Bump @fortawesome/fontawesome-svg-core from 1.2.19 to 1.2.36 #116
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
the
dependencies
|
This doesn't seem urgent since I don't see a security advisory. |
|
@dependabot recreate |
Bumps [@fortawesome/fontawesome-svg-core](https://github.com/FortAwesome/Font-Awesome) from 1.2.19 to 1.2.36. - [Release notes](https://github.com/FortAwesome/Font-Awesome/releases) - [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md) - [Commits](https://github.com/FortAwesome/Font-Awesome/commits) --- updated-dependencies: - dependency-name: "@fortawesome/fontawesome-svg-core" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/fortawesome/fontawesome-svg-core-1.2.36
branch
from
3c7313a
to
15e9376
Compare
|
New dependency changes detected. Learn more about Socket for GitHub ↗︎ 🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again. Bot CommandsTo ignore an alert, reply with a comment starting with
📜 Install scriptsInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts. Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.
🤔 AI warningAI has found some unusual behaviors which could indicate a security risk An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding.
Pull request alert summary📊 Modified Dependency Overview:
|
Bumps @fortawesome/fontawesome-svg-core from 1.2.19 to 1.2.36.
Commits
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)