build(deps): bump the npm_and_yarn group across 1 directory with 8 updates#690
Open
dependabot[bot] wants to merge 1 commit intomainfrom
Open
build(deps): bump the npm_and_yarn group across 1 directory with 8 updates#690dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
…dates Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` | | [mermaid](https://github.com/mermaid-js/mermaid) | `11.6.0` | `11.12.2` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` | | [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` | | [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.7` | | [webpack](https://github.com/webpack/webpack) | `5.99.9` | `5.105.2` | Updates `js-yaml` from 3.14.1 to 3.14.2 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...3.14.2) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `mdast-util-to-hast` from 13.2.0 to 13.2.1 - [Release notes](https://github.com/syntax-tree/mdast-util-to-hast/releases) - [Commits](syntax-tree/mdast-util-to-hast@13.2.0...13.2.1) Updates `mermaid` from 11.6.0 to 11.12.2 - [Release notes](https://github.com/mermaid-js/mermaid/releases) - [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.6.0...mermaid@11.12.2) Updates `node-forge` from 1.3.1 to 1.3.3 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.3.3) Updates `tar-fs` from 2.1.3 to 2.1.4 - [Commits](mafintosh/tar-fs@v2.1.3...v2.1.4) Updates `tar` from 7.4.3 to 7.5.7 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.4.3...v7.5.7) Updates `webpack` from 5.99.9 to 5.105.2 - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.99.9...v5.105.2) --- updated-dependencies: - dependency-name: js-yaml dependency-version: 3.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mdast-util-to-hast dependency-version: 13.2.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mermaid dependency-version: 11.12.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.3.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar-fs dependency-version: 2.1.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 7.5.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-version: 5.105.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
Deploying zsh with
|
| Latest commit: |
3757ad7
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://c50c2068.zsh.pages.dev |
| Branch Preview URL: | https://dependabot-npm-and-yarn-npm-pfw3.zsh.pages.dev |
|
Merging to
|
Contributor
|
Size Change: +71.5 kB (+0.78%) Total Size: 9.24 MB
ℹ️ View Unchanged
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 8 updates in the / directory:
3.14.13.14.24.17.214.17.2313.2.013.2.111.6.011.12.21.3.11.3.32.1.32.1.47.4.37.5.75.99.95.105.2Updates
js-yamlfrom 3.14.1 to 3.14.2Changelog
Sourced from js-yaml's changelog.
... (truncated)
Commits
9963d363.14.2 released10d3c8edist rebuild5278870fix prototype pollution in merge (<<) (#731)Updates
lodashfrom 4.17.21 to 4.17.23Commits
dec55b7Bump main to v4.17.23 (#6088)19c9251fix: setCacheHas JSDoc return type should be boolean (#6071)b5e6729jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)edadd45Prevent prototype pollution on baseUnset function4879a7adoc: fix autoLink function, conversion of source links (#6056)9648f69chore: removeyarn.lockfile (#6053)dfa407dci: remove legacy configuration files (#6052)156e196feat: add renovate setup (#6039)933e106ci: add pipeline for Bun (#6023)072a807docs: update links related to Open JS Foundation (#5968)Updates
mdast-util-to-hastfrom 13.2.0 to 13.2.1Release notes
Sourced from mdast-util-to-hast's releases.
Commits
174795b13.2.13d05b3aUpdate Node in Actionsab3a795Fix support for spaces in class namesefb5312Refactor to use@importsa5bc210Add declaration mapsb54955dAdd.tsbuildinfoto.gitignoreUpdates
mermaidfrom 11.6.0 to 11.12.2Release notes
Sourced from mermaid's releases.
... (truncated)
Commits
bd85b51fix: Upgrade npm to v11 to support trusted publishing939aff9Merge pull request #7201 from mermaid-js/changeset-release/mastere72b26cVersion Packages4bcb8f0Merge pull request #7200 from mermaid-js/pre-releasede7ed10Merge pull request #7197 from mermaid-js/fix/5496-gantt-tickinterval-app-crash762b44cMerge pull request #7108 from mermaid-js/changeset-release/master02c0091Version Packages16359adMerge pull request #7107 from mermaid-js/patch/dagre-d3-es-7.0.13061632cUpdate .changeset/slick-wasps-bathe.mdcbf8946fix: update dagre-d3-es to version 7.0.13Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for mermaid since your current version.
Updates
node-forgefrom 1.3.1 to 1.3.3Changelog
Sourced from node-forge's changelog.
... (truncated)
Commits
1cea0afRelease 1.3.3.5265989Update changelog.e4f3961Fix changelog for release.503979bUpdate changelog.c3b3b32Make digestAlgorithm parameters optional6f70043Update CVE details.f547b0dStart 1.3.3-0.235ad3eRelease 1.3.2.2598244Update changelog.0032dd0Fix typos.Updates
tar-fsfrom 2.1.3 to 2.1.4Commits
f421a232.1.4c412fa1refactor to same pattern as v3Updates
tarfrom 7.4.3 to 7.5.7Changelog
Sourced from tar's changelog.
... (truncated)
Commits
4a37eb97.5.7f4a7aa9fix: properly sanitize hard links containing ..394ece67.5.67d4cc17fix race puting a Link ahead of its target File26ab9047.5.5e9a1ddbfix: do not prevent valid linkpaths within archive911c8867.5.43b1abfanormalize out unicode ligaturesa43478cremove some unused files970c58fupdate depsMaintainer changes
This version was pushed to npm by isaacs, a new releaser for tar since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
webpackfrom 5.99.9 to 5.105.2Release notes
Sourced from webpack's releases.
... (truncated)
Changelog
Sourced from webpack's changelog.
... (truncated)
Commits
0756c7echore(release): new release (#20441)ff28476chore(deps): bump CodSpeedHQ/action in the dependencies group (#20442)4d3ed66ci: discord using curl004550aci: discord fix44bf97bci: emulate release for discord using other approach9c71a09ci: emulate release for discord02d3bc9ci: allow to run release announcement6c62c28ci: fix discord900219dfix: type regression (#20440)8e50ef2chore(release): new release (#20429)Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.