Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the npm_and_yarn group across 1 directory with 17 updates #4

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 21, 2024

Bumps the npm_and_yarn group with 13 updates in the / directory:

Package From To
grunt 0.4.5 1.5.3
highlight.js 9.18.5 10.4.1
js-yaml 3.14.1 4.1.0
marked 0.3.19 4.0.10
clean-css 3.4.28 5.3.3
grunt-contrib-cssmin 0.14.0 5.0.0
debug 0.7.4 2.6.9
grunt-contrib-watch 0.6.1 1.1.0
mocha 3.5.3 10.4.0
node-sass 4.14.1 removed
grunt-sass 2.1.0 3.1.0
nth-check 1.0.2 2.1.1
cheerio 0.22.0 1.0.0-rc.12

Updates grunt from 0.4.5 to 1.5.3

Release notes

Sourced from grunt's releases.

v1.5.3

  • Merge pull request #1745 from gruntjs/fix-copy-op 572d79b
  • Patch up race condition in symlink copying. 58016ff
  • Merge pull request #1746 from JamieSlome/patch-1 0749e1d
  • Create SECURITY.md 69b7c50

gruntjs/grunt@v1.5.2...v1.5.3

v1.5.2

  • Update Changelog 7f15fd5
  • Merge pull request #1743 from gruntjs/cleanup-link b0ec6e1
  • Clean up link handling 433f91b

gruntjs/grunt@v1.5.1...v1.5.2

v1.5.1

  • Merge pull request #1742 from gruntjs/update-symlink-test ad22608
  • Fix symlink test 0652305

gruntjs/grunt@v1.5.0...v1.5.1

v1.5.0

  • Updated changelog b2b2c2b
  • Merge pull request #1740 from gruntjs/update-deps-22-10 3eda6ae
  • Update testing matrix 47d32de
  • More updates 2e9161c
  • Remove console log 04b960e
  • Update dependencies, tests... aad3d45
  • Merge pull request #1736 from justlep/main fdc7056
  • support .cjs extension e35fe54

gruntjs/grunt@v1.4.1...v1.5.0

v1.4.1

  • Update Changelog e7625e5
  • Merge pull request #1731 from gruntjs/update-options 5d67e34
  • Fix ci install d13bf88
  • Switch to Actions 08896ae
  • Update grunt-known-options eee0673
  • Add note about a breaking change 1b6e288

gruntjs/grunt@v1.4.0...v1.4.1

v1.4.0

  • Merge pull request #1728 from gruntjs/update-deps-changelog 63b2e89
  • Update changelog and util dep 106ed17
  • Merge pull request #1727 from gruntjs/update-deps-apr 49de70b
  • Update CLI and nodeunit 47cf8b6
  • Merge pull request #1722 from gruntjs/update-through e86db1c
  • Update deps 4952368

... (truncated)

Changelog

Sourced from grunt's changelog.

v1.5.3 date: 2022-04-23 changes: - Patch up race condition in symlink copying. v1.5.2 date: 2022-04-12 changes: - Unlink symlinks when copy destination is a symlink. v1.5.1 date: 2022-04-11 changes: - Fixed symlink destination handling. v1.5.0 date: 2022-04-10 changes: - Updated dependencies. - Add symlink handling for copying files. v1.4.1 date: 2021-05-24 changes: - Fix --preload option to be a known option - Switch to GitHub Actions v1.4.0 date: 2021-04-21 changes: - Security fixes in production and dev dependencies - Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: gulpjs/liftoff@e7a969d. v1.3.0 date: 2020-08-18 changes: - Switch to use safeLoad for loading YML files via file.readYAML. - Upgrade legacy-log to ~3.0.0. - Upgrade legacy-util to ~2.0.0. v1.2.1 date: 2020-07-07 changes: - Remove path-is-absolute dependency. (PR: gruntjs/grunt#1715) v1.2.0 date: 2020-07-03 changes: - Allow usage of grunt plugins that are located in any location that is visible to Node.js and NPM, instead of node_modules directly inside package that have a dev dependency to these plugins. (PR: gruntjs/grunt#1677) - Removed coffeescript from dependencies. To ease transition, if coffeescript is still around, Grunt will attempt to load it. If it is not, and the user loads a CoffeeScript file, Grunt will print a useful error indicating that the coffeescript package should be installed as a dev dependency.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by vladikoff, a new releaser for grunt since your current version.


Updates highlight.js from 9.18.5 to 10.4.1

Release notes

Sourced from highlight.js's releases.

10.4.1

Security fixes:

  • (fix) Exponential backtracking fixes for: Josh Goebel
    • cpp
    • handlebars
    • gams
    • perl
    • jboss-cli
    • r
    • erlang-repl
    • powershell
    • routeros
  • (fix) Polynomial backtracking fixes for: Josh Goebel
    • asciidoc
    • reasonml
    • latex
    • kotlin
    • gcode
    • d
    • aspectj
    • moonscript
    • coffeescript/livescript
    • csharp
    • scilab
    • crystal
    • elixir
    • basic
    • ebnf
    • ruby
    • fortran/irpf90
    • livecodeserver
    • yaml
    • x86asm
    • dsconfig
    • markdown
    • ruleslanguage
    • xquery
    • sqf

Very grateful to Michael Schmidt for all the help.

10.4.0 - November 2020

A largish release with many improvements and fixes from quite a few different contributors. Enjoy!

Deprecations:

... (truncated)

Changelog

Sourced from highlight.js's changelog.

Version 10.4.1 (tentative)

Security

  • (fix) Exponential backtracking fixes for: Josh Goebel
    • cpp
    • handlebars
    • gams
    • perl
    • jboss-cli
    • r
    • erlang-repl
    • powershell
    • routeros
  • (fix) Polynomial backtracking fixes for: Josh Goebel
    • asciidoc
    • reasonml
    • latex
    • kotlin
    • gcode
    • d
    • aspectj
    • moonscript
    • coffeescript/livescript
    • csharp
    • scilab
    • crystal
    • elixir
    • basic
    • ebnf
    • ruby
    • fortran/irpf90
    • livecodeserver
    • yaml
    • x86asm
    • dsconfig
    • markdown
    • ruleslanguage
    • xquery
    • sqf

Very grateful to Michael Schmidt for all the help.

Version 10.4.0

A largish release with many improvements and fixes from quite a few different contributors. Enjoy!

... (truncated)

Commits
  • e96b915 bump 10.4.1
  • 065f65f chore(release) allow release script to handle production releases
  • 68509fc chore(docs) bump SECURITY mention to 9.18.5
  • aa0fb85 chore(docs) Version 9 has reached EOL.
  • fb0a626 enh(ci): Add tests for polynomial regex issues
  • fa46dd1 fix(reasonml) fix poly backtracking issue
  • d496052 fix(latex) fix poly backtracking issue
  • d9f1cdb fix(javascript/typescript) fix poly backtracking issue
  • fdec037 fix(asciidoc) fix poly backtracking issue
  • 02ca487 fix(kotlin) fix poly backtracking issue
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by joshgoebel, a new releaser for highlight.js since your current version.


Updates js-yaml from 3.14.1 to 4.1.0

Changelog

Sourced from js-yaml's changelog.

[4.1.0] - 2021-04-15

Added

  • Types are now exported as yaml.types.XXX.
  • Every type now has options property with original arguments kept as they were (see yaml.types.int.options as an example).

Changed

  • Schema.extend() now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as abcd instead of cbad).

[4.0.0] - 2021-01-03

Changed

  • Check migration guide to see details for all breaking changes.
  • Breaking: "unsafe" tags !!js/function, !!js/regexp, !!js/undefined are moved to js-yaml-js-types package.
  • Breaking: removed safe* functions. Use load, loadAll, dump instead which are all now safe by default.
  • yaml.DEFAULT_SAFE_SCHEMA and yaml.DEFAULT_FULL_SCHEMA are removed, use yaml.DEFAULT_SCHEMA instead.
  • yaml.Schema.create(schema, tags) is removed, use schema.extend(tags) instead.
  • !!binary now always mapped to Uint8Array on load.
  • Reduced nesting of /lib folder.
  • Parse numbers according to YAML 1.2 instead of YAML 1.1 (01234 is now decimal, 0o1234 is octal, 1:23 is parsed as string instead of base60).
  • dump() no longer quotes :, [, ], (, ) except when necessary, #470, #557.
  • Line and column in exceptions are now formatted as (X:Y) instead of at line X, column Y (also present in compact format), #332.
  • Code snippet created in exceptions now contains multiple lines with line numbers.
  • dump() now serializes undefined as null in collections and removes keys with undefined in mappings, #571.
  • dump() with skipInvalid=true now serializes invalid items in collections as null.
  • Custom tags starting with ! are now dumped as !tag instead of !<!tag>, #576.
  • Custom tags starting with tag:yaml.org,2002: are now shorthanded using !!, #258.

Added

  • Added .mjs (es modules) support.
  • Added quotingType and forceQuotes options for dumper to configure string literal style, #290, #529.
  • Added styles: { '!!null': 'empty' } option for dumper (serializes { foo: null } as "foo: "), #570.
  • Added replacer option (similar to option in JSON.stringify), #339.
  • Custom Tag can now handle all tags or multiple tags with the same prefix, #385.

Fixed

  • Astral characters are no longer encoded by dump(), #587.
  • "duplicate mapping key" exception now points at the correct column, #452.
  • Extra commas in flow collections (e.g. [foo,,bar]) now throw an exception instead of producing null, #321.
  • __proto__ key no longer overrides object prototype, #164.

... (truncated)

Commits
  • 2cef47b 4.1.0 released
  • 810b149 dist rebuild
  • 2b5620e Export built-in types, type override now preserves order
  • ab31bba doc: clarify lineWidth dump options (#612)
  • ee74ce4 4.0.0 released
  • a44bb7c dist rebuild
  • aee620a Throw an error if block sequence/mapping indent contains a tab
  • f0f205b Fix parsing of invalid block mappings
  • e8cf6f6 Fix error with anchor not being assigned to an empty node
  • a583097 Shorthand tags with !! whenever possible
  • Additional commits viewable in compare view

Updates marked from 0.3.19 to 4.0.10

Release notes

Sourced from marked's releases.

v4.0.10

4.0.10 (2022-01-13)

Bug Fixes

  • security: fix redos vulnerabilities (8f80657)

v4.0.9

4.0.9 (2022-01-06)

Bug Fixes

v4.0.8

4.0.8 (2021-12-19)

Bug Fixes

v4.0.7

4.0.7 (2021-12-09)

Bug Fixes

v4.0.6

4.0.6 (2021-12-02)

Bug Fixes

v4.0.5

4.0.5 (2021-11-25)

Bug Fixes

  • table after paragraph without blank line (#2298) (5714212)

v4.0.4

4.0.4 (2021-11-19)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by tonybrix, a new releaser for marked since your current version.


Updates underscore.string from 2.2.1 to 2.3.3

Changelog

Sourced from underscore.string's changelog.

2.3.3

  • Add toBoolean
  • Add unquote
  • Add quote char option to quote
  • Support dash-separated words in titleize
  • Full changelog

2.3.2

  • Add naturalCmp
  • Bug fix to camelize
  • Add ă, ș, ț and ś to slugify
  • Doc updates
  • Add support for component
  • Full changelog

2.3.1

  • Bug fixes to escapeHTML, classify, substr
  • Faster count
  • Documentation fixes
  • Full changelog

2.3.0

  • Added numberformat method
  • Added levenshtein method (Levenshtein distance calculation)
  • Added swapCase method
  • Changed default behavior of words method
  • Added toSentenceSerial method
  • Added surround and quote methods
Commits
  • b4b40b9 Release 2.3.3
  • 6778bef Bump version to 2.3.2
  • bcfb280 Update changelog
  • 859d7cb titleize support for dash-separated words (each letter after a dash is upper ...
  • b95c994 Add quoteChar to quote and unquote
  • 5c9bb98 Merge branch 'arhea-master'
  • 95dc05e Added unquote method
  • 3117500 Trim values for toBoolean
  • 075f3f6 Simplify toBoolean implementation #186
  • 0f184d6 Merge branch 'deleteman-toBool'
  • Additional commits viewable in compare view

Updates clean-css from 3.4.28 to 5.3.3

Changelog

Sourced from clean-css's changelog.

5.3.3 / 2023-11-30

  • Fixed issue #1262 - dynamically require os for edge runtime compatibility.

5.3.2 / 2023-01-19

  • Fixed issue #1224 - incorrect parsing of selectors with double hyphen.
  • Fixed issue #1228 - incorrect appending of '%' inside rgba colors.
  • Fixed issue #1232 - support for @container keyword.
  • Fixed issue #1239 - edge case in handling @import statements.
  • Fixed issue #1242 - support for @layer keyword.

5.3.1 / 2022-07-13

  • Fixed issue #1218 - double hyphen in at-rule breaks parsing.
  • Fixed issue #1220 - adds optimization for nth-* rules.

5.3.0 / 2022-03-31

  • Adds customizable value optimizers for variables.
  • Fixed issue #1159 - adds optimization for nth-child and nth-of-type.
  • Fixed issue #1181 - CSS level 4 color functions with spaces.
  • Fixed issue #1183 - fraction optimizer breaks image-set.
  • Fixed issue #1208 - handling generic family names.
  • Fixed issue #1210 - handling file:// protocol.

5.2.4 / 2022-01-28

  • Fixed issue #1196 - correctly parse variables & comments mix.

5.2.3 / 2022-01-26

  • Fixed issue #1185 - keeping comments inside variables.
  • Fixed issue #1194 - unexpected end of JSON input when source map is empty.

5.2.2 / 2021-10-21

  • Fixed an unsafe data URI regex, which, when clean-css is used as a service, could be used in a DOS attack.

5.2.1 / 2021-09-30

  • Fixed issue #1186 - bad error handling in batch mode with promises.

... (truncated)

Commits

Updates grunt-contrib-cssmin from 0.14.0 to 5.0.0

Release notes

Sourced from grunt-contrib-cssmin's releases.

v5.0.0

  • Update dependencies.
  • Drop Node.js < 14 support.

v4.0.0

  • Update all dependencies including clean-css v5.x.
  • Drop Node.js < 10 support.

v3.0.0

No release notes provided.

v2.2.1

No release notes provided.

v2.2.0

No release notes provided.

v2.1.0

No release notes provided.

v2.0.0

No release notes provided.

Changelog

Sourced from grunt-contrib-cssmin's changelog.

v5.0.0: date: 2023-05-01 changes: - Update dependencies. - Drop Node.js < 14 support. v4.0.0: date: 2021-02-15 changes: - Update all dependencies including clean-css v5.x. - Drop Node.js < 10 support. v3.0.0: date: 2018-09-07 changes: - Update all dependencies. - Drop Node.js < 6 support. v2.2.1: date: 2017-07-27 changes: - Fix issue with relativeTo for clean-css v4.x. v2.2.0: date: 2017-05-10 changes: - Update clean-css to v4.1.1. v2.1.0: date: 2017-04-17 changes: - Set required Node.js version to >=4 since clean-css 4.x requires that. v2.0.0: date: 2017-02-02 changes: - Update clean-css to v4.0.3. v1.0.2: date: 2016-08-31 changes: - Fix issues for node 6. v1.0.1: date: 2016-03-16 changes: - Downgrade maxmin to support Node.js 0.10. v1.0.0: date: 2016-03-04 changes: - Updated docs. - Point main to task and removed peerDeps. - Update clean-css to v3.4.1.

Commits
  • 92acd4e 5.0.0
  • 927da64 Update dependencies
  • d0e98f5 Bump qs from 6.5.2 to 6.5.3 (#316)
  • c37365e Merge pull request #314 from gruntjs/dependabot/npm_and_yarn/async-2.6.4
  • 71b857b Bump async from 2.6.3 to 2.6.4
  • 113497f Merge pull request #313 from gruntjs/dependabot/npm_and_yarn/grunt-1.5.3
  • 5d03edd Bump grunt from 1.3.0 to 1.5.3
  • 5f07d1e Merge pull request #310 from gruntjs/dependabot/npm_and_yarn/hosted-git-info-...
  • ed59bf9 Bump hosted-git-info from 2.8.8 to 2.8.9
  • 21d5d5b Merge pull request #309 from gruntjs/dependabot/npm_and_yarn/minimist-1.2.6
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by xhmikosr, a new releaser for grunt-contrib-cssmin since your current version.


Updates debug from 0.7.4 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

  • Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​zhuangya for their help!

release 2.6.7

No release notes provided.

release 2.6.6

No release notes provided.

release 2.6.5

No release notes provided.

release 2.6.4

No release notes provided.

release 2.6.3

No release notes provided.

release 2.6.2

No release notes provided.

release 2.6.1

No release notes provided.

release 2.6.0

No release notes provided.

release 2.5.2

No release notes provided.

release 2.5.1

No release notes provided.

release 2.4.5

No release notes provided.

release 2.4.4

No release notes provided.

release 2.4.3

No release notes provided.

release 2.4.2

No release notes provided.

... (truncated)

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

  • remove ReDoS regexp in %o formatter (#504)

2.6.8 / 2017-05-18

2.6.7 / 2017-05-16

2.6.5 / 2017-04-27

2.6.4 / 2017-04-20

2.6.3 / 2017-03-13

2.6.2 / 2017-03-10

2.6.1 / 2017-02-10

  • Fix: Module's export default syntax fix for IE8 Expected identifier error
  • Fix: Whitelist DEBUG_FD for values 1 and 2 only (#415, @​pi0)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by tootallnate, a new releaser for debug since your current version.


Updates grunt-contrib-watch from 0.6.1 to 1.1.0

Changelog

Sourced from grunt-contrib-watch's changelog.

v1.1.0: date: 2018-05-12 changes: - Update to [email protected], [email protected], [email protected] v1.0.1: date: 2018-04-20 changes: - Update to [email protected], lodash@4 v1.0.0: date: 2016-03-12 changes: - Updated tiny-lr, gaze, async and lodash dependencies. - Fix endless loop issue with atBegin/nospawn. - Expose hostname parameter of tiny-lr. - Support cwd.event to emit events relative to path. - Removed peerDependencies setting.

Commits

Updates mocha from 3.5.3 to 10.4.0

Release notes

Sourced from mocha's releases.

v10.4.0

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

... (truncated)

Changelog

Sourced from mocha's changelog.

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

🔩 Other

... (truncated)

Commits

updated-dependencies:
- dependency-name: grunt
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: highlight.js
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: marked
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: underscore.string
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: clean-css
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: grunt-contrib-cssmin
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: debug
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: grunt-contrib-watch
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: mocha
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: getobject
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-sass
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: grunt-sass
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: nth-check
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cheerio
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants