Bump the npm_and_yarn group with 6 updates #3897
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 6 updates:
2.2.4
3.5.0
3.0.2
3.0.3
4.0.2
5.0.0
2.3.0
3.0.0
0.2.0
0.2.2
1.2.5
1.2.8
Updates
jquery
from 2.2.4 to 3.5.0Release notes
Sourced from jquery's releases.
Commits
7a0a850
3.5.08570a08
Release: Update AUTHORS.txtda3dd85
Ajax: Do not execute scripts for unsuccessful HTTP responses065143c
Ajax: Overwrite s.contentType with content-type header value, if any1a4f10d
Tests: Blacklist one focusin test in IE9e15d6b
Event: Use only one focusin/out handler per matching window & document966a709
Manipulation: Skip the select wrapper for <option> outside of IE 91d61fd9
Manipulation: Make jQuery.htmlPrefilter an identity function04bf577
Selector: Update Sizzle from 2.3.4 to 2.3.57506c9c
Build: Resolve Travis config warningsMaintainer changes
This version was pushed to npm by mgol, a new releaser for jquery since your current version.
Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
gulp
from 4.0.2 to 5.0.0Release notes
Sourced from gulp's releases.
... (truncated)
Changelog
Sourced from gulp's changelog.
... (truncated)
Commits
5c4c547
chore: Release 5.0.0 (#2762)bf72116
chore: Add index.mjs to files listb00de68
feat: Provide an ESM export (#2760)72668c6
chore!: Normalize repository, dropping node <10.13 support (#2758)85896d4
chore(docs): Update stream handbook link (#2711)818bd73
Docs: Remove gulp-sourcemaps because it is built-in (#2592)598f971
Docs: Fix broken link in recipe (#2571)9877de0
Docs: Guide CustomRegistries to maintain properties on tasks (fixes #2561) (#...f91c388
Docs: Remove typo in custom registry docs (#2543)df25250
Docs: Fix typo in task docs (#2524)Updates
gulp-cli
from 2.3.0 to 3.0.0Release notes
Sourced from gulp-cli's releases.
Changelog
Sourced from gulp-cli's changelog.
Commits
e422eb1
chore: Release 3.0.0 (#248)f495154
chore: Renamed prepublish script to manpageaffeda9
feat: Add deprecated warning for gulplog v1 messages (#266)f06ff30
feat: Add versioned handler for gulp v5 (#265)e16d675
feat: Support theming and translations via config files (#260)9a1d013
chore: Augmenttask not found
error with helpful properties (#262)e5c7983
chore!: Only allow js variants for.gulp
config files (#261)ed86da7
feat!: Upgrade to Liftoff v5 and avoid merging flags/config/env (#259)36f05d5
fix: Ensure the logger is wired up before running liftoff (#258)4fc66f6
chore: Revert options & yargs parser changes (#257)Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
minimist
from 1.2.5 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.