lets-dev-demo
lets-dev-demo copied to clipboard
yarnpkg
Bumps [debug](https://github.com/debug-js/debug) from 2.6.8 to 2.6.9. Release notes Sourced from debug's releases. 2.6.9 Patches Remove ReDoS regexp in %o formatter: #504 Credits Huge thanks to @zhuangya for their help! Changelog...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [qs](https://github.com/ljharb/qs) from 6.4.0 to 6.4.1. Changelog Sourced from qs's changelog. 6.4.1 [Fix] parse: ignore __proto__ keys (#428) [Fix] fix for an impossible situation: when the formatter is called with...
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 1.7.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...
Bumps [async](https://github.com/caolan/async) from 2.5.0 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...
Bumps [chownr](https://github.com/isaacs/chownr) from 1.0.1 to 1.1.4. Commits 814f642 1.1.4 a0d7ae0 push to github before npm 1a3667a ignore stuff 147eac4 Full tests, handle errors properly in many cases 578fb9f update tap,...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.4 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [merge](https://github.com/yeikos/js.merge) from 1.2.0 to 1.2.1. Commits b31e67f link broken 6ad6035 Fix prototype pollution See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.5.0 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...