Bump the npm_and_yarn group across 1 directory with 12 updates#9
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps the npm_and_yarn group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [luxon](https://github.com/moment/luxon) | `2.0.1` | `2.5.2` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.13.0` | `7.24.1` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [terser](https://github.com/terser/terser) | `4.8.0` | `4.8.1` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `luxon` from 2.0.1 to 2.5.2 - [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md) - [Commits](moment/luxon@2.0.1...2.5.2) Updates `@babel/traverse` from 7.13.0 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `terser` from 4.8.0 to 4.8.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.8.0...v4.8.1) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: luxon dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>
Author
|
Superseded by #10. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 12 updates in the / directory:
2.0.12.5.27.13.07.24.14.2.14.2.30.2.00.2.21.1.51.1.91.0.11.0.21.4.01.4.21.2.51.2.86.5.26.5.35.7.15.7.24.8.04.8.11.2.31.2.5Updates
luxonfrom 2.0.1 to 2.5.2Changelog
Sourced from luxon's changelog.
... (truncated)
Commits
204cdfefix rfc2822 regex & bump to 2.5.24817697bump to 2.5.000f1d72fix changelogeebc657Add support for ESM-style node imports (#1218)f1c181cUpdate why.md (#1211)4332730mention escaping behavior in Duration.toFormat docstring (#1221)7b4a9d0Bump parse-url from 6.0.0 to 6.0.2 (#1230)60c83c7Fix link to duration months (#1232)c7e606bWednesday support for RFC 850 (#1225)6b47f20fix luxon path in api-docs script (#1214)Updates
@babel/traversefrom 7.13.0 to 7.24.1Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.... (truncated)
Commits
822b025v7.24.1fc0d5adUpdate typescript and lint tools (#16351)69e7928Consider well-known and registered symbols as literals (#16342)40110e9Update source map deps (#16327)ce59160v7.24.0bd5abd5fix: avoidpopContexton unvisited node paths (#16305)08a057cUseObject.hasOwnwhen available (#16248)a0dd614v7.23.91200542fix: Don't throw ingetTypeAnnotationwhen using TS+inference (#15383)e428a6dv7.23.7Updates
browserify-signfrom 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ecv4.2.39247adf[patch] widen support to 0.12f427270[Deps] update `parse-asn187f3a35[Dev Deps] updateaud,npmignore,tapefb261ce[Deps] updateelliptic4d0ee49[patch] drop minimum node support to v19e2bf12[Deps] pinhash-baseto ~3.0, due to a breaking change168e16f[Deps] pinellipticdue to a breaking change37a4758[actions] remove redundant finisher4af5a90v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
decode-uri-componentfrom 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea460.2.2980e0bfPrevent overwriting previously decoded tokens3c8a3730.2.176abc93Switch to GitHub workflows746ca5dFix issue where decode throws - fixes #6486d7e2Update license (#1)a650457Tidelift tasks66e1c28Meta tweaksUpdates
ipfrom 1.1.5 to 1.1.9Commits
1ecbf2f1.1.96a3ada9lib: fixed CVE-2023-42282 and added unit test5dc3b2f1.1.88e6f28blib: even better node 6 support088c9e51.1.71a4ca35lib: add back support for Node.js 6af82ef41.1.6dba19f6package: exclude test folder from publishing7cd7f30ci: use github workflows4de50aelib: node 18 supportUpdates
json5from 1.0.1 to 1.0.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
... (truncated)
Commits
a62db1e1.0.2e0c23fedocs: update CHANGELOG for v1.0.262a6540fix: add proto to objects and arraysUpdates
loader-utilsfrom 1.4.0 to 1.4.2Release notes
Sourced from loader-utils's releases.
Changelog
Sourced from loader-utils's changelog.
Commits
331ad50chore(release): 1.4.217cbf8ffix: ReDoS problem (#226)8f082b3chore(release): 1.4.14504e34fix: security problem (#220)Updates
minimistfrom 1.2.5 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2v1.2.8a026794Merge tag 'v0.2.3'c0b2661v0.2.363b8fee[Fix] Fix long option followed by single dash (#17)72239e6[Tests] Remove duplicate test (#12)34b0f1c[eslint] fix indentation3226afa[Dev Deps] add missingnpmignoredev dep098873c[Dev Deps] update@ljharb/eslint-config,aud9ec4d27[Fix] Fix long option followed by single dashba92fe6[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
qsfrom 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5v6.5.3ed0f5dc[Fix]parse: ignore__proto__keys (#428)691e739[Robustness]stringify: avoid relying on a globalundefined(#427)1072d57[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4[meta] fix README.md (#399)0338716[actions] backport actions from main5639c20Clean up license text so it’s properly detected as BSD-3-Clause51b8a0badd FUNDING.yml45f6759[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f[Dev Deps] backport from mainUpdates
semverfrom 5.7.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.