-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the production-dependencies group across 1 directory with 12 updates #923
Bump the production-dependencies group across 1 directory with 12 updates #923
Conversation
…ates Bumps the production-dependencies group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.23.9` | `7.24.7` | | [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.23.9` | `7.24.7` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.23.9` | `7.24.7` | | [@swc/core](https://github.com/swc-project/swc) | `1.3.107` | `1.5.25` | | [commander](https://github.com/tj/commander.js) | `11.1.0` | `12.1.0` | | [glob](https://github.com/isaacs/node-glob) | `10.3.10` | `10.4.1` | | [swc-loader](https://github.com/swc-project/pkgs) | `0.2.3` | `0.2.6` | | [webpack](https://github.com/webpack/webpack) | `5.90.0` | `5.91.0` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `5.0.4` | | [webpackbar](https://github.com/unjs/webpackbar) | `6.0.0` | `6.0.1` | | [yaml](https://github.com/eemeli/yaml) | `2.3.4` | `2.4.3` | Updates `@babel/core` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-core) Updates `@babel/preset-env` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-preset-env) Updates `@babel/runtime` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-runtime) Updates `@swc/core` from 1.3.107 to 1.5.25 - [Release notes](https://github.com/swc-project/swc/releases) - [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md) - [Commits](swc-project/swc@v1.3.107...v1.5.25) Updates `browserslist` from 4.22.3 to 4.23.0 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.22.3...4.23.0) Updates `commander` from 11.1.0 to 12.1.0 - [Release notes](https://github.com/tj/commander.js/releases) - [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md) - [Commits](tj/commander.js@v11.1.0...v12.1.0) Updates `glob` from 10.3.10 to 10.4.1 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.3.10...v10.4.1) Updates `swc-loader` from 0.2.3 to 0.2.6 - [Commits](https://github.com/swc-project/pkgs/commits) Updates `webpack` from 5.90.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.90.0...v5.91.0) Updates `webpack-dev-server` from 4.15.1 to 5.0.4 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v4.15.1...v5.0.4) Updates `webpackbar` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/unjs/webpackbar/releases) - [Changelog](https://github.com/unjs/webpackbar/blob/main/CHANGELOG.md) - [Commits](unjs/webpackbar@v6.0.0...v6.0.1) Updates `yaml` from 2.3.4 to 2.4.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.3.4...v2.4.3) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@swc/core" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: browserslist dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: commander dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: swc-loader dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: webpack dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: webpack-dev-server dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: webpackbar dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: yaml dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is an install script?Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts. Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead. Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
Superseded by #925. |
Bumps the production-dependencies group with 11 updates in the / directory:
7.23.9
7.24.7
7.23.9
7.24.7
7.23.9
7.24.7
1.3.107
1.5.25
11.1.0
12.1.0
10.3.10
10.4.1
0.2.3
0.2.6
5.90.0
5.91.0
4.15.1
5.0.4
6.0.0
6.0.1
2.3.4
2.4.3
Updates
@babel/core
from 7.23.9 to 7.24.7Release notes
Sourced from
@babel/core
's releases.... (truncated)
Changelog
Sourced from
@babel/core
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.790fdd7e
Only import types from declared dependencies (#16494)7934963
Usetype: module
in allpackage.json
s (#16535)9630250
v7.24.6553e433
Generate helper metadata at build time (#16501)fbfe16c
Fix source maps for template literals (#16515)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)e37e64d
Use eslint v9 (#16479)71c247a
[babel 8] Require Node.js^18.20.0 || ^20.10.0 || >=21.0.0
(#16457)ddbea7d
v7.24.5Updates
@babel/preset-env
from 7.23.9 to 7.24.7Release notes
Sourced from
@babel/preset-env
's releases.... (truncated)
Changelog
Sourced from
@babel/preset-env
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.714a0b08
[helpers TS conversion] async functions/generators (#16510)1e3be73
Update compat data (#16539)7934963
Usetype: module
in allpackage.json
s (#16535)9630250
v7.24.6553e433
Generate helper metadata at build time (#16501)db3e9a6
Move all runtime helpers to individual files (#16495)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)1327f1d
Bump browserslist and other compat data sources (#16468)71c247a
[babel 8] Require Node.js^18.20.0 || ^20.10.0 || >=21.0.0
(#16457)Updates
@babel/runtime
from 7.23.9 to 7.24.7Release notes
Sourced from
@babel/runtime
's releases.... (truncated)
Changelog
Sourced from
@babel/runtime
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.714a0b08
[helpers TS conversion] async functions/generators (#16510)7934963
Usetype: module
in allpackage.json
s (#16535)ab465cc
Delete unused array helpers (#16525)9630250
v7.24.6553e433
Generate helper metadata at build time (#16501)db3e9a6
Move all runtime helpers to individual files (#16495)71c247a
[babel 8] Require Node.js^18.20.0 || ^20.10.0 || >=21.0.0
(#16457)ddbea7d
v7.24.55a8c692
v7.24.4Updates
@swc/core
from 1.3.107 to 1.5.25Changelog
Sourced from
@swc/core
's changelog.... (truncated)
Commits
8bb302a
chore: Publish1.5.25
withswc_core
v0.92.10
277843e
chore: Bump crates3bf3114
perf(es/parser): Add feature namedtracing-spans
(#9019)2fb890c
chore: Publish crates1496ed1
chore: Bump crates9f8e24a
fix(es/minifier): Fix evaluation of-0
as a string (#9011)1f911f9
chore: Bump crates2879a4d
fix(es/minifier): Do not index a string with a surrogate pair (#9013)04c1839
chore: Bump crates8a29577
fix(es/minifier): Fix comparison of-0.0
(#9012)Updates
browserslist
from 4.22.3 to 4.23.0Release notes
Sourced from browserslist's releases.
Changelog
Sourced from browserslist's changelog.
Commits
a23d971
Release 4.23 version61e7712
Update dependencies2c313aa
Add Github release workflow3caf908
Update CIb58ae05
feat: add BROWSERSLIST_ROOT_PATH (#819)8ddc4d8
Update grammar definition file (#817)Updates
commander
from 11.1.0 to 12.1.0Release notes
Sourced from commander's releases.
... (truncated)
Changelog
Sourced from commander's changelog.
... (truncated)
Commits
970ecae
12.1.04a9b211
Prepare CHANGELOG for 12.1.0 (#2193)0e083f8
ci: add 22.x to node-version (#2192)d3b48f7
Remove unimplemented fullDescription from TypeScript (#2191)c749eb8
Bump tsd from 0.30.4 to 0.31.0 (#2172)f09d0b2
Bump@typescript-eslint/parser
from 6.14.0 to 6.21.0 (#2179)4484e79
Bump@types/node
from 20.8.9 to 20.12.7 (#2187)6c740e9
Bump eslint-plugin-jest from 27.9.0 to 28.3.0 (#2188)27b1349
Bump typescript from 5.2.2 to 5.4.5 (#2189)b95ea44
Fix some JSDoc lint issues (#2181)Updates
glob
from 10.3.10 to 10.4.1Changelog
Sourced from glob's changelog.