Bump the npm_and_yarn group across 1 directory with 21 updates #3

dependabot · 2024-03-17T02:06:55Z

Bumps the npm_and_yarn group with 17 updates in the / directory:

Package	From	To
browserify-sign	`4.0.4`	`4.2.3`
ejs	`2.5.7`	``
size-limit	`0.11.6`	`11.1.1`
handlebars	`4.0.10`	`4.7.8`
postcss	`5.2.18`	`8.4.35`
css-loader	`0.28.7`	`6.10.0`
ip	`1.1.5`	`1.1.9`
json-schema	`0.2.3`	`0.4.0`
jsprim	`1.4.1`	`1.4.2`
jsprim	`1.3.1`	`1.4.2`
lodash	`4.17.4`	`4.17.21`
ini	`1.3.4`	`1.3.8`
david	`11.0.0`	`11.1.0`
got	`6.7.1`	``
david	`11.1.0`	`11.1.1`
https-proxy-agent	`1.0.0`	`2.2.4`
nsp	`2.8.1`	`3.2.1`
url-parse	`1.1.9`	`1.5.10`
original	`1.0.0`	`1.0.2`

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Removes ejs

Updates size-limit from 0.11.6 to 11.1.1

Release notes

Sourced from size-limit's releases.

11.1.1

Fixed Windows support (by @aryaemami59).

11.1.0

Added TypeScript support for config (by @aryaemami59).

Fixed webpack-why regression (by @hoo00nn).

11.0.3

Fixed .mjs config support (by @aryaemami59).

Updated esbuild.

Changelog

Sourced from size-limit's changelog.

11.1.1

Fixed Windows support (by @aryaemami59).

11.1.0

Added TypeScript support for config (by @aryaemami59).

Fixed webpack-why regression (by @hoo00nn).

11.0.3

Fixed .mjs config support (by Arya Emami).

Updated esbuild.

11.0.2

Fixed require is not defined regression.

Updated esbuild-visualizer.

11.0.1

Updated estimo.

Updated lilconfig.

11.0

Moved to Brotli as default compression. Use gzip: true for old behavior.

10.0.3

Fixed third-party plugins support (by @JounQin).

Fixed Windows support (by @JounQin).

10.0.2

Fixed require is not defined in webpack-css (by Andrey Medvedev).

Fixed webpack config defined as function support (by @lev875).

10.0.1

Fixed imports and exports between packages.

10.0

Removed @size-limit/dual-publish plugin.

Moved projects to ESM (by @lev875). Size Limit still can be used as CLI in CJS projects.

Updated globby dependency.

9.0

Remove Node.js 14 and 16 support.

Moved to React from CDN for time plugin (by Aakansha Doshi).

8.2.6

Fixed npm release process.

8.2.5

Fixed opening report in @size-limit/esbuild-why (by Yaroslav Chapelskyi).

Updated esbuild.

... (truncated)

Commits

2d063b9 Release 11.1.1 version
bf49080 Update dependencies
1d07215 Fix config file path resolution on windows (#359)
20ba5da Release 11.1 version
388845b Add TS docs
b36e823 Add support for TypeScript config files (.size-limit.ts, .size-limit.mts,...
4ffac80 Fix ensure compatibility with ES and CommonJS module systems for StatoscopeWe...
986857c Revert "Fix StatoscopeWebpackPlugin import to support default export (#357)"
cb1844f Fix StatoscopeWebpackPlugin import to support default export (#357)
450ae46 Release 11.0.3 version
Additional commits viewable in compare view

Updates handlebars from 4.0.10 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

fix weird error in integration tests - eb860c0

fix: check prototype property access in strict-mode (#1736) - b6d3de7

fix: escape property names in compat mode (#1736) - f058970

refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8

chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

#1672 - Switch cmd parser to latest minimist (@dougwilson

Compatibility notes:

Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

~~Node.js version support has been changed to v6+~~ Reverted in 4.7.6

Compatibility notes:

... (truncated)

Commits

8dc3d25 v4.7.8
668c4fb Fix browser tests in CI pipeline
c65c6cc Test on Node 18
3d3796c Make library compatible with workers
075b354 Fix sync issue with npm lock-file
30dbf04 Fix compiling of each block params in strict mode
e3a5448 Fix bundler issue with webpack 5
8e23642 Fix integration-tests issue with npm >= 7
88ac068 use https instead of git for mustache submodule
c68bc08 Fix typo
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Updates postcss from 5.2.18 to 8.4.35

Release notes

Sourced from postcss's releases.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by @tim-we).

Cleaned up code (by @DrKiraDmitry).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by @romainmenke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by @ferreira-tb).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by Tim Weißenfels).

Cleaned up code (by Dmitry Kirillov).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

... (truncated)

Commits

See full diff in compare view

Updates css-loader from 0.28.7 to 6.10.0

Release notes

Sourced from css-loader's releases.

v6.10.0

6.10.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#1568) (3924679)

pass the resourceQuery and resourceFragment to the auto and mode callback (#1569) (d641c4d)

support named exports with any characters (6f43929)

v6.9.1

6.9.1 (2024-01-18)

Bug Fixes

css nesting support

@scope at-rule support

v6.9.0

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.10.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#1568) (3924679)

pass the resourceQuery and resourceFragment to the auto and mode callback (#1569) (d641c4d)

support named exports with any characters (6f43929)

6.9.1 (2024-01-18)

Bug Fixes

css nesting support

@scope at-rule support

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

warning and error serialization (#1523) (3e52969)

6.7.4 (2023-05-19)

... (truncated)

Commits

7bbb57c chore(release): 6.10.0
d641c4d feat: pass the resourceQuery and resourceFragment to the auto and `mode...
3924679 feat: add @rspack/core as an optional peer dependency (#1568)
6f43929 feat: support named exports with any characters
f9192ee chore(release): 6.9.1
6515be0 fix: css nesting support and @scope at-rule
0751f7a docs: update (#1562)
2d17551 chore(release): 6.9.0
e38116f chore: update dependencies to latest version (#1561)
d09ff73 test: getLocalIdent and node type (#1560)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.

Updates ip from 1.1.5 to 1.1.9

Commits

1ecbf2f 1.1.9
6a3ada9 lib: fixed CVE-2023-42282 and added unit test
5dc3b2f 1.1.8
8e6f28b lib: even better node 6 support
088c9e5 1.1.7
1a4ca35 lib: add back support for Node.js 6
af82ef4 1.1.6
dba19f6 package: exclude test folder from publishing
7cd7f30 ci: use github workflows
4de50ae lib: node 18 support
See full diff in compare view

Updates json-schema from 0.2.3 to 0.4.0

Commits

f6f6a3b Use a little more robust method of checking instances
ef60987 Update version
b62f1da Protect against constructor modification, #84
fb427cd Link to json-schema-org repository in addition to site, fixes #54
22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
c52a27c Get basic test to pass
b3f42b3 Add security policy
3b0cec3 Update version
c28470f Update readme to acknowledge the state of the package
7dff9cd Merge pull request #81 from hodovani/patch-1
Additional commits viewable in compare view

Updates jsprim from 1.4.1 to 1.4.2

Changelog

Sourced from jsprim's changelog.

v1.4.2 (2021-11-29)

#35 Backport json-schema 0.4.0 to version 1.4.x

Commits

5c8475f joyent/node-jsprim#35 Backport json-schema 0.4.0 to version 1.4.x
See full diff in compare view

Maintainer changes

This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.

Updates jsprim from 1.3.1 to 1.4.2

Changelog

Sourced from jsprim's changelog.

v1.4.2 (2021-11-29)

#35 Backport json-schema 0.4.0 to version 1.4.x

Commits

5c8475f joyent/node-jsprim#35 Backport json-schema 0.4.0 to version 1.4.x
See full diff in compare view

Maintainer changes

This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.

Updates lodash from 4.17.4 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
ded9bc6 Bump to v4.17.20.
63150ef Documentation fixes.
00f0f62 test.js: Remove trailing comma.
846e434 Temporarily use a custom fork of lodash-cli.
5d046f3 Re-enable Travis tests on 4.17 branch.
aa816b3 Remove /npm-package.
d7fbc52 Bump to v4.17.19
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates ini from 1.3.4 to 1.3.8

Commits

a2c5da8 1.3.8
af5c6bb Do not use Object.create(null)
8b648a1 don't test where our devdeps don't even work
c74c8af 1.3.7
024b8b5 update deps, add linting
032fbaf Use Object.create(null) to avoid default object property hazards
2da9039 1.3.6
cfea636 better git push script, before publish instead of after
56d2805 do not allow invalid hazardous string as section name
738eca5 v1.3.5
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Updates david from 11.0.0 to 11.1.0

Changelog

Sourced from david's changelog.

Changelog

The format is based on Keep a Changelog.

Commits

73fc671 11.1.0
8497cae chore: update dependencies
a198ada feat: ignore dependencies via globs (#144)
c29013f chore: update deps and README (#154)
008beaf Merge pull request #146 from DanielRuf/chore/cache-node-modules
d0a2e19 Merge branch 'master' into chore/cache-node-modules
d180e8d Merge pull request #147 from DanielRuf/chore/add-nodejs-8-10
cc5db9f Merge pull request #145 from DanielRuf/chore/clone-last-5-commits
9aeda4e chore: cache node_modules
d4bf0e6 chore: clone last 5 commits
Additional commits viewable in compare view

Updates npm-user-validate from 0.1.5 to 1.0.1

Changelog

Sourced from npm-user-validate's changelog.

Changelog

2.0.0 (2022-12-12)

⚠️ BREAKING CHANGES

this package is now compatible with the following semver range for node: ^14.17.0 || ^16.13.0 || >=18.0.0

Features

4cca0be #22 add template-oss (@lukekarrys)

Commits

5c5471c 1.0.1
c8a87da fix: update email validation
cd75393 Publish only the minimum of files
df602d6 1.0.0
ac3b200 fix: added regex for blocking illegal characters in usernames
c800063 fix: update build environment
See full diff in compare view

Updates tough-cookie from 2.3.2 to 2.3.3

Commits

12d4266 2.3.3
98e0916 Merge pull request #97 from salesforce/spaces-ReDoS
4e2fb0b Document the 256 spaces limit
f1ed420 Constrain spaces before = to 256
fcc8abf Merge pull request #96 from YevhenLukomskyi/fix-test
1002fb4 fix test
a928b54 Merge pull request #83 from awaterma/public-suffix
ed31ba4 Updates to public suffix list.
92d5448 Dockerized project. Added .npmignore for docker files.
ee60643 CookieJar.deserialize does not modify its input
See full diff in compare view

Updates tar from 2.2.1 to 4.4.19

Changelog

Sourced from tar's changelog.

Changelog

6.2

Add support for brotli compression

6.1.13 (2022-12-07)

Dependencies

cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

6.1.12 (2022-10-31)

Bug Fixes

57493ee #332 ensuring close event is emited after stream has ended (@webark)

b003c64 #314 replace deprecated String.prototype.substr() (#314) (@CommanderRoot, @lukekarrys)

Documentation

f129929 #313 remove dead link to benchmarks (#313) (@yetzt)

c1faa9f add examples/explanation of using tar.t (@isaacs)

6.0

Drop support for node 6 and 8

fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

Address unpack race conditions using path reservations

Change large-numbers errors from TypeError to Error

Add TAR_* error codes

Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive

do not treat ignored entries as an invalid archive

drop support for node v4

unpack: conditionally use a file mapping to write files on Windows

Set more portable 'mode' value in portable mode

Set portable gzip option in portable mode

4.4

Add 'mtime' option to tar creation to force mtime

unpack: only reuse file fs entries if nlink = 1

unpack: rename before unlinking files on Windows

Fix encoding/decoding of base-256 numbers

Use stat instead of lstat when checking CWD

... (truncated)

Commits

9a6faa0 4.4.19
70ef812 drop dirCache for symlink on all platforms
3e35515 4.4.18
52b09e3 fix: prevent path escape using drive-relative paths
bb93ba2 fix: reserve paths properly for unicode, windows
2f1bca0 fix: prune dirCache properly for unicode, windows
9bf70a8 4.4.17
6aafff0 fix: skip extract if linkpath is stripped entirely
5c5059a fix: reserve paths case-insensitively
fd6accb 4.4.16
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Updates dot-prop from 4.1.1 to 4.2.1

Release notes

Sourced from dot-prop's releases.

v4.2.1

Backport sindresorhus/dot-prop@3039c8c to the v4.x release line.

Commits

c914124 feat: patch 4.2.0 with fixes for CVE-2020-8116
70f7ed8 4.2.0
df49d33 Return object from the .set() method (#42)
See full diff in compare view

Removes got

Updates david from 11.1.0 to 11.1.1

Changelog

Sourced from david's changelog.

Changelog

The format is based on Keep a Changelog.

Commits

73fc671 11.1.0
8497cae chore: update dependencies
a198ada feat: ignore dependencies via globs (#144)
c29013f chore: update deps and README (#154)
008beaf Merge pull request #146 from DanielRuf/chore/cache-node-modules
d0a2e19 Merge branch 'master' into chore/cache-node-modules
d180e8d Merge pull request #147 from DanielRuf/chore/add-nodejs-8-10
cc5db9f Merge pull request #145 from DanielRuf/chore/clone-last-5-commits
9aeda4e chore: cache node_modules
d4bf0e6 chore: clone last 5 commits
Additional commits viewable in compare view

Updates https-proxy-agent from 1.0.0 to 2.2.4

Commits

See full diff in compare view

Updates nsp from 2.8.1 to 3.2.1

Commits

See full diff in compare view

Updates url-parse from 1.1.9 to 1.5.10

Commits

8cd4c6c 1.5.10
ce7a01f [fix] Improve handling of empty port
0071490 [doc] Update JSDoc comment
a7044e3 [minor] Use more descriptive variable name
d547792 [security] Add credits for CVE-2022-0691
ad23357 1.5.9
0e3fb54 [fix] Strip all control characters from the beginning of the URL
61864a8 [security] Add credits for CVE-2022-0686
bb0104d 1.5.8
d5c6479 [fix] Handle the case where the port is specified but empty
Additional commits viewable in compare view

Updates original from 1.0.0 to 1.0.2

Commits

3a6b7df [dist] 1.0.2
7658407 [pkg] Bump url-parse to latest
f060834 [dist] 1.0.1
da879e4 chore(package): update assume to version 2.0.1 (#14)

Bumps the npm_and_yarn group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [ejs](https://github.com/mde/ejs) | `2.5.7` | `` | | [size-limit](https://github.com/ai/size-limit) | `0.11.6` | `11.1.1` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.10` | `4.7.8` | | [postcss](https://github.com/postcss/postcss) | `5.2.18` | `8.4.35` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.28.7` | `6.10.0` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.3.1` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.4` | `4.17.21` | | [ini](https://github.com/npm/ini) | `1.3.4` | `1.3.8` | | [david](https://github.com/alanshaw/david) | `11.0.0` | `11.1.0` | | [got](https://github.com/sindresorhus/got) | `6.7.1` | `` | | [david](https://github.com/alanshaw/david) | `11.1.0` | `11.1.1` | | [https-proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/https-proxy-agent) | `1.0.0` | `2.2.4` | | [nsp](https://github.com/nodesecurity/nsp) | `2.8.1` | `3.2.1` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.1.9` | `1.5.10` | | [original](https://github.com/unshiftio/original) | `1.0.0` | `1.0.2` | Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Removes `ejs` Updates `size-limit` from 0.11.6 to 11.1.1 - [Release notes](https://github.com/ai/size-limit/releases) - [Changelog](https://github.com/ai/size-limit/blob/main/CHANGELOG.md) - [Commits](ai/size-limit@0.11.6...11.1.1) Updates `handlebars` from 4.0.10 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.10...v4.7.8) Updates `postcss` from 5.2.18 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/commits/8.4.35) Updates `css-loader` from 0.28.7 to 6.10.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/css-loader@v0.28.7...v6.10.0) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `jsprim` from 1.3.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `lodash` from 4.17.4 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.4...4.17.21) Updates `ini` from 1.3.4 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.4...v1.3.8) Updates `david` from 11.0.0 to 11.1.0 - [Changelog](https://github.com/alanshaw/david/blob/master/CHANGELOG.md) - [Commits](alanshaw/david@v11.0.0...v11.1.0) Updates `npm-user-validate` from 0.1.5 to 1.0.1 - [Release notes](https://github.com/npm/npm-user-validate/releases) - [Changelog](https://github.com/npm/npm-user-validate/blob/main/CHANGELOG.md) - [Commits](npm/npm-user-validate@v0.1.5...v1.0.1) Updates `tough-cookie` from 2.3.2 to 2.3.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v2.3.2...v2.3.3) Updates `tar` from 2.2.1 to 4.4.19 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v2.2.1...v4.4.19) Updates `dot-prop` from 4.1.1 to 4.2.1 - [Release notes](https://github.com/sindresorhus/dot-prop/releases) - [Commits](sindresorhus/dot-prop@v4.1.1...v4.2.1) Removes `got` Updates `david` from 11.1.0 to 11.1.1 - [Changelog](https://github.com/alanshaw/david/blob/master/CHANGELOG.md) - [Commits](alanshaw/david@v11.0.0...v11.1.0) Updates `https-proxy-agent` from 1.0.0 to 2.2.4 - [Release notes](https://github.com/TooTallNate/proxy-agents/releases) - [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/https-proxy-agent/CHANGELOG.md) - [Commits](https://github.com/TooTallNate/proxy-agents/commits/2.2.4/packages/https-proxy-agent) Updates `nsp` from 2.8.1 to 3.2.1 - [Commits](https://github.com/nodesecurity/nsp/commits/v3.2.1) Updates `url-parse` from 1.1.9 to 1.5.10 - [Commits](unshiftio/url-parse@1.1.9...1.5.10) Updates `original` from 1.0.0 to 1.0.2 - [Commits](unshiftio/original@1.0.0...1.0.2) --- updated-dependencies: - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: size-limit dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: david dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: npm-user-validate dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: dot-prop dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: david dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: https-proxy-agent dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: nsp dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: original dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 21 updates #3

Bump the npm_and_yarn group across 1 directory with 21 updates #3

dependabot bot commented on behalf of github Mar 17, 2024

Bump the npm_and_yarn group across 1 directory with 21 updates #3

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 21 updates #3

Conversation

dependabot bot commented on behalf of github Mar 17, 2024

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

11.1.1

11.1.0

11.0.3

11.1.1

11.1.0

11.0.3

11.0.2

11.0.1

11.0

10.0.3

10.0.2

10.0.1

10.0

9.0

8.2.6

8.2.5

v4.7.8

v4.7.8 - July 27th, 2023

v4.7.7 - February 15th, 2021

v4.7.6 - April 3rd, 2020

v4.7.5 - April 2nd, 2020

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

v6.10.0

6.10.0 (2024-01-30)

Features

v6.9.1

6.9.1 (2024-01-18)

Bug Fixes

v6.9.0

6.9.0 (2024-01-09)

Features

Bug Fixes

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

v6.8.0

6.8.0 (2023-05-27)