Skip to content

Bump the npm_and_yarn group across 1 directory with 21 updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 21 updates #2

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Oct 24, 2024

Bumps the npm_and_yarn group with 17 updates in the / directory:

Package From To
async 0.9.2 1.0.0
bower 1.8.4 1.8.9
highlight.js 8.9.1 10.4.1
js-yaml 3.12.0 3.14.1
lodash 2.4.2 4.17.21
marked 0.3.19 4.0.10
minimist 1.2.0 1.2.6
request 2.88.0 2.88.2
serve-static 1.13.2 1.16.0
uglify-js 2.8.29 3.0.0
browserify-sign 4.0.4 4.2.3
handlebars 4.0.12 4.7.8
merge 1.0.0 removed
testling 1.7.1 1.7.7
qs 2.3.3 6.13.0
http-server 0.7.5 14.1.1
underscore 1.9.1 1.13.7

Updates async from 0.9.2 to 1.0.0

Changelog

Sourced from async's changelog.

v1.0.0

No known breaking changes, we are simply complying with semver from here on out.

Changes:

  • Start using a changelog!
  • Add forEachOf for iterating over Objects (or to iterate Arrays with indexes available) (#168 #704 #321)
  • Detect deadlocks in auto (#663)
  • Better support for require.js (#527)
  • Throw if queue created with concurrency 0 (#714)
  • Fix unneeded iteration in queue.resume() (#758)
  • Guard against timer mocking overriding setImmediate (#609 #611)
  • Miscellaneous doc fixes (#542 #596 #615 #628 #631 #690 #729)
  • Use single noop function internally (#546)
  • Optimize internal _each, _map and _keys functions.
Commits
  • cfa8164 v1.0.0
  • bb33062 update changelog for 1.0.0
  • e417af6 guard against setImmediate mocking. Fixes #609 #611
  • 29e7141 change pronoun. Fixes #729
  • 91f6fb3 fix unneeded iteration in queue.resume. Fixes #758
  • 39715f4 update ignore files, update changelog
  • 3ffbf2b optmize internal _each, _map, _keys, _forEachOf functions
  • facb5cf Merge pull request #762 from VitoNordloh/master
  • f5c6331 improved benchmark code, added more benchmarks
  • 562f879 intercept queue concurrency of 0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by aearly, a new releaser for async since your current version.


Updates bower from 1.8.4 to 1.8.9

Release notes

Sourced from bower's releases.

v1.8.8

Fix security issue connected to extracting .tar.gz archives

This bug allows to write arbitrary file on filesystem when Bower extracts malicious package

Needlessly to say, please upgrade

v1.8.7

Fixes side effect of fix from v1.8.6 that caused improper permissions for extracted folders

bower/bower#2532

v1.8.6

Fix Zip Slip Vulnerability of decompress-zip package: https://snyk.io/research/zip-slip-vulnerability

Note: v1.8.5 has been unpublished because of missing files

Commits
Maintainer changes

This version was pushed to npm by sheerun, a new releaser for bower since your current version.


Updates highlight.js from 8.9.1 to 10.4.1

Release notes

Sourced from highlight.js's releases.

10.4.1

Security fixes:

  • (fix) Exponential backtracking fixes for: Josh Goebel
    • cpp
    • handlebars
    • gams
    • perl
    • jboss-cli
    • r
    • erlang-repl
    • powershell
    • routeros
  • (fix) Polynomial backtracking fixes for: Josh Goebel
    • asciidoc
    • reasonml
    • latex
    • kotlin
    • gcode
    • d
    • aspectj
    • moonscript
    • coffeescript/livescript
    • csharp
    • scilab
    • crystal
    • elixir
    • basic
    • ebnf
    • ruby
    • fortran/irpf90
    • livecodeserver
    • yaml
    • x86asm
    • dsconfig
    • markdown
    • ruleslanguage
    • xquery
    • sqf

Very grateful to Michael Schmidt for all the help.

10.4.0 - November 2020

A largish release with many improvements and fixes from quite a few different contributors. Enjoy!

Deprecations:

... (truncated)

Changelog

Sourced from highlight.js's changelog.

Version 10.4.1 (tentative)

Security

  • (fix) Exponential backtracking fixes for: Josh Goebel
    • cpp
    • handlebars
    • gams
    • perl
    • jboss-cli
    • r
    • erlang-repl
    • powershell
    • routeros
  • (fix) Polynomial backtracking fixes for: Josh Goebel
    • asciidoc
    • reasonml
    • latex
    • kotlin
    • gcode
    • d
    • aspectj
    • moonscript
    • coffeescript/livescript
    • csharp
    • scilab
    • crystal
    • elixir
    • basic
    • ebnf
    • ruby
    • fortran/irpf90
    • livecodeserver
    • yaml
    • x86asm
    • dsconfig
    • markdown
    • ruleslanguage
    • xquery
    • sqf

Very grateful to Michael Schmidt for all the help.

Version 10.4.0

A largish release with many improvements and fixes from quite a few different contributors. Enjoy!

... (truncated)

Commits
  • e96b915 bump 10.4.1
  • 065f65f chore(release) allow release script to handle production releases
  • 68509fc chore(docs) bump SECURITY mention to 9.18.5
  • aa0fb85 chore(docs) Version 9 has reached EOL.
  • fb0a626 enh(ci): Add tests for polynomial regex issues
  • fa46dd1 fix(reasonml) fix poly backtracking issue
  • d496052 fix(latex) fix poly backtracking issue
  • d9f1cdb fix(javascript/typescript) fix poly backtracking issue
  • fdec037 fix(asciidoc) fix poly backtracking issue
  • 02ca487 fix(kotlin) fix poly backtracking issue
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by joshgoebel, a new releaser for highlight.js since your current version.


Updates js-yaml from 3.12.0 to 3.14.1

Changelog

Sourced from js-yaml's changelog.

[3.14.1] - 2020-12-07

Security

  • Fix possible code execution in (already unsafe) .load() (in &anchor).

[3.14.0] - 2020-05-22

Changed

  • Support safe/loadAll(input, options) variant of call.
  • CI: drop outdated nodejs versions.
  • Dev deps bump.

Fixed

  • Quote = in plain scalars #519.
  • Check the node type for !<?> tag in case user manually specifies it.
  • Verify that there are no null-bytes in input.
  • Fix wrong quote position when writing condensed flow, #526.

[3.13.1] - 2019-04-05

Security

  • Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

  • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

  • Fix noArrayIndent option for root level, #468.

[3.12.1] - 2019-01-05

Added

  • Added noArrayIndent option, #432.
Commits
  • 37caaad 3.14.1 released
  • 094c0f7 dist rebuild
  • 9586ebe Avoid calling hasOwnProperty of user-controlled objects
  • 34e5072 3.14.0 released
  • 7b25c83 Browser files rebuild
  • 6f73473 Dev deps bump
  • 0c29349 Travis-CI: drop old nodejs versions
  • 10be97e fix(loader): Add support for safe/loadAll(input, options)
  • d6983dd Fix issue #526: wrong quote position writing condensed flow (#527)
  • 93fbf7d fix issue 526 (wrong quote position writing condensed flow)
  • Additional commits viewable in compare view

Updates lodash from 2.4.2 to 4.17.21

Release notes

Sourced from lodash's releases.

4.0.0

lodash v4.0.0

2015 was big year! Lodash became the most depended on npm package, passed 1 billion downloads, & its v3 release saw massive adoption!

The year was also one of collaboration, as discussions began on merging Lodash & Underscore. Much of Lodash v4 is proofing out the ideas from those discussions. Lodash v4 would not be possible without the collaboration & contributions of the Underscore core team. In the spirit of merging our teams have blended with several members contributing to both libraries.

For 2016 & lodash v4.0.0 we wanted to cut loose, push forward, & take things up a notch!

Modern only

With v4 we’re breaking free from old projects, old environments, & dropping old IE < 9 support!

4 kB Core

Lodash’s kitchen-sink size will continue to grow as new methods & functionality are added. However, we now offer a 4 kB (gzipped) core build that’s compatible with Backbone v1.2.4 for folks who want Lodash without lugging around the kitchen sink.

More ES6

We’ve continued to embrace ES6 with methods like _.isSymbol, added support for cloning & comparing array buffers, maps, sets, & symbols, converting iterators to arrays, & iterable _(…).

In addition, we’ve published an es-build & pulled babel-plugin-lodash into core to make tree-shaking a breeze.

More Modular

Pop quiz! 📣

What category path does the bindAll method belong to? Is it

A) require('lodash/function/bindAll') B) require('lodash/utility/bindAll') C) require('lodash/util/bindAll')

Don’t know? Well, with v4 it doesn’t matter because now module paths are as simple as

var bindAll = require('lodash/bindAll');

We’ve also reduced module complexity making it easier to create smaller bundles. This has helped Lodash adoption with libraries like Async & Redux!

1st Class FP

With v3 we introduced lodash-fp. We learned a lot & with v4 we decided to pull it into core.

Now you can get immutable, auto-curried, iteratee-first, data-last methods as simply as

var _ = require('lodash/fp');
var object = { 'a': 1 };
</tr></table>

... (truncated)

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • d7fbc52 Bump to v4.17.19
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates marked from 0.3.19 to 4.0.10

Release notes

Sourced from marked's releases.

v4.0.10

4.0.10 (2022-01-13)

Bug Fixes

  • security: fix redos vulnerabilities (8f80657)

v4.0.9

4.0.9 (2022-01-06)

Bug Fixes

v4.0.8

4.0.8 (2021-12-19)

Bug Fixes

v4.0.7

4.0.7 (2021-12-09)

Bug Fixes

v4.0.6

4.0.6 (2021-12-02)

Bug Fixes

v4.0.5

4.0.5 (2021-11-25)

Bug Fixes

  • table after paragraph without blank line (#2298) (5714212)

v4.0.4

4.0.4 (2021-11-19)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by tonybrix, a new releaser for marked since your current version.


Updates minimist from 1.2.0 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

  • security notice 4cf1354
  • additional test for constructor prototype pollution 1043d21

v1.2.3 - 2020-03-10

Commits

  • more failing proto pollution tests 13c01a5
  • even more aggressive checks for protocol pollution 38a4d1c

v1.2.2 - 2020-03-10

Commits

v1.2.1 - 2020-03-10

Merged

Commits

Commits

Updates request from 2.88.0 to 2.88.2

Changelog

Sourced from request's changelog.

Change Log

Commits

Updates serve-static from 1.13.2 to 1.16.0

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

New Contributors

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

1.15.0

1.14.2

1.14.1

  • Set stricter CSP header in redirect response
  • deps: [email protected]
    • deps: range-parser@~1.2.1

1.14.0

Changelog

Sourced from serve-static's changelog.

1.16.0 / 2024-09-10

  • Remove link renderization in html while redirecting

1.15.0 / 2022-03-24

1.14.2 / 2021-12-15

1.14.1 / 2019-05-10

  • Set stricter CSP header in redirect response
  • deps: [email protected]
    • deps: range-parser@~1.2.1

1.14.0 / 2019-05-07

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.


Updates uglify-js from 2.8.29 to 3.0.0

Commits

Updates ajv from 6.5.5 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

v6.10.0

Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

v6.9.0

OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

  • dependencies option in to require the presence of keywords in the same schema.

... (truncated)

Commits
  • fe59143 6.12.6
  • d580d3e Merge pull request #1298 from ajv-validator/fix-url
  • fd36389 fix: regular expression for "url" format
  • 490e34c docs: link to v7-beta branch
  • 9cd93a1 docs: note about v7 in readme
  • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
  • f1c8e45 6.12.5
  • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
  • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
  • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
  • Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

... (truncated)

Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates handlebars from 4.0.12 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

Compatibility notes:

  • Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

  • Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

... (truncated)

Commits
  • 8dc3d25 v4.7.8
  • 668c4fb Fix browser tests in CI pipeline
  • c65c6cc Test on Node 18
  • 3d3796c Make library compatible with workers
  • 075b354 Fix sync issue with npm lock-file
  • 30dbf04 Fix compiling of each block params in strict mode
  • e3a5448 Fix bundler issue with webpack 5
  • 8e23642 Fix integration-tests issue with npm >= 7
  • 88ac068 use https instead of git for mustache submodule
  • c68bc08 Fix typo
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.


Updates json-schema from 0.2.3 to 0.4.0

Commits
  • f6f6a3b Use a little more robust method of checking instances
  • ef60987 Update version
  • b62f1da Protect against constructor modification, #84
  • fb427cd Link to json-schema-org repository in addition to site, fixes #54
  • 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
  • c52a27c Get basic test to pass
  • b3f42b3 Add security policy
  • 3b0cec3 Update version
  • c28470f Update readme to acknowledge the state of the package
  • 7dff9cd Merge pull request #81 from hodovani/patch-1
  • Additional commits viewable in compare view

Removes merge

Updates testling from 1.7.1 to 1.7.7

Changelog

Sourced from testling's changelog.

v1.7.7 - 2024-09-26

Commits

  • [Dev Deps] update auto-changelog, tape 33eca43
  • [Deps] update jsonify, object-inspect df687fd
  • [meta] Fix 404 url in package.json e777504

v1.7.6 - 2024-06-21

Commits

v1.7.5 - 2024-02-15

Commits

  • [Deps] update object-inspect, resolve, shell-quote eeba066
  • [Fix] render a &lt;br /&gt; instead of a newline, for IE < 8

@dependabot
Bump the npm_and_yarn group across 1 directory with 21 updates
80f80b5 
Bumps the npm_and_yarn group with 17 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [async](https://github.com/caolan/async) | `0.9.2` | `1.0.0` |
| [bower](https://github.com/bower/bower) | `1.8.4` | `1.8.9` |
| [highlight.js](https://github.com/highlightjs/highlight.js) | `8.9.1` | `10.4.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.12.0` | `3.14.1` |
| [lodash](https://github.com/lodash/lodash) | `2.4.2` | `4.17.21` |
| [marked](https://github.com/markedjs/marked) | `0.3.19` | `4.0.10` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.6` |
| [request](https://github.com/request/request) | `2.88.0` | `2.88.2` |
| [serve-static](https://github.com/expressjs/serve-static) | `1.13.2` | `1.16.0` |
| [uglify-js](https://github.com/mishoo/UglifyJS) | `2.8.29` | `3.0.0` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.12` | `4.7.8` |
| [merge](https://github.com/yeikos/js.merge) | `1.0.0` | `removed` |
| [testling](https://github.com/tape-testing/testling) | `1.7.1` | `1.7.7` |
| [qs](https://github.com/ljharb/qs) | `2.3.3` | `6.13.0` |
| [http-server](https://github.com/http-party/http-server) | `0.7.5` | `14.1.1` |
| [underscore](https://github.com/jashkenas/underscore) | `1.9.1` | `1.13.7` |



Updates `async` from 0.9.2 to 1.0.0
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@0.9.2...1.0.0)

Updates `bower` from 1.8.4 to 1.8.9
- [Release notes](https://github.com/bower/bower/releases)
- [Changelog](https://github.com/bower/bower/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bower/bower/commits)

Updates `highlight.js` from 8.9.1 to 10.4.1
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/main/CHANGES.md)
- [Commits](highlightjs/highlight.js@8.9.1...10.4.1)

Updates `js-yaml` from 3.12.0 to 3.14.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.12.0...3.14.1)

Updates `lodash` from 2.4.2 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@2.4.2...4.17.21)

Updates `marked` from 0.3.19 to 4.0.10
- [Release notes](https://github.com/markedjs/marked/releases)
- [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json)
- [Commits](markedjs/marked@v0.3.19...v4.0.10)

Updates `minimist` from 1.2.0 to 1.2.6
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.0...v1.2.6)

Updates `request` from 2.88.0 to 2.88.2
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Updates `serve-static` from 1.13.2 to 1.16.0
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.13.2...1.16.0)

Updates `uglify-js` from 2.8.29 to 3.0.0
- [Release notes](https://github.com/mishoo/UglifyJS/releases)
- [Commits](mishoo/UglifyJS@v2.8.29...v3.0.0)

Updates `ajv` from 6.5.5 to 6.12.6
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.5.5...v6.12.6)

Updates `browserify-sign` from 4.0.4 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.0.4...v4.2.3)

Updates `handlebars` from 4.0.12 to 4.7.8
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.0.12...v4.7.8)

Updates `json-schema` from 0.2.3 to 0.4.0
- [Commits](kriszyp/json-schema@v0.2.3...v0.4.0)

Removes `merge`

Updates `testling` from 1.7.1 to 1.7.7
- [Changelog](https://github.com/tape-testing/testling/blob/master/CHANGELOG.md)
- [Commits](tape-testing/testling@v1.7.1...v1.7.7)

Updates `qs` from 2.3.3 to 6.13.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v2.3.3...v6.13.0)

Updates `http-server` from 0.7.5 to 14.1.1
- [Release notes](https://github.com/http-party/http-server/releases)
- [Commits](http-party/http-server@v0.7.5...v14.1.1)

Updates `send` from 0.16.2 to 0.18.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.16.2...0.18.0)

Updates `tough-cookie` from 2.4.3 to 2.5.0
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.4.3...v2.5.0)

Updates `underscore` from 1.9.1 to 1.13.7
- [Commits](jashkenas/underscore@1.9.1...1.13.7)

---
updated-dependencies:
- dependency-name: async
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: bower
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: highlight.js
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: marked
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: request
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: uglify-js
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json-schema
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: merge
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: testling
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-server
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: underscore
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants