Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the npm_and_yarn group with 16 updates #19

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the npm_and_yarn group with 16 updates #19

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 12, 2024

Bumps the npm_and_yarn group with 16 updates:

Package From To
postcss 8.4.16 8.4.31
rollup 2.70.1 2.79.2
webpack 5.73.0 5.94.0
browserify-sign 4.2.1 4.2.3
decode-uri-component 0.2.0 0.2.2
deep-object-diff 1.1.7 1.1.9
elliptic 6.5.4 6.6.1
follow-redirects 1.15.0 1.15.9
json5 1.0.1 1.0.2
loader-utils 1.4.0 1.4.2
markdown-to-jsx 7.1.7 7.7.1
nanoid 3.3.2 3.3.8
semver 5.7.1 5.7.2
terser 4.8.0 4.8.1
tough-cookie 4.0.0 4.1.4
word-wrap 1.2.3 1.2.5

Updates postcss from 8.4.16 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

8.4.21

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

Changelog

Sourced from postcss's changelog.

8.4.31

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

  • Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

  • Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

  • Fixed Node.before() unexpected behavior (by Romain Menke).
  • Added TOC to docs (by Mikhail Dedov).
Commits

Updates rollup from 2.70.1 to 2.79.2

Release notes

Sourced from rollup's releases.

v.2.79.2

2.79.2

2024-09-26

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

Changelog

Sourced from rollup's changelog.

2.79.2

2024-09-26

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

3.29.5

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

4.22.4

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

4.22.3

2024-09-21

Bug Fixes

  • Ensure that mutations in modules without side effects are observed while properly handling transitive dependencies (#5669)

Pull Requests

4.22.2

... (truncated)

Commits

Updates webpack from 5.73.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.


Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates deep-object-diff from 1.1.7 to 1.1.9

Release notes

Sourced from deep-object-diff's releases.

v1.1.9

Vulnerability patch

Details outlined here: #85. TLDR: The prototype of the returned diff object could be polluted but not globally on all objects.

Fix: mattphillips/deep-object-diff#87

Thanks @​Retr02332 for highlighting the issue and validating the fix.

This vulnerability was introduced in https://github.com/mattphillips/deep-object-diff/releases/tag/v1.1.6

v1.1.8

Patch

  • Fix typings resolution when using TypeScript 4.7+ with ESM #83
  • improve return type for detailedDiff #72

Credits

Thanks @​Nitive and @​icholy for your PRs

Commits

Updates elliptic from 6.5.4 to 6.6.1

Commits

Updates follow-redirects from 1.15.0 to 1.15.9

Commits
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • 458ca8e Fix native URL test for Node 20.
  • ca49e44 Handle KeepAlive connections in tests.
  • f3711d7 Test on Node 20 and 22.
  • fda0faf Fix typo.
  • 760757f Release version 1.15.7 of the npm package.
  • Additional commits viewable in compare view

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

Updates loader-utils from 1.4.0 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

1.4.1 (2022-11-07)

Bug Fixes

Commits

Updates markdown-to-jsx from 7.1.7 to 7.7.1

Release notes

Sourced from markdown-to-jsx's releases.

v7.7.1

Patch Changes

  • 9d42449: Factor out unnecessary element cloning.
  • 8920038: Remove use of explicit React.createElement.

v7.7.0

Minor Changes

  • 20777bf: Add support for GFM alert-style blockquotes.

    > [!Note]
> This is a note-flavored alert blockquote. The "Note" text is injected as a `<header>` by
> default and the blockquote can be styled via the injected class `markdown-alert-note`
> for example.

Patch Changes

  • 5d7900b: Adjust type signature for <Markdown> component to allow for easier composition.
  • 918b44b: Use newer React.JSX.* namespace instead of JSX.* for React 19 compatibility.
  • 91a5948: Arbitrary HTML no longer punches out pipes when parsing rows. If you absolutely need a pipe character that isn't a table separator, either escape it or enclose it in backticks to trigger inline code handling.
  • 23caecb: Drop encountered ref attributes when processing inline HTML, React doesn't handle it well.

v7.6.2

Patch Changes

  • 0274445: Fix false detection of tables in some scenarios.
  • 69f815e: Handle class attribute from arbitrary HTML properly to avoid React warnings.
  • 857809a: Fenced code blocks are now tolerant to a missing closing sequence; this improves use in LLM scenarios where the code block markdown is being streamed into the editor in chunks.

v7.6.1

Patch Changes

  • 87d8bd3: Handle class attribute from arbitrary HTML properly to avoid React warnings.

v7.6.0

Minor Changes

  • 2281a4d: Add options.disableAutoLink to customize bare URL handling behavior.

    By default, bare URLs in the markdown document will be converted into an anchor tag. This behavior can be disabled if desired.

    <Markdown options={{ disableAutoLink: true }}>
  The URL https://quantizor.dev will not be rendered as an anchor tag.
</Markdown>
// or

... (truncated)

Changelog

Sourced from markdown-to-jsx's changelog.

7.7.1

Patch Changes

  • 9d42449: Factor out unnecessary element cloning.
  • 8920038: Remove use of explicit React.createElement.

7.7.0

Minor Changes

  • 20777bf: Add support for GFM alert-style blockquotes.

    > [!Note]
> This is a note-flavored alert blockquote. The "Note" text is injected as a `<header>` by
> default and the blockquote can be styled via the injected class `markdown-alert-note`
> for example.

Patch Changes

  • 5d7900b: Adjust type signature for <Markdown> component to allow for easier composition.
  • 918b44b: Use newer React.JSX.* namespace instead of JSX.* for React 19 compatibility.
  • 91a5948: Arbitrary HTML no longer punches out pipes when parsing rows. If you absolutely need a pipe character that isn't a table separator, either escape it or enclose it in backticks to trigger inline code handling.
  • 23caecb: Drop encountered ref attributes when processing inline HTML, React doesn't handle it well.

7.6.2

Patch Changes

  • 0274445: Fix false detection of tables in some scenarios.
  • 69f815e: Handle class attribute from arbitrary HTML properly to avoid React warnings.
  • 857809a: Fenced code blocks are now tolerant to a missing closing sequence; this improves use in LLM scenarios where the code block markdown is being streamed into the editor in chunks.

7.6.1

Patch Changes

  • 87d8bd3: Handle class attribute from arbitrary HTML properly to avoid React warnings.

7.6.0

Minor Changes

  • 2281a4d: Add options.disableAutoLink to customize bare URL handling behavior.

    By default, bare URLs in the markdown document will be converted into an anchor tag. This behavior can be disabled if desired.

    

    • 






... (truncated)





Commits






Updates nanoid from 3.3.2 to 3.3.8



Changelog

Sourced from nanoid's changelog.




3.3.8


    

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).
    • 



3.3.7


    

  • Fixed node16 TypeScript support (by Saadi Myftija).
    • 



3.3.6


    

  • Fixed package.
    • 



3.3.5


    

  • Backport funding information.
    • 



3.3.4



3.3.3


    

  • Reduced size (by Anton Khlynovskiy).
    • 








Commits






Updates semver from 5.7.1 to 5.7.2



Release notes

Sourced from semver's releases.




v5.7.2


5.7.2 (2023-07-10)


Bug Fixes








Changelog

Sourced from semver's changelog.




5.7.2 (2023-07-10)


Bug Fixes



5.7


    

  • Add minVersion method
    • 



5.6


    

  • Move boolean loose param to an options object, with
backwards-compatibility protection.
    • 

  • Add ability to opt out of special prerelease version handling with
the includePrerelease option flag.
    • 



5.5


    

  • Add version coercion capabilities
    • 



5.4


    

  • Add intersection checking
    • 



5.3


    

  • Add minSatisfying method
    • 



5.2


    

  • Add prerelease(v) that returns prerelease components
    • 



5.1


    

  • Add Backus-Naur for ranges
    • 

  • Remove excessively cute inspection methods
    • 



5.0


    

  • Remove AMD/Browserified build artifacts
    • 

  • Fix ltr and gtr when using the * range
    • 

  • Fix for range * with a prerelease identifier
    • 








Commits





Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.






Updates terser from 4.8.0 to 4.8.1



Changelog

Sourced from terser's changelog.




v4.8.1 (backport)


    

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
    • 








Commits






Updates tough-cookie from 4.0.0 to 4.1.4



Release notes

Sourced from tough-cookie's releases.




v4.1.4


https://www.npmjs.com/package/tough-cookie/v/4.1.4


What's Changed



New Contributors



Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4


4.1.3


Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.


4.1.2 -- Patch and Bugfix Release


What's Changed



Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2


4.1.1


Patch Release


What's Changed



Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1


4.1.0


v4.1.0


Minor release, focused mainly on resolving reported issues and some minor feature work.


What's Changed






... (truncated)





Commits

    

  • cacbc37 Bump version to 4.1.4
    • 

  • a48fb3a Add tests for url validation
    • 

  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
    • 

  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
    • 

  • 238367e Add local alias for toString
    • 

  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
    • 

  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
    • 

  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
    • 

  • cf6debd Fix incorrect string validation for URL
    • 

  • b1a8898 fix: allow set cookies with localhost (#253)
    • 

  • Additional commits viewable in compare view
    • 






Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.






Updates word-wrap from 1.2.3 to 1.2.5



Release notes

Sourced from word-wrap's releases.




1.2.5


Changes:


Reverts default value for options.indent to two spaces '  '.


Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5


1.2.4


What's Changed



New Contributors



Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4







Commits


    

  
  



      


          

          
  

    
  
    
    

  

  




          

        
      




  





       
            



      

  
        

  

      

  
  

  
          

  

    

      


  

      
        @dependabot
  




      

        
          build(deps): bump the npm_and_yarn group with 16 updates
        

          
                        
      


      

        

    
    
    

  

    


      


      

        

          

    
    
    

  

  

    
  



        

      


      

        
          80d503e
        
      

    

  

    

      
Bumps the npm_and_yarn group with 16 updates:

| Package | From | To |
| --- | --- | --- |
| [postcss](https://github.com/postcss/postcss) | `8.4.16` | `8.4.31` |
| [rollup](https://github.com/rollup/rollup) | `2.70.1` | `2.79.2` |
| [webpack](https://github.com/webpack/webpack) | `5.73.0` | `5.94.0` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [deep-object-diff](https://github.com/mattphillips/deep-object-diff) | `1.1.7` | `1.1.9` |
| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `6.6.1` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.0` | `1.15.9` |
| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |
| [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` |
| [markdown-to-jsx](https://github.com/quantizor/markdown-to-jsx) | `7.1.7` | `7.7.1` |
| [nanoid](https://github.com/ai/nanoid) | `3.3.2` | `3.3.8` |
| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |
| [terser](https://github.com/terser/terser) | `4.8.0` | `4.8.1` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |


Updates `postcss` from 8.4.16 to 8.4.31
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.16...8.4.31)

Updates `rollup` from 2.70.1 to 2.79.2
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v2.70.1...v2.79.2)

Updates `webpack` from 5.73.0 to 5.94.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.73.0...v5.94.0)

Updates `browserify-sign` from 4.2.1 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.2.1...v4.2.3)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `deep-object-diff` from 1.1.7 to 1.1.9
- [Release notes](https://github.com/mattphillips/deep-object-diff/releases)
- [Commits](https://github.com/mattphillips/deep-object-diff/commits)

Updates `elliptic` from 6.5.4 to 6.6.1
- [Commits](indutny/elliptic@v6.5.4...v6.6.1)

Updates `follow-redirects` from 1.15.0 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.0...v1.15.9)

Updates `json5` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

Updates `loader-utils` from 1.4.0 to 1.4.2
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md)
- [Commits](webpack/loader-utils@v1.4.0...v1.4.2)

Updates `markdown-to-jsx` from 7.1.7 to 7.7.1
- [Release notes](https://github.com/quantizor/markdown-to-jsx/releases)
- [Changelog](https://github.com/quantizor/markdown-to-jsx/blob/main/CHANGELOG.md)
- [Commits](quantizor/markdown-to-jsx@v7.1.7...v7.7.1)

Updates `nanoid` from 3.3.2 to 3.3.8
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.2...3.3.8)

Updates `semver` from 5.7.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

Updates `terser` from 4.8.0 to 4.8.1
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v4.8.0...v4.8.1)

Updates `tough-cookie` from 4.0.0 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: deep-object-diff
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: elliptic
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: loader-utils
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: markdown-to-jsx
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: terser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>

    







  








      

  
            

    

      
    

    


      

          @dependabot
dependabot
bot



          added
  the 

  dependencies

  Pull requests that update a dependency file
 label


      Dec 12, 2024

    

  












  
  

    

      

  




    


    

      

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



      

    

  




  
          




      

  

    
    

    
  

    Reviewers
  


    

    No reviews






    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    dependencies

  Pull requests that update a dependency file








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  



          


Successfully merging this pull request may close these issues.



  


    
  




      

    

  
      

  

    

      0 participants