Bump the npm_and_yarn group across 1 directory with 8 updates #1

dependabot · 2024-08-31T01:14:37Z

Bumps the npm_and_yarn group with 2 updates in the / directory: axios and elliptic.

Updates axios from 1.7.2 to 1.7.4

Release notes

Release v1.7.4

Release notes:

Bug Fixes

sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)

sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

Lev Pachmanov

Đỗ Trọng Hải

Release v1.7.3

Release notes:

Bug Fixes

adapter: fix progress event emitting; (#6518) (e3c76fc)

fetch: fix withCredentials request config (#6505) (85d4d0e)

xhr: return original config on errors from XHR adapter (#6515) (8966ee7)

Contributors to this release

Dmitriy Mozgovoy

Valerii Sidorenko

prianYu

Changelog

Sourced from axios's changelog.

1.7.4 (2024-08-13)

Bug Fixes

sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)

sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

Lev Pachmanov

Đỗ Trọng Hải

1.7.3 (2024-08-01)

Bug Fixes

adapter: fix progress event emitting; (#6518) (e3c76fc)

fetch: fix withCredentials request config (#6505) (85d4d0e)

xhr: return original config on errors from XHR adapter (#6515) (8966ee7)

Contributors to this release

Dmitriy Mozgovoy

Valerii Sidorenko

prianYu

Commits

abd24a7 chore(release): v1.7.4 (#6544)
6b6b605 fix(sec): CVE-2024-39338 (#6539) (#6543)
07a661a fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)
c6cce43 chore(release): v1.7.3 (#6521)
e3c76fc fix(adapter): fix progress event emitting; (#6518)
85d4d0e fix(fetch): fix withCredentials request config (#6505)
92cd8ed chore(github): update ISSUE_TEMPLATE.md (#6519)
8966ee7 fix(xhr): return original config on errors from XHR adapter (#6515)
See full diff in compare view

Updates vue-template-compiler from 2.7.16 to 0.1.0

Commits

See full diff in compare view

Updates ejs from 2.7.4 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

v3.0.2

No release notes provided.

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates elliptic from 6.5.5 to 6.5.7

Commits

3e46a48 6.5.7
accb61e lib: DER signature decoding correction
03e06e1 6.5.6
7ac5360 Merge commit from fork
See full diff in compare view

Updates json5 from 0.5.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

v1.0.1

This release includes a bug fix and minor change.

Fix: parse throws on unclosed objects and arrays.

New: package.json5 has been removed until an easier way to keep it in sync with package.json is found.

v1.0.0

This release includes major internal changes and public API enhancements.

Major JSON5 officially supports Node.js v4 and later. Support for Node.js v0.10 and v0.12 have been dropped.

New: Unicode property names and Unicode escapes in property names are supported. (#1)

New: stringify outputs trailing commas in objects and arrays when a space option is provided. (#66)

New: JSON5 allows line and paragraph separator characters (U+2028 and U+2029) in strings in order to be compatible with JSON. However, ES5 does not allow these characters in strings, so JSON5 gives a warning when they are parsed and escapes them when they are stringified. (#70)

New: stringify accepts an options object as its second argument. The supported options are replacer, space, and a new quote option that specifies the quote character used in strings. (#71)

New: The CLI supports STDIN and STDOUT and adds --out-file, --space, and --validate options. See json5 --help for more information. (#72, #84, and #108)

New: In addition to the white space characters space \t, \v, \f, \n, \r, and \xA0, the additional white space characters \u2028, \u2029, and all other characters in the Space Separator Unicode category are allowed.

New: In addition to the character escapes \', \", \\, \b, \f, \n, \r, and \t, the additional character escapes \v and \0, hexadecimal escapes like \x0F, and unnecessary escapes like \a are allowed in string values and string property names.

New: stringify outputs strings with single quotes by default but intelligently uses double quotes if there are more single quotes than double quotes inside the string. (i.e. stringify('Stay here.') outputs 'Stay here.' while stringify('Let\'s go.') outputs "Let's go.")

... (truncated)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2
e0c23fe docs: update CHANGELOG for v1.0.2
62a6540 fix: add proto to objects and arrays
072eb40 1.0.1
e7bdcd1 Update CHANGELOG for v1.0.1
342d575 Remove package.json5 file
0336c9c Fix unclosed object and array bug
25929ab Fix typo in API documentation
607c18f Readme: fix typo in attribution. [skip ci]
1d64ece 1.0.0
Additional commits viewable in compare view

Updates loader-utils from 0.2.17 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Commits

331ad50 chore(release): 1.4.2
17cbf8f fix: ReDoS problem (#226)
8f082b3 chore(release): 1.4.1
4504e34 fix: security problem (#220)
d95b8b5 chore(release): 1.4.0
cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)
06d36cf chore(release): 1.3.0
469eeba feat: support the [query] template for the interpolatedName method (#162)
909c99d chore: funding.yml config and CI fix (#159)
b5b74f0 Set up CI with Azure Pipelines
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates node-forge from 0.10.0 to 1.3.1

Changelog

Sourced from node-forge's changelog.

1.3.1 - 2022-03-29

Fixes

RFC 3447 and RFC 8017 allow for optional DigestAlgorithm NULL parameters for sha* algorithms and require NULL paramters for md2 and md5 algorithms.

1.3.0 - 2022-03-17

Security

Three RSA PKCS#1 v1.5 signature verification issues were reported by Moosa Yahyazadeh (moosa-yahyazadeh@uiowa.edu).

HIGH: Leniency in checking digestAlgorithm structure can lead to signature forgery.

The code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. For more information, please see "Bleichenbacher's RSA signature forgery based on implementation error" by Hal Finney.

CVE ID: CVE-2022-24771

GHSA ID: GHSA-cfm4-qjh2-4765

HIGH: Failing to check tailing garbage bytes can lead to signature forgery.

The code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. For more information, please see "Bleichenbacher's RSA signature forgery based on implementation error" by Hal Finney.

CVE ID: CVE-2022-24772

GHSA ID: GHSA-x4jg-mjrx-434g

MEDIUM: Leniency in checking type octet.

DigestInfo is not properly checked for proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest.

CVE ID: CVE-2022-24773

GHSA ID: GHSA-2r2c-g63r-vccr

Fixed

[asn1] Add fallback to pretty print invalid UTF8 data.

[asn1] fromDer is now more strict and will default to ensuring all input bytes are parsed or throw an error. A new option parseAllBytes can disable this behavior.

NOTE: The previous behavior is being changed since it can lead to security issues with crafted inputs. It is possible that code doing custom DER parsing may need to adapt to this new behavior and optional flag.

[rsa] Add and use a validator to check for proper structure of parsed ASN.1

... (truncated)

Commits

a0a4a42 Release 1.3.1.
a33830f Update changelog.
740954d Allow optional DigestAlgorithm parameters.
56f4316 Allow DigestInfo.DigestAlgorith.parameters to be optional
cbf0bd5 Start 1.3.1-0.
6c5b901 Release 1.3.0.
0f3972a Update changelog.
dc77b39 Fix error checking.
bb822c0 Add advisory links.
d4395fe Update changelog.
Additional commits viewable in compare view

Updates webpack-dev-middleware from 3.7.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

types for Request and Response (#1271) (eeb8aa8)

v5.3.2

5.3.2 (2022-05-17)

Bug Fixes

node types (#1195) (d68ab36)

compatibility with Node.js 18

v5.3.1

5.3.1 (2022-02-01)

Bug Fixes

types (#1187) (0f82e1d)

v5.3.0

5.3.0 (2021-12-16)

Features

added types (a2fa77f)

removed cjs wrapper (#1146) (b6d53d3)

v5.2.2

5.2.2 (2021-11-17)

Chore

update schema-utils package to 4.0.0 version

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

5.3.3 (2022-05-18)

Bug Fixes

types for Request and Response (#1271) (eeb8aa8)

5.3.2 (2022-05-17)

Bug Fixes

node types (#1195) (d68ab36)

5.3.1 (2022-02-01)

Bug Fixes

types (#1187) (0f82e1d)

5.3.0 (2021-12-16)

Features

added types (a2fa77f)

removed cjs wrapper (#1146) (b6d53d3)

5.2.2 (2021-11-17)

Chore

update schema-utils package to 4.0.0 version

5.2.1 (2021-09-25)

internal release, no visible changes and features

5.2.0 (2021-09-24)

... (truncated)

Commits

86071ea chore(release): 5.3.4
189c4ac fix(security): do not allow to read files above (#1779)
f3c62b8 chore(release): 5.3.3
eeb8aa8 fix: types for Request and Response (#1271)
1a45388 chore(release): 5.3.2
b8fb945 chore(deps): memfs force update (#1269)
f88067d chore: update deps and ci (#1260)
7186318 chore(deps-dev): bump @commitlint/cli
57c50ef ci: update checkout, setup-node, and codecov actions (#1267)
840146a chore(deps-dev): bump @babel/preset-env
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [elliptic](https://github.com/indutny/elliptic). Updates `axios` from 1.7.2 to 1.7.4 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `vue-template-compiler` from 2.7.16 to 0.1.0 - [Release notes](https://github.com/vuejs/vue/releases) - [Changelog](https://github.com/vuejs/vue/blob/main/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue/commits) Updates `ejs` from 2.7.4 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v2.7.4...v3.1.10) Updates `elliptic` from 6.5.5 to 6.5.7 - [Commits](indutny/elliptic@v6.5.5...v6.5.7) Updates `json5` from 0.5.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v0.5.1...v1.0.2) Updates `loader-utils` from 0.2.17 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v0.2.17...v1.4.2) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `webpack-dev-middleware` from 3.7.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.3...v5.3.4) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vue-template-compiler dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

* Merge pull request #1 from khulnasoft-lab/dependabot/npm_and_yarn/pbkdf2-3.1.3 Bump pbkdf2 from 3.1.2 to 3.1.3 * Bump @babel/runtime from 7.24.7 to 7.28.2 (#5) Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.24.7 to 7.28.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.28.2/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-version: 7.28.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update defaults.js (#4) * Update defaults.js Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> * Summary of Improvements: Added extensibility (meta fields) everywhere. Centralized user/role/group control. Added accessibility and custom class support. Internationalization ready. Improved validation, examples, and deprecation clarity. Widget system more powerful. Audit trail for config edits. Let me know if you need sample data, migration steps, or further customizations! Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> * Update ItemIcon.vue All imports grouped and sorted by category (components, utils, constants, libraries). ES Module import for simple-icons for modern bundlers and tree-shaking. Props use validation and defaults. Easily extensible for future TypeScript or lazy-load needs. Improves readability and maintainability for teams. Let me know if you want a full file refactor or specific import optimizations for your build system! Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> * Improvements: Grouped imports for clarity. Async/await for welcome message and IP detection. Guarded config loading and auth logic with better defaults. Consistent error handling and messaging. Consolidated express app setup for easier reading/maintenance. Commented key steps. Safer route definitions and middleware use. Clean fallback/default logic for missing config/auth. Let me know if you want further modularization, test coverage, or Docker/PM2 deployment enhancements! Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> * Enhancements/Improvements: Fixed typo: MultiTaskingWebComtent → MultiTaskingWebContent (component and usage). More robust FontAwesome initiation (avoids duplicate script, adds crossorigin). Uses computed property for initialUrl (reactive, used in template and logic). Improved code readability and structure. Ensured all props and events are clearly defined. Used Boolean() for clarity in computed. Improved style: .workspace for better UI layout. Added missing display: flex for workspace layout flexibility. All components registered in one place. Minor JS logic improvements and template tidying. Let me know if you want further accessibility, performance, or documentation improvements! Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> * Update src/utils/defaults.js Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/views/Workspace.vue Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/utils/ConfigSchema.json Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/utils/defaults.js Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/components/LinkItems/ItemIcon.vue Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/components/LinkItems/ItemIcon.vue Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/utils/defaults.js Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> --------- Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> Co-authored-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Create .gitkeep Signed-off-by: gitworkflows <bdkhulnasoft@gmail.com> * Update src/components/LinkItems/ItemIcon.vue Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/utils/ConfigSchema.json Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/utils/defaults.js Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> * Update src/views/Workspace.vue Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: fortishield <161459699+FortiShield@users.noreply.github.com> Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com> Signed-off-by: gitworkflows <bdkhulnasoft@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: fortishield <161459699+FortiShield@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: gitworkflows <bdkhulnasoft@gmail.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 31, 2024

coderabbitai bot mentioned this pull request Apr 5, 2025

add: pnpm-lock.yaml #35

Open

6 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump the npm_and_yarn group across 1 directory with 8 updates #1

Bump the npm_and_yarn group across 1 directory with 8 updates #1

Uh oh!

dependabot bot commented on behalf of github Aug 31, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Bump the npm_and_yarn group across 1 directory with 8 updates #1

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 8 updates #1

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 31, 2024

Release v1.7.4

Release notes:

Bug Fixes

Contributors to this release

Release v1.7.3

Release notes:

Bug Fixes

Contributors to this release

1.7.4 (2024-08-13)

Bug Fixes

Contributors to this release

1.7.3 (2024-08-01)

Bug Fixes

Contributors to this release

v3.1.10

v3.1.9

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.0.2

v1.0.2

v1.0.1

v1.0.0

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

v2.2.0 [code, diff]

v2.1.3 [code, diff]

v2.1.2 [code, diff]

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

v1.4.0

1.4.0 (2020-02-19)

Features

v1.3.0

1.3.0 (2020-02-19)

Features

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

1.4.2 (2022-11-11)

Bug Fixes

1.4.1 (2022-11-07)

Bug Fixes

1.4.0 (2020-02-19)

Features

1.3.0 (2020-02-19)

Features

1.2.3 (2018-12-27)

Bug Fixes

1.2.2 (2018-12-27)

Bug Fixes

1.3.1 - 2022-03-29

Fixes

1.3.0 - 2022-03-17

Security

Fixed

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

v5.3.2