dependabot[bot]
|
9f2deb3b66
|
build(deps): bump semver from 5.5.0 to 5.7.2
Bumps [semver](https://github.com/npm/node-semver) from 5.5.0 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v5.5.0...v5.7.2)
---
updated-dependencies:
- dependency-name: semver
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-07-11 09:54:12 +00:00 |
|
Martijn de Boer
|
65d2f6eea1
|
Merge pull request #67 from martijndeb/dependabot/npm_and_yarn/vm2-3.9.15
build(deps): bump vm2 from 3.9.11 to 3.9.15
|
2023-04-07 22:47:04 +02:00 |
|
dependabot[bot]
|
4ba2b17705
|
build(deps): bump vm2 from 3.9.11 to 3.9.15
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.11 to 3.9.15.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.11...3.9.15)
---
updated-dependencies:
- dependency-name: vm2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-04-07 20:46:04 +00:00 |
|
Martijn de Boer
|
cd11f306f7
|
Merge pull request #66 from martijndeb/dependabot/npm_and_yarn/minimist-and-mkdirp-1.2.8
build(deps): bump minimist and mkdirp
|
2023-03-31 13:08:03 +02:00 |
|
dependabot[bot]
|
76d3dbc617
|
build(deps): bump minimist and mkdirp
Bumps [minimist](https://github.com/minimistjs/minimist) and [mkdirp](https://github.com/isaacs/node-mkdirp). These dependencies needed to be updated together.
Updates `minimist` from 0.0.8 to 1.2.8
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](https://github.com/minimistjs/minimist/compare/v0.0.8...v1.2.8)
Updates `mkdirp` from 0.5.1 to 0.5.6
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/compare/0.5.1...v0.5.6)
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
- dependency-name: mkdirp
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-03-01 12:57:06 +00:00 |
|
Martijn de Boer
|
0bc45df7d5
|
Merge pull request #65 from sexybiggetje/dependabot/npm_and_yarn/snyk-1.1064.0
build(deps): bump snyk from 1.685.0 to 1.1064.0
|
2023-01-09 20:32:44 +01:00 |
|
dependabot[bot]
|
363dcc0dfe
|
build(deps): bump snyk from 1.685.0 to 1.1064.0
Bumps [snyk](https://github.com/snyk/snyk) from 1.685.0 to 1.1064.0.
- [Release notes](https://github.com/snyk/snyk/releases)
- [Commits](https://github.com/snyk/snyk/compare/v1.685.0...v1.1064.0)
---
updated-dependencies:
- dependency-name: snyk
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-01-09 19:30:24 +00:00 |
|
Martijn de Boer
|
c1b5800c5b
|
Merge pull request #64 from sexybiggetje/dependabot/npm_and_yarn/json5-2.2.3
build(deps): bump json5 from 2.2.1 to 2.2.3
|
2023-01-09 20:28:47 +01:00 |
|
dependabot[bot]
|
0aa205710c
|
build(deps): bump json5 from 2.2.1 to 2.2.3
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.1...v2.2.3)
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-01-09 19:27:31 +00:00 |
|
Martijn de Boer
|
3965d96679
|
Merge pull request #63 from sexybiggetje/dependabot/npm_and_yarn/qs-6.11.0
build(deps): bump qs from 6.5.2 to 6.11.0
|
2022-12-07 18:43:37 +01:00 |
|
dependabot[bot]
|
6506910062
|
build(deps): bump qs from 6.5.2 to 6.11.0
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.11.0.
- [Release notes](https://github.com/ljharb/qs/releases)
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.5.2...v6.11.0)
---
updated-dependencies:
- dependency-name: qs
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-07 17:42:24 +00:00 |
|
Martijn de Boer
|
c0ec9f6656
|
Merge pull request #62 from sexybiggetje/dependabot/npm_and_yarn/acorn-5.7.4
build(deps): bump acorn from 5.7.1 to 5.7.4
|
2022-12-03 18:06:38 +01:00 |
|
Martijn de Boer
|
9d76922e17
|
Merge pull request #61 from sexybiggetje/dependabot/npm_and_yarn/mixme-and-stream-transform-0.5.4
build(deps): bump mixme and stream-transform
|
2022-12-03 18:06:26 +01:00 |
|
dependabot[bot]
|
02fe219f7b
|
build(deps): bump acorn from 5.7.1 to 5.7.4
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.1 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/5.7.1...5.7.4)
---
updated-dependencies:
- dependency-name: acorn
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-03 17:05:38 +00:00 |
|
dependabot[bot]
|
692cc75672
|
build(deps): bump mixme and stream-transform
Bumps [mixme](https://github.com/adaltas/node-mixme) and [stream-transform](https://github.com/adaltas/node-csv/tree/HEAD/packages/stream-transform). These dependencies needed to be updated together.
Updates `mixme` from 0.4.0 to 0.5.4
- [Release notes](https://github.com/adaltas/node-mixme/releases)
- [Changelog](https://github.com/adaltas/node-mixme/blob/master/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-mixme/compare/v0.4.0...v0.5.4)
Updates `stream-transform` from 2.0.4 to 2.1.3
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/stream-transform/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/stream-transform@2.1.3/packages/stream-transform)
---
updated-dependencies:
- dependency-name: mixme
dependency-type: indirect
- dependency-name: stream-transform
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-03 17:05:31 +00:00 |
|
Martijn de Boer
|
2b7aae755c
|
Merge pull request #59 from sexybiggetje/dependabot/npm_and_yarn/jsdom-and-jest--removed
build(deps): bump jsdom and jest
|
2022-12-03 18:04:53 +01:00 |
|
Martijn de Boer
|
ee7bb079c3
|
Merge pull request #58 from sexybiggetje/dependabot/npm_and_yarn/json-schema-and-jsprim-0.4.0
build(deps): bump json-schema and jsprim
|
2022-12-03 18:04:46 +01:00 |
|
Martijn de Boer
|
a7453048eb
|
Merge pull request #51 from sexybiggetje/dependabot/npm_and_yarn/vm2-3.9.11
build(deps): bump vm2 from 3.9.6 to 3.9.11
|
2022-12-03 18:03:49 +01:00 |
|
Martijn de Boer
|
7e3b0a423d
|
Merge pull request #50 from sexybiggetje/snyk-fix-aa430ddc1b0a8e942dc399c4a11a7211
[Snyk] Security upgrade vm2 from 3.9.6 to 3.9.11
|
2022-12-03 18:03:40 +01:00 |
|
dependabot[bot]
|
be299bf814
|
build(deps): bump jsdom and jest
Removes [jsdom](https://github.com/jsdom/jsdom). It's no longer used after updating ancestor dependency [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest). These dependencies need to be updated together.
Removes `jsdom`
Updates `jest` from 24.8.0 to 29.3.1
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v29.3.1/packages/jest)
---
updated-dependencies:
- dependency-name: jsdom
dependency-type: indirect
- dependency-name: jest
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-03 17:01:40 +00:00 |
|
Martijn de Boer
|
2b15b5daab
|
Merge pull request #56 from sexybiggetje/dependabot/npm_and_yarn/minimatch-3.1.2
build(deps): bump minimatch from 3.0.4 to 3.1.2
|
2022-12-03 18:00:19 +01:00 |
|
dependabot[bot]
|
8cedaf348b
|
build(deps): bump json-schema and jsprim
Bumps [json-schema](https://github.com/kriszyp/json-schema) and [jsprim](https://github.com/joyent/node-jsprim). These dependencies needed to be updated together.
Updates `json-schema` from 0.2.3 to 0.4.0
- [Release notes](https://github.com/kriszyp/json-schema/releases)
- [Commits](https://github.com/kriszyp/json-schema/compare/v0.2.3...v0.4.0)
Updates `jsprim` from 1.4.1 to 1.4.2
- [Release notes](https://github.com/joyent/node-jsprim/releases)
- [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md)
- [Commits](https://github.com/joyent/node-jsprim/compare/v1.4.1...v1.4.2)
---
updated-dependencies:
- dependency-name: json-schema
dependency-type: indirect
- dependency-name: jsprim
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-03 16:59:54 +00:00 |
|
dependabot[bot]
|
b82fdf6c94
|
build(deps): bump minimatch from 3.0.4 to 3.1.2
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)
---
updated-dependencies:
- dependency-name: minimatch
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-03 16:59:28 +00:00 |
|
Martijn de Boer
|
f8a89d9f23
|
Merge pull request #55 from sexybiggetje/dependabot/npm_and_yarn/decode-uri-component-0.2.2
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2
|
2022-12-03 17:58:55 +01:00 |
|
dependabot[bot]
|
02cce28357
|
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)
---
updated-dependencies:
- dependency-name: decode-uri-component
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-12-02 06:18:17 +00:00 |
|
dependabot[bot]
|
67bd6fcb8d
|
build(deps): bump vm2 from 3.9.6 to 3.9.11
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.6 to 3.9.11.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.6...3.9.11)
---
updated-dependencies:
- dependency-name: vm2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-09-28 13:39:03 +00:00 |
|
snyk-bot
|
14da17d8dc
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VM2-3018201
|
2022-09-08 05:43:10 +00:00 |
|
Martijn de Boer
|
435a0cfdef
|
Merge pull request #49 from sexybiggetje/dependabot/npm_and_yarn/moment-2.29.4
build(deps): bump moment from 2.29.2 to 2.29.4
|
2022-07-18 16:07:40 +02:00 |
|
dependabot[bot]
|
37a0b40829
|
build(deps): bump moment from 2.29.2 to 2.29.4
Bumps [moment](https://github.com/moment/moment) from 2.29.2 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.2...2.29.4)
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-07-15 07:47:50 +00:00 |
|
Martijn de Boer
|
bfb0b700b5
|
Merge pull request #36 from sexybiggetje/dependabot/npm_and_yarn/ws-5.2.3
Bump ws from 5.2.2 to 5.2.3
|
2022-07-15 09:47:14 +02:00 |
|
Martijn de Boer
|
a071f0d7cf
|
Merge pull request #48 from sexybiggetje/dependabot/npm_and_yarn/jpeg-js-0.4.4
build(deps): bump jpeg-js from 0.4.0 to 0.4.4
|
2022-06-17 13:43:12 +02:00 |
|
dependabot[bot]
|
9dbb4b06fc
|
build(deps): bump jpeg-js from 0.4.0 to 0.4.4
Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.0 to 0.4.4.
- [Release notes](https://github.com/eugeneware/jpeg-js/releases)
- [Commits](https://github.com/eugeneware/jpeg-js/compare/v0.4.0...v0.4.4)
---
updated-dependencies:
- dependency-name: jpeg-js
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-17 01:45:22 +00:00 |
|
Martijn de Boer
|
492dc3b301
|
Merge pull request #47 from sexybiggetje/dependabot/npm_and_yarn/moment-2.29.2
build(deps): bump moment from 2.29.1 to 2.29.2
|
2022-04-09 10:29:09 +02:00 |
|
dependabot[bot]
|
5b5baa4f67
|
build(deps): bump moment from 2.29.1 to 2.29.2
Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.1...2.29.2)
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-04-08 23:56:04 +00:00 |
|
Martijn de Boer
|
fc672e7d72
|
Merge pull request #45 from sexybiggetje/snyk-fix-43d641e097bd923dc0cf57aa46683e48
[Snyk] Security upgrade vm2 from 3.9.4 to 3.9.6
|
2022-02-22 14:10:55 +01:00 |
|
Martijn de Boer
|
4acf85604f
|
Merge pull request #46 from sexybiggetje/dependabot/npm_and_yarn/vm2-3.9.6
build(deps): bump vm2 from 3.9.4 to 3.9.6
|
2022-02-22 14:10:25 +01:00 |
|
dependabot[bot]
|
9934d0f1be
|
build(deps): bump vm2 from 3.9.4 to 3.9.6
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.4 to 3.9.6.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.4...3.9.6)
---
updated-dependencies:
- dependency-name: vm2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-02-15 00:46:13 +00:00 |
|
snyk-bot
|
fd818b2b33
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VM2-2309905
|
2022-02-10 16:17:28 +00:00 |
|
Martijn de Boer
|
f1a7955bc0
|
Merge pull request #31 from sexybiggetje/dependabot/npm_and_yarn/handlebars-4.7.7
Bump handlebars from 4.5.3 to 4.7.7
|
2021-10-21 11:10:53 +02:00 |
|
Martijn de Boer
|
537fcf8f9d
|
Merge pull request #33 from sexybiggetje/dependabot/npm_and_yarn/hosted-git-info-2.8.9
Bump hosted-git-info from 2.7.1 to 2.8.9
|
2021-10-21 11:10:38 +02:00 |
|
Martijn de Boer
|
684a62eab0
|
Merge pull request #32 from sexybiggetje/dependabot/npm_and_yarn/lodash-4.17.21
Bump lodash from 4.17.19 to 4.17.21
|
2021-10-21 11:10:25 +02:00 |
|
dependabot[bot]
|
3ea42ed46c
|
Bump handlebars from 4.5.3 to 4.7.7
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:10:18 +00:00 |
|
Martijn de Boer
|
6f7183f9f7
|
Merge pull request #37 from sexybiggetje/dependabot/npm_and_yarn/path-parse-1.0.7
Bump path-parse from 1.0.6 to 1.0.7
|
2021-10-21 11:10:08 +02:00 |
|
dependabot[bot]
|
5d90ba97e8
|
Bump hosted-git-info from 2.7.1 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:50 +00:00 |
|
dependabot[bot]
|
e34248064a
|
Bump lodash from 4.17.19 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:39 +00:00 |
|
dependabot[bot]
|
347bae8d2a
|
Bump path-parse from 1.0.6 to 1.0.7
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:24 +00:00 |
|
Martijn de Boer
|
373659b1be
|
Merge pull request #40 from sexybiggetje/dependabot/npm_and_yarn/tmpl-1.0.5
Bump tmpl from 1.0.4 to 1.0.5
|
2021-10-21 11:08:40 +02:00 |
|
Martijn de Boer
|
8193137c06
|
Merge pull request #41 from sexybiggetje/snyk-fix-293c28aaeb882309b9c5531772f99278
[Snyk] Security upgrade snyk from 1.667.0 to 1.685.0
|
2021-10-21 11:08:18 +02:00 |
|
Martijn de Boer
|
ffe6ec0d22
|
Merge branch 'master' into snyk-fix-293c28aaeb882309b9c5531772f99278
|
2021-10-21 11:08:07 +02:00 |
|
Martijn de Boer
|
684d5b5a3a
|
Merge pull request #43 from sexybiggetje/dependabot/npm_and_yarn/vm2-3.9.4
Bump vm2 from 3.6.11 to 3.9.4
|
2021-10-21 11:06:27 +02:00 |
|