-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the npm_and_yarn group across 1 directory with 9 updates #14
base: main
Are you sure you want to change the base?
Conversation
…dates Bumps the npm_and_yarn group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [sanitize-html](https://github.com/apostrophecms/sanitize-html) | `2.11.0` | `2.12.1` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.9` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | | [postcss](https://github.com/postcss/postcss) | `8.4.24` | `8.4.45` | | [semver](https://github.com/npm/node-semver) | `7.3.8` | `7.6.3` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `7.6.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.4.23` | `0.5.0` | | [@vscode/vsce](https://github.com/Microsoft/vsce) | `2.18.0` | `2.32.0` | Updates `sanitize-html` from 2.11.0 to 2.12.1 - [Changelog](https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md) - [Commits](apostrophecms/sanitize-html@2.11.0...2.12.1) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `follow-redirects` from 1.15.2 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `postcss` from 8.4.24 to 8.4.45 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.24...8.4.45) Updates `semver` from 7.3.8 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.8...v7.6.3) Updates `semver` from 5.7.1 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.8...v7.6.3) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `xml2js` from 0.4.23 to 0.5.0 - [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0) Updates `@vscode/vsce` from 2.18.0 to 2.32.0 - [Release notes](https://github.com/Microsoft/vsce/releases) - [Commits](microsoft/vscode-vsce@v2.18.0...v2.32.0) --- updated-dependencies: - dependency-name: sanitize-html dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: xml2js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@vscode/vsce" dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/@vscode/vsce@2.18.0, npm/sanitize-html@2.11.0 |
Bumps the npm_and_yarn group with 9 updates in the / directory:
2.11.0
2.12.1
3.0.2
3.0.3
1.15.2
1.15.9
4.0.5
4.0.8
8.4.24
8.4.45
7.3.8
7.6.3
5.7.1
7.6.3
1.2.3
1.2.5
0.4.23
0.5.0
2.18.0
2.32.0
Updates
sanitize-html
from 2.11.0 to 2.12.1Changelog
Sourced from sanitize-html's changelog.
Commits
4a7d7dd
Merge pull request #654 from apostrophecms/release-2.12.1f8e02be
release 2.12.1c5dbdf7
Merge pull request #650 from dylanarmstrong/fix/ignore-source-maps5a5a74e
Merge pull request #652 from apostrophecms/add-thanks-to-changelogee71ff0
Add community contribution thanks youa226fe7
Merge pull request #651 from apostrophecms/release-2.12.0ff18600
release 2.12.01e2294c
test: added test for postcss mapc376501
doc: update changelog075499d
fix: ignore source maps when processing with postcssUpdates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
follow-redirects
from 1.15.2 to 1.15.9Commits
e4e55c7
Release version 1.15.9 of the npm package.31a1abf
Attempt much more gentle detection.d2aaa97
Fix url field.62558f0
Release version 1.15.8 of the npm package.a8d1cee
Return subtlety.458ca8e
Fix native URL test for Node 20.ca49e44
Handle KeepAlive connections in tests.f3711d7
Test on Node 20 and 22.fda0faf
Fix typo.760757f
Release version 1.15.7 of the npm package.Updates
micromatch
from 4.0.5 to 4.0.8Release notes
Sourced from micromatch's releases.
Changelog
Sourced from micromatch's changelog.
Commits
8bd704e
4.0.8a0e6841
run verb to generate README documentation4ec2884
Merge branch 'v4' into hauserkristof-feature/v4.0.803aa805
Merge pull request #266 from hauserkristof/feature/v4.0.8814f5f7
lint67fcce6
fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5113f2e3
fix: CVE numbers in CHANGELOGd9dbd9a
feat: updated CHANGELOG2ab1315
fix: use actions/setup-node@v41406ea3
feat: rework test to work on macos with node 10,12 and 14Updates
postcss
from 8.4.24 to 8.4.45Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
448c4f3
Release 8.4.45 version1c77d2e
Update unnecessary checkf38b329
Try to fix CId442dc7
Release 8.4.44 version3c7cda0
Another way to fix markClean() is undefined issueb985ed1
Release 8.4.43 version3025b74
Update dependencies79ff980
Update AST if it is not made by PostCSS >= 8.4.410fda48a
Release 8.4.42 versioncd5b08c
Add ESLint to CIUpdates
semver
from 7.3.8 to 7.6.3Release notes
Sourced from semver's releases.
... (truncated)
Changelog
Sourced from semver's changelog.
... (truncated)
Commits
0a12d6c
chore: release 7.6.3 (#720)73a3d79
fix: optimize Range parsing and formatting (#726)2975ece
docs: fix extra backtick typo (#719)eb1380b
chore: release 7.6.2 (#714)6466ba9
fix(lru): use map.delete() directly (#713)d777418
chore: release 7.6.1 (#706)988a8de
deps: uninstalllru-cache
(#709)5feeb7f
chore: postinstall for dependabot template-oss PRdd09b60
chore: bump@npmcli/template-oss
to 4.22.0c570a34
fix(linting): no-unused-varsMaintainer changes
This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.
Updates
semver
from 5.7.1 to 7.6.3Release notes
Sourced from semver's releases.
... (truncated)
Changelog
Sourced from semver's changelog.
... (truncated)
Commits
0a12d6c
chore: release 7.6.3 (#720)73a3d79
fix: optimize Range parsing and formatting (#726)2975ece
docs: fix extra backtick typo (#719)eb1380b
chore: release 7.6.2 (#714)6466ba9
fix(lru): use map.delete() directly (#713)d777418
chore: release 7.6.1 (#706)988a8de
deps: uninstalllru-cache
(#709)5feeb7f
chore: postinstall for dependabot template-oss PRdd09b60
chore: bump@npmcli/template-oss
to 4.22.0c570a34
fix(linting): no-unused-varsMaintainer changes
This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.
Updates
word-wrap
from 1.2.3 to 1.2.5Release notes
Sourced from word-wrap's releases.
Commits
207044e
1.2.59894315
revert default indentf64b188
run verb to generate README03ea082
Merge pull request #42 from jonschlinkert/chore/publish-workflow420dce9
Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2bfa694e
Update .github/workflows/publish.ymlace0b3c
chore: bump version to 1.2.46fd7275
chore: add publish workflow30d6daf
chore: fix test655929c
chore: remove package-lockUpdates
xml2js
from 0.4.23 to 0.5.0Commits
Updates
@vscode/vsce
from 2.18.0 to 2.32.0Release notes
Sourced from
@vscode/vsce
's releases.... (truncated)
Commits
b347c2b
Merge pull request #1034 from microsoft/benibenj/revertDependency784e74d
Revert "update depricated dependencies"b10ae0b
fix: probabilistic trigger v8 crash (#1032)cf0bc32
Merge pull request #1028 from microsoft/dev/bhavyau/need-more-info71d485d
Remove need-more-info-closer workflowca8fa40
Merge pull request #1027 from microsoft/benibenj/logical-duckd0e1a5c
update depricated dependencies3b1b774
Merge pull request #1025 from microsoft:benibenj/well-liond83f7ba
Don't package default readme if a path is provided2e3e3bc
add executes code property (#1024)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.