forked from itchio/itch
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group across 1 directories with 24 updates #43
Open
dependabot
wants to merge
1
commit into
master
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-security-group-32d59bcd71
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Bump the npm_and_yarn group across 1 directories with 24 updates #43
dependabot
wants to merge
1
commit into
master
from
dependabot/npm_and_yarn/npm_and_yarn-security-group-32d59bcd71
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 24 updates in the /. directory: | Package | From | To | | --- | --- | --- | | [semver](https://github.com/npm/node-semver) | `5.5.1` | `5.7.2` | | [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `3.42.9` | `5.21.7` | | [electron](https://github.com/electron/electron) | `2.0.8` | `22.3.25` | | [ws](https://github.com/websockets/ws) | `5.2.2` | `5.2.3` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [logrotate-stream](https://github.com/dstokes/logrotate-stream) | `0.2.5` | `0.2.9` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [mocha](https://github.com/mochajs/mocha) | `5.2.0` | `10.3.0` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.5.8` | `1.15.5` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [postcss](https://github.com/postcss/postcss) | `5.2.18` | `8.4.35` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.28.11` | `6.10.0` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [lodash-es](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [set-value](https://github.com/jonschlinkert/set-value) | `2.0.0` | `2.0.1` | | [union-value](https://github.com/jonschlinkert/union-value) | `1.0.0` | `1.0.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.3.4` | `` | | [codecov](https://github.com/codecov/codecov-node) | `3.0.4` | `3.8.3` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.4.3` | `1.5.10` | Updates `semver` from 5.5.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.5.1...v5.7.2) Updates `systeminformation` from 3.42.9 to 5.21.7 - [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md) - [Commits](https://github.com/sebhildebrandt/systeminformation/commits/v5.21.7) Updates `electron` from 2.0.8 to 22.3.25 - [Release notes](https://github.com/electron/electron/releases) - [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md) - [Commits](electron/electron@v2.0.8...v22.3.25) Updates `ws` from 5.2.2 to 5.2.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@5.2.2...5.2.3) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `logrotate-stream` from 0.2.5 to 0.2.9 - [Commits](dstokes/logrotate-stream@v0.2.5...v0.2.9) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `mocha` from 5.2.0 to 10.3.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v5.2.0...v10.3.0) Updates `ansi-regex` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v3.0.0...v3.0.1) Updates `browserify-sign` from 4.0.4 to 4.2.2 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.2) Updates `follow-redirects` from 1.5.8 to 1.15.5 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.8...v1.15.5) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `postcss` from 5.2.18 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/commits/8.4.35) Updates `css-loader` from 0.28.11 to 6.10.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/css-loader@v0.28.11...v6.10.0) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `lodash` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `lodash-es` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `set-value` from 2.0.0 to 2.0.1 - [Commits](jonschlinkert/set-value@2.0.0...2.0.1) Updates `union-value` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/jonschlinkert/union-value/releases) - [Commits](jonschlinkert/union-value@1.0.0...1.0.1) Removes `tough-cookie` Updates `codecov` from 3.0.4 to 3.8.3 - [Release notes](https://github.com/codecov/codecov-node/releases) - [Changelog](https://github.com/codecov/codecov-node/blob/master/CHANGELOG.md) - [Commits](codecov/codecov-node@v3.0.4...v3.8.3) Updates `url-parse` from 1.4.3 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.3...1.5.10) --- updated-dependencies: - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: systeminformation dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: electron dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ws dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: logrotate-stream dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: mkdirp dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash-es dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: set-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: union-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: codecov dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
Pull requests that update a dependency file
label
Feb 21, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 24 updates in the /. directory:
5.5.1
5.7.2
3.42.9
5.21.7
2.0.8
22.3.25
5.2.2
5.2.3
1.2.0
1.2.8
0.2.5
0.2.9
0.5.1
0.5.6
5.2.0
10.3.0
3.0.0
3.0.1
4.0.4
4.2.2
1.5.8
1.15.5
1.2.4
1.2.13
5.2.18
8.4.35
0.28.11
6.10.0
1.1.5
1.1.9
0.2.3
0.4.0
1.4.1
1.4.2
4.17.10
4.17.21
4.17.10
4.17.21
2.0.0
2.0.1
1.0.0
1.0.1
2.3.4
3.0.4
3.8.3
1.4.3
1.5.10
Updates
semver
from 5.5.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@npmcli/template-oss
@4
.16.0c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
systeminformation
from 3.42.9 to 5.21.7Changelog
Sourced from systeminformation's changelog.
... (truncated)
Commits
Updates
electron
from 2.0.8 to 22.3.25Changelog
Sourced from electron's changelog.
... (truncated)
Commits
1c1c132
chore: cherry-pick 3fbd1dca6a4d from libvpx (#40026)d892c2b
build: fixup autoninja (#39899)6132e80
build: run on circle hosts for forks (#39865)a953199
build: use aks backed runners for linux builds (#39838)056eacf
chore: cherry-pick b2eab7500a18 from chromium (#39827)5f8ef81
fix: ensure app load is limited to real asar files when appropriate (#39811)4995c9e
chore: cherry-pick 1 changes from Release-3-M116 (#39758)e29cdac
build: fix depot_tools patch application (#39751)b58903d
chore: cherry-pick 1 changes from Release-2-M116 (#39689)33f9dce
chore: cherry-pick 2 changes from Release-1-M116 (#39648)Updates
ws
from 5.2.2 to 5.2.3Release notes
Sourced from ws's releases.
Commits
6dd88e7
[dist] 5.2.376d47c1
[security] Fix ReDoS vulnerabilityUpdates
minimist
from 1.2.0 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
logrotate-stream
from 0.2.5 to 0.2.9Commits
5133794
bump patch version to 0.2.97b8e1ae
Merge pull request #13 from gkozlenko/masterda3c5d3
Update yargs dependency0cae68e
upgrade y18n package20b0dec
0.2.79f71eaa
Merge pull request #10 from gkozlenko/master842429b
Update yargs dependency0cc7fbb
0.2.6eefb4ca
Merge pull request #9 from gkozlenko/master0b4da2b
Replace optimist package by yargsUpdates
mkdirp
from 0.5.1 to 0.5.6Commits
92f086d
0.5.62a28125
clean up testsc905d65
update minimist049cf18
0.5.5bea6382
Remove unnecessary umask calls42a012c
0.5.42867920
fix infinite loop on windows machinesd784e70
0.5.3d612c5d
add files list so this package isn't a monsterb2e7ba0
0.5.2Maintainer changes
This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.
Updates
mocha
from 5.2.0 to 10.3.0Release notes
Sourced from mocha's releases.
... (truncated)
Changelog
Sourced from mocha's changelog.
... (truncated)
Commits
a886829
chore: fix link in pull request template (#5091)53a4baf
chore: remove unnecessary canvas dependency (#5069)1ebff45
chore: inline nyan reporter's write function (#5056)8812413
fix: add alt text to Built with Netlify badge (#5068)645469e
docs: touchups to labels and a template title post-revamp (#5050)9f99178
docs: overhaul contributing and maintenance docs for end-of-year 2023 (#5038)eca4fec
docs: fix return jsdoc type oftitlePath
(#4886)060f77d
docs: use mocha.js instead of mocha in the example run (#4927)4b60c1a
docs: fix fragment ID for yargs.jsextends
docs (#4918)b41e985
chore: remove stale workflow (#5029)Maintainer changes
This version was pushed to npm by joshuakgoldberg, a new releaser for mocha since your current version.
Updates
ansi-regex
from 3.0.0 to 3.0.1Commits
f545bdb
3.0.1c57d4c2
fix a few old XO issues for backport419250f
Fix potential ReDoS (#37)Updates
browserify-sign
from 4.0.4 to 4.2.2Changelog
Sourced from browserify-sign's changelog.
Commits
4af5a90
v4.2.23aec038
[Dev Deps] updatetape
85994cd
[Fix] properly check the upper bound for DSA signatures9ac5a5e
[meta] fix package.json indentationdcf49ce
[meta] addsafe-publish-latest
4418183
[meta] addnpmignore
andauto-changelog
8767739
[Fix]sign
: throw on unsupported padding scheme5f6fb17
[Tests] log when openssl doesn't support cipherf5f17c2
[Tests] handle openSSL not supporting a schemed845d85
[Tests] migrate from travis to github actionsMaintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
follow-redirects
from 1.5.8 to 1.15.5Commits
b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.3d42aec
Add bracket tests.bcbb096
Do not directly set Error properties.192dbe7
Release version 1.15.3 of the npm package.Updates
fsevents
from 1.2.4 to 1.2.13Release notes
Sourced from fsevents's releases.
Commits
844a05d
Version Bumpf393f2a
Only build fsevents on macOS (#322)6a281a7
[publish binary]acc2bce
[publish binary]f532b6e
[publish binary]4c6a1c0
Add node 13 to travis matrix.92e40aa
Release 1.2.12.909af26
Release v1.2.117074adb
Release v1.2.100a052f6
Node.js v12 support for v1.x (#274)Updates
postcss
from 5.2.18 to 8.4.35Release notes
Sourced from postcss's releases.