chore(deps): bump the npm_and_yarn group across 1 directory with 25 updates #4

dependabot · 2024-03-22T00:12:50Z

Bumps the npm_and_yarn group with 21 updates in the / directory:

Package	From	To
karma	`3.0.0`	`6.3.16`
@babel/traverse	`7.0.0-beta.51`	``
istanbul-api	`1.3.6`	`1.3.7`
ansi-regex	`3.0.0`	`3.0.1`
async	`2.6.1`	`2.6.4`
browserify-sign	`4.0.4`	`4.2.3`
decode-uri-component	`0.2.0`	`0.2.2`
fsevents	`1.2.4`	`1.2.13`
minimist	`1.2.0`	`1.2.8`
mkdirp	`0.5.1`	`0.5.6`
handlebars	`4.0.11`	`4.7.8`
karma-mocha	`1.3.0`	`2.0.1`
mocha	`5.2.0`	`10.3.0`
json5	`0.5.1`	`1.0.2`
loader-utils	`1.1.0`	`1.4.2`
lodash	`4.17.10`	`4.17.21`
set-value	`2.0.0`	`2.0.1`
union-value	`1.0.0`	`1.0.1`
shell-quote	`1.6.1`	`1.8.1`
webpack-dev-middleware	`2.0.6`	``
karma-webpack	`3.0.0`	`5.0.1`

Updates karma from 3.0.0 to 6.3.16

Release notes

Sourced from karma's releases.

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

remove string template from client code (91d5acd)

warn when singleRun and autoWatch are false (69cfc76)

security: remove XSS vulnerability in returnUrl query param (839578c)

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

deps: bump log4js to resolve security issue (5bf2df3), closes #3751

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

remove depreciation warning from log4js (41bed33)

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

... (truncated)

Changelog

Sourced from karma's changelog.

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

6.3.14 (2022-02-05)

Bug Fixes

remove string template from client code (91d5acd)

warn when singleRun and autoWatch are false (69cfc76)

security: remove XSS vulnerability in returnUrl query param (839578c)

6.3.13 (2022-01-31)

Bug Fixes

deps: bump log4js to resolve security issue (5bf2df3), closes #3751

6.3.12 (2022-01-24)

Bug Fixes

remove depreciation warning from log4js (41bed33)

6.3.11 (2022-01-13)

Bug Fixes

deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

6.3.10 (2022-01-08)

Bug Fixes

logger: create parent folders if they are missing (0d24bd9), closes #3734

... (truncated)

Commits

ab4b328 chore(release): 6.3.16 [skip ci]
ff7edbb fix(security): mitigate the "Open Redirect Vulnerability"
c1befa0 chore(release): 6.3.15 [skip ci]
d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
653c762 ci: prevent duplicate CI tasks on creating a PR
c97e562 chore(release): 6.3.14 [skip ci]
91d5acd fix: remove string template from client code
69cfc76 fix: warn when singleRun and autoWatch are false
839578c fix(security): remove XSS vulnerability in returnUrl query param
db53785 chore(release): 6.3.13 [skip ci]
Additional commits viewable in compare view

Removes @babel/traverse

Updates istanbul-api from 1.3.6 to 1.3.7

Commits

8de8308 Publish
420481d fix: Tweak package.json files for republish as latest 1.x. (#217)
b12a07e fix: handle instrumentation when a function is called Function (#131)
0968206 fix: update instrument, account for lack of arrow expression (#119) (#125)
968152e chore: remove Node 4 from Windows testing
d1c45a7 Build/fix travis appveyor (#115)
470bb0e fix: proper passing of the preserveComments option to babel (#122)
45936de docs: update comment to match code (#118)
be5b660 chore: removes yarn references and updates lerna (#114)
4a2f952 chore: babel-preset-es2015 => babel-preset-env (#113)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by coreyfarrell, a new releaser for istanbul-api since your current version.

Updates ansi-regex from 3.0.0 to 3.0.1

Commits

f545bdb 3.0.1
c57d4c2 fix a few old XO issues for backport
419250f Fix potential ReDoS (#37)
See full diff in compare view

Updates async from 2.6.1 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

Fix potential prototype pollution exploit (#1828)

v2.6.3

Updated lodash to squelch a security warning (#1675)

v2.6.2

Updated lodash to squelch a security warning (#1620)

Commits

c6bdaca Version 2.6.4
8870da9 Update built files
4df6754 update changelog
8f7f903 Fix prototype pollution vulnerability (#1828)
f1d8383 Version 2.6.3
2b674c1 update changelog
eab740f fix: udpate lodash. closes #1675
eaf32be Version 2.6.2
684b42e Update built files
e1bd3da update changelog
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates follow-redirects from 1.5.7 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Updates fsevents from 1.2.4 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

Commits

844a05d Version Bump
f393f2a Only build fsevents on macOS (#322)
6a281a7 [publish binary]
acc2bce [publish binary]
f532b6e [publish binary]
4c6a1c0 Add node 13 to travis matrix.
92e40aa Release 1.2.12.
909af26 Release v1.2.11
7074adb Release v1.2.10
0a052f6 Node.js v12 support for v1.x (#274)
Additional commits viewable in compare view

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

[Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)

[Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)

[Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

[Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)

[Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)

[Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

[Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)

[Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

Merge tag 'v0.2.3' a026794

[eslint] fix indentation and whitespace 5368ca4

[eslint] fix indentation and whitespace e5f5067

[eslint] more cleanup 62fde7d

[eslint] more cleanup 36ac5d0

[meta] add auto-changelog 73923d2

[actions] add reusable workflows d80727d

[eslint] add eslint; rules to enable later are warnings 48bc06a

[eslint] fix indentation 34b0f1c

[readme] rename and add badges 5df0fe4

[Dev Deps] switch from covert to nyc a48b128

[Dev Deps] update covert, tape; remove unnecessary tap f0fb958

[meta] create FUNDING.yml; add funding in package.json 3639e0c

[meta] use npmignore to autogenerate an npmignore file be2e038

Only apps should have lockfiles 282b570

isConstructorOrProto adapted from PR ef9153f

[Dev Deps] update @ljharb/eslint-config, aud 098873c

[Dev Deps] update @ljharb/eslint-config, aud 3124ed3

[meta] add safe-publish-latest 4b927de

[Tests] add aud in posttest b32d9bd

[meta] update repo URLs f9fdfc0

[actions] Avoid 0.6 tests due to build failures ba92fe6

[Dev Deps] update tape 950eaa7

[Dev Deps] add missing npmignore dev dep 3226afa

Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

6901ee2 v1.2.8
a026794 Merge tag 'v0.2.3'
c0b2661 v0.2.3
63b8fee [Fix] Fix long option followed by single dash (#17)
72239e6 [Tests] Remove duplicate test (#12)
34b0f1c [eslint] fix indentation
3226afa [Dev Deps] add missing npmignore dev dep
098873c [Dev Deps] update @ljharb/eslint-config, aud
9ec4d27 [Fix] Fix long option followed by single dash
ba92fe6 [actions] Avoid 0.6 tests due to build failures
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates mkdirp from 0.5.1 to 0.5.6

Commits

92f086d 0.5.6
2a28125 clean up tests
c905d65 update minimist
049cf18 0.5.5
bea6382 Remove unnecessary umask calls
42a012c 0.5.4
2867920 fix infinite loop on windows machines
d784e70 0.5.3
d612c5d add files list so this package isn't a monster
b2e7ba0 0.5.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.

Updates handlebars from 4.0.11 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

fix weird error in integration tests - eb860c0

fix: check prototype property access in strict-mode (#1736) - b6d3de7

fix: escape property names in compat mode (#1736) - f058970

refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8

chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

#1672 - Switch cmd parser to latest minimist (@dougwilson

Compatibility notes:

Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

~~Node.js version support has been changed to v6+~~ Reverted in 4.7.6

Compatibility notes:

... (truncated)

Commits

8dc3d25 v4.7.8
668c4fb Fix browser tests in CI pipeline
c65c6cc Test on Node 18
3d3796c Make library compatible with workers
075b354 Fix sync issue with npm lock-file
30dbf04 Fix compiling of each block params in strict mode
e3a5448 Fix bundler issue with webpack 5
8e23642 Fix integration-tests issue with npm >= 7
88ac068 use https instead of git for mustache submodule
c68bc08 Fix typo
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Updates karma-mocha from 1.3.0 to 2.0.1

Release notes

Sourced from karma-mocha's releases.

v2.0.1

2.0.1 (2020-04-29)

Bug Fixes

deps: Report fails without emit 'test end' event (#223) (1a8226c)

v2.0.0

2.0.0 (2020-04-14)

Features

ci: enable semanitic-release (5a5b6d5)

Expose 'pending' status (e847121), closes #109

Update Node.js versions (fd64f5b)

BREAKING CHANGES

drop support for node 8

Changelog

Sourced from karma-mocha's changelog.

2.0.1 (2020-04-29)

Bug Fixes

deps: Report fails without emit 'test end' event (#223) (1a8226c)

2.0.0 (2020-04-14)

Features

ci: enable semanitic-release (5a5b6d5)

Expose 'pending' status (e847121), closes #109

Update Node.js versions (fd64f5b)

BREAKING CHANGES

drop support for node 8

Commits

bb5be9b chore(release): 2.0.1 [skip ci]
1a8226c fix(deps): Report fails without emit 'test end' event (#223)
5828416 chore(release): 2.0.0 [skip ci]
4e35a55 chore(ci): semantic-release on success (#221)
00b24b6 chore(deps-dev): bump eslint from 2.13.1 to 4.18.2 (#220)
f7ec4e7 Merge pull request #218 from karma-runner/semanitic-release
5a5b6d5 feat(ci): enable semanitic-release
36404cf Merge pull request #217 from franktopel/minimist-update
bab0416 updated minimum version of minimist dependency to ^1.2.3 instead of 1.2.0
3f9e4b7 Revert "updated minimum version of minimist dependency to ^1.2.3 instead of 1...
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by karmarunnerbot, a new releaser for karma-mocha since your current version.

Updates mocha from 5.2.0 to 10.3.0

Release notes

Sourced from mocha's releases.

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

Fix deprecated warn gh actions by @outsideris in mochajs/mocha#4962

fix #4837 Update glob due to vulnerability in dep by @jb2311 in mochajs/mocha#4970

Add Node v19 to test matrix by @juergba in mochajs/mocha#4974

chore: fix the ci by @Uzlopak in mochajs/mocha#5020

update can-i-use by @Uzlopak in mochajs/mocha#5021

chore: remove uuid dev dependency by @Uzlopak in mochajs/mocha#5022

chore: remove nanoid as dependency by @Uzlopak in mochajs/mocha#5024

chore: remove touch as dev dependency by @Uzlopak in mochajs/mocha#5023

chore: remove stale workflow by @JoshuaKGoldberg in mochajs/mocha#5029

docs: fix fragment ID for yargs' "extends" documentation by @Spencer-Doak in mochajs/mocha#4918

docs: use mocha.js instead of mocha in the example run by @nikolas in mochajs/mocha#4927

docs: fix jsdoc return type of titlePath method by @F3n67u in mochajs/mocha#4886

docs: overhaul contributing and maintenance docs for end-of-year 2023 by @JoshuaKGoldberg in mochajs/mocha#5038

docs: touchups to labels and a template title post-revamp by @JoshuaKGoldberg in mochajs/mocha#5050

fix: add alt text to Built with Netlify badge by @JoshuaKGoldberg in mochajs/mocha#5068

chore: inline nyan reporter's write function by @JoshuaKGoldberg in mochajs/mocha#5056

chore: remove unnecessary canvas dependency by @JoshuaKGoldberg in mochajs/mocha#5069

New Contributors

@jb2311 made their first contribution in mochajs/mocha#4970

@Uzlopak made their first contribution in mochajs/mocha#5020

@Spencer-Doak made their first contribution in mochajs/mocha#4918

@nikolas made their first contribution in mochajs/mocha#4927

@F3n67u made their first contribution in mochajs/mocha#4886

Full Changelog: mochajs/mocha@v10.2.0...v10.3.0

v10.3.0-preminor.0

A test release tagged with next on npm, to test that we can do releases at all. See #5081 for context.

What's Changed

Fix deprecated warn gh actions by @outsideris in mochajs/mocha#4962

fix #4837 Update glob due to vulnerability in dep by @jb2311 in mochajs/mocha#4970

Add Node v19 to test matrix by @juergba in mochajs/mocha#4974

chore: fix the ci by @Uzlopak in mochajs/mocha#5020

update can-i-use by @Uzlopak in mochajs/mocha#5021

chore: remove uuid dev dependency by @Uzlopak in mochajs/mocha#5022

chore: remove nanoid as dependency by @Uzlopak in mochajs/mocha#5024

chore: remove touch as dev dependency by @Uzlopak in mochajs/mocha#5023

chore: remove stale workflow by @JoshuaKGoldberg in mochajs/mocha#5029

docs: fix fragment ID for yargs' "extends" documentation by @Spencer-Doak in mochajs/mocha#4918

docs: use mocha.js instead of mocha in the example run by @nikolas in mochajs/mocha#4927

docs: fix jsdoc return type of titlePath method by @F3n67u in mochajs/mocha#4886

docs: overhaul contributing and maintenance docs for end-of-year 2023 by @JoshuaKGoldberg in mochajs/mocha#5038

... (truncated)

Changelog

Sourced from mocha's changelog.

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

🔩 Other

#5069: chore: remove unnecessary canvas dependency (@Joshua... Description has been truncated

…pdates Bumps the npm_and_yarn group with 21 updates in the / directory: | Package | From | To | | --- | --- | --- | | [karma](https://github.com/karma-runner/karma) | `3.0.0` | `6.3.16` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.0.0-beta.51` | `` | | [istanbul-api](https://github.com/istanbuljs/istanbuljs) | `1.3.6` | `1.3.7` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` | | [async](https://github.com/caolan/async) | `2.6.1` | `2.6.4` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.11` | `4.7.8` | | [karma-mocha](https://github.com/karma-runner/karma-mocha) | `1.3.0` | `2.0.1` | | [mocha](https://github.com/mochajs/mocha) | `5.2.0` | `10.3.0` | | [json5](https://github.com/json5/json5) | `0.5.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.1.0` | `1.4.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.17.21` | | [set-value](https://github.com/jonschlinkert/set-value) | `2.0.0` | `2.0.1` | | [union-value](https://github.com/jonschlinkert/union-value) | `1.0.0` | `1.0.1` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.8.1` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `2.0.6` | `` | | [karma-webpack](https://github.com/webpack-contrib/karma-webpack) | `3.0.0` | `5.0.1` | Updates `karma` from 3.0.0 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v3.0.0...v6.3.16) Removes `@babel/traverse` Updates `istanbul-api` from 1.3.6 to 1.3.7 - [Release notes](https://github.com/istanbuljs/istanbuljs/releases) - [Changelog](https://github.com/istanbuljs/istanbuljs/blob/main/release-please-config.json) - [Commits](https://github.com/istanbuljs/istanbuljs/compare/istanbul-api@1.3.6...istanbul-api@1.3.7) Updates `ansi-regex` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v3.0.0...v3.0.1) Updates `async` from 2.6.1 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.1...v2.6.4) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `follow-redirects` from 1.5.7 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.7...v1.15.6) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `handlebars` from 4.0.11 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.11...v4.7.8) Updates `karma-mocha` from 1.3.0 to 2.0.1 - [Release notes](https://github.com/karma-runner/karma-mocha/releases) - [Changelog](https://github.com/karma-runner/karma-mocha/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma-mocha@v1.3.0...v2.0.1) Updates `mocha` from 5.2.0 to 10.3.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v5.2.0...v10.3.0) Updates `handlebars` from 4.0.11 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.11...v4.7.8) Updates `json5` from 0.5.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v0.5.1...v1.0.2) Updates `loader-utils` from 1.1.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.1.0...v1.4.2) Updates `loader-utils` from 1.1.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.1.0...v1.4.2) Updates `lodash` from 4.17.10 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.17.21) Updates `log4js` from 3.0.5 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v3.0.5...v6.9.1) Updates `qs` from 6.5.2 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.11.0) Updates `set-value` from 2.0.0 to 2.0.1 - [Commits](jonschlinkert/set-value@2.0.0...2.0.1) Updates `union-value` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/jonschlinkert/union-value/releases) - [Commits](jonschlinkert/union-value@1.0.0...1.0.1) Updates `shell-quote` from 1.6.1 to 1.8.1 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.6.1...v1.8.1) Updates `socket.io-parser` from 3.2.0 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@3.2.0...4.2.4) Removes `webpack-dev-middleware` Updates `karma-webpack` from 3.0.0 to 5.0.1 - [Release notes](https://github.com/webpack-contrib/karma-webpack/releases) - [Changelog](https://github.com/codymikol/karma-webpack/blob/master/CHANGELOG.md) - [Commits](codymikol/karma-webpack@v3.0.0...v5.0.1) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: istanbul-api dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: mkdirp dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: karma-mocha dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: set-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: union-value dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: karma-webpack dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 22, 2024

dependabot bot mentioned this pull request Mar 22, 2024

chore(deps): bump the npm_and_yarn group across 1 directory with 23 updates #3

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the npm_and_yarn group across 1 directory with 25 updates #4

chore(deps): bump the npm_and_yarn group across 1 directory with 25 updates #4

Uh oh!

dependabot bot commented on behalf of github Mar 22, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the npm_and_yarn group across 1 directory with 25 updates #4

Are you sure you want to change the base?

chore(deps): bump the npm_and_yarn group across 1 directory with 25 updates #4

Uh oh!

Conversation

dependabot bot commented on behalf of github Mar 22, 2024

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

6.3.16 (2022-02-10)

Bug Fixes

6.3.15 (2022-02-05)

Bug Fixes

6.3.14 (2022-02-05)

Bug Fixes

6.3.13 (2022-01-31)

Bug Fixes

6.3.12 (2022-01-24)

Bug Fixes

6.3.11 (2022-01-13)

Bug Fixes

6.3.10 (2022-01-08)

Bug Fixes

v2.6.4

v2.6.3

v2.6.2

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v0.2.2

v0.2.1

Release v1.2.13

Release v1.2.11

Intermediate Release

Release v1.2.9 - Node v12 compatibility

Release Pre-NAPI v1.2.8

Version Bump (bundle node-pre-gyp)

Prebuilt v11.x

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

v1.2.7 - 2022-10-10

Commits

v4.7.8

v4.7.8 - July 27th, 2023

v4.7.7 - February 15th, 2021

v4.7.6 - April 3rd, 2020

v4.7.5 - April 2nd, 2020

v2.0.1

2.0.1 (2020-04-29)

Bug Fixes

v2.0.0

2.0.0 (2020-04-14)

Features

BREAKING CHANGES

2.0.1 (2020-04-29)

Bug Fixes

2.0.0 (2020-04-14)