Skip to content

Bump the npm_and_yarn group across 1 directories with 20 updates #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directories with 20 updates #18

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 21, 2024

Bumps the npm_and_yarn group with 20 updates in the /. directory:

Package From To
debug 3.1.0 3.2.7
jsonwebtoken 8.5.1 9.0.0
lodash 4.17.19 4.17.21
minimist 1.2.3 1.2.6
@babel/traverse 7.7.4 7.23.9
follow-redirects 1.9.0 1.15.5
start-server-and-test 1.11.6 1.15.4
browserify-sign 4.0.4 4.2.2
decode-uri-component 0.2.0 0.2.2
fsevents 1.2.9 1.2.13
handlebars 4.5.3 4.7.7
hbs 4.0.1 4.2.0
jszip 3.1.5 3.10.1
read-excel-file 4.0.7 4.1.0
socket.io-parser 3.3.2 3.3.3
ua-parser-js 0.7.20 0.7.37
hoek 5.0.4 ``
wait-on 3.2.0 3.3.0
xml2js 0.4.23 0.5.0
parse-bmfont-xml 1.1.4 1.1.6

Updates debug from 3.1.0 to 3.2.7

Release notes

Sourced from debug's releases.

3.2.6

This backport fixes a 4x performance regression when debug is disabled.

Patches

  • fix: performance issue (f312a8903a3928c43ff1388828d85f4f8407553d) (#625)

3.2.5

This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com.

It is a backport of the 4.0.1 release.

Patches

  • fix browserify and supply alternative unpkg entry point (closes #606): cc5f1463d1c975bcef0b3172b2527ca204ec474d

3.2.4

3.2.4 is DEPRECATED. See visionmedia/debug#603 for details.

This released fixed the missing files entry in package.json, mitigating the faulty 3.2.3 release.

3.2.3

3.2.3 is DEPRECATED. See visionmedia/debug#603 for details.

This release mitigated the breaking changes introduced in 3.2.0 where ./node.js was removed, breaking a very select few users on older releases of babel-core, as well as users that used an undocumented require('debug/node').

./node.js was temporarily added to the repository at this time; however, this release failed to include node.js in the files key in package.json and thus didn't fix the issue. 3.2.4 rectified this issue.

3.2.2

3.2.2 is DEPRECATED. See visionmedia/debug#603 for details.

This release mitigated the breaking changes introduced in 3.2.0 where ES6 features were being used on users of Node 4, causing crashes upon inclusion.

It employed a temporary Babel pass on the entire codebase in lieu of a hard reversion (so this version is, effectively, a backport of the fixes and features ultimately introduced in 4.0.0).

3.2.1

3.2.1 is DEPRECATED. See visionmedia/debug#603 for details.

This release, along with 3.2.0, were subsequently released together as 4.0.0 (a major bump). You can review the complete changes in that release's details.

A quick hotfix to address Browser builds - debug is now compiled down to IE8-compatible code via Babel upon release.

CDNs that honor the "browser": key in package.json should now reflect these changes (previously, they would serve the non-bundled ES6 version).

Patches

  • use babel-ified distributed source for browsers: b3f8f8e683915ef4fae3a77cbcebc6c410e65a8c

3.2.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates jsonwebtoken from 8.5.1 to 9.0.0

Changelog

Sourced from jsonwebtoken's changelog.

9.0.0 - 2022-12-21

Breaking changes: See Migration from v8 to v9

Breaking changes

  • Removed support for Node versions 11 and below.
  • The verify() function no longer accepts unsigned tokens by default. ([834503079514b72264fd13023a3b8d648afd6a16]auth0/node-jsonwebtoken@8345030)
  • RSA key size must be 2048 bits or greater. ([ecdf6cc6073ea13a7e71df5fad043550f08d0fa6]auth0/node-jsonwebtoken@ecdf6cc)
  • Key types must be valid for the signing / verification algorithm

Security fixes

  • security: fixes Arbitrary File Write via verify function - CVE-2022-23529
  • security: fixes Insecure default algorithm in jwt.verify() could lead to signature validation bypass - CVE-2022-23540
  • security: fixes Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - CVE-2022-23541
  • security: fixes Unrestricted key type could lead to legacy keys usage - CVE-2022-23539
Commits
  • e1fa9dc Merge pull request from GHSA-8cf7-32gw-wr33
  • 5eaedbf chore(ci): remove github test actions job (#861)
  • cd4163e chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856)
  • ecdf6cc fix!: Prevent accidental use of insecure key sizes & misconfiguration of secr...
  • 8345030 fix(sign&verify)!: Remove default none support from sign and verify met...
  • 7e6a86b Upload OpsLevel YAML (#849)
  • 74d5719 docs: update references vercel/ms references (#770)
  • d71e383 docs: document "invalid token" error
  • 3765003 docs: fix spelling in README.md: Peak -> Peek (#754)
  • a46097e docs: make decode impossible to discover before verify
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by julien.wollscheid, a new releaser for jsonwebtoken since your current version.


Updates lodash from 4.17.19 to 4.17.21

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates minimist from 1.2.3 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

  • security notice 4cf1354
  • additional test for constructor prototype pollution 1043d21
Commits

Updates @babel/traverse from 7.7.4 to 7.23.9

Release notes

Sourced from @​babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

Committers: 4

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.7 (2023-12-29)

🐛 Bug Fix

  • babel-traverse
  • babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

Updates follow-redirects from 1.9.0 to 1.15.5

Commits
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • 3d42aec Add bracket tests.
  • bcbb096 Do not directly set Error properties.
  • 192dbe7 Release version 1.15.3 of the npm package.
  • Additional commits viewable in compare view

Updates start-server-and-test from 1.11.6 to 1.15.4

Release notes

Sourced from start-server-and-test's releases.

v1.15.4

1.15.4 (2023-02-13)

Bug Fixes

  • add expected default value 200, closes #349 (9e8713b)

v1.15.3

1.15.3 (2023-01-23)

Bug Fixes

  • deps: update dependency wait-on to v7 (#347) (2ebf1ba)

v1.15.2

1.15.2 (2022-12-09)

Bug Fixes

  • deps: update dependency wait-on to v6.0.1 (4e33599)

v1.15.1

1.15.1 (2022-12-07)

Bug Fixes

  • deps: update dependency debug to v4.3.4 (9cfb60e)

v1.15.0

1.15.0 (2022-12-05)

Features

  • use the --expect parameter to specify HTTP response code (#343) (17a427c)

v1.14.0

1.14.0 (2021-09-02)

v1.13.1

1.13.1 (2021-07-26)

Bug Fixes

  • deps: update dependency wait-on to v6 (#307) (eeaaf92)

... (truncated)

Commits
  • 9e8713b fix: add expected default value 200, closes #349
  • 2ebf1ba fix(deps): update dependency wait-on to v7 (#347)
  • 4e33599 fix(deps): update dependency wait-on to v6.0.1
  • 9cfb60e fix(deps): update dependency debug to v4.3.4
  • 17a427c feat: use the --expect parameter to specify HTTP response code (#343)
  • 6bedc4c fix: add explicit license file, closes #336 (#342)
  • 7294173 update the CI workflow (#341)
  • 776c7b6 add CLI processing with arg module (#340)
  • 693dc2c FEAT: Allow interval option from environment variable (#315)
  • 7ac144f explain the server not responding (#314)
  • Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.2

Changelog

Sourced from browserify-sign's changelog.

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v4.1.0 - 2020-05-05

Merged

Commits
  • 4af5a90 v4.2.2
  • 3aec038 [Dev Deps] update tape
  • 85994cd [Fix] properly check the upper bound for DSA signatures
  • 9ac5a5e [meta] fix package.json indentation
  • dcf49ce [meta] add safe-publish-latest
  • 4418183 [meta] add npmignore and auto-changelog
  • 8767739 [Fix] sign: throw on unsupported padding scheme
  • 5f6fb17 [Tests] log when openssl doesn't support cipher
  • f5f17c2 [Tests] handle openSSL not supporting a scheme
  • d845d85 [Tests] migrate from travis to github actions
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates fsevents from 1.2.9 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Commits

Updates handlebars from 4.5.3 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

Compatibility notes:

  • Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

  • Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

  • Node.js < v6 is no longer supported Reverted in 4.7.6

Commits

v4.7.4 - April 1st, 2020

Chore/Housekeeping:

Compatibility notes:

... (truncated)

Commits

Updates hbs from 4.0.1 to 4.2.0

Changelog

Sourced from hbs's changelog.

4.2.0 / 2021-11-16

  • Add rename option to registerPartials
  • Ensure all partials are registered before rendering
  • Fix function context in async helpers
  • deps: walk@2.3.15

4.1.2 / 2021-04-15

  • deps: handlebars@4.7.7

4.1.1 / 2020-04-03

  • deps: handlebars@4.7.6

4.1.0 / 2020-01-14

  • deps: handlebars@4.5.3
    • Add handlebars.parseWithoutProcessing
    • Add support for iterable objects in #each helper
    • Block access to non-enumerable special properties on objects
    • Fix error when helper defined with array properties
    • Fix parsing of empty raw blocks
    • Fix work-around for constructor blocking
    • Validate arguments to #if, #unless and #with helpers

4.0.6 / 2019-10-09

  • deps: handlebars@4.3.5
    • Fix error object inheritance
    • Fix work-around for constructor blocking

4.0.5 / 2019-09-27

  • Fix async helpers not working when cache enabled
  • Fix handling of exceptions from layout
  • Fix handling of exceptions when cache enabled
  • deps: handlebars@4.3.3
    • Block calling helperMissing and blockHelperMissing from templates
    • Fix work-around for constructor blocking
  • deps: walk@2.3.14

4.0.4 / 2019-04-14

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by dougwilson, a new releaser for hbs since your current version.


Updates jszip from 3.1.5 to 3.10.1

Changelog

Sourced from jszip's changelog.

v3.10.1 2022-08-02

  • Add sponsorship files.
    • If you appreciate the time spent maintaining JSZip then I would really appreciate your sponsorship.
  • Consolidate metadata types and expose OnUpdateCallback #851 and #852
  • use const instead var in example from README.markdown #828
  • Switch manual download link to HTTPS #839

Internals:

  • Replace jshint with eslint #842
  • Add performance tests #834

v3.10.0 2022-05-20

  • Change setimmediate dependency to more efficient one. Fixes Stuk/jszip#617 (see #829)
  • Update types of currentFile metadata to include null (see #826)

v3.9.1 2022-04-06

  • Fix recursive definition of InputFileFormat introduced in 3.9.0.

v3.9.0 2022-04-04

  • Update types JSZip#loadAsync to accept a promise for data, and remove arguments from new JSZip() (see #752)
  • Update types for compressionOptions to JSZipFileOptions and JSZipGeneratorOptions (see #722)
  • Add types for generateInternalStream (see #774)

v3.8.0 2022-03-30

  • Santize filenames when files are loaded with loadAsync, to avoid "zip slip" attacks. The original filename is available on each zip entry as unsafeOriginalName. See the documentation. Many thanks to McCaulay Hudson for reporting.

v3.7.1 2021-08-05

  • Fix build of dist files.
    • Note: this version ensures the changes from 3.7.0 are actually included in the dist files. Thanks to Evan W for reporting.

v3.7.0 2021-07-23

  • Fix: Use a null prototype object for this.files (see #766)
    • This change might break existing code if it uses prototype methods on the .files property of a zip object, for example zip.files.toString(). This approach is taken to prevent files in the zip overriding object methods that would exist on a normal object.

v3.6.0 2021-02-09

  • Fix: redirect main to dist on browsers (see #742)
  • Fix duplicate require DataLengthProbe, utils (see #734)
  • Fix small error in read_zip.md (see #703)

v3.5.0 2020-05-31

... (truncated)

Commits

@dependabot
Bump the npm_and_yarn group across 1 directories with 20 updates
9f8fa46 
Bumps the npm_and_yarn group with 20 updates in the /. directory:

| Package | From | To |
| --- | --- | --- |
| [debug](https://github.com/debug-js/debug) | `3.1.0` | `3.2.7` |
| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.0` |
| [lodash](https://github.com/lodash/lodash) | `4.17.19` | `4.17.21` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.3` | `1.2.6` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.7.4` | `7.23.9` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.15.5` |
| [start-server-and-test](https://github.com/bahmutov/start-server-and-test) | `1.11.6` | `1.15.4` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.2` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [fsevents](https://github.com/fsevents/fsevents) | `1.2.9` | `1.2.13` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.7` |
| [hbs](https://github.com/pillarjs/hbs) | `4.0.1` | `4.2.0` |
| [jszip](https://github.com/Stuk/jszip) | `3.1.5` | `3.10.1` |
| [read-excel-file](https://gitlab.com/catamphetamine/read-excel-file) | `4.0.7` | `4.1.0` |
| [socket.io-parser](https://github.com/socketio/socket.io-parser) | `3.3.2` | `3.3.3` |
| [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.20` | `0.7.37` |
| [hoek](https://github.com/hapijs/hoek) | `5.0.4` | `` |
| [wait-on](https://github.com/jeffbski/wait-on) | `3.2.0` | `3.3.0` |
| [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.4.23` | `0.5.0` |
| [parse-bmfont-xml](https://github.com/mattdesl/parse-bmfont-xml) | `1.1.4` | `1.1.6` |


Updates `debug` from 3.1.0 to 3.2.7
- [Release notes](https://github.com/debug-js/debug/releases)
- [Commits](debug-js/debug@3.1.0...3.2.7)

Updates `jsonwebtoken` from 8.5.1 to 9.0.0
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0)

Updates `lodash` from 4.17.19 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Updates `minimist` from 1.2.3 to 1.2.6
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.3...v1.2.6)

Updates `@babel/traverse` from 7.7.4 to 7.23.9
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse)

Updates `follow-redirects` from 1.9.0 to 1.15.5
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.9.0...v1.15.5)

Updates `start-server-and-test` from 1.11.6 to 1.15.4
- [Release notes](https://github.com/bahmutov/start-server-and-test/releases)
- [Commits](bahmutov/start-server-and-test@v1.11.6...v1.15.4)

Updates `browserify-sign` from 4.0.4 to 4.2.2
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.0.4...v4.2.2)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `fsevents` from 1.2.9 to 1.2.13
- [Release notes](https://github.com/fsevents/fsevents/releases)
- [Commits](fsevents/fsevents@v1.2.9...v1.2.13)

Updates `handlebars` from 4.5.3 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.5.3...v4.7.7)

Updates `hbs` from 4.0.1 to 4.2.0
- [Changelog](https://github.com/pillarjs/hbs/blob/master/HISTORY.md)
- [Commits](pillarjs/hbs@v4.0.1...v4.2.0)

Updates `jszip` from 3.1.5 to 3.10.1
- [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md)
- [Commits](Stuk/jszip@v3.1.5...v3.10.1)

Updates `read-excel-file` from 4.0.7 to 4.1.0
- [Changelog](https://gitlab.com/catamphetamine/read-excel-file/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/read-excel-file/compare/v4.0.7...v4.1.0)

Updates `socket.io-parser` from 3.3.2 to 3.3.3
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](socketio/socket.io-parser@3.3.2...3.3.3)

Updates `ua-parser-js` from 0.7.20 to 0.7.37
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md)
- [Commits](faisalman/ua-parser-js@0.7.20...0.7.37)

Removes `hoek`

Updates `wait-on` from 3.2.0 to 3.3.0
- [Release notes](https://github.com/jeffbski/wait-on/releases)
- [Commits](jeffbski/wait-on@v3.2.0...v3.3.0)

Updates `xml2js` from 0.4.23 to 0.5.0
- [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0)

Updates `parse-bmfont-xml` from 1.1.4 to 1.1.6
- [Commits](mattdesl/parse-bmfont-xml@v1.1.4...v1.1.6)

---
updated-dependencies:
- dependency-name: debug
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: jsonwebtoken
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: lodash
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: minimist
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: start-server-and-test
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: fsevents
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: handlebars
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: hbs
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: jszip
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: read-excel-file
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: socket.io-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ua-parser-js
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: hoek
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: wait-on
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: xml2js
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: parse-bmfont-xml
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant