Bump the npm_and_yarn group across 1 directory with 20 updates #2

dependabot · 2024-03-17T03:33:08Z

Bumps the npm_and_yarn group with 16 updates in the / directory:

Package	From	To
postcss	`7.0.0`	`8.4.31`
@babel/traverse	`7.0.0-beta.44`	`7.24.0`
babel-eslint	`8.2.6`	`10.1.0`
browserify-sign	`4.0.4`	`4.2.3`
decode-uri-component	`0.2.0`	`0.2.2`
eventsource	`0.1.6`	`2.0.2`
webpack-dev-server	`3.1.4`	`3.11.3`
fsevents	`1.2.4`	`1.2.13`
minimist	`1.2.0`	`1.2.8`
mkdirp	`0.5.1`	`0.5.6`
loader-fs-cache	`1.0.1`	`1.0.3`
tar	`4.4.1`	`4.4.19`
loader-utils	`1.1.0`	`1.4.2`
rollup-plugin-vue	`4.3.1`	`6.0.0`
global-modules-path	`2.1.0`	``
webpack-cli	`3.0.8`	`3.3.12`

Updates postcss from 7.0.0 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by @romainmenke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by @KingSora).

8.4.17

Fixed Node.before() unexpected behavior (by @romainmenke).

Added TOC to docs (by @muddv).

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

Fixed Node.before() unexpected behavior (by Romain Menke).

Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

90208de Release 8.4.31 version
58cc860 Fix carrier return parsing
4fff8e4 Improve pnpm test output
cd43ed1 Update dependencies
caa916b Update dependencies
8972f76 Typo
11a5286 Typo
45c5501 Release 8.4.30 version
bc3c341 Update linter
b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
Additional commits viewable in compare view

Updates @babel/traverse from 7.0.0-beta.44 to 7.24.0

Release notes

Sourced from @babel/traverse's releases.

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

#16284 Add experimental_useHermesParser option in preset-flow (@liuxingbaoyu)

babel-helper-import-to-platform-api, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-standalone

#16172 Add transform support for JSON modules imports (@nicolo-ribaudo)

babel-plugin-transform-runtime

#16241 Add back moduleName option to @babel/plugin-transform-runtime (@nicolo-ribaudo)

babel-parser, babel-types

#16277 Allow import attributes for TSImportType (@sosukesuzuki)

🐛 Bug Fix

babel-plugin-proposal-do-expressions, babel-traverse

#16305 fix: avoid popContext on unvisited node paths (@JLHwung)

babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object

#16312 Fix class private properties when privateFieldsAsSymbols (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods

#16307 Fix the support of arguments in private get/set method (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators

#16287 Reduce decorator static property size (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16281 Fix evaluation order of decorators with cached receiver (@nicolo-ribaudo)

#16279 Fix decorator this memoization (@JLHwung)

#16266 Preserve static on decorated private accessor (@nicolo-ribaudo)

#16258 fix: handle decorated async private method and generator (@JLHwung)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-preset-env

#16275 Fix class private properties when privateFieldsAsProperties (@liuxingbaoyu)

babel-helpers

#16268 Do not consider arguments in a helper as a global reference (@nicolo-ribaudo)

babel-helpers, babel-plugin-proposal-decorators

#16270 Handle symbol key class elements decoration (@JLHwung)

#16265 Do not define access.get for public setter decorators (@nicolo-ribaudo)

💅 Polish

babel-core, babel-helper-create-class-features-plugin, babel-preset-env

#12428 Suggest using BABEL_SHOW_CONFIG_FOR for config problems (@nicolo-ribaudo)

🏠 Internal

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

#16284 Add experimental_useHermesParser option in preset-flow (@liuxingbaoyu)

babel-helper-import-to-platform-api, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-standalone

#16172 Add transform support for JSON modules imports (@nicolo-ribaudo)

babel-plugin-transform-runtime

#16241 Add back moduleName option to @babel/plugin-transform-runtime (@nicolo-ribaudo)

babel-parser, babel-types

#16277 Allow import attributes for TSImportType (@sosukesuzuki)

🐛 Bug Fix

babel-plugin-proposal-do-expressions, babel-traverse

#16305 fix: avoid popContext on unvisited node paths (@JLHwung)

babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object

#16312 Fix class private properties when privateFieldsAsSymbols (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-transform-private-methods

#16307 Fix the support of arguments in private get/set method (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators

#16287 Reduce decorator static property size (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16281 Fix evaluation order of decorators with cached receiver (@nicolo-ribaudo)

#16279 Fix decorator this memoization (@JLHwung)

#16266 Preserve static on decorated private accessor (@nicolo-ribaudo)

#16258 fix: handle decorated async private method and generator (@JLHwung)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-preset-env

#16275 Fix class private properties when privateFieldsAsProperties (@liuxingbaoyu)

babel-helpers

#16268 Do not consider arguments in a helper as a global reference (@nicolo-ribaudo)

babel-helpers, babel-plugin-proposal-decorators

#16270 Handle symbol key class elements decoration (@JLHwung)

#16265 Do not define access.get for public setter decorators (@nicolo-ribaudo)

💅 Polish

babel-core, babel-helper-create-class-features-plugin, babel-preset-env

#12428 Suggest using BABEL_SHOW_CONFIG_FOR for config problems (@nicolo-ribaudo)

🏠 Internal

babel-helper-transform-fixture-test-runner

#16278 Continue writing output.js when exec.js throws (@liuxingbaoyu)

🔬 Output optimization

... (truncated)

Commits

ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
d292822 fix: Crash when removing without Program (#16191)
d02c1f7 v7.23.6
cce807f Bump debug to ^4.3.1 (#16164)
8479012 v7.23.5
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for @babel/traverse since your current version.

Updates babel-eslint from 8.2.6 to 10.1.0

Release notes

Sourced from babel-eslint's releases.

v10.1.0

Added ability to parse Flow enums #812 (@gkz)

v10.0.3

Fixes babel/babel-eslint#791, also eslint/eslint#12117

Some context: babel/babel-eslint#793

We ended up going with @JLHwung's PR babel/babel-eslint#794 which uses ESLint's deps instead of going with peerDeps since it really depends on the version being used and we don't want users to have to install it directly on their own.

babel-eslint is patching patches of the dependencies of ESLint itself so these kinds of issues have happened in the past. We'll need to look into figuring out how to have a more solid way of modifying behavior instead of this monkeypatching type of thing for future releases.

v10.0.2

Fixes babel/babel-eslint#772

v10.0.1

Reverting babel/babel-eslint#584

The TypeAlias "conversion" to a function has issues. Sounds like we need to rethink the change, most likely we can just actually change the scoping rather than hardcode an AST change.

v10.0.0

Small breaking change: add a peerDependency starting from the ESLint version that added a parser feature that we were monkeypatching before (and drop that code). If already using ESLint 5 shouldn't be any different.

Bugfix for TypeAlias: babel/babel-eslint#584
/* @flow */
type Node<T> = { head: T; tail: Node<T> }
// or
type File = {chunks: Array<Chunk>}
type Chunk = {file: File}
Update to test against ESLint 5, add a peerDependency: babel/babel-eslint#689

Drop monkeypatching behavior: babel/babel-eslint#690

v9.0.0

We've released v7: https://twitter.com/left_pad/status/1034204330352500736, so this just updates babel-eslint to use those versions internally. That in itself doesn't break anything but:

Babel now supports the new decorators proposal by default, so we need to switch between the new and the old proposal. This is a breaking change.

To enable the legacy decorators proposal users should add a specific parser option:
{
</tr></table> 

... (truncated)

Commits

4bd049e 10.1.0
2c754a8 Update Babel to ^7.7.0 and enable Flow enums parsing (#812)
183d13e 10.0.3
354953d fix: require eslint dependencies from eslint base (#794)
48f6d78 10.0.2
0241b48 removed unused file reference (#773)
4cf0a21 10.0.1
98c1f13 Revert #584 (#697)
8f78e28 10.0.0
717fba7 test value should be switched
Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates eventsource from 0.1.6 to 2.0.2

Changelog

Sourced from eventsource's changelog.

2.0.2

Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal)

2.0.1

Fix URL is not a constructor error for browser (#268 Ajinkya Rajput)

2.0.0

BREAKING: Node >= 12 now required (#152 @HonkingGoose)

Preallocate buffer size when reading data for increased performance with large messages (#239 Pau Freixes)

Removed dependency on url-parser. Fixes CVE-2022-0512 & CVE-2022-0691 (#249 Alex Hladin)

1.1.2

Inline origin resolution, drops original dependency (#281 Espen Hovlandsdal)

1.1.1

Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal)

1.1.0

Improve performance for large messages across many chunks (#130 Trent Willis)

Add createConnection option for http or https requests (#120 Vasily Lavrov)

Support HTTP 302 redirects (#116 Ryan Bonte)

Prevent sequential errors from attempting multiple reconnections (#125 David Patty)

Add new to correct test (#111 Stéphane Alnet)

Fix reconnections attempts now happen more than once (#136 Icy Fish)

1.0.7

Add dispatchEvent to EventSource (#101 Ali Afroozeh)

Added checkServerIdentity option (#104 cintolas)

Surface request error message (#107 RasPhilCo)

1.0.6

Fix issue where a unicode sequence split in two chunks would lead to invalid messages (#108 Espen Hovlandsdal)

Change example to use eventsource/ssestream (Aslak Hellesøy)

1.0.5

Check for window existing before polyfilling. (#80 Neftaly Hernandez)

1.0.4

Pass withCredentials on to the XHR. (#79 Ken Mayer)

... (truncated)

Commits

774ed10 2.0.2
53356b5 chore: rebuild polyfill
7ed08fe docs: update HISTORY for v2.0.2
dc89cfd refactor: reuse unsafe header regex pattern
10ee0c4 fix: strip sensitive headers on redirect to different origin
a95ba90 2.0.1
9321d5c Fix: browser compatibility Merge pull request #268 from ajinkyarajput/ajinkya...
a759bc5 Update HISTORY.md
f52ed50 Standard: Make URL is global variable
9f28bd6 Make it again browser compatible
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by rexxars, a new releaser for eventsource since your current version.

Updates webpack-dev-server from 3.1.4 to 3.11.3

Release notes

Sourced from webpack-dev-server's releases.

v3.11.3

3.11.3 (2021-11-08)

Bug Fixes

replace ansi-html with ansi-html-community (#4011) (4fef67b)

v3.11.2

3.11.2 (2021-01-13)

Bug Fixes

cli arguments for serve command (a5fe337)

v3.11.1

3.11.1 (2020-12-29)

Bug Fixes

the open option works using webpack serve without value (#2948) (4837dc9)

vulnerable deps (#2949) (78dde50)

v3.11.0

3.11.0 (2020-05-08)

Features

add icons for directory viewer (#2441) (e953d01)

allow multiple contentBasePublicPath paths (#2489) (c6bdfe4)

emit progress-update (#2498) (4808abd), closes #1666

add invalidate endpoint (#2493) (89ffb86)

allow open option to accept an object (#2492) (adeb92e)

Bug Fixes

do not swallow errors from server (#2512) (06583f2)

security vulnerability in yargs-parser (#2566) (41d1d0c)

don't crash on setupExitSignals(undefined) (#2507) (0d5c681)

support entry descriptor (closes #2453) (#2465) (8bbef6a)

update jquery (#2516) (99ccfd8)

v3.10.3

3.10.3 (2020-02-05)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

3.11.3 (2021-11-08)

Bug Fixes

replace ansi-html with ansi-html-community (#4011) (4fef67b)

3.11.2 (2021-01-13)

Bug Fixes

cli arguments for serve command (a5fe337)

3.11.1 (2020-12-29)

Bug Fixes

the open option works using webpack serve without value (#2948) (4837dc9)

vulnerable deps (#2949) (78dde50)

3.11.0 (2020-05-08)

Features

add icons for directory viewer (#2441) (e953d01)

allow multiple contentBasePublicPath paths (#2489) (c6bdfe4)

emit progress-update (#2498) (4808abd), closes #1666

add invalidate endpoint (#2493) (89ffb86)

allow open option to accept an object (#2492) (adeb92e)

Bug Fixes

do not swallow errors from server (#2512) (06583f2)

security vulnerability in yargs-parser (#2566) (41d1d0c)

don't crash on setupExitSignals(undefined) (#2507) (0d5c681)

support entry descriptor (closes #2453) (#2465) (8bbef6a)

update jquery (#2516) (99ccfd8)

3.10.3 (2020-02-05)

Bug Fixes

forward error requests to the proxy (#2425) (e291cd4)

3.10.2 (2020-01-31)

... (truncated)

Commits

aa3cddc chore(release): 3.11.3
4fef67b fix: replace ansi-html with ansi-html-community (#4011)
5cb545f chore(release): 3.11.2
a5fe337 fix: cli arguments for serve command
7e70eee chore(release): 3.11.1
78dde50 fix: vulnerable deps (#2949)
4837dc9 fix: the open option works using webpack serve without value (#2948)
4ab1f21 chore(release): 3.11.0
0e51fb1 fix: invalidate route (#2584)
f857c40 chore: deps and tests
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack-dev-server since your current version.

Updates follow-redirects from 1.5.1 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Updates fsevents from 1.2.4 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

Commits

844a05d Version Bump
f393f2a Only build fsevents on macOS (#322)
6a281a7 [publish binar...
Description has been truncated

Bumps the npm_and_yarn group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [postcss](https://github.com/postcss/postcss) | `7.0.0` | `8.4.31` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.0.0-beta.44` | `7.24.0` | | [babel-eslint](https://github.com/babel/babel-eslint) | `8.2.6` | `10.1.0` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [eventsource](https://github.com/EventSource/eventsource) | `0.1.6` | `2.0.2` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.1.4` | `3.11.3` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [loader-fs-cache](https://github.com/viankakrisna/loader-fs-cache) | `1.0.1` | `1.0.3` | | [tar](https://github.com/isaacs/node-tar) | `4.4.1` | `4.4.19` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.1.0` | `1.4.2` | | [rollup-plugin-vue](https://github.com/vuejs/rollup-plugin-vue) | `4.3.1` | `6.0.0` | | [global-modules-path](https://github.com/rosen-vladimirov/global-modules-path) | `2.1.0` | `` | | [webpack-cli](https://github.com/webpack/webpack-cli) | `3.0.8` | `3.3.12` | Updates `postcss` from 7.0.0 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.0...8.4.31) Updates `@babel/traverse` from 7.0.0-beta.44 to 7.24.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-traverse) Updates `babel-eslint` from 8.2.6 to 10.1.0 - [Release notes](https://github.com/babel/babel-eslint/releases) - [Commits](babel/babel-eslint@v8.2.6...v10.1.0) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `eventsource` from 0.1.6 to 2.0.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v0.1.6...v2.0.2) Updates `webpack-dev-server` from 3.1.4 to 3.11.3 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/v3.11.3/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v3.1.4...v3.11.3) Updates `follow-redirects` from 1.5.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.1...v1.15.6) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `loader-fs-cache` from 1.0.1 to 1.0.3 - [Commits](https://github.com/viankakrisna/loader-fs-cache/commits) Updates `tar` from 4.4.1 to 4.4.19 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.1...v4.4.19) Updates `loader-utils` from 1.1.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.1.0...v1.4.2) Updates `rollup-plugin-vue` from 4.3.1 to 6.0.0 - [Release notes](https://github.com/vuejs/rollup-plugin-vue/releases) - [Changelog](https://github.com/vuejs/rollup-plugin-vue/blob/next/CHANGELOG.md) - [Commits](https://github.com/vuejs/rollup-plugin-vue/commits) Removes `global-modules-path` Updates `webpack-cli` from 3.0.8 to 3.3.12 - [Release notes](https://github.com/webpack/webpack-cli/releases) - [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-cli@v3.0.8...v3.3.12) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `node-forge` from 0.7.5 to 0.10.0 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.7.5...0.10.0) Updates `url-parse` from 1.4.1 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.1...1.5.10) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: babel-eslint dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-server dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: mkdirp dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-fs-cache dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: rollup-plugin-vue dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: global-modules-path dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-cli dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-03-22T00:41:35Z

Superseded by #3.

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 17, 2024

dependabot bot mentioned this pull request Mar 17, 2024

Bump the npm_and_yarn group across 1 directories with 20 updates #1

Closed

dependabot bot closed this Mar 22, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-368888b069 branch March 22, 2024 00:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group across 1 directory with 20 updates #2

Bump the npm_and_yarn group across 1 directory with 20 updates #2

Uh oh!

dependabot bot commented on behalf of github Mar 17, 2024

Uh oh!

dependabot bot commented on behalf of github Mar 22, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the npm_and_yarn group across 1 directory with 20 updates #2

Bump the npm_and_yarn group across 1 directory with 20 updates #2

Uh oh!

Conversation

dependabot bot commented on behalf of github Mar 17, 2024

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

v7.24.0 (2024-02-28)

🚀 New Feature

🐛 Bug Fix

💅 Polish

🏠 Internal

v7.24.0 (2024-02-28)

🚀 New Feature

🐛 Bug Fix

💅 Polish

🏠 Internal

🔬 Output optimization

v10.1.0

v10.0.3

v10.0.2

v10.0.1

v10.0.0

v9.0.0

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v0.2.2

v0.2.1

v3.11.3

3.11.3 (2021-11-08)

Bug Fixes

v3.11.2

3.11.2 (2021-01-13)

Bug Fixes

v3.11.1

3.11.1 (2020-12-29)

Bug Fixes

v3.11.0

3.11.0 (2020-05-08)

Features

Bug Fixes

v3.10.3

3.10.3 (2020-02-05)