Skip to content

build(deps): bump the npm_and_yarn group across 1 directories with 15 updates#34

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-security-group-af118489d9
Open

build(deps): bump the npm_and_yarn group across 1 directories with 15 updates#34
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-security-group-af118489d9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 21, 2024

Bumps the npm_and_yarn group with 15 updates in the /. directory:

Package From To
acorn 8.0.1 8.0.2
@babel/traverse 7.8.4 7.23.9
ajv 6.11.0 6.12.6
browserify-sign 4.0.4 4.2.2
color-string 1.5.3 1.9.1
follow-redirects 1.13.0 1.15.5
ip 1.1.5 1.1.9
json5 1.0.1 1.0.2
lodash 4.17.15 4.17.21
qs 6.5.2 6.5.3
semver 5.7.1 5.7.2
ssri 6.0.1 6.0.2
word-wrap 1.2.3 1.2.5
ws 5.2.2 5.2.3
yargs-parser 13.1.1 13.1.2

Updates acorn from 8.0.1 to 8.0.2

Commits
  • 3af534d Mark version 8.0.2
  • 9e308bb Fix inappropriate regexp tokenizing after anon class/function in for spec
  • e232621 Require options param in parse function types
  • 646b614 Make ecmaVersion option required in the type definition
  • 57b82c4 Add new ecmaVersion values and 'latest' to types
  • c3a335f fix: the sourcemap configuration in the rollup configuration is incorrect
  • 72db835 Mark acorn-walk 8.0.0
  • See full diff in compare view

Updates @babel/traverse from 7.8.4 to 7.23.9

Release notes

Sourced from @​babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

Committers: 4

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.7 (2023-12-29)

🐛 Bug Fix

  • babel-traverse
  • babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

Updates ajv from 6.11.0 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

Commits
  • fe59143 6.12.6
  • d580d3e Merge pull request #1298 from ajv-validator/fix-url
  • fd36389 fix: regular expression for "url" format
  • 490e34c docs: link to v7-beta branch
  • 9cd93a1 docs: note about v7 in readme
  • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
  • f1c8e45 6.12.5
  • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
  • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
  • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
  • Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.2

Changelog

Sourced from browserify-sign's changelog.

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v4.1.0 - 2020-05-05

Merged

Commits
  • 4af5a90 v4.2.2
  • 3aec038 [Dev Deps] update tape
  • 85994cd [Fix] properly check the upper bound for DSA signatures
  • 9ac5a5e [meta] fix package.json indentation
  • dcf49ce [meta] add safe-publish-latest
  • 4418183 [meta] add npmignore and auto-changelog
  • 8767739 [Fix] sign: throw on unsupported padding scheme
  • 5f6fb17 [Tests] log when openssl doesn't support cipher
  • f5f17c2 [Tests] handle openSSL not supporting a scheme
  • d845d85 [Tests] migrate from travis to github actions
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates color-string from 1.5.3 to 1.9.1

Release notes

Sourced from color-string's releases.

1.9.0

Minor Release 1.9.0

  • Add parsing of exponential alpha values for HWB and HSL (#66)

Thanks to @​babycannotsay for their contribution!

1.8.2

Patch release 1.8.2

  • Fix incorrect handling of optional comma in rgb() regex (#65)

Thanks to @​gerdasi and @​mastertheblaster for reporting and confirming the bug!

1.8.1

Patch release 1.8.1

  • Fix rgb alpha percentage parsing from int to float (#61)

Thanks to @​clytras for their contribution!

1.8.0

Minor release 1.8.0

  • Add anchors to keyword regex (#64)

Thanks to @​cq360767996 for their contribution!

1.7.4

Patch Release 1.7.4

  • Fix bug in .to.hex() output if the inputs aren't rounded numbers (#25)

1.7.3

Patch Release 1.7.3

  • Fix hue modulo operation (#50)

Thanks to @​adroitwhiz for their contributions.

1.7.2

Patch Release 1.7.2

  • Fix issue where color-string with incorrectly return a color for properties on Object's prototype like "constructor". (#45)

Thanks to @​tolmasky for their contributions.

1.7.1

Patch release 1.7.1

... (truncated)

Commits

Updates follow-redirects from 1.13.0 to 1.15.5

Commits
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • 3d42aec Add bracket tests.
  • bcbb096 Do not directly set Error properties.
  • 192dbe7 Release version 1.15.3 of the npm package.
  • Additional commits viewable in compare view

Updates ip from 1.1.5 to 1.1.9

Commits

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

Updates lodash from 4.17.15 to 4.17.21

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • d7fbc52 Bump to v4.17.19
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
  • [Fix] correctly parse nested arrays
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
  • [Fix] when parseArrays is false, properly handle keys ending in []
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
  • [Fix] utils.merge: avoid a crash with a null target and an array source
  • [Refactor] utils: reduce observable [[Get]]s
  • [Refactor] use cached Array.isArray
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
  • [Refactor] parse: only need to reassign the var once
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
  • [Docs] Clarify the need for "arrayLimit" option
  • [meta] fix README.md (#399)
  • [meta] add FUNDING.yml
  • [actions] backport actions from main
  • [Tests] always use String(x) over x.toString()
  • [Tests] remove nonexistent tape option
  • [Dev Deps] backport from main
Commits
  • 298bfa5 v6.5.3
  • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
  • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
  • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
  • 12ac1c4 [meta] fix README.md (#399)
  • 0338716 [actions] backport actions from main
  • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
  • 51b8a0b add FUNDING.yml
  • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
  • f814a7f [Dev Deps] backport from main
  • Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates ssri from 6.0.1 to 6.0.2

Changelog

Sourced from ssri's changelog.

6.0.2 (2021-04-07)

Bug Fixes

  • backport regex change from 8.0.1 (b30dfdb), closes #19

Commits
Maintainer changes

This version was pushed to npm by nlf, a new releaser for ssri since your current version.


Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

New Contributors

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

Updates ws from 5.2.2 to 5.2.3

Release notes

Sourced from ws's releases.

5.2.3

Bug fixes

  • Backported 00c425ec to the 5.x release line (76d47c14).
Commits

Updates yargs-parser from 13.1.1 to 13.1.2

Changelog

Sourced from yargs-parser's changelog.

15.0.0 (2019-10-07)

Features

  • rework collect-unknown-options into unknown-options-as-args, providing more comprehensive functionality (ef771ca)

BREAKING CHANGES

  • rework collect-unknown-options into unknown-options-as-args, providing more comprehensive functionality

14.0.0 (2019-09-06)

Bug Fixes

  • boolean arrays with default values (#185) (7d42572)
  • boolean now behaves the same as other array types (#184) (17ca3bd)
  • eatNargs() for 'opt.narg === 0' and boolean typed options (#188) (c5a1db0)
  • maybeCoerceNumber now takes precedence over coerce return value (#182) (2f26436)
  • take into account aliases when appending arrays from config object (#199) (f8a2d3f)

Features

  • add configuration option to "collect-unknown-options" (#181) (7909cc4)
  • maybeCoerceNumber() now takes into account arrays (#187) (31c204b)

BREAKING CHANGES

  • unless "parse-numbers" is set to "false", arrays of numeric strings are now parsed as numbers, rather than strings.
  • we have dropped the broken "defaulted" functionality; we would like to revisit adding this in the future.
  • maybeCoerceNumber now takes precedence over coerce return value (#182)
Commits
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the npm_and_yarn group across 1 directories with 15…
4fe0858 
… updates

Bumps the npm_and_yarn group with 15 updates in the /. directory:

| Package | From | To |
| --- | --- | --- |
| [acorn](https://github.com/acornjs/acorn) | `8.0.1` | `8.0.2` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.8.4` | `7.23.9` |
| [ajv](https://github.com/ajv-validator/ajv) | `6.11.0` | `6.12.6` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.2` |
| [color-string](https://github.com/Qix-/color-string) | `1.5.3` | `1.9.1` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.13.0` | `1.15.5` |
| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` |
| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |
| [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.21` |
| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` |
| [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` |
| [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |
| [ws](https://github.com/websockets/ws) | `5.2.2` | `5.2.3` |
| [yargs-parser](https://github.com/yargs/yargs-parser) | `13.1.1` | `13.1.2` |


Updates `acorn` from 8.0.1 to 8.0.2
- [Commits](acornjs/acorn@8.0.1...8.0.2)

Updates `@babel/traverse` from 7.8.4 to 7.23.9
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse)

Updates `ajv` from 6.11.0 to 6.12.6
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.11.0...v6.12.6)

Updates `browserify-sign` from 4.0.4 to 4.2.2
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.0.4...v4.2.2)

Updates `color-string` from 1.5.3 to 1.9.1
- [Release notes](https://github.com/Qix-/color-string/releases)
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Qix-/color-string/commits/1.9.1)

Updates `follow-redirects` from 1.13.0 to 1.15.5
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.13.0...v1.15.5)

Updates `ip` from 1.1.5 to 1.1.9
- [Commits](indutny/node-ip@v1.1.5...v1.1.9)

Updates `json5` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

Updates `lodash` from 4.17.15 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.15...4.17.21)

Updates `qs` from 6.5.2 to 6.5.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.5.2...v6.5.3)

Updates `semver` from 5.7.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v5.7.2)

Updates `ssri` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](npm/ssri@v6.0.1...v6.0.2)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `ws` from 5.2.2 to 5.2.3
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@5.2.2...5.2.3)

Updates `yargs-parser` from 13.1.1 to 13.1.2
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/main/docs/CHANGELOG-full.md)
- [Commits](https://github.com/yargs/yargs-parser/commits)

---
updated-dependencies:
- dependency-name: acorn
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ajv
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: color-string
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ip
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: lodash
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ssri
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: yargs-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 21, 2024
@dependabot dependabot bot mentioned this pull request Feb 21, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants