Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 13 updates #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the npm_and_yarn group across 1 directory with 13 updates #1

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Aug 31, 2024

Bumps the npm_and_yarn group with 10 updates in the / directory:

Package From To
json5 2.2.0 2.2.2
ansi-regex 3.0.0 3.0.1
semver 7.3.5 7.6.3
semver 6.3.0 7.6.3
semver 5.7.1 7.6.3
got 9.6.0 11.8.6
update-notifier 5.1.0 7.3.0
js-green-licenses 3.0.1 4.0.0
micromatch 4.0.4 4.0.8
minimatch 3.0.4 3.1.2
mocha 8.4.0 10.7.3
word-wrap 1.2.3 1.2.5

Updates json5 from 2.2.0 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Commits
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
  • 910ce25 docs: fix spelling of Aseem
  • 2aab4dd test: require tap as t in cli tests
  • 6d42686 test: remove mocha syntax from tests
  • 4798b9d docs: update installation and usage for modules
  • Additional commits viewable in compare view

Updates ansi-regex from 3.0.0 to 3.0.1

Commits

Updates semver from 7.3.5 to 7.6.3

Release notes

Sourced from semver's releases.

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

v7.6.0

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Changelog

Sourced from semver's changelog.

7.6.3 (2024-07-16)

Bug Fixes

Documentation

7.6.2 (2024-05-09)

Bug Fixes

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.


Updates semver from 6.3.0 to 7.6.3

Release notes

Sourced from semver's releases.

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

v7.6.0

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Changelog

Sourced from semver's changelog.

7.6.3 (2024-07-16)

Bug Fixes

Documentation

7.6.2 (2024-05-09)

Bug Fixes

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.


Updates semver from 5.7.1 to 7.6.3

Release notes

Sourced from semver's releases.

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

v7.6.0

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Changelog

Sourced from semver's changelog.

7.6.3 (2024-07-16)

Bug Fixes

Documentation

7.6.2 (2024-05-09)

Bug Fixes

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.


Updates got from 9.6.0 to 11.8.6

Release notes

Sourced from got's releases.

v11.8.6

  • Destroy request object after successful response

sindresorhus/got@v11.8.5...v11.8.6

v11.8.5

sindresorhus/got@v11.8.4...v11.8.5

v11.8.3

  • Bump cacheable-request dependency (#1921) 9463bb6
  • Fix HTTPError missing .code property (#1739) 0e167b8

sindresorhus/got@v11.8.2...v11.8.3

v11.8.2

  • Make the dnsCache option lazy (#1529) 3bd245f This slightly improves Got startup performance and fixes an issue with Jest.

sindresorhus/got@v11.8.1...v11.8.2

v11.8.1

  • Do not throw on custom stack traces (#1491) 4c815c3a609eb74d0eb139414d9996b4f65dc3c0

v11.8.0

  • Fix for sending files with size 0 on stat (#1488) 7acd380
  • beforeRetry allows stream body if different from original (#1501) 3dd2273
  • Set default value for an options object (#1495) 390b145

sindresorhus/got@v11.7.0...v11.8.0

v11.7.0

Improvements

  • Add pfx HTTPS option (#1364) c33df7f
  • Update body after beforeRequest (#1453) e1c1844
  • Don't allocate buffer twice (#1403) 7bc69d9

Fixes

  • Fix a regression where body was sent after redirect 88b32ea
  • Fix destructure error on promise.json() c97ce7c
  • Do not ignore userinfo on a redirect to the same origin 52de13b

sindresorhus/got@v11.6.2...v11.7.0

v11.6.2

Bug fixes

... (truncated)

Commits

Updates update-notifier from 5.1.0 to 7.3.0

Release notes

Sourced from update-notifier's releases.

v7.3.0

  • Drop redundant dependency (#236) 0b962bc
  • Drop unused dependency (#235) cb073f0

sindresorhus/update-notifier@v7.2.0...v7.3.0

v7.2.0

  • Update dependencies ad04288

sindresorhus/update-notifier@v7.1.0...v7.2.0

v7.1.0

  • Update dependencies (#234) 2980d33

sindresorhus/update-notifier@v7.0.0...v7.1.0

v7.0.0

Breaking

  • Require Node.js 18 431dac4
  • Drop Yarn install commands in update message a1d8d9d

sindresorhus/update-notifier@v6.0.2...v7.0.0

v6.0.2

  • Fix license d152f85

sindresorhus/update-notifier@v6.0.1...v6.0.2

v6.0.1

  • Update dependencies (#222) 3f7c9f3

sindresorhus/update-notifier@v6.0.0...v6.0.1

v6.0.0

Breaking

  • Require Node.js 14 9183541
  • This package is now pure ESM. Please read this.

sindresorhus/update-notifier@v5.1.0...v6.0.0

Commits

Updates js-green-licenses from 3.0.1 to 4.0.0

Release notes

Sourced from js-green-licenses's releases.

v4.0.0

4.0.0 (2023-01-09)

⚠ BREAKING CHANGES

  • drop support for node.js 10.x (#176)

Bug Fixes

  • deps: update dependency gaxios to v5 (#195) (876307f)
  • deps: update dependency package-json to v7 (#172) (cb2900e)
  • deps: upgrade to typescript 4.4.4 (#180) (da3fed5)

Build System

Changelog

Sourced from

@dependabot
build(deps): bump the npm_and_yarn group across 1 directory with 13 u…
a36947a 
…pdates

Bumps the npm_and_yarn group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.2` |
| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |
| [semver](https://github.com/npm/node-semver) | `7.3.5` | `7.6.3` |
| [semver](https://github.com/npm/node-semver) | `6.3.0` | `7.6.3` |
| [semver](https://github.com/npm/node-semver) | `5.7.1` | `7.6.3` |
| [got](https://github.com/sindresorhus/got) | `9.6.0` | `11.8.6` |
| [update-notifier](https://github.com/yeoman/update-notifier) | `5.1.0` | `7.3.0` |
| [js-green-licenses](https://github.com/google/js-green-licenses) | `3.0.1` | `4.0.0` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [mocha](https://github.com/mochajs/mocha) | `8.4.0` | `10.7.3` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |



Updates `json5` from 2.2.0 to 2.2.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.2.0...v2.2.2)

Updates `ansi-regex` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v3.0.0...v3.0.1)

Updates `semver` from 7.3.5 to 7.6.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.3.5...v7.6.3)

Updates `semver` from 6.3.0 to 7.6.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.3.5...v7.6.3)

Updates `semver` from 5.7.1 to 7.6.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.3.5...v7.6.3)

Updates `got` from 9.6.0 to 11.8.6
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](sindresorhus/got@v9.6.0...v11.8.6)

Updates `update-notifier` from 5.1.0 to 7.3.0
- [Release notes](https://github.com/yeoman/update-notifier/releases)
- [Commits](sindresorhus/update-notifier@v5.1.0...v7.3.0)

Updates `js-green-licenses` from 3.0.1 to 4.0.0
- [Release notes](https://github.com/google/js-green-licenses/releases)
- [Changelog](https://github.com/google/js-green-licenses/blob/main/CHANGELOG.md)
- [Commits](google/js-green-licenses@v3.0.1...v4.0.0)

Updates `http-cache-semantics` from 4.1.0 to 4.1.1
- [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1)

Updates `micromatch` from 4.0.4 to 4.0.8
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.4...4.0.8)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `mocha` from 8.4.0 to 10.7.3
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](mochajs/mocha@v8.4.0...v10.7.3)

Updates `minimist` from 1.2.5 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `node-fetch` from 2.6.1 to 2.7.0
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.1...v2.7.0)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: got
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: update-notifier
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: js-green-licenses
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: http-cache-semantics
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mocha
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-fetch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant