forked from itchio/itch
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group group with 25 updates #45
Open
dependabot
wants to merge
1
commit into
master
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-security-group-faa0e65db7
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Bump the npm_and_yarn group group with 25 updates #45
dependabot
wants to merge
1
commit into
master
from
dependabot/npm_and_yarn/npm_and_yarn-security-group-faa0e65db7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group group with 25 updates: | Package | From | To | | --- | --- | --- | | [semver](https://github.com/npm/node-semver) | `5.5.1` | `5.7.2` | | [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `3.42.9` | `5.21.7` | | [electron](https://github.com/electron/electron) | `2.0.8` | `22.3.25` | | [ws](https://github.com/websockets/ws) | `5.2.2` | `5.2.3` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [logrotate-stream](https://github.com/dstokes/logrotate-stream) | `0.2.5` | `0.2.9` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [mocha](https://github.com/mochajs/mocha) | `5.2.0` | `10.3.0` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.2` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.45` | `0.10.63` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.5.8` | `1.15.5` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [postcss](https://github.com/postcss/postcss) | `5.2.18` | `8.4.35` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.28.11` | `6.10.0` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [lodash-es](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [set-value](https://github.com/jonschlinkert/set-value) | `2.0.0` | `2.0.1` | | [union-value](https://github.com/jonschlinkert/union-value) | `1.0.0` | `1.0.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.3.4` | `` | | [codecov](https://github.com/codecov/codecov-node) | `3.0.4` | `3.8.3` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.4.3` | `1.5.10` | Updates `semver` from 5.5.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.5.1...v5.7.2) Updates `systeminformation` from 3.42.9 to 5.21.7 - [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md) - [Commits](https://github.com/sebhildebrandt/systeminformation/commits/v5.21.7) Updates `electron` from 2.0.8 to 22.3.25 - [Release notes](https://github.com/electron/electron/releases) - [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md) - [Commits](electron/electron@v2.0.8...v22.3.25) Updates `ws` from 5.2.2 to 5.2.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@5.2.2...5.2.3) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `logrotate-stream` from 0.2.5 to 0.2.9 - [Commits](dstokes/logrotate-stream@v0.2.5...v0.2.9) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `mocha` from 5.2.0 to 10.3.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v5.2.0...v10.3.0) Updates `ansi-regex` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v3.0.0...v3.0.1) Updates `browserify-sign` from 4.0.4 to 4.2.2 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.2) Updates `es5-ext` from 0.10.45 to 0.10.63 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.45...v0.10.63) Updates `follow-redirects` from 1.5.8 to 1.15.5 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.8...v1.15.5) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `postcss` from 5.2.18 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/commits/8.4.35) Updates `css-loader` from 0.28.11 to 6.10.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/css-loader@v0.28.11...v6.10.0) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `lodash` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `lodash-es` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `set-value` from 2.0.0 to 2.0.1 - [Commits](jonschlinkert/set-value@2.0.0...2.0.1) Updates `union-value` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/jonschlinkert/union-value/releases) - [Commits](jonschlinkert/union-value@1.0.0...1.0.1) Removes `tough-cookie` Updates `codecov` from 3.0.4 to 3.8.3 - [Release notes](https://github.com/codecov/codecov-node/releases) - [Changelog](https://github.com/codecov/codecov-node/blob/master/CHANGELOG.md) - [Commits](codecov/codecov-node@v3.0.4...v3.8.3) Updates `url-parse` from 1.4.3 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.3...1.5.10) --- updated-dependencies: - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: systeminformation dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: electron dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ws dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: logrotate-stream dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: mkdirp dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash-es dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: set-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: union-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: codecov dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>
This was referenced Feb 27, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group group with 25 updates:
5.5.1
5.7.2
3.42.9
5.21.7
2.0.8
22.3.25
5.2.2
5.2.3
1.2.0
1.2.8
0.2.5
0.2.9
0.5.1
0.5.6
5.2.0
10.3.0
3.0.0
3.0.1
4.0.4
4.2.2
0.10.45
0.10.63
1.5.8
1.15.5
1.2.4
1.2.13
5.2.18
8.4.35
0.28.11
6.10.0
1.1.5
1.1.9
0.2.3
0.4.0
1.4.1
1.4.2
4.17.10
4.17.21
4.17.10
4.17.21
2.0.0
2.0.1
1.0.0
1.0.1
2.3.4
3.0.4
3.8.3
1.4.3
1.5.10
Updates
semver
from 5.5.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@npmcli/template-oss
@4
.16.0c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
systeminformation
from 3.42.9 to 5.21.7Changelog
Sourced from systeminformation's changelog.
... (truncated)
Commits
Updates
electron
from 2.0.8 to 22.3.25Changelog
Sourced from electron's changelog.
... (truncated)
Commits
1c1c132
chore: cherry-pick 3fbd1dca6a4d from libvpx (#40026)d892c2b
build: fixup autoninja (#39899)6132e80
build: run on circle hosts for forks (#39865)a953199
build: use aks backed runners for linux builds (#39838)056eacf
chore: cherry-pick b2eab7500a18 from chromium (#39827)5f8ef81
fix: ensure app load is limited to real asar files when appropriate (#39811)4995c9e
chore: cherry-pick 1 changes from Release-3-M116 (#39758)e29cdac
build: fix depot_tools patch application (#39751)b58903d
chore: cherry-pick 1 changes from Release-2-M116 (#39689)33f9dce
chore: cherry-pick 2 changes from Release-1-M116 (#39648)Updates
ws
from 5.2.2 to 5.2.3Release notes
Sourced from ws's releases.
Commits
6dd88e7
[dist] 5.2.376d47c1
[security] Fix ReDoS vulnerabilityUpdates
minimist
from 1.2.0 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
logrotate-stream
from 0.2.5 to 0.2.9Commits
5133794
bump patch version to 0.2.97b8e1ae
Merge pull request #13 from gkozlenko/masterda3c5d3
Update yargs dependency0cae68e
upgrade y18n package20b0dec
0.2.79f71eaa
Merge pull request #10 from gkozlenko/master842429b
Update yargs dependency0cc7fbb
0.2.6eefb4ca
Merge pull request #9 from gkozlenko/master0b4da2b
Replace optimist package by yargsUpdates
mkdirp
from 0.5.1 to 0.5.6Commits
92f086d
0.5.62a28125
clean up testsc905d65
update minimist049cf18
0.5.5bea6382
Remove unnecessary umask calls42a012c
0.5.42867920
fix infinite loop on windows machinesd784e70
0.5.3d612c5d
add files list so this package isn't a monsterb2e7ba0
0.5.2Maintainer changes
This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.
Updates
mocha
from 5.2.0 to 10.3.0Release notes
Sourced from mocha's releases.
... (truncated)
Changelog
Sourced from mocha's changelog.
... (truncated)
Commits
a886829
chore: fix link in pull request template (#5091)53a4baf
chore: remove unnecessary canvas dependency (#5069)1ebff45
chore: inline nyan reporter's write function (#5056)8812413
fix: add alt text to Built with Netlify badge (#5068)645469e
docs: touchups to labels and a template title post-revamp (#5050)9f99178
docs: overhaul contributing and maintenance docs for end-of-year 2023 (#5038)eca4fec
docs: fix return jsdoc type oftitlePath
(#4886)060f77d
docs: use mocha.js instead of mocha in the example run (#4927)4b60c1a
docs: fix fragment ID for yargs.jsextends
docs (#4918)b41e985
chore: remove stale workflow (#5029)Maintainer changes
This version was pushed to npm by joshuakgoldberg, a new releaser for mocha since your current version.
Updates
ansi-regex
from 3.0.0 to 3.0.1Commits
f545bdb
3.0.1c57d4c2
fix a few old XO issues for backport419250f
Fix potential ReDoS (#37)Updates
browserify-sign
from 4.0.4 to 4.2.2Changelog
Sourced from browserify-sign's changelog.
Commits
4af5a90
v4.2.23aec038
[Dev Deps] updatetape
85994cd
[Fix] properly check the upper bound for DSA signatures9ac5a5e
[meta] fix package.json indentationdcf49ce
[meta] addsafe-publish-latest
4418183
[meta] addnpmignore
andauto-changelog
8767739
[Fix]sign
: throw on unsupported padding scheme5f6fb17
[Tests] log when openssl doesn't support cipherf5f17c2
[Tests] handle openSSL not supporting a schemed845d85
[Tests] migrate from travis to github actionsMaintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
es5-ext
from 0.10.45 to 0.10.63Release notes
Sourced from es5-ext's releases.
... (truncated)
Changelog
Sourced from es5-ext's changelog.