Bump the npm_and_yarn group across 1 directories with 20 updates #10

dependabot · 2024-02-20T19:59:23Z

Bumps the npm_and_yarn group with 13 updates in the /. directory:

Package	From	To
karma	`1.7.1`	`6.3.16`
semver	`5.4.1`	`5.7.2`
semver	`5.3.0`	`5.7.2`
gulp	`3.9.1`	`4.0.2`
debug	`2.6.8`	`2.6.9`
gulp-connect	`4.2.0`	`5.7.0`
mocha	`3.5.3`	`10.3.0`
fsevents	`1.1.2`	`1.2.13`
node-fetch	`1.7.3`	``
prop-types	`15.6.0`	`15.8.1`
react	`15.6.2`	`18.2.0`
react-dom	`15.6.2`	`18.2.0`
postcss	`5.2.18`	`8.4.35`
css-loader	`0.23.1`	`6.10.0`

Updates karma from 1.7.1 to 6.3.16

Release notes

Sourced from karma's releases.

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

remove string template from client code (91d5acd)

warn when singleRun and autoWatch are false (69cfc76)

security: remove XSS vulnerability in returnUrl query param (839578c)

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

deps: bump log4js to resolve security issue (5bf2df3), closes #3751

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

remove depreciation warning from log4js (41bed33)

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

... (truncated)

Changelog

Sourced from karma's changelog.

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

6.3.14 (2022-02-05)

Bug Fixes

remove string template from client code (91d5acd)

warn when singleRun and autoWatch are false (69cfc76)

security: remove XSS vulnerability in returnUrl query param (839578c)

6.3.13 (2022-01-31)

Bug Fixes

deps: bump log4js to resolve security issue (5bf2df3), closes #3751

6.3.12 (2022-01-24)

Bug Fixes

remove depreciation warning from log4js (41bed33)

6.3.11 (2022-01-13)

Bug Fixes

deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

6.3.10 (2022-01-08)

Bug Fixes

logger: create parent folders if they are missing (0d24bd9), closes #3734

... (truncated)

Commits

ab4b328 chore(release): 6.3.16 [skip ci]
ff7edbb fix(security): mitigate the "Open Redirect Vulnerability"
c1befa0 chore(release): 6.3.15 [skip ci]
d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
653c762 ci: prevent duplicate CI tasks on creating a PR
c97e562 chore(release): 6.3.14 [skip ci]
91d5acd fix: remove string template from client code
69cfc76 fix: warn when singleRun and autoWatch are false
839578c fix(security): remove XSS vulnerability in returnUrl query param
db53785 chore(release): 6.3.13 [skip ci]
Additional commits viewable in compare view

Updates semver from 5.4.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
c83c18c 5.7.1
956e228 Correct typo in README
8055dda 5.7.0
604e73d auto-publishing scripts
bed01e2 remove the nomin comments, since we don't minify any more anyway
9cb68f1 document parse method
38d42ca 5.7 changelog
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates semver from 5.3.0 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
c83c18c 5.7.1
956e228 Correct typo in README
8055dda 5.7.0
604e73d auto-publishing scripts
bed01e2 remove the nomin comments, since we don't minify any more anyway
9cb68f1 document parse method
38d42ca 5.7 changelog
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates gulp from 3.9.1 to 4.0.2

Release notes

Sourced from gulp's releases.

v4.0.2

Fix

Bind src/dest/symlink to the gulp instance to support esm exports (5667666) - Ref standard-things/esm#797

Docs

Add notes about esm support (4091bd3) - Closes #2278

Fix the Negative Globs section & examples (3c66d95) - Closes #2297

Remove next tag from recipes (1693a11) - Closes #2277

Add default task wrappers to Watching Files examples to make runnable (d916276) - Closes #2322

Fix syntax error in lastRun API docs (ea52a92) - Closes #2315

Fix typo in Explaining Globs (5d81f42) - Closes #2326

Build

Add node 12 to Travis & Azure (b4b5a68)

v4.0.1

Fix

Temporary workaround for facebook/Docusaurus#257 (9f4a2e9) - Closes facebook/Docusaurus#257

Docs

Fix error in ES2015 usage example (a4e8d48) - Closes #2099 #2100

Add temporary notice for 4.0.0 vs 3.9.1 documentation (126423a) - Closes #2121

Improve recipe for empty glob array (45830cf) - Closes #2122

Reword standard to default (b065a13)

Fix recipe typo (86acdea) - Closes #2156

Add front-matter to each file (d693e49) - Closes #2109

Rename "Getting Started" to "Quick Start" & update it (6a0fa00)

Add "Creating Tasks" documentation (21b6962)

Add "JavaScript and Gulpfiles" documentation (31adf07)

Add "Working with Files" documentation (50fafc6)

Add "Async Completion" documentation (ad8b568)

Add "Explaining Globs" documentation (f8cafa0)

Add "Using Plugins" documentation (233c3f9)

Add "Watching Files" documentation (f3f2d9f)

Add Table of Contents to "Getting Started" directory (a43caf2)

Improve & fix parts of Getting Started (84b0234)

Create and link-to a "docs missing" page for LINK_NEEDED references (2bd75d0)

Redirect users to new Getting Started guides (53e9727)

Temporarily reference gulp@next in Quick Start (2cecf1e)

Fixed a capitalization typo in a heading (3d051d8) - Closes #2242

Use h2 headers within Quick Start documentation (921312c) - Closes #2241

Fix for nested directories references (4c2b9a7)

Add some more cleanup for Docusaurus (6a8fd8f)

Temporarily point LINK_NEEDED references to documentation-missing.md (df7cdcb)

API documentation improvements based on feedback (0a68710)

... (truncated)

Changelog

Sourced from gulp's changelog.

gulp changelog

4.0.0

Task system changes

replaced 3.x task system (orchestrator) with new task system (bach)

removed gulp.reset

removed 3 argument syntax for gulp.task

gulp.task should only be used when you will call the task with the CLI

added gulp.series and gulp.parallel methods for composing tasks. Everything must use these now.

added single argument syntax for gulp.task which allows a named function to be used as the name of the task and task function.

added gulp.tree method for retrieving the task tree. Pass { deep: true } for an archy compatible node list.

added gulp.registry for setting custom registries.

CLI changes

split CLI out into a module if you want to save bandwidth/disk space. you can install the gulp CLI using either npm install gulp -g or npm install gulp-cli -g, where gulp-cli is the smaller one (no module code included)

add --tasks-json flag to CLI to dump the whole tree out for other tools to consume

added --verify flag to check the dependencies in package.json against the plugin blacklist.

vinyl/vinyl-fs changes

added gulp.symlink which functions exactly like gulp.dest, but symlinks instead.

added dirMode param to gulp.dest and gulp.symlink which allows better control over the mode of the destination folder that is created.

globs passed to gulp.src will be evaluated in order, which means this is possible gulp.src(['*.js', '!b*.js', 'bad.js']) (exclude every JS file that starts with a b except bad.js)

performance for gulp.src has improved massively

gulp.src(['**/*', '!b.js']) will no longer eat CPU since negations happen during walking now

added since option to gulp.src which lets you only match files that have been modified since a certain date (for incremental builds)

fixed gulp.src not following symlinks

added overwrite option to gulp.dest which allows you to enable or disable overwriting of existing files

Commits

069350a Release: 4.0.2
b4b5a68 Build: Add node 12 to Travis & Azure
5667666 Fix: Bind src/dest/symlink to the gulp instance to support esm exports (ref s...
4091bd3 Docs: Add notes about esm support (closes #2278)
3c66d95 Docs: Fix the Negative Globs section & examples (closes #2297)
1693a11 Docs: Remove next tag from recipes (closes #2277)
d916276 Docs: Add default task wrappers to Watching Files examples to make runnable (...
ea52a92 Docs: Fix syntax error in lastRun API docs (closes #2315)
5d81f42 Docs: Fix typo in Explaining Globs (#2326)
ea3bba4 Release: 4.0.1
Additional commits viewable in compare view

Updates debug from 2.6.8 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @zhuangya for their help!

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

remove ReDoS regexp in %o formatter (#504)

Commits

13abeae Release 2.6.9
f53962e remove ReDoS regexp in %o formatter (#504)
See full diff in compare view

Updates gulp-connect from 4.2.0 to 5.7.0

Release notes

Sourced from gulp-connect's releases.

5.7.0

No release notes provided.

5.6.1

No release notes provided.

5.6.0

Update dependencies

5.5.0

No release notes provided.

5.4.0

No release notes provided.

5.2.0

No release notes provided.

5.1.0

No release notes provided.

v5.0.0

Test

Commits

e3210c5 Update package.json
8a2bcbb Merge pull request #261 from dbemiller/master
0718031 Replaced event-stream with map-stream.
6274d62 Add support for pfx keys when using https as an object (#218)
aa10ee3 5.6.1
a80e3e5 Merge pull request #257 from rejas/update_dependencies
c6034b8 Cleanup test file
edcfba8 Update ansi-colors package
429068d Only test supported node versions
2055d29 Undo typescript update to avoid breaking tests
Additional commits viewable in compare view

Updates mocha from 3.5.3 to 10.3.0

Release notes

Sourced from mocha's releases.

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

Fix deprecated warn gh actions by @outsideris in mochajs/mocha#4962

fix #4837 Update glob due to vulnerability in dep by @jb2311 in mochajs/mocha#4970

Add Node v19 to test matrix by @juergba in mochajs/mocha#4974

chore: fix the ci by @Uzlopak in mochajs/mocha#5020

update can-i-use by @Uzlopak in mochajs/mocha#5021

chore: remove uuid dev dependency by @Uzlopak in mochajs/mocha#5022

chore: remove nanoid as dependency by @Uzlopak in mochajs/mocha#5024

chore: remove touch as dev dependency by @Uzlopak in mochajs/mocha#5023

chore: remove stale workflow by @JoshuaKGoldberg in mochajs/mocha#5029

docs: fix fragment ID for yargs' "extends" documentation by @Spencer-Doak in mochajs/mocha#4918

docs: use mocha.js instead of mocha in the example run by @nikolas in mochajs/mocha#4927

docs: fix jsdoc return type of titlePath method by @F3n67u in mochajs/mocha#4886

docs: overhaul contributing and maintenance docs for end-of-year 2023 by @JoshuaKGoldberg in mochajs/mocha#5038

docs: touchups to labels and a template title post-revamp by @JoshuaKGoldberg in mochajs/mocha#5050

fix: add alt text to Built with Netlify badge by @JoshuaKGoldberg in mochajs/mocha#5068

chore: inline nyan reporter's write function by @JoshuaKGoldberg in mochajs/mocha#5056

chore: remove unnecessary canvas dependency by @JoshuaKGoldberg in mochajs/mocha#5069

New Contributors

@jb2311 made their first contribution in mochajs/mocha#4970

@Uzlopak made their first contribution in mochajs/mocha#5020

@Spencer-Doak made their first contribution in mochajs/mocha#4918

@nikolas made their first contribution in mochajs/mocha#4927

@F3n67u made their first contribution in mochajs/mocha#4886

Full Changelog: mochajs/mocha@v10.2.0...v10.3.0

v10.3.0-preminor.0

A test release tagged with next on npm, to test that we can do releases at all. See #5081 for context.

What's Changed

Fix deprecated warn gh actions by @outsideris in mochajs/mocha#4962

fix #4837 Update glob due to vulnerability in dep by @jb2311 in mochajs/mocha#4970

Add Node v19 to test matrix by @juergba in mochajs/mocha#4974

chore: fix the ci by @Uzlopak in mochajs/mocha#5020

update can-i-use by @Uzlopak in mochajs/mocha#5021

chore: remove uuid dev dependency by @Uzlopak in mochajs/mocha#5022

chore: remove nanoid as dependency by @Uzlopak in mochajs/mocha#5024

chore: remove touch as dev dependency by @Uzlopak in mochajs/mocha#5023

chore: remove stale workflow by @JoshuaKGoldberg in mochajs/mocha#5029

docs: fix fragment ID for yargs' "extends" documentation by @Spencer-Doak in mochajs/mocha#4918

docs: use mocha.js instead of mocha in the example run by @nikolas in mochajs/mocha#4927

docs: fix jsdoc return type of titlePath method by @F3n67u in mochajs/mocha#4886

docs: overhaul contributing and maintenance docs for end-of-year 2023 by @JoshuaKGoldberg in mochajs/mocha#5038

... (truncated)

Changelog

Sourced from mocha's changelog.

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

🔩 Other

#5069: chore: remove unnecessary canvas dependency (@JoshuaKGoldberg)

#5068: fix: add alt text to Built with Netlify badge (@JoshuaKGoldberg)

#5056: chore: inline nyan reporter's write function (@JoshuaKGoldberg)

#5050: docs: touchups to labels and a template title post-revamp (@JoshuaKGoldberg)

#5038: docs: overhaul contributing and maintenance docs for end-of-year 2023 (@JoshuaKGoldberg)

#5029: chore: remove stale workflow (@JoshuaKGoldberg)

#5024: chore: remove nanoid as dependency (@Uzlopak)

#5023: chore: remove touch as dev dependency (@Uzlopak)

#5022: chore: remove uuid dev dependency (@Uzlopak)

#5021: update can-i-use (@Uzlopak)

#5020: chore: fix the ci (@Uzlopak)

#4974: Add Node v19 to test matrix (@juergba)

#4970: fix #4837 Update glob due to vulnerability in dep (@jb2311)

#4962: Fix deprecated warn gh actions (@outsideris)

#4927: docs: use mocha.js instead of mocha in the example run (@nikolas)

#4918: docs: fix fragment ID for yargs' "extends" documentation (@Spencer-Doak)

#4886: docs: fix jsdoc return type of titlePath method (@F3n67u)

10.2.0 / 2022-12-11

🎉 Enhancements

#4945: API: add possibility to decorate ESM name before import (@j0tunn)

🐛 Fixes

#4946: Browser: color of failed test icon (@kleisauke)

📖 Documentation

#4944: Remove duplicated header (@PauloGoncalvesBH)

10.1.0 / 2022-10-16

🎉 Enhancements

#4896: Browser: add support for prefers-color-scheme: dark (@greggman)

🔩 Other

... (truncated)

Commits

a886829 chore: fix link in pull request template (#5091)
53a4baf chore: remove unnecessary canvas dependency (#5069)
1ebff45 chore: inline nyan reporter's write function (#5056)
8812413 fix: add alt text to Built with Netlify badge (#5068)
645469e docs: touchups to labels and a template title post-revamp (#5050)
9f99178 docs: overhaul contributing and maintenance docs for end-of-year 2023 (#5038)
eca4fec docs: fix return jsdoc type of titlePath (#4886)
060f77d docs: use mocha.js instead of mocha in the example run (#4927)
4b60c1a docs: fix fragment ID for yargs.js extends docs (#4918)
b41e985 chore: remove stale workflow (#5029)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by joshuakgoldberg, a new releaser for mocha since your current version.

Updates ms from 0.7.1 to 2.0.0

Release notes

Sourced from ms's releases.

2.0.0

Major Changes

Limit str to 100 to avoid ReDoS of 0.3s: #89

Patches

Ignored logs coming from npm: b1eaab752203e978492a4d540a7ae1d26e6306b1

Bumped dependencies to the latest version: bcf57157678fd5afc691383145a35e116f9704d0

Invalidated cache for slack badge: 94b995c1d6d5d13ec976a0c6849a3cca9b277e6b

Credits

Huge thanks to @karenyavine for their help!

1.0.0

Major Changes

Removed component specification: 1fbbe974cdcad96e592dcb65a7b2a8649f690420

Patches

Test on LTS version of Node: c9b1fd319f0f9198d85ecf4ba83e46cc1216be04

Removed XO: 94068ea6d518387670df277f740b1abada80ed48

Use prettier and eslint: 57b3ef8e3423cae6254f94c5564a11b4492cff43

Badge for XO removed: 389840b329436117741b2ef13a172725082695b9

Removed browser testing: e818c3581aca3119c00d81901bfe8fe653bcfda4

More suitable name for file containing tests: ee91f307a8dc3581ebdad614ec0533ddb3d8bf56

0.7.3

Patches

Mark "options" param as optional in jsdoc: #77

Lowercased text files: 5f0653ab192a30301aed8668b4588a87975b41ab

Pinned dependencies: 126d7f094a1836b991c8d0abfeb4d0ce09ac280f

Chore(package): update serve to version 5.0.1: #81

Credits

Huge thanks to @Jokero for their help!

0.7.2

Patches 💅

Added license field to package.json file: zeit/ms#42

Renamed long and short (reserved keywords): zeit/ms#53

Capitalized important files: b2d9f9d

Specified version numbers for devDependencies in package.json: abd3616

Updated license file to the latest version: 5d53ae8

Only upload important files to npm, instead of excluding certain ones: 2b2f02a

Adjusted name of repository in package.json: e84f95d

... (truncated)

Commits

9b88d15 2.0.0
94b995c Invalidated cache for slack badge
bcf5715 Bumped dependencies to the latest version
b1eaab7 Ignored logs coming from npm
caae298 Limit str to 100 to avoid ReDoS of 0.3s (#89)
b83b36d chore(package): update eslint to version 3.19.0 (#88)
3f2a4d7 chore(package): update husky to version 0.13.3 (#86)
7daf984 1.0.0
ee91f30 More suitable name for file containing tests
e818c35 Removed browser testing
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by leo, a new releaser for ms since your current version.

Updates engine.io from 1.8.3 to 6.5.4

Release notes

Sourced from engine.io's releases.

6.5.4

This release contains some minor changes which should improve the memory usage of the server, notably this.

Links

Diff: socketio/engine.io@6.5.3...6.5.4

Client release: -

ws version: ~8.11.0 (no change)

6.5.3

Bug Fixes

improve compatibility with node16 module resolution (#689) (c6bf8c0)

webtransport: properly handle abruptly closed connections (ff1c861)

Links

Diff: socketio/engine.io@6.5.2...6.5.3

Client release: -

ws version: ~8.11.0 (no change)

6.5.2

Bug Fixes

webtransport: add proper framing (a306db0)

Links

Diff: socketio/engine.io@6.5.1...6.5.2

Client release: -

ws version: ~8.11.0 (no change)

6.5.1

Bug Fixes

prevent crash when accessing TextDecoder (#684) (6dd2bc4)

Credits

Huge thanks to @iowaguy for helping!

Links

... (truncated)

Changelog

Sourced from engine.io's changelog.

6.5.4 (2023-11-09)

This release contains some minor changes which should improve the memory usage of the server, notably this.

Dependencies

ws@~8.11.0 (no change)

6.5.3 (2023-10-06)

Bug Fixes

improve compatibility with node16 module resolution (#689) (c6bf8c0)

webtransport: properly handle abruptly closed connections (ff1c861)

Dependencies

ws@~8.11.0 (no change)

6.5.2 (2023-08-01)

Bug Fixes

webtransport: add proper framing (a306db0)

Dependencies

ws@~8.11.0 (no change)

6.5.1 (2023-06-27)

Bug Fixes

prevent crash when accessing TextDecoder (#684) (6dd2bc4)

Credits

... (truncated)

Commits

ff0fbfb chore(release): 6.5.4
09acb17 ci: add Node.js 20 in the test matrix
39937f8 refactor: minor cleanups
43c1c1c refactor: simplify code
3b5e79e refactor: remove useless references
f27a6c3 refactor: remove useless reference
2da559a chore(release): 6.5.3
9545b44 refactor: add cache-control header in the polling response
ff1c861 fix(webtransport): properly handle abruptly closed connections
c6bf8c0 fix: improve compatibility with node16 module resolution (#689)
Additional commits viewable in compare view

Updates fsevents from 1.1.2 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

v1.2.3

Added node v10 for pre-built binaries

C++ tuning to fix potential SIGILL and cyclic dependency (#204)

v1.2.2

Fixed node-pre-gyp bundling issue

v1.2.1

[unpublished because of errors during publish process]

v1.2.0

BREAKING: End support for Node v0.12. If you are using Node v0.12 please pin your fsevents dependencies to v1.1.3. Not bumping semver major for this release was a compromise solution discussed in #199 and #201.

Node v0.10 should continue to work with local compilation for now, but hosted pre-built binaries will no longer be provided. If this is a constraint for you, please pin to an earlier version.

Fixed security vulnerability warnings by updating node-pre-gyp to ^0.9.0

Compatibility updates for nan v2.9.0

v1.1.3

Added node v9 for pre-built binaries

Fixed bug related to using --no-bin-links option on install

Updated node-pre-gyp to latest version (0.6.39)

Commits

844a05d Version Bump
f393f2a Only build fsevents on macOS (#322)
6a281a7 [publish binary]
acc2bce [publish binary]
f532b6e [publish binary]
4c6a1c0 Add node 13 to travis matrix.
92e40aa Release 1.2.12.

Bumps the npm_and_yarn group with 13 updates in the /. directory: | Package | From | To | | --- | --- | --- | | [karma](https://github.com/karma-runner/karma) | `1.7.1` | `6.3.16` | | [semver](https://github.com/npm/node-semver) | `5.4.1` | `5.7.2` | | [semver](https://github.com/npm/node-semver) | `5.3.0` | `5.7.2` | | [gulp](https://github.com/gulpjs/gulp) | `3.9.1` | `4.0.2` | | [debug](https://github.com/debug-js/debug) | `2.6.8` | `2.6.9` | | [gulp-connect](https://github.com/avevlad/gulp-connect) | `4.2.0` | `5.7.0` | | [mocha](https://github.com/mochajs/mocha) | `3.5.3` | `10.3.0` | | [fsevents](https://github.com/fsevents/fsevents) | `1.1.2` | `1.2.13` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `1.7.3` | `` | | [prop-types](https://github.com/facebook/prop-types) | `15.6.0` | `15.8.1` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `15.6.2` | `18.2.0` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `15.6.2` | `18.2.0` | | [postcss](https://github.com/postcss/postcss) | `5.2.18` | `8.4.35` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.23.1` | `6.10.0` | Updates `karma` from 1.7.1 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@1.7.1...v6.3.16) Updates `semver` from 5.4.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.4.1...v5.7.2) Updates `semver` from 5.3.0 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.4.1...v5.7.2) Updates `gulp` from 3.9.1 to 4.0.2 - [Release notes](https://github.com/gulpjs/gulp/releases) - [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md) - [Commits](gulpjs/gulp@v3.9.1...v4.0.2) Updates `debug` from 2.6.8 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.8...2.6.9) Updates `gulp-connect` from 4.2.0 to 5.7.0 - [Release notes](https://github.com/avevlad/gulp-connect/releases) - [Commits](avevlad/gulp-connect@v4.2.0...5.7.0) Updates `mocha` from 3.5.3 to 10.3.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v3.5.3...v10.3.0) Updates `ms` from 0.7.1 to 2.0.0 - [Release notes](https://github.com/vercel/ms/releases) - [Commits](vercel/ms@0.7.1...2.0.0) Updates `engine.io` from 1.8.3 to 6.5.4 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@1.8.3...6.5.4) Updates `fsevents` from 1.1.2 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.2...v1.2.13) Updates `minimatch` from 0.2.14 to 3.0.4 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v0.2.14...v3.0.4) Updates `qs` from 4.0.0 to 6.4.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v4.0.0...v6.4.0) Updates `lodash` from 1.0.2 to 3.10.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@1.0.2...3.10.1) Removes `node-fetch` Updates `prop-types` from 15.6.0 to 15.8.1 - [Changelog](https://github.com/facebook/prop-types/blob/main/CHANGELOG.md) - [Commits](facebook/prop-types@v15.6.0...v15.8.1) Updates `react` from 15.6.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react) Updates `react-dom` from 15.6.2 to 18.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v18.2.0/packages/react-dom) Updates `postcss` from 5.2.18 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/commits/8.4.35) Updates `css-loader` from 0.23.1 to 6.10.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/css-loader@v0.23.1...v6.10.0) Updates `socket.io-parser` from 2.3.1 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@2.3.1...4.2.4) Updates `ua-parser-js` from 0.7.17 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.17...0.7.37) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gulp dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: debug dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gulp-connect dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: ms dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: prop-types dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: react dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: react-dom dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Feb 20, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directories with 20 updates #10

Bump the npm_and_yarn group across 1 directories with 20 updates #10

dependabot bot commented on behalf of github Feb 20, 2024

Bump the npm_and_yarn group across 1 directories with 20 updates #10

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directories with 20 updates #10

Conversation

dependabot bot commented on behalf of github Feb 20, 2024

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

6.3.16 (2022-02-10)

Bug Fixes

6.3.15 (2022-02-05)

Bug Fixes

6.3.14 (2022-02-05)

Bug Fixes

6.3.13 (2022-01-31)

Bug Fixes

6.3.12 (2022-01-24)

Bug Fixes

6.3.11 (2022-01-13)

Bug Fixes

6.3.10 (2022-01-08)

Bug Fixes

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

v4.0.2

Fix

Docs

Build

v4.0.1

Fix

Docs

gulp changelog

4.0.0

Task system changes

CLI changes

vinyl/vinyl-fs changes

2.6.9

Patches

Credits

2.6.9 / 2017-09-22

5.7.0