Bump word-wrap from 1.2.3 to 1.2.4 #83

dependabot · 2023-07-19T00:10:11Z

Bumps word-wrap from 1.2.3 to 1.2.4.

Release notes

1.2.4

What's Changed

Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24

🔒fix: CVE 2023 26115 (2) by @OlafConijn in jonschlinkert/word-wrap#41

🔒 fix: CVE-2023-26115 by @aashutoshrathi in jonschlinkert/word-wrap#33

chore: publish workflow by @OlafConijn in jonschlinkert/word-wrap#42

New Contributors

@mohd-akram made their first contribution in jonschlinkert/word-wrap#24

@OlafConijn made their first contribution in jonschlinkert/word-wrap#41

@aashutoshrathi made their first contribution in jonschlinkert/word-wrap#33

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

f64b188 run verb to generate README
03ea082 Merge pull request #42 from jonschlinkert/chore/publish-workflow
420dce9 Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2
bfa694e Update .github/workflows/publish.yml
ace0b3c chore: bump version to 1.2.4
6fd7275 chore: add publish workflow
30d6daf chore: fix test
655929c chore: remove package-lock
49e08bb chore: added an additional testcase
9f62693 fix: cve 2023-26115
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2023-08-02T03:02:03Z

This PR is idle because it has been open for 14 days with no activity.

davidgamero · 2024-01-26T21:26:32Z

@dependabot rebase

dependabot · 2024-01-26T21:26:35Z

The dependabot.yml entry that created this PR has been deleted so this PR can't be rebased. Please close the PR so Dependabot can create a new one with the current dependabot.yml.

* Bump node to version 20 (Azure#90) * Bump @babel/traverse from 7.18.6 to 7.23.9 (Azure#93) Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.18.6 to 7.23.9. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * migrate to new azure release workflow (Azure#95) * migrate to new azure release workflow * format * Bump word-wrap from 1.2.3 to 1.2.4 (Azure#83) Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump semver from 5.7.1 to 5.7.2 (Azure#82) Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tough-cookie from 4.0.0 to 4.1.3 (Azure#81) Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * v4 release (Azure#96) * Update release-pr.yml (Azure#98) * update build script to include ncc install (Azure#99) gh actions won't respect npx installed devdeps * Update release-pr.yml (Azure#101) --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Per Karlsson <per.karlsson@me.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Gamero <david340804@gmail.com>

dependabot bot requested a review from a team as a code owner July 19, 2023 00:10

dependabot bot added the dependencies Pull requests that update a dependency file label Jul 19, 2023

github-actions bot added the idle Inactive for 14 days label Aug 2, 2023

github-actions bot removed the idle Inactive for 14 days label Jan 27, 2024

davidgamero approved these changes Jan 30, 2024

View reviewed changes

erinborders approved these changes Jan 30, 2024

View reviewed changes

davidgamero merged commit 0a92006 into main Jan 30, 2024
4 checks passed

dependabot bot deleted the dependabot/npm_and_yarn/word-wrap-1.2.4 branch January 30, 2024 21:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump word-wrap from 1.2.3 to 1.2.4 #83

Bump word-wrap from 1.2.3 to 1.2.4 #83

dependabot bot commented on behalf of github Jul 19, 2023

github-actions bot commented Aug 2, 2023

davidgamero commented Jan 26, 2024

dependabot bot commented on behalf of github Jan 26, 2024

Bump word-wrap from 1.2.3 to 1.2.4 #83

Bump word-wrap from 1.2.3 to 1.2.4 #83

Conversation

dependabot bot commented on behalf of github Jul 19, 2023

1.2.4

What's Changed

New Contributors

github-actions bot commented Aug 2, 2023

davidgamero commented Jan 26, 2024

dependabot bot commented on behalf of github Jan 26, 2024