chive-action
chive-action copied to clipboard
dabutvin
Maintain a NOTICE file based on your package-lock.json using GitHub Actions!
_Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then._ Dependabot has...
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot] avatar"){kind=avatar}
Bumps [yargs](https://github.com/yargs/yargs) from 12.0.5 to 17.0.1. Release notes Sourced from yargs's releases. yargs yargs-v16.2.1 Bug Fixes deno: force release of deno (#1923) (26efe45) Changelog Sourced from yargs's changelog. 17.0.1 (2021-05-03)...
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Critical severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge,...
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.12 to 4.7.7. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in handlebars Versions of handlebars prior to 3.0.8...
Bumps [superagent](https://github.com/visionmedia/superagent) from 4.0.0 to 6.1.0. Release notes Sourced from superagent's releases. v6.1.0 fix: use qs to serialize form data in browser (#1591) aa43b3d Create FUNDING.yml f817806 docs: updated docs,...
@dependabot rebase _Originally posted by @real-love in https://github.com/dabutvin/chive-action/issues/47#issuecomment-569588661_
Bumps [tiny-attribution-generator](https://github.com/amzn/tiny-attribution-generator) from 0.0.6 to 0.1.3. Commits See full diff in compare view [](https://dependabot.com/compatibility-score/?dependency-name=tiny-attribution-generator&package-manager=npm_and_yarn&previous-version=0.0.6&new-version=0.1.3) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [superagent](https://github.com/visionmedia/superagent) from 4.0.0 to 5.0.6. Release notes *Sourced from [superagent's releases](https://github.com/visionmedia/superagent/releases).* > ## v5.0.6 > - feat: bump deps, fixed lint issues a3f75ed > - fix: omit queries that...