Bump the npm_and_yarn group across 1 directory with 32 updates #8

dependabot · 2024-04-23T00:22:20Z

Bumps the npm_and_yarn group with 32 updates in the / directory:

Package	From	To
gh-pages	`2.2.0`	`5.0.0`
@babel/traverse	`7.8.4`	`7.24.1`
acorn	`5.7.3`	`5.7.4`
ajv	`6.11.0`	`6.12.6`
async	`2.6.3`	`2.6.4`
browserify-sign	`4.0.4`	`4.2.3`
color-string	`1.5.3`	`1.9.1`
decode-uri-component	`0.2.0`	`0.2.2`
dns-packet	`1.3.1`	`1.3.4`
elliptic	`6.5.2`	`6.5.5`
es5-ext	`0.10.53`	`0.10.64`
eventsource	`1.0.7`	`1.1.2`
express	`4.17.1`	`4.19.2`
follow-redirects	`1.10.0`	`1.15.6`
hosted-git-info	`2.8.5`	`2.8.9`
http-proxy	`1.18.0`	`1.18.1`
ini	`1.3.5`	`1.3.8`
ip	`1.1.5`	`1.1.9`
json5	`1.0.1`	`1.0.2`
lodash	`4.17.15`	`4.17.21`
merge-deep	`3.0.2`	`3.0.3`
path-parse	`1.0.6`	`1.0.7`
qs	`6.5.2`	`6.5.3`
semver	`5.7.1`	`5.7.2`
ssri	`6.0.1`	`6.0.2`
terser	`4.6.3`	`4.8.1`
tmpl	`1.0.4`	`1.0.5`
url-parse	`1.4.7`	`1.5.10`
websocket-extensions	`0.1.3`	`0.1.4`
word-wrap	`1.2.3`	`1.2.5`
ws	`5.2.2`	`5.2.3`
y18n	`4.0.0`	`4.0.3`

Updates gh-pages from 2.2.0 to 5.0.0

Release notes

Sourced from gh-pages's releases.

v5.0.0

Potentially breaking change: the publish method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users.

Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether.

What's Changed

Assorted updates by @tschaub in tschaub/gh-pages#452

Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. by @Nezteb in tschaub/gh-pages#445

Bump actions/checkout from 2 to 3 by @dependabot in tschaub/gh-pages#453

Bump actions/setup-node from 1 to 3 by @dependabot in tschaub/gh-pages#455

Bump email-addresses from 3.0.1 to 5.0.0 by @dependabot in tschaub/gh-pages#454

Bump async from 2.6.4 to 3.2.4 by @dependabot in tschaub/gh-pages#459

Remove quotation marks by @Vicropht in tschaub/gh-pages#438

New Contributors

@Nezteb made their first contribution in tschaub/gh-pages#445

@Vicropht made their first contribution in tschaub/gh-pages#438

Full Changelog: tschaub/gh-pages@v4.0.0...v5.0.0

v4.0.0

This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10.

What's Changed

Bump minimist from 1.2.5 to 1.2.6 by @dependabot in tschaub/gh-pages#423

Bump async from 2.6.1 to 2.6.4 by @dependabot in tschaub/gh-pages#427

Bump path-parse from 1.0.6 to 1.0.7 by @dependabot in tschaub/gh-pages#431

Bump ansi-regex from 3.0.0 to 3.0.1 by @dependabot in tschaub/gh-pages#430

Updated dev dependencies and formatting by @tschaub in tschaub/gh-pages#432

Full Changelog: tschaub/gh-pages@v3.2.3...v4.0.0

v3.2.3

#398 - Update glob-parent (@tschaub)

#395 - Switch from filenamify-url to filenamify (@tw0517tw)

v3.0.0

Breaking changes:

None really. But tests are no longer run on Node < 10. Development dependencies were updated to address security warnings, and this meant tests could no longer be run on Node 6 or 8. If you still use these Node versions, you may still be able to use this library, but be warned that tests are no longer run on these versions.

All changes:

#357 - Dev dependency updates (@tschaub)

#333 - Update readme with command line options (@Victoire44)

#356 - Test as a GitHub action (@tschaub)

#355 - feat(beforeAdd): allow custom script before git add (@Xiphe)

#336 - Fix remove not working properly (@sunghwan2789)

#328 - Update .travis.yml (@XhmikosR)

... (truncated)

Changelog

Sourced from gh-pages's changelog.

v5.0.0

Potentially breaking change: the publish method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users.

Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether.

#438 - Remove quotation marks (@Vicropht)

#459 - Bump async from 2.6.4 to 3.2.4 (@tschaub)

#454 - Bump email-addresses from 3.0.1 to 5.0.0 (@tschaub)

#455 - Bump actions/setup-node from 1 to 3 (@tschaub)

#453 - Bump actions/checkout from 2 to 3 (@tschaub)

#445 - Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. (@Nezteb)

#452 - Assorted updates (@tschaub)

v4.0.0

This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10.

#432 - Updated dev dependencies and formatting (@tschaub)

#430 - Bump ansi-regex from 3.0.0 to 3.0.1 (@tschaub)

#431 - Bump path-parse from 1.0.6 to 1.0.7 (@tschaub)

#427 - Bump async from 2.6.1 to 2.6.4 (@tschaub)

#423 - Bump minimist from 1.2.5 to 1.2.6 (@tschaub)

v3.2.3

#398 - Update glob-parent (@tschaub)

#395 - Switch from filenamify-url to filenamify (@tw0517tw)

v3.2.2

#396 - Revert "security(deps): bump filenamify-url to 2.1.1" (@tschaub)

v3.2.1

#393 - security(deps): bump filenamify-url to 2.1.1 (@AviVahl)

v3.2.0

This release updates a few development dependencies and adds a bit of documentation.

#391 - Update dev dependencies (@tschaub)

#375 - Add note about domain problem (@demee)

#390 - Fix little typo in the README (@cizordj)

#388 - Bump hosted-git-info from 2.8.8 to 2.8.9 (@tschaub)

#387 - Bump y18n from 4.0.0 to 4.0.3 (@tschaub)

#378 - Add GitHub Actions tips to readme.md (@mickelsonmichael)

#386 - Bump lodash from 4.17.14 to 4.17.21 (@tschaub)

... (truncated)

Commits

f729b97 5.0.0
51534c7 Log changes
ace063b Merge pull request #438 from Vicropht/patch-1
58e54be Merge pull request #459 from tschaub/dependabot/npm_and_yarn/async-3.2.4
2189df3 Bump async from 2.6.4 to 3.2.4
051846e Merge pull request #454 from tschaub/dependabot/npm_and_yarn/email-addresses-...
5c91c67 Merge pull request #455 from tschaub/dependabot/github_actions/actions/setup-...
fe0ad83 Merge pull request #453 from tschaub/dependabot/github_actions/actions/checko...
b89287d Merge pull request #445 from Nezteb/patch-1
e890bd1 Bump email-addresses from 3.0.1 to 5.0.0
Additional commits viewable in compare view

Updates @babel/traverse from 7.8.4 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates acorn from 5.7.3 to 5.7.4

Commits

6370e90 Mark version 5.7.4
fbc15b1 More rigorously check surrogate pairs in regexp validator
See full diff in compare view

Updates ajv from 6.11.0 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@sambauers, #1143) Option keywords to add custom keywords (@franciscomorais, #1137) Types fixes (@boenrobot, @MattiAstedrone) Docs:

error logging example (@RadiationSickness)

TypeScript usage notes (@thetric)

Commits

fe59143 6.12.6
d580d3e Merge pull request #1298 from ajv-validator/fix-url
fd36389 fix: regular expression for "url" format
490e34c docs: link to v7-beta branch
9cd93a1 docs: note about v7 in readme
877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
f1c8e45 6.12.5
764035e Merge branch 'ChALkeR-chalker/fix-comma'
3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
Additional commits viewable in compare view

Updates async from 2.6.3 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

Fix potential prototype pollution exploit (#1828)

Commits

c6bdaca Version 2.6.4
8870da9 Update built files
4df6754 update changelog
8f7f903 Fix prototype pollution vulnerability (#1828)
See full diff in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates color-string from 1.5.3 to 1.9.1

Release notes

Sourced from color-string's releases.

1.9.0

Minor Release 1.9.0

Add parsing of exponential alpha values for HWB and HSL (#66)

Thanks to @babycannotsay for their contribution!

1.8.2

Patch release 1.8.2

Fix incorrect handling of optional comma in rgb() regex (#65)

Thanks to @gerdasi and @mastertheblaster for reporting and confirming the bug!

1.8.1

Patch release 1.8.1

Fix rgb alpha percentage parsing from int to float (#61)

Thanks to @clytras for their contribution!

1.8.0

Minor release 1.8.0

Add anchors to keyword regex (#64)

Thanks to @cq360767996 for their contribution!

1.7.4

Patch Release 1.7.4

Fix bug in .to.hex() output if the inputs aren't rounded numbers (#25)

1.7.3

Patch Release 1.7.3

Fix hue modulo operation (#50)

Thanks to @adroitwhiz for their contributions.

1.7.2

Patch Release 1.7.2

Fix issue where color-string with incorrectly return a color for properties on Object's prototype like "constructor". (#45)

Thanks to @tolmasky for their contributions.

1.7.1

Patch release 1.7.1

... (truncated)

Commits

See full diff in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates dns-packet from 1.3.1 to 1.3.4

Commits

ebdf849 1.3.4
ac57872 move all allocUnsafes to allocs for easier maintenance
c64c950 1.3.3
0598ba1 fix .. in encodingLength
010aedb 1.3.2
0d0d593 backport encodingLength fix to v1
See full diff in compare view

Updates elliptic from 6.5.2 to 6.5.5

Commits

7570078 6.5.5
206da2e lib: lint
0a78e03 [Fix] restore node < 4 compat
43ac7f2 6.5.4
f4bc72b package: bump deps
441b742 ec: validate that a point before deriving keys
e71b2d9 lib: relint using eslint
8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
8647803 6.5.3
856fe4d signature: prevent malleability and overflows
See full diff in compare view

Updates es5-ext from 0.10.53 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (

Bumps the npm_and_yarn group with 32 updates in the / directory: | Package | From | To | | --- | --- | --- | | [gh-pages](https://github.com/tschaub/gh-pages) | `2.2.0` | `5.0.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.8.4` | `7.24.1` | | [acorn](https://github.com/acornjs/acorn) | `5.7.3` | `5.7.4` | | [ajv](https://github.com/ajv-validator/ajv) | `6.11.0` | `6.12.6` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [color-string](https://github.com/Qix-/color-string) | `1.5.3` | `1.9.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [dns-packet](https://github.com/mafintosh/dns-packet) | `1.3.1` | `1.3.4` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.2` | `6.5.5` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [eventsource](https://github.com/EventSource/eventsource) | `1.0.7` | `1.1.2` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.10.0` | `1.15.6` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.8.5` | `2.8.9` | | [http-proxy](https://github.com/http-party/node-http-proxy) | `1.18.0` | `1.18.1` | | [ini](https://github.com/npm/ini) | `1.3.5` | `1.3.8` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.21` | | [merge-deep](https://github.com/jonschlinkert/merge-deep) | `3.0.2` | `3.0.3` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` | | [terser](https://github.com/terser/terser) | `4.6.3` | `4.8.1` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.4.7` | `1.5.10` | | [websocket-extensions](https://github.com/faye/websocket-extensions-node) | `0.1.3` | `0.1.4` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [ws](https://github.com/websockets/ws) | `5.2.2` | `5.2.3` | | [y18n](https://github.com/yargs/y18n) | `4.0.0` | `4.0.3` | Updates `gh-pages` from 2.2.0 to 5.0.0 - [Release notes](https://github.com/tschaub/gh-pages/releases) - [Changelog](https://github.com/tschaub/gh-pages/blob/main/changelog.md) - [Commits](tschaub/gh-pages@v2.2.0...v5.0.0) Updates `@babel/traverse` from 7.8.4 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `acorn` from 5.7.3 to 5.7.4 - [Commits](acornjs/acorn@5.7.3...5.7.4) Updates `ajv` from 6.11.0 to 6.12.6 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.11.0...v6.12.6) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `color-string` from 1.5.3 to 1.9.1 - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.9.1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `dns-packet` from 1.3.1 to 1.3.4 - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](mafintosh/dns-packet@v1.3.1...v1.3.4) Updates `elliptic` from 6.5.2 to 6.5.5 - [Commits](indutny/elliptic@v6.5.2...v6.5.5) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `eventsource` from 1.0.7 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.0.7...v1.1.2) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `follow-redirects` from 1.10.0 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.10.0...v1.15.6) Updates `hosted-git-info` from 2.8.5 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.8.5...v2.8.9) Updates `http-proxy` from 1.18.0 to 1.18.1 - [Release notes](https://github.com/http-party/node-http-proxy/releases) - [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md) - [Commits](http-party/node-http-proxy@1.18.0...1.18.1) Updates `ini` from 1.3.5 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.5...v1.3.8) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `lodash` from 4.17.15 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.17.21) Updates `merge-deep` from 3.0.2 to 3.0.3 - [Commits](jonschlinkert/merge-deep@3.0.2...3.0.3) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `ssri` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) Updates `terser` from 4.6.3 to 4.8.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.6.3...v4.8.1) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `url-parse` from 1.4.7 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.7...1.5.10) Updates `websocket-extensions` from 0.1.3 to 0.1.4 - [Changelog](https://github.com/faye/websocket-extensions-node/blob/main/CHANGELOG.md) - [Commits](faye/websocket-extensions-node@0.1.3...0.1.4) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `ws` from 5.2.2 to 5.2.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@5.2.2...5.2.3) Updates `y18n` from 4.0.0 to 4.0.3 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md) - [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3) --- updated-dependencies: - dependency-name: gh-pages dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: acorn dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ajv dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: color-string dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dns-packet dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: merge-deep dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmpl dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: websocket-extensions dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 32 updates #8

Bump the npm_and_yarn group across 1 directory with 32 updates #8

dependabot bot commented on behalf of github Apr 23, 2024

Bump the npm_and_yarn group across 1 directory with 32 updates #8

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 32 updates #8

Conversation

dependabot bot commented on behalf of github Apr 23, 2024

v5.0.0

What's Changed

New Contributors

v4.0.0

What's Changed

v3.2.3

v3.0.0

v5.0.0

v4.0.0

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

v6.12.6

v6.12.5

v6.12.4

v6.12.3

v6.12.2

v6.12.1

v6.12.0

v2.6.4

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

1.9.0

Minor Release 1.9.0

1.8.2

Patch release 1.8.2

1.8.1

Patch release 1.8.1

1.8.0

Minor release 1.8.0

1.7.4

Patch Release 1.7.4

1.7.3

Patch Release 1.7.3

1.7.2

Patch Release 1.7.2

1.7.1

Patch release 1.7.1

v0.2.2

v0.2.1

0.10.64 (2024-02-27)

Bug Fixes

0.10.63 (2024-02-23)

Bug Fixes