tachyons-css.github.io

tachyons-css.github.io copied to clipboard

Bumps [debug](https://github.com/debug-js/debug) and [extract-zip](https://github.com/maxogden/extract-zip). These dependencies needed to be updated together. Updates `debug` from 2.6.1 to 2.6.9 Release notes Sourced from debug's releases. 2.6.9 Patches Remove ReDoS regexp in %o...

dependabot[bot]

Bumps [ms](https://github.com/vercel/ms), [debug](https://github.com/debug-js/debug) and [extract-zip](https://github.com/maxogden/extract-zip). These dependencies needed to be updated together. Updates `ms` from 0.7.1 to 2.0.0 Release notes Sourced from ms's releases. 2.0.0 Major Changes Limit str to...

dependabot[bot]

Bumps [express](https://github.com/expressjs/express) from 4.16.2 to 4.17.3. Release notes Sourced from express's releases. 4.17.3 deps: accepts@~1.3.8 deps: mime-types@~2.1.34 deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps:...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs), [qs](https://github.com/ljharb/qs) and [qs](https://github.com/ljharb/qs). These dependencies needed to be updated together. Updates `qs` from 6.3.2 to 6.5.3 Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428)...

dependabot[bot]

Bumps [engine.io](https://github.com/socketio/engine.io) from 1.8.0 to 6.2.1. Release notes Sourced from engine.io's releases. 6.2.1 :warning: This release contains an important security fix :warning: A malicious client could send a specially crafted...

dependabot[bot]

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 2.3.1 to 4.2.1. Release notes Sourced from socket.io-parser's releases. 4.2.1 Bug Fixes check the format of the index of each attachment (b5d0cb7) Links Diff: https://github.com/socketio/socket.io-parser/compare/4.2.0...4.2.1 4.2.0 Features...

dependabot[bot]

Bumps [moment](https://github.com/moment/moment) from 2.19.1 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.12 to 1.0.2. Commits 1bf1c73 Bump version 1.0.2 97f3368 Bump version 0.7.31 b86860e Merge pull request #546 from hansott/master 157af1e Merge pull request #547 from sunny-mwx/patch-1 b4cfe1b...

dependabot[bot]

Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. Commits 523c5c7 2.2.2 7ecef07 Bump fstream to fix hardlink overwriting vulnerability 9fc84b9 Use {} for hardlink tracking instead of [] 15e59f1 Only track previously...

dependabot[bot]

Bumps [xmlhttprequest-ssl](https://github.com/mjwwit/node-XMLHttpRequest) from 1.5.3 to 1.6.3. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]