Bump the npm_and_yarn group across 1 directory with 14 updates#4
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 14 updates#4dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [markdown-it](https://github.com/markdown-it/markdown-it) | `8.3.1` | `14.2.0` | | [debug](https://github.com/debug-js/debug) | `2.6.3` | `2.6.9` | | [diff](https://github.com/kpdecker/jsdiff) | `3.2.0` | `3.5.1` | | [fsevents](https://github.com/fsevents/fsevents) | `1.1.2` | `1.2.13` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.6` | `4.7.9` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.4.1` | `2.8.9` | | [nwmatcher](https://github.com/dperini/nwmatcher) | `1.3.9` | `1.4.4` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.5` | `1.0.7` | | [sshpk](https://github.com/joyent/node-sshpk) | `1.11.0` | `1.18.0` | | [stringstream](https://github.com/mhart/StringStream) | `0.0.5` | `0.0.6` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [y18n](https://github.com/yargs/y18n) | `3.2.1` | `3.2.2` | | [yargs-parser](https://github.com/yargs/yargs-parser) | `5.0.0` | `5.0.1` | Updates `markdown-it` from 8.3.1 to 14.2.0 - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md) - [Commits](markdown-it/markdown-it@8.3.1...14.2.0) Updates `debug` from 2.6.3 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.3...2.6.9) Updates `diff` from 3.2.0 to 3.5.1 - [Changelog](https://github.com/kpdecker/jsdiff/blob/master/release-notes.md) - [Commits](kpdecker/jsdiff@v3.2.0...v3.5.1) Updates `fsevents` from 1.1.2 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.2...v1.2.13) Updates `handlebars` from 4.0.6 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.6...v4.7.9) Updates `hosted-git-info` from 2.4.1 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.4.1...v2.8.9) Updates `ms` from 0.7.2 to 2.0.0 - [Release notes](https://github.com/vercel/ms/releases) - [Commits](vercel/ms@0.7.2...2.0.0) Updates `nwmatcher` from 1.3.9 to 1.4.4 - [Release notes](https://github.com/dperini/nwmatcher/releases) - [Commits](https://github.com/dperini/nwmatcher/commits) Updates `path-parse` from 1.0.5 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `sshpk` from 1.11.0 to 1.18.0 - [Release notes](https://github.com/joyent/node-sshpk/releases) - [Commits](TritonDataCenter/node-sshpk@v1.11.0...v1.18.0) Updates `stringstream` from 0.0.5 to 0.0.6 - [Commits](mhart/StringStream@v0.0.5...v0.0.6) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `y18n` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `yargs-parser` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md) - [Commits](yargs/yargs-parser@v5.0.0...v5.0.1) --- updated-dependencies: - dependency-name: markdown-it dependency-version: 14.2.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: debug dependency-version: 2.6.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: diff dependency-version: 3.5.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-version: 1.2.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-version: 2.8.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ms dependency-version: 2.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nwmatcher dependency-version: 1.4.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-version: 1.0.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: sshpk dependency-version: 1.18.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: stringstream dependency-version: 0.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmpl dependency-version: 1.0.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-version: 3.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yargs-parser dependency-version: 5.0.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 13 updates in the / directory:
8.3.114.2.02.6.32.6.93.2.03.5.11.1.21.2.134.0.64.7.92.4.12.8.91.3.91.4.41.0.51.0.71.11.01.18.00.0.50.0.61.0.41.0.53.2.13.2.25.0.05.0.1Updates
markdown-itfrom 8.3.1 to 14.2.0Changelog
Sourced from markdown-it's changelog.
... (truncated)
Commits
829797a14.2.0 released9ce2087Fix smartquotes perfomance02e73b8linkify-it bump68cfb8cfix: don't end HTML comment blocks on a blank line (#1155)1083137Readme cleanup97c7ca2Update funding infoc471b55Changelog update7769621isPunctChar => isPunctCharCodeaa2aa70fix: always reset parentType in lheading rule (#1131)59955f2Polish PRs #1072, #1074Updates
debugfrom 2.6.3 to 2.6.9Release notes
Sourced from debug's releases.
Changelog
Sourced from debug's changelog.
Commits
13abeaeRelease 2.6.9f53962eremove ReDoS regexp in %o formatter (#504)52e1f21Release 2.6.82482e08Check for undefined on browser globals (#462)6bb07f7release 2.6.715850cbFix Regular Expression Denial of Service (ReDoS)4a6c85cupdate "debug" to v1.0.0 (#454)b68dbf8Fix typo (#455)1351d2fInline extend function in node implementation (#452)c211947update version for componentUpdates
difffrom 3.2.0 to 3.5.1Changelog
Sourced from diff's changelog.
Commits
e8bb422v3.5.12f5bf5eBackport kpdecker/jsdiff#649c9f00dbBackport kpdecker/jsdiff#647e9ab948v3.5.0b73884cUpdate release notes8953021Update release notes1023590Omit redundant slice in join method of diffArraysc72ef4aAdd missing test coverageb9ef24fSupport patches with empty lines10aaabbSupport patches with empty linesMaintainer changes
This version was pushed to npm by explodingcabbage, a new releaser for diff since your current version.
Updates
fseventsfrom 1.1.2 to 1.2.13Release notes
Sourced from fsevents's releases.
Commits
844a05dVersion Bumpf393f2aOnly build fsevents on macOS (#322)6a281a7[publish binary]acc2bce[publish binary]f532b6e[publish binary]4c6a1c0Add node 13 to travis matrix.92e40aaRelease 1.2.12.909af26Release v1.2.117074adbRelease v1.2.100a052f6Node.js v12 support for v1.x (#274)Updates
handlebarsfrom 4.0.6 to 4.7.9Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
dce542cv4.7.98a41389Update release notes68d8df5Fix security issuesb2a0831Fix browser tests9f98c16Fix release script45443b4Revert "Improve partial indenting performance"8841a5fFix CI errors with lintinge0137c2fix: enable shell mode for spawn to resolve Windows EINVAL issuee914d60Improve rendering performance7de4b41Upgrade GitHub Actions checkout and setup-node on 4.x branchMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
hosted-git-infofrom 2.4.1 to 2.8.9Changelog
Sourced from hosted-git-info's changelog.
... (truncated)
Commits
8d4b369chore(release): 2.8.929adfe5fix: backport regex fix from #76afeaefdchore(release): 2.8.85038b18fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...7440afachore(release): 2.8.72d0bb66fix: Do not attempt to use url.URL when unavailablef2cdfcffix: Do not pass scp-style URLs to the WhatWG url.URLe1b83dfchore(release): 2.8.6ff259a6Ensure passwords in hosted Git URLs are correctly escaped624fd6fchore(release): 2.8.5Maintainer changes
This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.
Updates
msfrom 0.7.2 to 2.0.0Release notes
Sourced from ms's releases.
Commits
9b88d152.0.094b995cInvalidated cache for slack badgebcf5715Bumped dependencies to the latest versionb1eaab7Ignored logs coming from npmcaae298Limit str to 100 to avoid ReDoS of 0.3s (#89)b83b36dchore(package): update eslint to version 3.19.0 (#88)3f2a4d7chore(package): update husky to version 0.13.3 (#86)7daf9841.0.0ee91f30More suitable name for file containing testse818c35Removed browser testingUpdates
nwmatcherfrom 1.3.9 to 1.4.4Release notes
Sourced from nwmatcher's releases.
Commits
Updates
path-parsefrom 1.0.5 to 1.0.7Commits
Updates
sshpkfrom 1.11.0 to 1.18.0Release notes
Sourced from sshpk's releases.
Commits
8df0385Add support for ed25519 private keys in pkcs8 (#92)3e83664node-sshpk#27 prep for release (#79)1da5a87node-sshpk#27 PuTTY private key support (#76)85f3c4eTRITON-2254 Change joyMattermostNotification to joySlackNotifications (#77)4342c21MANTA-4808 jenkins-joylib notifications should include "mantav1" branch build...cb8c666TRITON-1943 add Jenkinsfiles to Triton repositories (#64)e97ab59TOOLS-2101 jsstyle submodules too old for old perls (#65)1aece0djoyent/node-sshpk#60 certs should generate GeneralizedTime values for dates >...684dbe6joyent/node-sshpk#62 handle pkcs8 ECDSA keys with missing public parts574ff21joyent/node-sshpk#18 support for PKCS8 encrypted private keysMaintainer changes
This version was pushed to npm by bahamat, a new releaser for sshpk since your current version.
Updates
stringstreamfrom 0.0.5 to 0.0.6Commits
fee31c50.0.62f4a9d4Merge pull request #9 from mhart/fix-buffer-constructor-vulnafbc744Ensure data is not a number in Buffer constructorUpdates
tmplfrom 1.0.4 to 1.0.5Commits
Updates
y18nfrom 3.2.1 to 3.2.2Release notes
Sourced from y18n's releases.
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.
Updates
yargs-parserfrom 5.0.0 to 5.0.1Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
eab6c03chore: release 5.0.1 (#363)1c417bdfix(security): address GHSA-p9pc-299p-vxgp (#362)e93a345chore: mark release in commit history (#361)ee15863chore: push new package version4774207fix: back-porting prototype fixes for really old version (#271)Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.