-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bump: npm_and_yarn group across 2 directories with 15 updates #4664
Conversation
… updates Bumps the npm_and_yarn group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [zod](https://github.com/colinhacks/zod) | `3.22.4` | `3.22.5` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `3.3.2` | | [minimatch](https://github.com/isaacs/minimatch) | `4.2.3` | `5.0.0` | | [ws](https://github.com/websockets/ws) | `7.4.6` | `8.17.0` | | [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws) | `6.0.4` | `8.5.10` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `6.5.5` | | [find-my-way](https://github.com/delvedor/find-my-way) | `2.2.4` | `2.2.5` | | [highlight.js](https://github.com/highlightjs/highlight.js) | `10.3.2` | `10.7.3` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.8.8` | `2.8.9` | | [ini](https://github.com/npm/ini) | `1.3.5` | `1.3.8` | | [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.38` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` | | [y18n](https://github.com/yargs/y18n) | `3.2.1` | `3.2.2` | Bumps the npm_and_yarn group with 7 updates in the /testing/browser-functional/browser-echo-bot directory: | Package | From | To | | --- | --- | --- | | [ws](https://github.com/websockets/ws) | `6.2.1` | `6.2.2` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `6.5.5` | | [ini](https://github.com/npm/ini) | `1.3.5` | `1.3.8` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` | | [y18n](https://github.com/yargs/y18n) | `4.0.0` | `4.0.3` | | [dns-packet](https://github.com/mafintosh/dns-packet) | `1.3.1` | `1.3.4` | Updates `zod` from 3.22.4 to 3.22.5 - [Release notes](https://github.com/colinhacks/zod/releases) - [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md) - [Commits](https://github.com/colinhacks/zod/commits) Updates `node-fetch` from 2.6.7 to 3.3.2 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v3.3.2) Updates `minimatch` from 4.2.3 to 5.0.0 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v4.2.3...v5.0.0) Updates `ws` from 7.4.6 to 8.17.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.6...8.17.0) Updates `@types/ws` from 6.0.4 to 8.5.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws) Updates `elliptic` from 6.5.3 to 6.5.5 - [Commits](indutny/elliptic@v6.5.3...v6.5.5) Updates `find-my-way` from 2.2.4 to 2.2.5 - [Release notes](https://github.com/delvedor/find-my-way/releases) - [Commits](delvedor/find-my-way@v2.2.4...v2.2.5) Updates `highlight.js` from 10.3.2 to 10.7.3 - [Release notes](https://github.com/highlightjs/highlight.js/releases) - [Changelog](https://github.com/highlightjs/highlight.js/blob/10.7.3/CHANGES.md) - [Commits](highlightjs/highlight.js@10.3.2...10.7.3) Updates `hosted-git-info` from 2.8.8 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.8.8...v2.8.9) Updates `ini` from 1.3.5 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.5...v1.3.8) Updates `postcss` from 8.4.31 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.31...8.4.38) Updates `ssri` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) Updates `y18n` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `ws` from 6.2.1 to 6.2.2 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.6...8.17.0) Updates `elliptic` from 6.5.3 to 6.5.5 - [Commits](indutny/elliptic@v6.5.3...v6.5.5) Updates `ini` from 1.3.5 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.5...v1.3.8) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `ssri` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) Updates `y18n` from 4.0.0 to 4.0.3 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `dns-packet` from 1.3.1 to 1.3.4 - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4) --- updated-dependencies: - dependency-name: zod dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ws dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@types/ws" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: find-my-way dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: highlight.js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dns-packet dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
@JhontSouth There is def something breaking in what dependabot is updating to. I resolved a couple things. Not enough. |
Hi @tracyboehrer, |
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
#minor
Bumps the npm_and_yarn group with 13 updates in the / directory:
3.22.4
3.22.5
2.6.7
3.3.2
4.2.3
5.0.0
7.4.6
8.17.0
6.0.4
8.5.10
6.5.3
6.5.5
2.2.4
2.2.5
10.3.2
10.7.3
2.8.8
2.8.9
1.3.5
1.3.8
8.4.31
8.4.38
6.0.1
6.0.2
3.2.1
3.2.2
Bumps the npm_and_yarn group with 7 updates in the /testing/browser-functional/browser-echo-bot directory:
6.2.1
6.2.2
6.5.3
6.5.5
1.3.5
1.3.8
1.0.6
1.0.7
6.0.1
6.0.2
4.0.0
4.0.3
1.3.1
1.3.4
Updates
zod
from 3.22.4 to 3.22.5Commits
Updates
node-fetch
from 2.6.7 to 3.3.2Release notes
Sourced from node-fetch's releases.
... (truncated)
Commits
8b3320d
fix: Remove the default connection close header. (#1736)7b86e94
fix: release "Allow URL class object as an argument for fetch()" #1696 (#1716)8ced5b9
docs: readme - non ESM example (#1707)71e376b
ci(release): use latest Node LTS (#1697)e093030
Allow URL class object as an argument for fetch() (#1696)55a4870
feat: add static Response.json (#1670)c071406
(1138) - Fixed HTTPResponseError with correct constructor and usage (#1666)6f72caa
docs: fix missing comma in example (#1623)2880238
fix: ReDoS referrer (#1611)e87b093
fix(Headers): don't forward secure headers on protocol change (#1599)Maintainer changes
This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.
Updates
minimatch
from 4.2.3 to 5.0.0Changelog
Sourced from minimatch's changelog.
... (truncated)
Commits
fc44f5f
5.0.09104d8d
Expect exclusively forward slash as path sep, same as node-glob58b72d3
fix(brace-expansion): ignore only blocks that begins with $ddfacbd
update brace-expansion55ed736
update package scripts and depsUpdates
ws
from 7.4.6 to 8.17.0Release notes
Sourced from ws's releases.
... (truncated)
Commits
b73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)2aa0405
[minor] Fix nits53a8888
[feature] Allow thecreateConnection
option (#2219)b119b41
[pkg] Update eslint to version 9.0.02405c17
[doc] Add punctuation for readability (#2213)Updates
@types/ws
from 6.0.4 to 8.5.10Commits
Updates
elliptic
from 6.5.3 to 6.5.5Commits
7570078
6.5.5206da2e
lib: lint0a78e03
[Fix] restore node < 4 compat43ac7f2
6.5.4f4bc72b
package: bump deps441b742
ec: validate that a point before deriving keyse71b2d9
lib: relint using eslint8421a01
build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)Updates
find-my-way
from 2.2.4 to 2.2.5Release notes
Sourced from find-my-way's releases.
Commits
b846810
Bumped v2.2.5264a688
Bumped v2.2.4771d019
Standard0118ab6
Enable versioning on demand (#172)Updates
highlight.js
from 10.3.2 to 10.7.3Release notes
Sourced from highlight.js's releases.
... (truncated)
Changelog
Sourced from highlight.js's changelog.
... (truncated)
Commits
0c4cc8a
(chore) release 10.7.3d38b332
fix(parser) Resolve issue with missing TS property (#3225)00233d6
(chore) release 10.7.24630cde
(chore) throttle deprecation messages (#3092)421b23b
(chore) fix TS issue, bump 10.7.17ec45af
(chore) bump version to 10.7.0bfb5a59
enh(parser) new highlight() API (#3053)6f24850
(cleanup) better boolean naming695ff64
(chore) add shebang for build script23ae72c
(chore) rename master branch to mainMaintainer changes
This version was pushed to npm by highlightjs_bot, a new releaser for highlight.js since your current version.
Updates
hosted-git-info
from 2.8.8 to 2.8.9Changelog
Sourced from hosted-git-info's changelog.
Commits
8d4b369
chore(release): 2.8.929adfe5
fix: backport regex fix from #76Maintainer changes
This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.
Updates
ini
from 1.3.5 to 1.3.8Commits
a2c5da8
1.3.8af5c6bb
Do not use Object.create(null)8b648a1
don't test where our devdeps don't even workc74c8af
1.3.7024b8b5
update deps, add linting032fbaf
Use Object.create(null) to avoid default object property hazards2da9039
1.3.6cfea636
better git push script, before publish instead of after56d2805
do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Updates
postcss
from 8.4.31 to 8.4.38Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
a69d45e
Release 8.4.38 version64e35d9
Update dependenciesc1ad8fb
Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...b45e7e9
fix endIndex1bea246
failing test: for endIndex 0 in rangeBy0fd1d86
Add changelog auto release on Github49c906e
Release 8.4.37 versionb5bd92c
Fix another broken prev source map issue2882039
Update dependenciese5ad939
Release 8.4.36 versionUpdates
ssri
from 6.0.1 to 6.0.2Changelog
Sourced from ssri's changelog.
Commits
b7c8c7c
chore(release): 6.0.2b30dfdb
fix: backport regex change from 8.0.1Maintainer changes
This version was pushed to npm by nlf, a new releaser for ssri since your current version.
Updates
y18n
from 3.2.1 to 3.2.2Release notes
Sourced from y18n's releases.
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.
Updates
ws
from 6.2.1 to 6.2.2Release notes
Sourced from ws's releases.
... (truncated)
Commits
b73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)2aa0405
[minor] Fix nits53a8888
[feature] Allow thecreateConnection
option (#2219)b119b41
[pkg] Update eslint to version 9.0.02405c17
[doc] Add punctuation for readability (#2213)Updates
elliptic
from 6.5.3 to 6.5.5Commits
7570078
6.5.5206da2e
lib: lint0a78e03
[Fix] restore node < 4 compat43ac7f2
6.5.4f4bc72b
package: bump deps441b742
ec: validate that a point before deriving keyse71b2d9
lib: relint using eslint8421a01
build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)Updates
ini
from 1.3.5 to 1.3.8Commits
a2c5da8
1.3.8af5c6bb
Do not use Object.create(null)8b648a1
don't test where our devdeps don't even workc74c8af
1.3.7024b8b5
update deps, add linting032fbaf
Use Object.create(null) to avoid default object property hazards2da9039
1.3.6cfea636
better git push script, before publish instead of after56d2805
do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Updates
path-parse
from 1.0.6 to 1.0.7Commits
Updates
ssri
from 6.0.1 to 6.0.2Changelog
Sourced from ssri's changelog.
Commits
b7c8c7c
chore(release): 6.0.2b30dfdb
fix: backport regex change from 8.0.1Maintainer changes
This version was pushed to npm by nlf, a new releaser for ssri since your current version.
Updates
y18n
from 4.0.0 to 4.0.3Release notes
Sourced from y18n's releases.
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.
Updates
dns-packet
from 1.3.1 to 1.3.4Commits
ebdf849
1.3.4ac57872
move all allocUnsafes to allocs for easier maintenancec64c950
1.3.30598ba1
fix .. in encodingLength010aedb
1.3.20d0d593
backport encodingLength fix to v1You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.