From 6243fc7f4260ef4e7af7b818615fa94222e1506b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 19:04:15 -0400 Subject: [PATCH 01/10] fix: upgrade snyk from 1.313.1 to 1.317.0 Snyk has created this PR to upgrade snyk from 1.313.1 to 1.317.0. See this package in NPM: https://www.npmjs.com/package/snyk See this project in Snyk: https://app.snyk.io/org/luisalejandro/project/b71a9271-9b95-498b-8074-fe63f95f575d?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 68803a00..5203451c 100644 --- a/package.json +++ b/package.json @@ -109,7 +109,7 @@ "popper.js": "1.16.1", "puppeteer": "3.0.1", "slick-carousel": "1.8.1", - "snyk": "1.313.1" + "snyk": "1.317.0" }, "snyk": true } From 27f2654a07c8a27ac36b4681d2502475e5d9ddb8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 19:04:30 -0400 Subject: [PATCH 02/10] fix: upgrade http-server from 0.12.1 to 0.12.3 Snyk has created this PR to upgrade http-server from 0.12.1 to 0.12.3. See this package in NPM: https://www.npmjs.com/package/http-server See this project in Snyk: https://app.snyk.io/org/luisalejandro/project/b71a9271-9b95-498b-8074-fe63f95f575d?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 68803a00..6ad567b9 100644 --- a/package.json +++ b/package.json @@ -69,7 +69,7 @@ "googleapis": "49.0.0", "html-critical-webpack-plugin": "2.1.0", "html-webpack-plugin": "4.2.0", - "http-server": "0.12.1", + "http-server": "0.12.3", "imagemin-mozjpeg": "8.0.0", "imagemin-webpack-plugin": "2.4.2", "mini-css-extract-plugin": "0.9.0", From cb05f93c7cf6b6374e1559c3bcb8bf636d8d0104 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 19:04:51 -0400 Subject: [PATCH 03/10] fix: upgrade multiple dependencies with Snyk Snyk has created this PR to upgrade: - @babel/core from 7.9.0 to 7.9.6. See this package in NPM: https://www.npmjs.com/package/@babel/core - @babel/preset-env from 7.9.5 to 7.9.6. See this package in NPM: https://www.npmjs.com/package/@babel/preset-env See this project in Snyk: https://app.snyk.io/org/luisalejandro/project/b71a9271-9b95-498b-8074-fe63f95f575d?utm_source=github&utm_medium=upgrade-pr --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 68803a00..1a9b44f1 100644 --- a/package.json +++ b/package.json @@ -43,8 +43,8 @@ "compact": false }, "devDependencies": { - "@babel/core": "7.9.0", - "@babel/preset-env": "7.9.5", + "@babel/core": "7.9.6", + "@babel/preset-env": "7.9.6", "autoprefixer": "9.7.6", "axios": "0.19.2", "babel-loader": "8.1.0", From 48e8b74105e3b72bf2295202b1e098f8efe391a9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 5 May 2020 19:05:07 -0400 Subject: [PATCH 04/10] fix: upgrade puppeteer from 3.0.1 to 3.0.2 Snyk has created this PR to upgrade puppeteer from 3.0.1 to 3.0.2. See this package in NPM: https://www.npmjs.com/package/puppeteer See this project in Snyk: https://app.snyk.io/org/luisalejandro/project/b71a9271-9b95-498b-8074-fe63f95f575d?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 68803a00..08dfd0c4 100644 --- a/package.json +++ b/package.json @@ -107,7 +107,7 @@ "jquery": "3.5.0", "normalize.css": "8.0.1", "popper.js": "1.16.1", - "puppeteer": "3.0.1", + "puppeteer": "3.0.2", "slick-carousel": "1.8.1", "snyk": "1.313.1" }, From 919d08965ba9044d750ed8bf13de71af91574d74 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 11 May 2020 10:27:44 +0000 Subject: [PATCH 05/10] build(deps-dev): bump webpack-dev-server from 3.10.3 to 3.11.0 Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.3 to 3.11.0. - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.3...v3.11.0) Signed-off-by: dependabot-preview[bot] --- package.json | 2 +- yarn.lock | 107 +++++++++++++++++++-------------------------------- 2 files changed, 41 insertions(+), 68 deletions(-) diff --git a/package.json b/package.json index 68803a00..c8208fbf 100644 --- a/package.json +++ b/package.json @@ -93,7 +93,7 @@ "url-loader": "4.1.0", "webpack": "4.43.0", "webpack-cli": "3.3.11", - "webpack-dev-server": "3.10.3", + "webpack-dev-server": "3.11.0", "webpack-merge": "4.2.2", "webpack-pwa-manifest": "4.2.0", "yarn": "1.22.4" diff --git a/yarn.lock b/yarn.lock index 7fe213ad..9f6c6a3c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3385,15 +3385,6 @@ cliui@^3.0.3, cliui@^3.2.0: strip-ansi "^3.0.1" wrap-ansi "^2.0.0" -cliui@^4.0.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-4.1.0.tgz#348422dbe82d800b3022eef4f6ac10bf2e4d1b49" - integrity sha512-4FG+RSG9DL7uEwRUZXZn3SS34DiDPfzP0VOiEwtUWlE+AR2EIg+hSyvrIgUUfhdgR/UkAeW2QHgeP+hWrXs7jQ== - dependencies: - string-width "^2.1.1" - strip-ansi "^4.0.0" - wrap-ansi "^2.0.0" - cliui@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/cliui/-/cliui-5.0.0.tgz#deefcfdb2e800784aa34f46fa08e06851c7bbbc5" @@ -6847,10 +6838,10 @@ html-critical-webpack-plugin@2.1.0: dependencies: critical "^1.0.0" -html-entities@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.2.1.tgz#0df29351f0721163515dfb9e5543e5f6eed5162f" - integrity sha1-DfKTUfByEWNRXfueVUPl9u7VFi8= +html-entities@^1.3.1: + version "1.3.1" + resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.3.1.tgz#fb9a1a4b5b14c5daba82d3e34c6ae4fe701a0e44" + integrity sha512-rhE/4Z3hIhzHAUKbW8jVcCyuT5oJCXXqhN/6mXXVCpzTmvJnoH2HL/bt3EZ6p55jbFJBeAe1ZNpL5BugLujxNA== html-minifier-terser@^5.0.1: version "5.0.5" @@ -8498,10 +8489,10 @@ logalot@^2.0.0, logalot@^2.1.0: figures "^1.3.5" squeak "^1.0.0" -loglevel@^1.6.6: - version "1.6.7" - resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.7.tgz#b3e034233188c68b889f5b862415306f565e2c56" - integrity sha512-cY2eLFrQSAfVPhCgH1s7JI73tMbg9YC3v3+ZHVW67sBS7UxWzNEk/ZBbSfLykBWHp33dqqtOv82gjhKEi81T/A== +loglevel@^1.6.8: + version "1.6.8" + resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.8.tgz#8a25fb75d092230ecd4457270d80b54e28011171" + integrity sha512-bsU7+gc9AJ2SqpzxwU3+1fedl8zAntbtC5XYlt3s2j1hJcn2PsXSmgN8TaLG/J1/2mod4+cE/3vNL70/c1RNCA== longest@^1.0.0: version "1.0.1" @@ -9578,7 +9569,7 @@ os-locale@^1.4.0: dependencies: lcid "^1.0.0" -os-locale@^3.0.0, os-locale@^3.1.0: +os-locale@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-3.1.0.tgz#a802a6ee17f24c10483ab9935719cef4ed16bf1a" integrity sha512-Z8l3R4wYWM40/52Z+S265okfFj8Kt2cC2MKY+xNi3kFs+XGI7WXu/I309QQQYbRW4ijiZ+yxs9pqEhJh0DqW3Q== @@ -10169,10 +10160,10 @@ popper.js@1.16.1: resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b" integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ== -portfinder@^1.0.20, portfinder@^1.0.25: - version "1.0.25" - resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.25.tgz#254fd337ffba869f4b9d37edc298059cb4d35eca" - integrity sha512-6ElJnHBbxVA1XSLgBp7G1FiCkQdlqGzuF7DswL5tcea+E8UpuvPU7beVAjjRwCioTS9ZluNbu+ZyRvgTsmqEBg== +portfinder@^1.0.20, portfinder@^1.0.26: + version "1.0.26" + resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.26.tgz#475658d56ca30bed72ac7f1378ed350bd1b64e70" + integrity sha512-Xi7mKxJHHMI3rIUrnm/jjUgwhbYMkp/XKEcZX3aG4BrumLpq3nmoQMX+ClYnDZnZ/New7IatC1no5RX0zo1vXQ== dependencies: async "^2.6.2" debug "^3.1.1" @@ -12594,13 +12585,14 @@ sockjs-client@1.4.0: json3 "^3.3.2" url-parse "^1.4.3" -sockjs@0.3.19: - version "0.3.19" - resolved "https://registry.yarnpkg.com/sockjs/-/sockjs-0.3.19.tgz#d976bbe800af7bd20ae08598d582393508993c0d" - integrity sha512-V48klKZl8T6MzatbLlzzRNhMepEys9Y4oGFpypBFFn1gLI/QQ9HtLLyWJNbPlwGLelOVOEijUbTTJeLLI59jLw== +sockjs@0.3.20: + version "0.3.20" + resolved "https://registry.yarnpkg.com/sockjs/-/sockjs-0.3.20.tgz#b26a283ec562ef8b2687b44033a4eeceac75d855" + integrity sha512-SpmVOVpdq0DJc0qArhF3E5xsxvaiqGNb73XfgBpK1y3UD5gs8DSo8aCTsuT5pX8rssdc2NDIzANwP9eCAiSdTA== dependencies: faye-websocket "^0.10.0" - uuid "^3.0.1" + uuid "^3.4.0" + websocket-driver "0.6.5" socks-proxy-agent@^4.0.1: version "4.0.2" @@ -12728,7 +12720,7 @@ spdy-transport@^3.0.0: readable-stream "^3.0.6" wbuf "^1.7.3" -spdy@^4.0.1: +spdy@^4.0.2: version "4.0.2" resolved "https://registry.yarnpkg.com/spdy/-/spdy-4.0.2.tgz#b74f466203a3eda452c02492b91fb9e84a27677b" integrity sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA== @@ -13960,7 +13952,7 @@ utils-merge@1.0.1: resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM= -uuid@^3.0.1, uuid@^3.3.2: +uuid@^3.0.1, uuid@^3.3.2, uuid@^3.4.0: version "3.4.0" resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee" integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A== @@ -14073,10 +14065,10 @@ webpack-dev-middleware@^3.7.2: range-parser "^1.2.1" webpack-log "^2.0.0" -webpack-dev-server@3.10.3: - version "3.10.3" - resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.10.3.tgz#f35945036813e57ef582c2420ef7b470e14d3af0" - integrity sha512-e4nWev8YzEVNdOMcNzNeCN947sWJNd43E5XvsJzbAL08kGc2frm1tQ32hTJslRS+H65LCb/AaUCYU7fjHCpDeQ== +webpack-dev-server@3.11.0: + version "3.11.0" + resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.11.0.tgz#8f154a3bce1bcfd1cc618ef4e703278855e7ff8c" + integrity sha512-PUxZ+oSTxogFQgkTtFndEtJIPNmml7ExwufBZ9L2/Xyyd5PnOL5UreWe5ZT7IU25DSdykL9p1MLQzmLh2ljSeg== dependencies: ansi-html "0.0.7" bonjour "^3.5.0" @@ -14086,31 +14078,31 @@ webpack-dev-server@3.10.3: debug "^4.1.1" del "^4.1.1" express "^4.17.1" - html-entities "^1.2.1" + html-entities "^1.3.1" http-proxy-middleware "0.19.1" import-local "^2.0.0" internal-ip "^4.3.0" ip "^1.1.5" is-absolute-url "^3.0.3" killable "^1.0.1" - loglevel "^1.6.6" + loglevel "^1.6.8" opn "^5.5.0" p-retry "^3.0.1" - portfinder "^1.0.25" + portfinder "^1.0.26" schema-utils "^1.0.0" selfsigned "^1.10.7" semver "^6.3.0" serve-index "^1.9.1" - sockjs "0.3.19" + sockjs "0.3.20" sockjs-client "1.4.0" - spdy "^4.0.1" + spdy "^4.0.2" strip-ansi "^3.0.1" supports-color "^6.1.0" url "^0.11.0" webpack-dev-middleware "^3.7.2" webpack-log "^2.0.0" ws "^6.2.1" - yargs "12.0.5" + yargs "^13.3.2" webpack-log@^2.0.0: version "2.0.0" @@ -14173,6 +14165,13 @@ webpack@4.43.0, webpack@^4.17.1: watchpack "^1.6.1" webpack-sources "^1.4.1" +websocket-driver@0.6.5: + version "0.6.5" + resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.6.5.tgz#5cb2556ceb85f4373c6d8238aa691c8454e13a36" + integrity sha1-XLJVbOuF9Dc8bYI4qmkchFThOjY= + dependencies: + websocket-extensions ">=0.1.1" + websocket-driver@>=0.5.1: version "0.7.3" resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.7.3.tgz#a2d4e0d4f4f116f1e6297eba58b05d430100e9f9" @@ -14396,7 +14395,7 @@ y18n@^3.2.0, y18n@^3.2.1: resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41" integrity sha1-bRX7qITAhnnA136I53WegR4H+kE= -"y18n@^3.2.1 || ^4.0.0", y18n@^4.0.0: +y18n@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz#95ef94f85ecc81d007c264e190a120f0a3c8566b" integrity sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w== @@ -14423,14 +14422,6 @@ yargs-parser@^10.0.0: dependencies: camelcase "^4.1.0" -yargs-parser@^11.1.1: - version "11.1.1" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-11.1.1.tgz#879a0865973bca9f6bab5cbdf3b1c67ec7d3bcf4" - integrity sha512-C6kB/WJDiaxONLJQnF8ccx9SEeoTTLek8RVbaOIsrAUS8VrBEXfmeSnCZxygc+XC2sNMBIwOOnfcxiynjHsVSQ== - dependencies: - camelcase "^5.0.0" - decamelize "^1.2.0" - yargs-parser@^13.1.0, yargs-parser@^13.1.2: version "13.1.2" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-13.1.2.tgz#130f09702ebaeef2650d54ce6e3e5706f7a4fb38" @@ -14453,24 +14444,6 @@ yargs-parser@^5.0.0: dependencies: camelcase "^3.0.0" -yargs@12.0.5: - version "12.0.5" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-12.0.5.tgz#05f5997b609647b64f66b81e3b4b10a368e7ad13" - integrity sha512-Lhz8TLaYnxq/2ObqHDql8dX8CJi97oHxrjUcYtzKbbykPtVW9WB+poxI+NM2UIzsMgNCZTIf0AQwsjK5yMAqZw== - dependencies: - cliui "^4.0.0" - decamelize "^1.2.0" - find-up "^3.0.0" - get-caller-file "^1.0.1" - os-locale "^3.0.0" - require-directory "^2.1.1" - require-main-filename "^1.0.1" - set-blocking "^2.0.0" - string-width "^2.0.0" - which-module "^2.0.0" - y18n "^3.2.1 || ^4.0.0" - yargs-parser "^11.1.1" - yargs@13.2.4: version "13.2.4" resolved "https://registry.yarnpkg.com/yargs/-/yargs-13.2.4.tgz#0b562b794016eb9651b98bd37acf364aa5d6dc83" @@ -14527,7 +14500,7 @@ yargs@6.6.0: y18n "^3.2.1" yargs-parser "^4.2.0" -yargs@^13.3.0: +yargs@^13.3.0, yargs@^13.3.2: version "13.3.2" resolved "https://registry.yarnpkg.com/yargs/-/yargs-13.3.2.tgz#ad7ffefec1aa59565ac915f82dccb38a9c31a2dd" integrity sha512-AX3Zw5iPruN5ie6xGRIDgqkT+ZhnRlZMLMHAs8tg7nRruy2Nb+i5o9bwghAogtM08q1dpr2LVoS8KSTMYpWXUw== From d82f8e737e27d03e214c17d581867ae61c5e6f00 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 11 May 2020 10:28:31 +0000 Subject: [PATCH 06/10] build(deps): bump jquery from 3.5.0 to 3.5.1 Bumps [jquery](https://github.com/jquery/jquery) from 3.5.0 to 3.5.1. - [Release notes](https://github.com/jquery/jquery/releases) - [Commits](https://github.com/jquery/jquery/compare/3.5.0...3.5.1) Signed-off-by: dependabot-preview[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 68803a00..0f02b95b 100644 --- a/package.json +++ b/package.json @@ -104,7 +104,7 @@ "cookieconsent": "3.1.1", "d3": "5.16.0", "expose-loader": "0.7.5", - "jquery": "3.5.0", + "jquery": "3.5.1", "normalize.css": "8.0.1", "popper.js": "1.16.1", "puppeteer": "3.0.1", diff --git a/yarn.lock b/yarn.lock index 7fe213ad..ddfed4a6 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7951,10 +7951,10 @@ jpegtran-bin@^4.0.0: bin-wrapper "^4.0.0" logalot "^2.0.0" -jquery@3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.0.tgz#9980b97d9e4194611c36530e7dc46a58d7340fc9" - integrity sha512-Xb7SVYMvygPxbFMpTFQiHh1J7HClEaThguL15N/Gg37Lri/qKyhRGZYzHRyLH8Stq3Aow0LsHO2O2ci86fCrNQ== +jquery@3.5.1: + version "3.5.1" + resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.1.tgz#d7b4d08e1bfdb86ad2f1a3d039ea17304717abb5" + integrity sha512-XwIBPqcMn57FxfT+Go5pzySnm4KWkT1Tv7gjrpT1srtf8Weynl6R273VJ5GjkRb51IzMp5nbaPjJXMWeju2MKg== js-base64@^2.1.8, js-base64@^2.1.9: version "2.5.2" From cb4eb3cd521028de35215f2a23b826254f3636f4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 12 May 2020 18:34:59 -0400 Subject: [PATCH 07/10] fix: package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 68803a00..c8208fbf 100644 --- a/package.json +++ b/package.json @@ -93,7 +93,7 @@ "url-loader": "4.1.0", "webpack": "4.43.0", "webpack-cli": "3.3.11", - "webpack-dev-server": "3.10.3", + "webpack-dev-server": "3.11.0", "webpack-merge": "4.2.2", "webpack-pwa-manifest": "4.2.0", "yarn": "1.22.4" From 5100394cda00e97ea390a7432f5b89b22aa932d8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 12 May 2020 18:35:29 -0400 Subject: [PATCH 08/10] fix: upgrade node-sass from 4.14.0 to 4.14.1 Snyk has created this PR to upgrade node-sass from 4.14.0 to 4.14.1. See this package in NPM: https://www.npmjs.com/package/node-sass See this project in Snyk: https://app.snyk.io/org/luisalejandro/project/b71a9271-9b95-498b-8074-fe63f95f575d?utm_source=github&utm_medium=upgrade-pr --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 68803a00..eac762ca 100644 --- a/package.json +++ b/package.json @@ -74,7 +74,7 @@ "imagemin-webpack-plugin": "2.4.2", "mini-css-extract-plugin": "0.9.0", "netlify-lambda": "1.6.3", - "node-sass": "4.14.0", + "node-sass": "4.14.1", "postcss-advanced-variables": "3.0.1", "postcss-import": "12.0.1", "postcss-loader": "3.0.0", From 83856f963ad370b90ce6a69aa7565b206521c873 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 18 May 2020 10:20:06 +0000 Subject: [PATCH 09/10] build(deps-dev): bump svg-sprite-loader from 4.2.6 to 5.0.0 Bumps [svg-sprite-loader](https://github.com/JetBrains/svg-sprite-loader) from 4.2.6 to 5.0.0. - [Release notes](https://github.com/JetBrains/svg-sprite-loader/releases) - [Changelog](https://github.com/JetBrains/svg-sprite-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/svg-sprite-loader/compare/v4.2.6...v5.0.0) Signed-off-by: dependabot-preview[bot] --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 68803a00..4ff2e195 100644 --- a/package.json +++ b/package.json @@ -84,7 +84,7 @@ "rimraf": "3.0.2", "sass-loader": "8.0.2", "style-loader": "1.2.0", - "svg-sprite-loader": "4.2.6", + "svg-sprite-loader": "5.0.0", "svg-transform-loader": "2.0.12", "svgo": "1.3.2", "svgo-loader": "2.2.1", diff --git a/yarn.lock b/yarn.lock index 7fe213ad..2f16a9b5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13103,10 +13103,10 @@ supports-color@^7.1.0: dependencies: has-flag "^4.0.0" -svg-baker-runtime@^1.4.6: - version "1.4.6" - resolved "https://registry.yarnpkg.com/svg-baker-runtime/-/svg-baker-runtime-1.4.6.tgz#73499736c636610121a9e17ae6ceb2ea1023ec6b" - integrity sha512-n+Uq23mafI12WLHXahkjSY00qHJaNfeB9XgVKdo0C4kzrcn8JnunXNajvOlqkFaTqj7xT7MwTlFl3Hga8AevcQ== +svg-baker-runtime@^1.4.7: + version "1.4.7" + resolved "https://registry.yarnpkg.com/svg-baker-runtime/-/svg-baker-runtime-1.4.7.tgz#f4720637f5b6202eef6378d81f1fead0815f8a4e" + integrity sha512-Zorfwwj5+lWjk/oxwSMsRdS2sPQQdTmmsvaSpzU+i9ZWi3zugHLt6VckWfnswphQP0LmOel3nggpF5nETbt6xw== dependencies: deepmerge "1.3.2" mitt "1.1.2" @@ -13142,10 +13142,10 @@ svg-mixer-utils@^0.3.4: merge-options "^1.0.0" postcss-helpers "^0.3.2" -svg-sprite-loader@4.2.6: - version "4.2.6" - resolved "https://registry.yarnpkg.com/svg-sprite-loader/-/svg-sprite-loader-4.2.6.tgz#9f5ac6d75d78be80758966abc4210a285edb2073" - integrity sha512-NwHOcULhpKLGwQawunpcp9RmUCHbboWO94x7n8DNFHIwxYfsuvcS6s/mPCBbqLS+C9ox0F6BZZI/2vbW0RXMlQ== +svg-sprite-loader@5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/svg-sprite-loader/-/svg-sprite-loader-5.0.0.tgz#fd5c63c7110df3ca289282def49f34e6a62e6f65" + integrity sha512-/hedkRC2IS0E+kFIb+OUCfqQlbVx72/WEEeRGw2uPsNgOOgJEONXzjfSm+CJ3pB9gOHytlBmPMS8ijMCp5s2Eg== dependencies: bluebird "^3.5.0" deepmerge "1.3.2" @@ -13154,7 +13154,7 @@ svg-sprite-loader@4.2.6: html-webpack-plugin "^3.2.0" loader-utils "^1.1.0" svg-baker "^1.5.0" - svg-baker-runtime "^1.4.6" + svg-baker-runtime "^1.4.7" url-slug "2.0.0" svg-transform-loader@2.0.12: From fe378af7b208d65b836d1636e23b009654b085cb Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 18 May 2020 10:21:40 +0000 Subject: [PATCH 10/10] build(deps): bump bootstrap from 4.4.1 to 4.5.0 Bumps [bootstrap](https://github.com/twbs/bootstrap) from 4.4.1 to 4.5.0. - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](https://github.com/twbs/bootstrap/compare/v4.4.1...v4.5.0) Signed-off-by: dependabot-preview[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 68803a00..412a0a18 100644 --- a/package.json +++ b/package.json @@ -100,7 +100,7 @@ }, "dependencies": { "@fortawesome/fontawesome-free": "5.13.0", - "bootstrap": "4.4.1", + "bootstrap": "4.5.0", "cookieconsent": "3.1.1", "d3": "5.16.0", "expose-loader": "0.7.5", diff --git a/yarn.lock b/yarn.lock index 7fe213ad..5dd71ba0 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2747,10 +2747,10 @@ boolbase@^1.0.0, boolbase@~1.0.0: resolved "https://registry.yarnpkg.com/boolbase/-/boolbase-1.0.0.tgz#68dff5fbe60c51eb37725ea9e3ed310dcc1e776e" integrity sha1-aN/1++YMUes3cl6p4+0xDcwed24= -bootstrap@4.4.1: - version "4.4.1" - resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.4.1.tgz#8582960eea0c5cd2bede84d8b0baf3789c3e8b01" - integrity sha512-tbx5cHubwE6e2ZG7nqM3g/FZ5PQEDMWmMGNrCUBVRPHXTJaH7CBDdsLeu3eCh3B1tzAxTnAbtmrzvWEvT2NNEA== +bootstrap@4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.0.tgz#97d9dbcb5a8972f8722c9962483543b907d9b9ec" + integrity sha512-Z93QoXvodoVslA+PWNdk23Hze4RBYIkpb5h8I2HY2Tu2h7A0LpAgLcyrhrSUyo2/Oxm2l1fRZPs1e5hnxnliXA== boxen@^1.2.1, boxen@^1.3.0: version "1.3.0"