Bump loofah from 2.2.2 to 2.3.1 in /test/truffle/ecosystem/blog5#1810
Bump loofah from 2.2.2 to 2.3.1 in /test/truffle/ecosystem/blog5#1810dependabot[bot] wants to merge 1 commit intomasterfrom
Conversation
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.2.2 to 2.3.1. - [Release notes](https://github.com/flavorjones/loofah/releases) - [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md) - [Commits](flavorjones/loofah@v2.2.2...v2.3.1) Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
the
dependencies
|
Hello dependabot[bot], thanks for contributing a PR to our project! We use the Oracle Contributor Agreement to make the copyright of contributions clear. We don't have a record of you having signed this yet, based on your email address 49699333+dependabot[bot] -(at)- users -(dot)- noreply -(dot)- github -(dot)- com. You can sign it at that link. If you think you've already signed it, please comment below and we'll check. |
graalvmbot
deleted the
dependabot/bundler/test/truffle/ecosystem/blog5/loofah-2.3.1
branch
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Bumps loofah from 2.2.2 to 2.3.1.
Release notes
Sourced from loofah's releases.
Changelog
Sourced from loofah's changelog.
Commits
83df303version bump to v2.3.1e323a77Merge pull request #172 from flavorjones/171-xss-vulnerability1d81f91update CHANGELOG0c6617amitigate XSS vulnerability in SVG animate attributesa5bd819rufo formatting1bdf276formatting in README1908dc2update CHANGELOG with release datebcbd7b3update dev gemspecf6d4c2dversion bump to v2.3.008fee8cupdate dev depsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot ignore this [patch|minor|major] versionwill close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.