bootcamp
bootcamp copied to clipboard
FrontendMasters
Frontend Masters Bootcamp
Bumps [moment](https://github.com/moment/moment) from 2.22.2 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.3 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.15.0 to 1.27.0. Release notes Sourced from prismjs's releases. v1.27.0 Release 1.27.0 v1.26.0 Release 1.26.0 v1.25.0 Release 1.25.0 v1.24.1 Release 1.24.1 v1.24.0 Release 1.24.0 v1.23.0 Release 1.23.0...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.5.8 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.12 to 4.7.7. Changelog Sourced from handlebars's changelog. v4.7.7 - February 15th, 2021 fix weird error in integration tests - eb860c0 fix: check prototype property access in...
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.18 to 0.7.31. Commits 97f3368 Bump version 0.7.31 b86860e Merge pull request #546 from hansott/master 157af1e Merge pull request #547 from sunny-mwx/patch-1 b4cfe1b Merge pull request #535...
This will help with some concerns of security. `npm install` is much like playing Russian Roulette when it comes to CI and project replication. It is better to utilize the...
`npm install` will not validate the package HASH from the `package-lock.json`. Given the open source nature, it is probably better to know what exactly the black box is doing. :)
Bumps [object-path](https://github.com/mariocasciaro/object-path) from 0.11.4 to 0.11.8. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...