-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group across 1 directory with 15 updates #384
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/npm_and_yarn/npm_and_yarn-3a38531f77
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@storybook/html](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/html) | `6.5.16` | `8.2.6` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `3.0.9` | `3.2.10` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `5.0.1` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [webpack](https://github.com/webpack/webpack) | `4.46.0` | `4.47.0` | | [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [cross-fetch](https://github.com/lquixada/cross-fetch) | `3.1.4` | `3.1.8` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` | Updates `@storybook/html` from 6.5.16 to 8.2.6 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.2.6/code/renderers/html) Updates `vite` from 3.0.9 to 3.2.10 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v3.2.10/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v3.2.10/packages/vite) Updates `ansi-regex` from 3.0.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v3.0.0...v5.0.1) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `webpack` from 4.46.0 to 4.47.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v4.46.0...v4.47.0) Updates `ws` from 7.5.7 to 7.5.10 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.7...7.5.10) Updates `qs` from 6.7.0 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.11.0) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `cross-fetch` from 3.1.4 to 3.1.8 - [Release notes](https://github.com/lquixada/cross-fetch/releases) - [Changelog](https://github.com/lquixada/cross-fetch/blob/v3.1.8/CHANGELOG.md) - [Commits](lquixada/cross-fetch@v3.1.4...v3.1.8) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `ejs` from 3.1.6 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.6...v3.1.10) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `postcss` from 7.0.39 to 8.4.40 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.39...8.4.40) Updates `tough-cookie` from 4.0.0 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4) --- updated-dependencies: - dependency-name: "@storybook/html" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
Pull requests that update a dependency file
label
Jul 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 12 updates in the / directory:
6.5.16
8.2.6
3.0.9
3.2.10
3.0.0
5.0.1
1.4.0
1.4.2
4.46.0
4.47.0
7.5.7
7.5.10
4.2.1
4.2.3
3.1.4
3.1.8
0.2.0
0.2.2
3.1.6
3.1.10
1.0.1
1.0.2
4.0.0
4.1.4
Updates
@storybook/html
from 6.5.16 to 8.2.6Release notes
Sourced from
@storybook/html
's releases.... (truncated)
Changelog
Sourced from
@storybook/html
's changelog.... (truncated)
Commits
ea266a0
Bump version from "8.2.5" to "8.2.6" [skip ci]e3c5995
Bump version from "8.2.4" to "8.2.5" [skip ci]7b84561
Bump version from "8.2.3" to "8.2.4" [skip ci]de22531
Merge pull request #28599 from storybookjs/norbert/cpc-add-shim-dependencies-...7067b33
Bump version from "8.2.2" to "8.2.3" [skip ci]480359d
Bump version from "8.2.1" to "8.2.2" [skip ci]9c3d891
Bump version from "8.2.0" to "8.2.1" [skip ci]8b2f2db
Bump version from "8.2.0-beta.3" to "8.2.0" [skip ci]ef343c7
Bump version from "8.2.0-beta.2" to "8.2.0-beta.3" [skip ci]bd047a6
Bump version from "8.2.0-beta.1" to "8.2.0-beta.2" [skip ci]Updates
vite
from 3.0.9 to 3.2.10Changelog
Sourced from vite's changelog.
... (truncated)
Commits
1a8728f
release: v3.2.105910f13
release: v3.2.989c7c64
fix: port #16250 to v3 (#16253)8352b75
release: v3.2.899080ca
fix: port #15653 to v3 (#15655)494f36b
release: v3.2.70574f80
fix: port #13348 to v3, fs.deny with leading double slash (#13349)f494760
release: v3.2.6b48ac2a
fix: escape msg in render restricted error html, backport (#12889) (#12892)77ee19b
release: v3.2.5Updates
ansi-regex
from 3.0.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce
5.0.14657833
fix incorrect formatc3c0b3f
Fix potential ReDoS (#37)178363b
Move to GitHub Actions (#35)0755e66
Add@Qix
- to funding.yml2b56fb0
5.0.0f26f7fe
Meta tweakse77ea17
Add TypeScript definition (#32)166a0d5
Require Node.js 8f115fca
Tidelift tasksUpdates
loader-utils
from 1.4.0 to 1.4.2Release notes
Sourced from loader-utils's releases.
Changelog
Sourced from loader-utils's changelog.
Commits
331ad50
chore(release): 1.4.217cbf8f
fix: ReDoS problem (#226)8f082b3
chore(release): 1.4.14504e34
fix: security problem (#220)Updates
webpack
from 4.46.0 to 4.47.0Release notes
Sourced from webpack's releases.
Commits
dfffd6a
4.47.07395af8
Merge pull request #17628 from iclanton/webpack4-md4-hash9b50972
Update SplitChunksPlugin to use the updated createHash function.6f6ae98
Add support for md4 in Node >=18.3956274
Merge pull request #13778 from StyleT/feature/custom_externals_for_systemjs_t...1f11600
fix: fixed work of the non-system type externals for "system" library targetMaintainer changes
This version was pushed to npm by thelarkinn, a new releaser for webpack since your current version.
Updates
ws
from 7.5.7 to 7.5.10Release notes
Sourced from ws's releases.
Commits
d962d70
[dist] 7.5.1022c2876
[security] Fix crash when the Upgrade header cannot be read (#2231)8a78f87
[dist] 7.5.90435e6e
[security] Fix same host check for ws+unix: redirects4271f07
[dist] 7.5.8dc1781b
[security] Drop sensitive headers when following insecure redirects2758ed3
[fix] Abort the handshake if the Upgrade header is invalidUpdates
qs
from 6.7.0 to 6.11.0Changelog
Sourced from qs's changelog.
... (truncated)
Commits
56763c1
v6.11.0ddd3e29
[readme] fix version badgec313472
[New] [Fix]stringify
: revert 0e903c0; addcommaRoundTrip
option95bc018
v6.10.50e903c0
[Fix]stringify
: witharrayFormat: comma
, properly include an explicit `[...ba9703c
v6.10.44e44019
[Fix]stringify
: witharrayFormat: comma
, include an explicit[]
on a s...113b990
[Dev Deps] updateobject-inspect
c77f38f
[Dev Deps] updateeslint
,@ljharb/eslint-config
,aud
,has-symbol
,tape
2cf45b2
[meta] usenpmignore
to autogenerate an npmignore fileUpdates
browserify-sign
from 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
cross-fetch
from 3.1.4 to 3.1.8Release notes
Sourced from cross-fetch's releases.
Changelog
Sourced from cross-fetch's changelog.
Commits
0922089
chore(release): 3.1.86669927
fix: restored caret on node-fetch versionff14bdd
chore: improved release scriptd625e0d
chore: release workflow now uses .nvmrc098ed1e
chore: improved release workflowcc2663b
chore(release): 3.1.77c1fdde
chore: updated node-fetch to 2.6.12e298dbb
chore: reordered if statement81049e1
chore: removed github publish pipelinea80be7c
chore: removed console log from specsUpdates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
ejs
from 3.1.6 to 3.1.10Release notes
Sourced from ejs's releases.
Commits
d3f807d
Version 3.1.109ee26dd
Mocha TDDe469741
Basic pollution protection715e950
Merge pull request #756 from Jeffrey-mu/maincabe314
Include advanced usage examples29b076c
Added header11503c7
Merge branch 'main' of github.com:mde/ejs into main7690404
Added security banner to READMEf47d7ae
Update SECURITY.md828cea1
Update SECURITY.mdUpdates
express
from 4.17.1 to 4.19.2Release notes
Sourced from express's releases.