Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump tmpl from 1.0.4 to 1.0.5 #137

Merged
merged 1 commit into from
Sep 22, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 22, 2021

Build

Update tmpl from 1.0.4 to 1.0.5 (#137)

Fix the vulnerability GHSA-jgrx-mgxx-jf9v .

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Changes that update dependencies label Sep 22, 2021
@dependabot dependabot bot requested a review from a team September 22, 2021 01:53
@MrChocolatine MrChocolatine added the security Changes that address a security vulnerability label Sep 22, 2021
@MrChocolatine MrChocolatine self-assigned this Sep 22, 2021
@MrChocolatine MrChocolatine merged commit 9362381 into master Sep 22, 2021
@MrChocolatine MrChocolatine deleted the dependabot-npm_and_yarn-tmpl-1.0.5 branch September 22, 2021 07:44
@MrChocolatine MrChocolatine mentioned this pull request Oct 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Changes that update dependencies security Changes that address a security vulnerability
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant