forked from chartist-js/chartist
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the npm_and_yarn group with 16 updates #19
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-680e48be7f
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 16 updates: | Package | From | To | | --- | --- | --- | | [postcss](https://github.com/postcss/postcss) | `8.4.16` | `8.4.31` | | [rollup](https://github.com/rollup/rollup) | `2.70.1` | `2.79.2` | | [webpack](https://github.com/webpack/webpack) | `5.73.0` | `5.94.0` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [deep-object-diff](https://github.com/mattphillips/deep-object-diff) | `1.1.7` | `1.1.9` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `6.6.1` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.0` | `1.15.9` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [markdown-to-jsx](https://github.com/quantizor/markdown-to-jsx) | `7.1.7` | `7.7.1` | | [nanoid](https://github.com/ai/nanoid) | `3.3.2` | `3.3.8` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [terser](https://github.com/terser/terser) | `4.8.0` | `4.8.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `postcss` from 8.4.16 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.16...8.4.31) Updates `rollup` from 2.70.1 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.70.1...v2.79.2) Updates `webpack` from 5.73.0 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.73.0...v5.94.0) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `deep-object-diff` from 1.1.7 to 1.1.9 - [Release notes](https://github.com/mattphillips/deep-object-diff/releases) - [Commits](https://github.com/mattphillips/deep-object-diff/commits) Updates `elliptic` from 6.5.4 to 6.6.1 - [Commits](indutny/elliptic@v6.5.4...v6.6.1) Updates `follow-redirects` from 1.15.0 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.0...v1.15.9) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `markdown-to-jsx` from 7.1.7 to 7.7.1 - [Release notes](https://github.com/quantizor/markdown-to-jsx/releases) - [Changelog](https://github.com/quantizor/markdown-to-jsx/blob/main/CHANGELOG.md) - [Commits](quantizor/markdown-to-jsx@v7.1.7...v7.7.1) Updates `nanoid` from 3.3.2 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.2...3.3.8) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `terser` from 4.8.0 to 4.8.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.8.0...v4.8.1) Updates `tough-cookie` from 4.0.0 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: deep-object-diff dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: markdown-to-jsx dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
Pull requests that update a dependency file
label
Dec 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 16 updates:
8.4.16
8.4.31
2.70.1
2.79.2
5.73.0
5.94.0
4.2.1
4.2.3
0.2.0
0.2.2
1.1.7
1.1.9
6.5.4
6.6.1
1.15.0
1.15.9
1.0.1
1.0.2
1.4.0
1.4.2
7.1.7
7.7.1
3.3.2
3.3.8
5.7.1
5.7.2
4.8.0
4.8.1
4.0.0
4.1.4
1.2.3
1.2.5
Updates
postcss
from 8.4.16 to 8.4.31Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
90208de
Release 8.4.31 version58cc860
Fix carrier return parsing4fff8e4
Improve pnpm test outputcd43ed1
Update dependenciescaa916b
Update dependencies8972f76
Typo11a5286
Typo45c5501
Release 8.4.30 versionbc3c341
Update linterb2be58a
Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...Updates
rollup
from 2.70.1 to 2.79.2Release notes
Sourced from rollup's releases.
Changelog
Sourced from rollup's changelog.
... (truncated)
Commits
c9bd03d
2.79.248aef33
fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (#5677)69ff418
2.79.104dce1b
Update changelog159137e
fix: typo docs and contributors link in CONTRIBUTING.md (#4639)e1392b3
Update type definition of resolveId (#4641)7836357
Improve performance of chunk naming collision check (#4643)71d20c9
Reduce permissions for repl-artefacts.yml workflow (#4630)8193ea5
Adapt workflow to use Node 14 sub-version to work with branch protection8477f8f
2.79.0Updates
webpack
from 5.73.0 to 5.94.0Release notes
Sourced from webpack's releases.
... (truncated)
Commits
eabf85d
chore(release): 5.94.0955e057
security: fix DOM clobbering in auto public path9822387
test: fixcbb86ed
test: fix5ac3d7f
fix: unexpected asi generation with sequence expression2411661
security: fix DOM clobbering in auto public pathb8c03d4
fix: unexpected asi generation with sequence expressionf46a03c
revert: do not use heuristic fallback for "module-import"60f1898
fix: do not use heuristic fallback for "module-import"66306aa
Revert "fix: module-import get fallback from externalsPresets"Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.
Updates
browserify-sign
from 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
deep-object-diff
from 1.1.7 to 1.1.9Release notes
Sourced from deep-object-diff's releases.
Commits
Updates
elliptic
from 6.5.4 to 6.6.1Commits
9b77436
6.6.104cb6f5
Merge commit from forkb8a7edd
6.6.034c8534
fix: signature verification due to leading zeros3e46a48
6.5.7accb61e
lib: DER signature decoding correction03e06e1
6.5.67ac5360
Merge commit from fork7570078
6.5.5206da2e
lib: lintUpdates
follow-redirects
from 1.15.0 to 1.15.9Commits
e4e55c7
Release version 1.15.9 of the npm package.31a1abf
Attempt much more gentle detection.d2aaa97
Fix url field.62558f0
Release version 1.15.8 of the npm package.a8d1cee
Return subtlety.458ca8e
Fix native URL test for Node 20.ca49e44
Handle KeepAlive connections in tests.f3711d7
Test on Node 20 and 22.fda0faf
Fix typo.760757f
Release version 1.15.7 of the npm package.Updates
json5
from 1.0.1 to 1.0.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
... (truncated)
Commits
a62db1e
1.0.2e0c23fe
docs: update CHANGELOG for v1.0.262a6540
fix: add proto to objects and arraysUpdates
loader-utils
from 1.4.0 to 1.4.2Release notes
Sourced from loader-utils's releases.
Changelog
Sourced from loader-utils's changelog.
Commits
331ad50
chore(release): 1.4.217cbf8f
fix: ReDoS problem (#226)8f082b3
chore(release): 1.4.14504e34
fix: security problem (#220)Updates
markdown-to-jsx
from 7.1.7 to 7.7.1Release notes
Sourced from markdown-to-jsx's releases.
... (truncated)
Changelog
Sourced from markdown-to-jsx's changelog.
... (truncated)
Commits
86bf62d
Version Packages (#633)9d42449
refactor: remove use of cloning so React is no longer strictly requiredf2f58f0
chore: update lockfilef1e6238
chore: make type usage consistent8920038
fix: honor options.createElement if passed7be50e9
omg4b337ae
chore: annoying55ef1a8
chore: adjust site workflowd9dfda1
chore: fix website workflow6564635
Version Packages (#627)Updates
nanoid
from 3.3.2 to 3.3.8Changelog
Sourced from nanoid's changelog.
Commits
3044cd5
Release 3.3.8 version4fe3495
Update size limitd643045
Fix pool pollution, infinite loop (#510)89d82d2
Release 3.3.7 version5022c35
Update dual-publish3e7a8e5
Remove benchmark from CI for v3d356144
Fix CI for v337b25df
Move to pnpm 8d96f392
Release 3.3.6 version8210dfb
Release 3.3.5 versionUpdates
semver
from 5.7.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@npmcli/template-oss
@4
.16.0Maintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
terser
from 4.8.0 to 4.8.1Changelog
Sourced from terser's changelog.
Commits
40674a4
update changelog, versiond8cc569
backport fix to potential regexp DDOSUpdates
tough-cookie
from 4.0.0 to 4.1.4Release notes
Sourced from tough-cookie's releases.
... (truncated)
Commits
cacbc37
Bump version to 4.1.4a48fb3a
Add tests for url validation50e69bf
Merge pull request #261 from postmanlabs/fix/url-string-validation1253d58
Merge pull request #409 from corvidism/validators-to-string238367e
Add local alias fortoString
4ff4d29
4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)12d4747
Prevent prototype pollution in cookie memstore (#283)f06b72d
Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...cf6debd
Fix incorrect string validation for URLb1a8898
fix: allow set cookies with localhost (#253)Maintainer changes
This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.
Updates
word-wrap
from 1.2.3 to 1.2.5Release notes
Sourced from word-wrap's releases.
Commits
207044e
1.2.5