Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group with 10 updates #81

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group with 10 updates #81

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 5, 2024

Bumps the npm_and_yarn group with 10 updates:

Package From To
braces 2.3.2 3.0.3
watchify 3.11.1 4.0.0
browserify-sign 4.0.4 4.2.3
elliptic 6.5.4 6.6.1
fsevents 1.2.7 2.3.3
got 7.1.0 11.8.6
vue-resource 1.3.4 1.5.3
shell-quote 1.6.1 1.8.2
tough-cookie 2.5.0 removed
node-sass 7.0.0 9.0.0

Updates braces from 2.3.2 to 3.0.3

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

  • The undocumented .makeRe method was removed

Non-breaking changes

  • Caching was removed
Commits

Updates watchify from 3.11.1 to 4.0.0

Release notes

Sourced from watchify's releases.

v4.0.0

  • Update dependencies.

This release drops support for Node.js versions older than 8.10, following the upgrade to chokidar 3.x.

Changelog

Sourced from watchify's changelog.

4.0.0

  • Update dependencies.

This release drops support for Node.js versions older than 8.10, following the upgrade to chokidar 3.x.

Commits

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

... (truncated)

Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates elliptic from 6.5.4 to 6.6.1

Commits

Updates fsevents from 1.2.7 to 2.3.3

Release notes

Sourced from fsevents's releases.

Release v2.3.3

Released to npm as v2.3.3

Release v2.3.2

Released to npm as v2.3.2

Release v2.3.1

Released to npm as v2.3.1

Release contains universal binary for x86 & amd64 (m1) chips

Release v2.2.2

Released to npm as v2.2.2

Universal Binary Support x86-64 & amd64(m1)

Release v2.2.0

Electron Enabled (no static functions/variables)

Release v1.2.3

No release notes provided.

Release v2.1.2

No release notes provided.

2.1.0

Latest stable release

Release NAPI v2.0.6

Include essential files only.

Release NAPI v2.0.5

No release notes provided.

Release NAPI v2.0.4

No release notes provided.

Release NAPI v2.0.3

Moved NAPI version out of experimental.

NAPI release

No release notes provided.

deprecated

Fixing the API for chokidar since it was calling FSEvents as a constructor

deprecated

We have upgraded to N-API. For that reason we have also dropped support for node < 6.

For that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on fsevents, it should be as simple as changing the version number in your package.json.

... (truncated)

Commits

Updates got from 7.1.0 to 11.8.6

Release notes

Sourced from got's releases.

v11.8.6

  • Destroy request object after successful response

sindresorhus/got@v11.8.5...v11.8.6

v11.8.5

sindresorhus/got@v11.8.4...v11.8.5

v11.8.3

  • Bump cacheable-request dependency (#1921) 9463bb6
  • Fix HTTPError missing .code property (#1739) 0e167b8

sindresorhus/got@v11.8.2...v11.8.3

v11.8.2

  • Make the dnsCache option lazy (#1529) 3bd245f This slightly improves Got startup performance and fixes an issue with Jest.

sindresorhus/got@v11.8.1...v11.8.2

v11.8.1

  • Do not throw on custom stack traces (#1491) 4c815c3a609eb74d0eb139414d9996b4f65dc3c0

v11.8.0

  • Fix for sending files with size 0 on stat (#1488) 7acd380
  • beforeRetry allows stream body if different from original (#1501) 3dd2273
  • Set default value for an options object (#1495) 390b145

sindresorhus/got@v11.7.0...v11.8.0

v11.7.0

Improvements

  • Add pfx HTTPS option (#1364) c33df7f
  • Update body after beforeRequest (#1453) e1c1844
  • Don&#39;t allocate buffer twice (#1403) 7bc69d9

Fixes

  • Fix a regression where body was sent after redirect 88b32ea
  • Fix destructure error on promise.json() c97ce7c
  • Do not ignore userinfo on a redirect to the same origin 52de13b

sindresorhus/got@v11.6.2...v11.7.0

v11.6.2

Bug fixes

... (truncated)

Commits

Updates vue-resource from 1.3.4 to 1.5.3

Release notes

Sourced from vue-resource's releases.

1.5.3

Changed

  • Use got version >=8.0 <12.0

1.5.2

Added

  • Add additional check if plugin has already been registered

1.5.1

Fixed

  • Fix typings for Typescript (#673, #682)

1.5.0

New

  • Use uploadProgress to listen to upload ProgressEvents
  • Use downloadProgress to listen to download ProgressEvents

Deprecated

  • Deprecated progress option

1.4.0

Changed

  • Use return to pass response in interceptors, instead of calling next(...)

1.3.6

New

  • Add typings for Typescript (#611)

1.3.5

Fixed

  • Whitespace before/after JSON (#665)
Commits

Updates shell-quote from 1.6.1 to 1.8.2

Changelog

Sourced from shell-quote's changelog.

v1.8.2 - 2024-11-27

Fixed

Commits

  • [meta] fix changelog tags 0fb9fd8
  • [actions] split out node 10-20, and 20+ 819bd84
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape fc56408
  • [actions] update npm for windows tests fdeb0fd
  • [Dev Deps] update @ljharb/eslint-config, aud, tape b8a4a3b
  • [actions] prevent node 14 on ARM mac from failing 9eecafc
  • [meta] exclude more files from the package 4044e7f
  • [Tests] replace aud with npm audit 8cfdbd8
  • [meta] add missing engines.node 843820e
  • [Dev Deps] add missing peer dep 4c3b88d
  • [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6 80322ed

v1.8.1 - 2023-04-07

Fixed

Commits

  • [Refactor] parse: hoist getVar to module level b42ac73
  • [Refactor] hoist some vars to module level 8f0c5c3
  • [Refactor] parse: use slice over substr, cache some values fcb2e1a
  • [Refactor] parse: a bit of cleanup 6780ec5
  • [Refactor] parse: tweak the regex to not match nothing 227d474
  • [Tests] increase coverage a66de94
  • [Refactor] parse: avoid shadowing a function arg 1d58679

v1.8.0 - 2023-01-30

Commits

  • [New] extract parse and quote to their own deep imports 553fdfc
  • [Tests] add nyc coverage fd7ddcd
  • [New] Add support for here strings (&lt;&lt;&lt;) 9802fb3
  • [New] parse: Add syntax support for duplicating input file descriptors 216b198
  • [Dev Deps] update @ljharb/eslint-config, aud, tape 85f8e31
  • [Tests] add evalmd c5549fc
  • [actions] update checkout action 62e9b49

v1.7.4 - 2022-10-12

... (truncated)

Commits
  • b19fc77 v1.8.2
  • 59d29ea [Fix] quote: preserve empty strings
  • 819bd84 [actions] split out node 10-20, and 20+
  • 4c3b88d [Dev Deps] add missing peer dep
  • fc56408 [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape
  • 8cfdbd8 [Tests] replace aud with npm audit
  • 9eecafc [actions] prevent node 14 on ARM mac from failing
  • 843820e [meta] add missing engines.node
  • 4044e7f [meta] exclude more files from the package
  • fdeb0fd [actions] update npm for windows tests
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.


Removes tough-cookie

Updates node-sass from 7.0.0 to 9.0.0

Release notes

Sourced from node-sass's releases.

v9.0.0

What's Changed

Breaking changes

Supported Environments

OS Architecture Node
Windows x86 & x64 16, 18, 19, 20
OSX x64 16, 18, 19, 20
Linux* x64 16, 18, 19, 20
Alpine Linux x64 16, 18, 19, 20

*Linux support refers to major distributions like Ubuntu, and Debian

v8.0.0

What's Changed

Breaking changes

Features

Dependencies

Misc

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group with 10 updates
97d3c40 
Bumps the npm_and_yarn group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |
| [watchify](https://github.com/browserify/watchify) | `3.11.1` | `4.0.0` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` |
| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `6.6.1` |
| [fsevents](https://github.com/fsevents/fsevents) | `1.2.7` | `2.3.3` |
| [got](https://github.com/sindresorhus/got) | `7.1.0` | `11.8.6` |
| [vue-resource](https://github.com/pagekit/vue-resource) | `1.3.4` | `1.5.3` |
| [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.8.2` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.5.0` | `removed` |
| [node-sass](https://github.com/sass/node-sass) | `7.0.0` | `9.0.0` |


Updates `braces` from 2.3.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/commits/3.0.3)

Updates `watchify` from 3.11.1 to 4.0.0
- [Release notes](https://github.com/browserify/watchify/releases)
- [Changelog](https://github.com/browserify/watchify/blob/master/CHANGELOG.md)
- [Commits](browserify/watchify@v3.11.1...v4.0.0)

Updates `browserify-sign` from 4.0.4 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.0.4...v4.2.3)

Updates `elliptic` from 6.5.4 to 6.6.1
- [Commits](indutny/elliptic@v6.5.4...v6.6.1)

Updates `fsevents` from 1.2.7 to 2.3.3
- [Release notes](https://github.com/fsevents/fsevents/releases)
- [Commits](fsevents/fsevents@v1.2.7...v2.3.3)

Updates `got` from 7.1.0 to 11.8.6
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](sindresorhus/got@v7.1.0...v11.8.6)

Updates `vue-resource` from 1.3.4 to 1.5.3
- [Release notes](https://github.com/pagekit/vue-resource/releases)
- [Commits](pagekit/vue-resource@1.3.4...1.5.3)

Updates `shell-quote` from 1.6.1 to 1.8.2
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.6.1...v1.8.2)

Removes `tough-cookie`

Updates `node-sass` from 7.0.0 to 9.0.0
- [Release notes](https://github.com/sass/node-sass/releases)
- [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md)
- [Commits](sass/node-sass@v7.0.0...v9.0.0)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: watchify
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: elliptic
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fsevents
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: got
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: vue-resource
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: shell-quote
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-sass
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from rickalee as a code owner December 5, 2024 17:05
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 5, 2024
@dependabot dependabot bot mentioned this pull request Dec 5, 2024
Closed
@dependabot dependabot bot requested a review from s3rgiosan December 5, 2024 17:05
@dependabot dependabot bot mentioned this pull request Dec 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rickalee rickalee Awaiting requested review from rickalee rickalee is a code owner

@s3rgiosan s3rgiosan Awaiting requested review from s3rgiosan

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants