tests] up tonodev7.9,v6.10,v4.8; improve matrix0191e27[Dev Deps] updatetape,eslint,@ljharb/eslint-configUpdates
handlebarsfrom 4.0.6 to 4.7.9Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
dce542cv4.7.98a41389Update release notes68d8df5Fix security issuesb2a0831Fix browser tests9f98c16Fix release script45443b4Revert "Improve partial indenting performance"8841a5fFix CI errors with lintinge0137c2fix: enable shell mode for spawn to resolve Windows EINVAL issuee914d60Improve rendering performance7de4b41Upgrade GitHub Actions checkout and setup-node on 4.x branchMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
hosted-git-infofrom 2.4.1 to 2.8.9Changelog
Sourced from hosted-git-info's changelog.
... (truncated)
Commits
8d4b369chore(release): 2.8.929adfe5fix: backport regex fix from #76afeaefdchore(release): 2.8.85038b18fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...7440afachore(release): 2.8.72d0bb66fix: Do not attempt to use url.URL when unavailablef2cdfcffix: Do not pass scp-style URLs to the WhatWG url.URLe1b83dfchore(release): 2.8.6ff259a6Ensure passwords in hosted Git URLs are correctly escaped624fd6fchore(release): 2.8.5Maintainer changes
This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.
Updates
lodashfrom 4.17.4 to 4.18.1Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)Updates
minimatchfrom 3.0.3 to 3.1.5Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsUpdates
msfrom 0.7.2 to 2.0.0Release notes
Sourced from ms's releases.
Commits
9b88d152.0.094b995cInvalidated cache for slack badgebcf5715Bumped dependencies to the latest versionb1eaab7Ignored logs coming from npmcaae298Limit str to 100 to avoid ReDoS of 0.3s (#89)b83b36dchore(package): update eslint to version 3.19.0 (#88)3f2a4d7chore(package): update husky to version 0.13.3 (#86)7daf9841.0.0ee91f30More suitable name for file containing testse818c35Removed browser testingUpdates
nwmatcherfrom 1.3.9 to 1.4.4Release notes
Sourced from nwmatcher's releases.
Commits
Updates
path-parsefrom 1.0.5 to 1.0.7Commits
Updates
sshpkfrom 1.11.0 to 1.18.0Release notes
Sourced from sshpk's releases.
Commits
8df0385Add support for ed25519 private keys in pkcs8 (#92)3e83664node-sshpk#27 prep for release (#79)1da5a87node-sshpk#27 PuTTY private key support (#76)85f3c4eTRITON-2254 Change joyMattermostNotification to joySlackNotifications (#77)4342c21MANTA-4808 jenkins-joylib notifications should include "mantav1" branch build...cb8c666TRITON-1943 add Jenkinsfiles to Triton repositories (#64)e97ab59TOOLS-2101 jsstyle submodules too old for old perls (#65)1aece0djoyent/node-sshpk#60 certs should generate GeneralizedTime values for dates >...684dbe6joyent/node-sshpk#62 handle pkcs8 ECDSA keys with missing public parts574ff21joyent/node-sshpk#18 support for PKCS8 encrypted private keysMaintainer changes
This version was pushed to npm by bahamat, a new releaser for sshpk since your current version.
Updates
stringstreamfrom 0.0.5 to 0.0.6Commits
fee31c50.0.62f4a9d4Merge pull request #9 from mhart/fix-buffer-constructor-vulnafbc744Ensure data is not a number in Buffer constructorUpdates
tmplfrom 1.0.4 to 1.0.5Commits
Updates
ua-parser-jsfrom 0.7.12 to 0.7.41Release notes
Sourced from ua-parser-js's releases.
Changelog
Sourced from ua-parser-js's changelog.
... (truncated)
Commits
af825ffBump version0.7.415925954Backport - Improve detection for Nokia device & Symbian OSfc668efBackport - Improve device detection for Generic device: capture its device mo...0543fb2Backport - Improve CPU detection: ARM98f1c00Backport - Improve device detection for unidentified SmartTV vendorsd66c971Backport - Improve detection for Nvidia devicescbe6038Backport - Add Daum app user agent (#773)e665bd5Backport - Add new OS:Ubuntu Touch20c3040Backport - Add new device: Apple HomePod9057a1dBackport - Add new browser:LadybirdMaintainer changes
This version was pushed to npm by faisalman, a new releaser for ua-parser-js since your current version.
Updates
y18nfrom 3.2.1 to 3.2.2Release notes
Sourced from y18n's releases.
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.
Updates
yargs-parserfrom 5.0.0 to 5.0.1Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
eab6c03chore: release 5.0.1 (#363)1c417bdfix(security): address GHSA-p9pc-299p-vxgp (#362)e93a345chore: mark release in commit history (#361)ee15863chore: push new package version4774207fix: back-porting prototype fixes for really old version (#271)Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by...
Description has been truncated