Bump the npm_and_yarn group group with 12 updates #7
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group group with 12 updates:
4.2.1
4.2.2
2.1.2
2.1.4
2.2.3
2.2.6
0.2.0
0.2.2
0.10.53
0.10.63
1.13.1
1.15.5
2.0.0
2.0.2
4.1.0
4.1.1
1.2.5
1.2.8
6.5.2
6.5.3
4.4.13
4.4.19
1.2.3
1.2.5
Updates
browserify-sign
from 4.2.1 to 4.2.2Changelog
Sourced from browserify-sign's changelog.
Commits
4af5a90
v4.2.23aec038
[Dev Deps] updatetape
85994cd
[Fix] properly check the upper bound for DSA signatures9ac5a5e
[meta] fix package.json indentationdcf49ce
[meta] addsafe-publish-latest
4418183
[meta] addnpmignore
andauto-changelog
8767739
[Fix]sign
: throw on unsupported padding scheme5f6fb17
[Tests] log when openssl doesn't support cipherf5f17c2
[Tests] handle openSSL not supporting a schemed845d85
[Tests] migrate from travis to github actionsMaintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
cookiejar
from 2.1.2 to 2.1.4Commits
Updates
cross-fetch
from 2.2.3 to 2.2.6Commits
bfe5fe2
2.2.61a89b66
added caret range to whatwg-fetch.695a888
removed and disabled package-lock.json.eac6c00
Update away from vulnerable version of node-fetch (#135)3abdc67
2.2.5982e107
Locked node-fetch version.0820407
2.2.419fec4e
Fixed vulnerability CVE-2020-15168 by upgrading node-fetch to 2.6.1.Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
es5-ext
from 0.10.53 to 0.10.63Release notes
Sourced from es5-ext's releases.
... (truncated)
Changelog
Sourced from es5-ext's changelog.
... (truncated)
Commits
de4e03c
chore: Release v0.10.633fd53b7
chore: Upgradelint-staged
to v13bf8ed79
chore: Ensure postinstall script does not crash on Windows2cbbb07
chore: Bump dependencies22d0416
chore: Bump LICENSE yeara52e957
fix: Support ES2015+ function definitions infunction#toStringTokens()
3551cdd
fix: Do not rely on problematic regex7855319
chore: Simplify the manifest message78e041f
chore: Release v0.10.62c51d552
chore: Improve manifestUpdates
follow-redirects
from 1.13.1 to 1.15.5Commits
b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.3d42aec
Add bracket tests.bcbb096
Do not directly set Error properties.192dbe7
Release version 1.15.3 of the npm package.Updates
get-func-name
from 2.0.0 to 2.0.2Release notes
Sourced from get-func-name's releases.
Commits
Maintainer changes
This version was pushed to npm by keithamus, a new releaser for get-func-name since your current version.
Updates
http-cache-semantics
from 4.1.0 to 4.1.1Commits
2449650
Update mocha560b2d8
Don't use regex to trim whitespaceb1bdb92
Remove linting package zooc20dc7e
Cache 308Updates
minimist
from 1.2.5 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
qs
from 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5
v6.5.3ed0f5dc
[Fix]parse
: ignore__proto__
keys (#428)691e739
[Robustness]stringify
: avoid relying on a globalundefined
(#427)1072d57
[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4
[meta] fix README.md (#399)0338716
[actions] backport actions from main5639c20
Clean up license text so it’s properly detected as BSD-3-Clause51b8a0b
add FUNDING.yml45f6759
[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f
[Dev Deps] backport from mainUpdates
tar
from 4.4.13 to 4.4.19Commits
9a6faa0
4.4.1970ef812
drop dirCache for symlink on all platforms3e35515
4.4.1852b09e3
fix: prevent path escape using drive-relative pathsbb93ba2
fix: reserve paths properly for unicode, windows2f1bca0
fix: prune dirCache properly for unicode, windows9bf70a8
4.4.176aafff0
fix: skip extract if linkpath is stripped entirely5c5059a
fix: reserve paths case-insensitivelyfd6accb
4.4.16Updates
word-wrap
from 1.2.3 to 1.2.5Release notes
Sourced from word-wrap's releases.
Commits
207044e
1.2.59894315
revert default indentf64b188
run verb to generate README03ea082
Merge pull request #42 from jonschlinkert/chore/publish-workflow420dce9
Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2bfa694e
Update .github/workflows/publish.ymlace0b3c
chore: bump version to 1.2.46fd7275
chore: add publish workflow30d6daf
chore: fix test655929c
chore: remove package-lockDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.