Skip to content
This repository was archived by the owner on Apr 23, 2025. It is now read-only.

Bump the npm_and_yarn group across 1 directory with 12 updates #55

Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 12 updates #55

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 23, 2024

Bumps the npm_and_yarn group with 11 updates in the / directory:

Package From To
handlebars 4.5.3 4.7.7
cookiejar 2.1.2 2.1.4
debug 3.2.6 3.2.7
underscore 1.1.7 1.13.6
jsonpath 1.0.1 1.1.1
jsdoc 3.6.3 3.6.11
lodash 4.17.19 4.17.21
minimist 0.0.8 removed
mocha 5.2.0 10.4.0
qs 6.7.0 6.12.1
taffydb 2.6.2 removed
jsdoc 3.6.11 4.0.2

Updates handlebars from 4.5.3 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

Compatibility notes:

  • Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

  • Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

  • Node.js < v6 is no longer supported Reverted in 4.7.6

Commits

v4.7.4 - April 1st, 2020

Chore/Housekeeping:

Compatibility notes:

... (truncated)

Commits

Updates cookiejar from 2.1.2 to 2.1.4

Commits

Updates debug from 3.2.6 to 3.2.7

Commits
Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.


Updates underscore from 1.1.7 to 1.13.6

Commits
  • bd2d35c Merge remote-tracking branch 'upstream/master'
  • 2e7c0f2 Update generated files, tag 1.13.6 release
  • 732cafe Underscore 1.13.6
  • e8f86fb Add changelog entry for versioin 1.13.6
  • 43e827a Bump the version to 1.13.6 (hotfix)
  • 1c1d1a2 Remove patch-package postinstall script
  • 4eb6894 Merge pull request #2974 from paulsmithkc/patch-1
  • 2edcdc1 Hostfix for broken builds
  • 66ee70d Verify that production and doc builds still work in CI
  • 68e5eb6 Update generated sources, tag 1.13.5 release
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jgonggrijp, a new releaser for underscore since your current version.


Updates jsonpath from 1.0.1 to 1.1.1

Commits

Updates jsdoc from 3.6.3 to 3.6.11

Changelog

Sourced from jsdoc's changelog.

3.6.11 (July 2022)

Updates dependency versions to make JSDoc compatible with Node.js 12.0.0 and later.

3.6.10 (January 2022)

Fixes an issue in JSDoc 3.6.9 that prevented JSDoc from being installed in some continuous integration (CI) environments.

3.6.9 (January 2022)

Fixes an issue in JSDoc 3.6.8 that prevented npm install jsdoc from working.

3.6.8 (January 2022)

Updates dependencies.

3.6.7 (May 2021)

Updates dependencies.

3.6.6 (September 2020)

Fixes an issue that could cause members of an interface to be tracked incorrectly if the interface was both defined as an ES2015 class and assigned to a variable. For example:

/** @interface */
foo.Bar = class {
  constructor() {
    /** This member was missing from the generated docs. */
    this.baz = null;
  }
};

3.6.5 (July 2020)

Prevents circular references in doclets when two function parameters use the same type expression, and the --debug flag is present.

3.6.4 (April 2020)

Updates dependencies.

Commits

Updates lodash from 4.17.19 to 4.17.21

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates marked from 0.7.0 to 4.3.0

Release notes

Sourced from marked's releases.

v4.3.0

4.3.0 (2023-03-22)

Bug Fixes

Features

v4.2.12

4.2.12 (2023-01-14)

Sorry for all of the quick releases. We were testing out different ways to build the files for releases. v4.2.5 - v4.2.12 have no changes to how marked works. The only addition is the version number in the comment in the build files.

Bug Fixes

  • revert to build script in ci (d2ab474)

v4.2.11

4.2.11 (2023-01-14)

Bug Fixes

v4.2.10

4.2.10 (2023-01-14)

Bug Fixes

v4.2.9

4.2.9 (2023-01-14)

Bug Fixes

... (truncated)

Commits
  • d65cf63 chore(release): 4.3.0 [skip ci]
  • 28f4342 🗜️ build v4.3.0 [skip ci]
  • 9b452bc feat: add preprocess and postprocess hooks (#2730)
  • 042dcc5 fix: always return promise if async (#2728)
  • 3acbb7f fix: fenced code doesn't need a trailing newline (#2756)
  • d1f1319 chore(deps-dev): Bump rollup from 3.19.1 to 3.20.0 (#2760)
  • 0ced8a5 chore(deps-dev): Bump jasmine from 4.5.0 to 4.6.0 (#2758)
  • a5bbe19 chore(deps-dev): Bump @​babel/core from 7.21.0 to 7.21.3 (#2761)
  • 00f6e2a chore(deps-dev): Bump semantic-release from 20.1.1 to 20.1.3 (#2759)
  • 8c7bca8 chore(deps-dev): Bump node-fetch from 3.3.0 to 3.3.1 (#2754)
  • Additional commits viewable in compare view

Removes minimist

Updates mocha from 5.2.0 to 10.4.0

Release notes

Sourced from mocha's releases.

v10.4.0

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

... (truncated)

Changelog

Sourced from mocha's changelog.

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

🔩 Other

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.


Updates qs from 6.7.0 to 6.12.1

Changelog

Sourced from qs's changelog.

6.12.1

  • [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
  • [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
  • [Refactor] utils: use +=
  • [Tests] increase coverage

6.12.0

  • [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)
  • [New] parse: add duplicates option
  • [New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)
  • [Refactor] parse/stringify: move allowDots config logic to its own variable
  • [Refactor] stringify: move option-handling code into normalizeStringifyOptions
  • [readme] update readme, add logos (#484)
  • [readme] stringify: clarify default arrayFormat behavior
  • [readme] fix line wrapping
  • [readme] remove dead badges
  • [Deps] update side-channel
  • [meta] make the dist build 50% smaller
  • [meta] add sideEffects flag
  • [meta] run build in prepack, not prepublish
  • [Tests] parse: remove useless tests; add coverage
  • [Tests] stringify: increase coverage
  • [Tests] use mock-property
  • [Tests] stringify: improve coverage
  • [Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape
  • [Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak
  • [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

6.11.2

  • [Fix] parse: Fix parsing when the global Object prototype is frozen (#473)
  • [Tests] add passing test cases with empty keys (#473)

6.11.1

  • [Fix] stringify: encode comma values more consistently (#463)
  • [readme] add usage of filter option for injecting custom serialization, i.e. of custom types (#447)
  • [meta] remove extraneous code backticks (#457)
  • [meta] fix changelog markdown
  • [actions] update checkout action
  • [actions] restrict action permissions
  • [Dev Deps] update @ljharb/eslint-config, aud, object-inspect, tape

6.11.0

  • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
  • [readme] fix version badge

6.10.5

  • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

... (truncated)

Commits
  • 29dda21 v6.12.1
  • 7e18298 [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior
  • fd3cd7a [Tests] increase coverage
  • 6d7df02 [Performance] utils: Optimize performance under large data volumes, reduce ...
  • 572533c [Refactor] utils: use +=
  • c4d29f3 [meta] add tea.yaml
  • 062334a v6.12.0
  • f09cffc [meta] make the dist build 50% smaller
  • 934dfe8 [meta] run build in prepack, not prepublish
  • c8a269f [Tests] parse: remove useless tests; add coverage
  • Additional commits viewable in compare view

Removes taffydb

Updates jsdoc from 3.6.11 to 4.0.2

Changelog

Sourced from jsdoc's changelog.

3.6.11 (July 2022)

Updates dependency versions to make JSDoc compatible with Node.js 12.0.0 and later.

3.6.10 (January 2022)

Fixes an issue in JSDoc 3.6.9 that prevented JSDoc from being installed in some continuous integration (CI) environments.

3.6.9 (January 2022)

Fixes an issue in JSDoc 3.6.8 that prevented npm install jsdoc from working.

3.6.8 (January 2022)

Updates dependencies.

3.6.7 (May 2021)

Updates dependencies.

3.6.6 (September 2020)

Fixes an issue that could cause members of an interface to be tracked incorrectly if the interface was both defined as an ES2015 class and assigned to a variable. For example:

/** @interface */
foo.Bar = class {
  constructor() {
    /** This member was missing from the generated docs. */
    this.baz = null;
  }
};

3.6.5 (July 2020)

Prevents circular references in doclets when two function parameters use the same type expression, and the --debug flag is present.

3.6.4 (April 2020)

Updates dependencies.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 12 updates
1cfdaba 
Bumps the npm_and_yarn group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.7` |
| [cookiejar](https://github.com/bmeck/node-cookiejar) | `2.1.2` | `2.1.4` |
| [debug](https://github.com/debug-js/debug) | `3.2.6` | `3.2.7` |
| [underscore](https://github.com/jashkenas/underscore) | `1.1.7` | `1.13.6` |
| [jsonpath](https://github.com/dchester/jsonpath) | `1.0.1` | `1.1.1` |
| [jsdoc](https://github.com/jsdoc/jsdoc) | `3.6.3` | `3.6.11` |
| [lodash](https://github.com/lodash/lodash) | `4.17.19` | `4.17.21` |
| [minimist](https://github.com/minimistjs/minimist) | `0.0.8` | `removed` |
| [mocha](https://github.com/mochajs/mocha) | `5.2.0` | `10.4.0` |
| [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.12.1` |
| [taffydb](https://github.com/typicaljoe/taffydb) | `2.6.2` | `removed` |
| [jsdoc](https://github.com/jsdoc/jsdoc) | `3.6.11` | `4.0.2` |



Updates `handlebars` from 4.5.3 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.5.3...v4.7.7)

Updates `cookiejar` from 2.1.2 to 2.1.4
- [Commits](https://github.com/bmeck/node-cookiejar/commits)

Updates `debug` from 3.2.6 to 3.2.7
- [Release notes](https://github.com/debug-js/debug/releases)
- [Commits](debug-js/debug@3.2.6...3.2.7)

Updates `underscore` from 1.1.7 to 1.13.6
- [Commits](jashkenas/underscore@1.1.7...1.13.6)

Updates `jsonpath` from 1.0.1 to 1.1.1
- [Commits](https://github.com/dchester/jsonpath/commits)

Updates `jsdoc` from 3.6.3 to 3.6.11
- [Release notes](https://github.com/jsdoc/jsdoc/releases)
- [Changelog](https://github.com/jsdoc/jsdoc/blob/main/CHANGES.md)
- [Commits](jsdoc/jsdoc@3.6.3...3.6.11)

Updates `lodash` from 4.17.19 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.19...4.17.21)

Updates `marked` from 0.7.0 to 4.3.0
- [Release notes](https://github.com/markedjs/marked/releases)
- [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json)
- [Commits](markedjs/marked@v0.7.0...v4.3.0)

Removes `minimist`

Updates `mocha` from 5.2.0 to 10.4.0
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md)
- [Commits](mochajs/mocha@v5.2.0...v10.4.0)

Updates `qs` from 6.7.0 to 6.12.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.7.0...v6.12.1)

Removes `taffydb`

Updates `jsdoc` from 3.6.11 to 4.0.2
- [Release notes](https://github.com/jsdoc/jsdoc/releases)
- [Changelog](https://github.com/jsdoc/jsdoc/blob/main/CHANGES.md)
- [Commits](jsdoc/jsdoc@3.6.3...3.6.11)

---
updated-dependencies:
- dependency-name: handlebars
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cookiejar
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: debug
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: underscore
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsonpath
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsdoc
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: marked
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mocha
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: taffydb
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsdoc
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 23, 2024
This was referenced Apr 23, 2024
Closed
Closed
Closed
Closed
Closed
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants