Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

12 patch security update #19

Open
wants to merge 30 commits into
base: master
Choose a base branch
from
Open

12 patch security update #19

wants to merge 30 commits into from

Conversation

ValentinGratz
Copy link

No description provided.

dependabot bot and others added 30 commits October 25, 2022 11:15
@dependabot
Bump copy-props from 2.0.4 to 2.0.5
b78fe40 
Bumps [copy-props](https://github.com/gulpjs/copy-prop) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-prop/releases)
- [Commits](https://github.com/gulpjs/copy-prop/commits)

---
updated-dependencies:
- dependency-name: copy-props
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump path-parse from 1.0.6 to 1.0.7
fce538f 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump y18n from 3.2.1 to 3.2.2
6905c48 
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump hosted-git-info from 2.7.1 to 2.8.9
ceddb6c 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.7.1...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump yargs-parser from 5.0.0 to 5.0.1
979cea5 
Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md)
- [Commits](yargs/yargs-parser@v5.0.0...v5.0.1)

---
updated-dependencies:
- dependency-name: yargs-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump ini from 1.3.5 to 1.3.8
a07540e 
Bumps [ini](https://github.com/npm/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/npm/ini/releases)
- [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md)
- [Commits](npm/ini@v1.3.5...v1.3.8)

---
updated-dependencies:
- dependency-name: ini
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #6 from ValentinGratz/dependabot/npm_and_yarn/ini-…
4bfe22d 
…1.3.8

Bump ini from 1.3.5 to 1.3.8
@ValentinGratz
Merge pull request #5 from ValentinGratz/dependabot/npm_and_yarn/yarg…
fa2f11b 
…s-parser-5.0.1

Bump yargs-parser from 5.0.0 to 5.0.1
@ValentinGratz
Merge pull request #4 from ValentinGratz/dependabot/npm_and_yarn/host…
df8c1b6 
…ed-git-info-2.8.9

Bump hosted-git-info from 2.7.1 to 2.8.9
@ValentinGratz
Merge pull request #3 from ValentinGratz/dependabot/npm_and_yarn/y18n…
03f489e 
…-3.2.2

Bump y18n from 3.2.1 to 3.2.2
@ValentinGratz
Merge pull request #2 from ValentinGratz/dependabot/npm_and_yarn/path…
0181f7a 
…-parse-1.0.7

Bump path-parse from 1.0.6 to 1.0.7
@ValentinGratz
Merge pull request #1 from ValentinGratz/dependabot/npm_and_yarn/copy…
eb173b3 
…-props-2.0.5

Bump copy-props from 2.0.4 to 2.0.5
@ValentinGratz
Update package-lock.json
72067d8
@ValentinGratz
Update package-lock.json
37e8a16
@dependabot
Bump ini from 1.3.5 to 1.3.8
1e17154 
Bumps [ini](https://github.com/npm/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/npm/ini/releases)
- [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md)
- [Commits](npm/ini@v1.3.5...v1.3.8)

---
updated-dependencies:
- dependency-name: ini
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #7 from ValentinGratz/dependabot/npm_and_yarn/ini-…
91a03cc 
…1.3.8

Bump ini from 1.3.5 to 1.3.8
@dependabot
Bump minimatch from 3.0.4 to 3.1.2
501b048 
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #8 from ValentinGratz/dependabot/npm_and_yarn/mini…
5e6a984 
…match-3.1.2

Bump minimatch from 3.0.4 to 3.1.2
@ValentinGratz
Update package-lock.json
b9fec31
@ValentinGratz
Update package-lock.json
e96f116
@ValentinGratz
tar
e18983d
@ValentinGratz
update
31feb2d
@dependabot
Bump decode-uri-component from 0.2.0 to 0.2.2
69c211a 
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #9 from ValentinGratz/dependabot/npm_and_yarn/deco…
e681b28 
…de-uri-component-0.2.2

Bump decode-uri-component from 0.2.0 to 0.2.2
@dependabot
Bump qs from 6.5.2 to 6.11.0
cfc32c4 
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.11.0.
- [Release notes](https://github.com/ljharb/qs/releases)
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.5.2...v6.11.0)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #10 from ValentinGratz/dependabot/npm_and_yarn/qs-…
d6a6c52 
…6.11.0

Bump qs from 6.5.2 to 6.11.0
@ValentinGratz
Merge branch 'mlooft:master' into master
cfcdb0a
@ValentinGratz
Add files via upload
ea5bb60
@dependabot
Bump braces and gulp
cea0799 
Bumps [braces](https://github.com/micromatch/braces) to 3.0.3 and updates ancestor dependency [gulp](https://github.com/gulpjs/gulp). These dependencies need to be updated together.


Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `gulp` from 4.0.2 to 5.0.0
- [Release notes](https://github.com/gulpjs/gulp/releases)
- [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md)
- [Commits](gulpjs/gulp@v4.0.2...v5.0.0)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
- dependency-name: gulp
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@ValentinGratz
Merge pull request #11 from ValentinGratz/dependabot/npm_and_yarn/mul…
7756917 
…ti-a9f852c250

Bump braces and gulp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ValentinGratz