ipymaterialui

ipymaterialui copied to clipboard

Bumps [json5](https://github.com/json5/json5) to 2.2.2 and updates ancestor dependencies [json5](https://github.com/json5/json5), [css-loader](https://github.com/webpack-contrib/css-loader), [file-loader](https://github.com/webpack-contrib/file-loader), [style-loader](https://github.com/webpack-contrib/style-loader), [webpack](https://github.com/webpack/webpack) and [webpack-cli](https://github.com/webpack/webpack-cli). These dependencies need to be updated together. Updates `json5` from 2.1.0 to 2.2.2 Release notes...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [loader-utils](https://github.com/webpack/loader-utils) and [loader-utils](https://github.com/webpack/loader-utils). These dependencies needed to be updated together. Updates `loader-utils` from 1.1.0 to 1.4.2 Release notes Sourced from loader-utils's releases. v1.4.2 1.4.2 (2022-11-11) Bug Fixes ReDoS problem...

dependabot[bot]

Bumps [terser](https://github.com/terser/terser) from 4.1.2 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...

dependabot[bot]

Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.6.1 to 1.7.3. Release notes Sourced from shell-quote's releases. v1.7.2 Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2) v1.7.1 Fix $...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.5.5 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.0 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...

dependabot[bot]

Guessing this project has gone dead? Any desire to bring it back to life/forks?

tstordyallison

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]