bazel_rules_nodejs_contrib

bazel_rules_nodejs_contrib copied to clipboard

Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.5. Commits aeb3e27 1.2.5 278677b 1.2.4 4cf1354 security notice 1043d21 additional test for constructor prototype pollution 6457d74 1.2.3 38a4d1c even more aggressive checks for protocol...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.3. Commits 6457d74 1.2.3 38a4d1c even more aggressive checks for protocol pollution 13c01a5 more failing proto pollution tests f34df07 1.2.2 67d3722 cleanup 63e7ed0 don't assign...

dependabot[bot]

Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. Commits 6370e90 Mark version 5.7.4 fbc15b1 More rigorously check surrogate pairs in regexp validator See full diff in compare view [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot...

dependabot[bot]

Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. Commits 6370e90 Mark version 5.7.4 fbc15b1 More rigorously check surrogate pairs in regexp validator See full diff in compare view [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot...

dependabot[bot]

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. Changelog *Sourced from [handlebars's changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md).* > ## v4.5.3 - November 18th, 2019 > Bugfixes: > > - fix: add "no-prototype-builtins" eslint-rule and fix all...

dependabot[bot]

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3. Changelog *Sourced from [handlebars's changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md).* > ## v4.5.3 - November 18th, 2019 > Bugfixes: > > - fix: add "no-prototype-builtins" eslint-rule and fix all...

dependabot[bot]

Given the following rule, it seems like anything that depends on `my-interface` has to also add the transitive `@npm//lib-used-by-my-interface` dep. Is that expected and is there any way to get...

pward123

Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. Commits - [`523c5c7`](https://github.com/npm/node-tar/commit/523c5c7fef48b10811fccd12b42803c61b6aead8) 2.2.2 - [`7ecef07`](https://github.com/npm/node-tar/commit/7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d) Bump fstream to fix hardlink overwriting vulnerability - [`9fc84b9`](https://github.com/npm/node-tar/commit/9fc84b9c596c3589d4c1ab050843de0eafb002e8) Use {} for hardlink tracking instead of [] -...

dependabot[bot]

Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. Commits - [`754f0c2`](https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9) 1.3.2 - [`90ee1fa`](https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50) ensure keys are valid when mixing in values - See full diff in [compare view](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Maintainer changes This...

dependabot[bot]

Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2. Commits - [`4e1bc07`](https://github.com/mysticatea/eslint-utils/commit/4e1bc077c2a6bb00538d66b69a63c24de3463bed) 1.4.2 - [`e4cb014`](https://github.com/mysticatea/eslint-utils/commit/e4cb01498df6096b66edb0c78965ee6f47d3ac77) 🐛 add null test - [`230a4e2`](https://github.com/mysticatea/eslint-utils/commit/230a4e2275cde169cbfbb95cd2e4de2152fae0a2) 1.4.1 - [`08158db`](https://github.com/mysticatea/eslint-utils/commit/08158db1c98fd71cf0f32ddefbc147e2620e724c) 🐛 fix getStaticValue security issue - [`587cca2`](https://github.com/mysticatea/eslint-utils/commit/587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552) 🐛 fix...

dependabot[bot]