snyk-bot
|
abb406dfda
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SNYK-3038622
- https://snyk.io/vuln/SNYK-JS-SNYK-3111871
|
2022-12-01 07:55:32 +00:00 |
|
dependabot[bot]
|
37a0b40829
|
build(deps): bump moment from 2.29.2 to 2.29.4
Bumps [moment](https://github.com/moment/moment) from 2.29.2 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.2...2.29.4)
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-07-15 07:47:50 +00:00 |
|
Martijn de Boer
|
bfb0b700b5
|
Merge pull request #36 from sexybiggetje/dependabot/npm_and_yarn/ws-5.2.3
Bump ws from 5.2.2 to 5.2.3
|
2022-07-15 09:47:14 +02:00 |
|
dependabot[bot]
|
9dbb4b06fc
|
build(deps): bump jpeg-js from 0.4.0 to 0.4.4
Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.0 to 0.4.4.
- [Release notes](https://github.com/eugeneware/jpeg-js/releases)
- [Commits](https://github.com/eugeneware/jpeg-js/compare/v0.4.0...v0.4.4)
---
updated-dependencies:
- dependency-name: jpeg-js
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-06-17 01:45:22 +00:00 |
|
dependabot[bot]
|
5b5baa4f67
|
build(deps): bump moment from 2.29.1 to 2.29.2
Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.1...2.29.2)
---
updated-dependencies:
- dependency-name: moment
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-04-08 23:56:04 +00:00 |
|
dependabot[bot]
|
9934d0f1be
|
build(deps): bump vm2 from 3.9.4 to 3.9.6
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.4 to 3.9.6.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/compare/3.9.4...3.9.6)
---
updated-dependencies:
- dependency-name: vm2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-02-15 00:46:13 +00:00 |
|
Martijn de Boer
|
f1a7955bc0
|
Merge pull request #31 from sexybiggetje/dependabot/npm_and_yarn/handlebars-4.7.7
Bump handlebars from 4.5.3 to 4.7.7
|
2021-10-21 11:10:53 +02:00 |
|
Martijn de Boer
|
537fcf8f9d
|
Merge pull request #33 from sexybiggetje/dependabot/npm_and_yarn/hosted-git-info-2.8.9
Bump hosted-git-info from 2.7.1 to 2.8.9
|
2021-10-21 11:10:38 +02:00 |
|
Martijn de Boer
|
684a62eab0
|
Merge pull request #32 from sexybiggetje/dependabot/npm_and_yarn/lodash-4.17.21
Bump lodash from 4.17.19 to 4.17.21
|
2021-10-21 11:10:25 +02:00 |
|
dependabot[bot]
|
3ea42ed46c
|
Bump handlebars from 4.5.3 to 4.7.7
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:10:18 +00:00 |
|
dependabot[bot]
|
5d90ba97e8
|
Bump hosted-git-info from 2.7.1 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:50 +00:00 |
|
dependabot[bot]
|
e34248064a
|
Bump lodash from 4.17.19 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:39 +00:00 |
|
dependabot[bot]
|
347bae8d2a
|
Bump path-parse from 1.0.6 to 1.0.7
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-21 09:09:24 +00:00 |
|
Martijn de Boer
|
373659b1be
|
Merge pull request #40 from sexybiggetje/dependabot/npm_and_yarn/tmpl-1.0.5
Bump tmpl from 1.0.4 to 1.0.5
|
2021-10-21 11:08:40 +02:00 |
|
Martijn de Boer
|
ffe6ec0d22
|
Merge branch 'master' into snyk-fix-293c28aaeb882309b9c5531772f99278
|
2021-10-21 11:08:07 +02:00 |
|
dependabot[bot]
|
b63c923ff9
|
Bump vm2 from 3.6.11 to 3.9.4
Bumps [vm2](https://github.com/patriksimek/vm2) from 3.6.11 to 3.9.4.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patriksimek/vm2/commits/3.9.4)
---
updated-dependencies:
- dependency-name: vm2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-19 15:29:30 +00:00 |
|
snyk-bot
|
97dcc02ef3
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SSH2-1656673
|
2021-09-22 22:44:48 +00:00 |
|
dependabot[bot]
|
d2e3d609a6
|
Bump tmpl from 1.0.4 to 1.0.5
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)
---
updated-dependencies:
- dependency-name: tmpl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-09-20 21:04:30 +00:00 |
|
dependabot[bot]
|
dc5aaf8147
|
Bump ws from 5.2.2 to 5.2.3
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3)
---
updated-dependencies:
- dependency-name: ws
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-09-02 05:58:53 +00:00 |
|
dependabot[bot]
|
c4dbeba7e2
|
Bump tar from 4.4.8 to 4.4.19
Bumps [tar](https://github.com/npm/node-tar) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases)
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19)
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-09-01 00:40:13 +00:00 |
|
snyk-bot
|
9a167aae5a
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSZIP-1251497
|
2021-07-27 21:30:27 +00:00 |
|
Martijn de Boer
|
0cc8f2fbbf
|
Merge branch 'master' into dependabot/npm_and_yarn/ini-1.3.8
|
2021-03-31 14:33:43 +02:00 |
|
Martijn de Boer
|
953e794566
|
Merge pull request #27 from sexybiggetje/snyk-fix-01e9afa7eb618f4a1743dc221fa3d2f6
[Snyk] Security upgrade snyk from 1.425.4 to 1.465.0
|
2021-03-31 14:32:57 +02:00 |
|
dependabot[bot]
|
8b61700c2b
|
Bump y18n from 3.2.1 to 4.0.1
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-03-29 20:54:07 +00:00 |
|
snyk-bot
|
022b6ddfe9
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
|
2021-03-23 21:08:08 +00:00 |
|
dependabot[bot]
|
794bb07248
|
Bump ini from 1.3.5 to 1.3.8
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-03-15 09:47:00 +00:00 |
|
snyk-bot
|
845841f42b
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SSRI-1085630
|
2021-03-14 21:08:06 +00:00 |
|
snyk-bot
|
3cdb1c7cd6
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
|
2020-11-24 21:07:47 +00:00 |
|
dependabot[bot]
|
37978f3665
|
Bump find-my-way from 2.1.1 to 2.2.5
Bumps [find-my-way](https://github.com/delvedor/find-my-way) from 2.1.1 to 2.2.5.
- [Release notes](https://github.com/delvedor/find-my-way/releases)
- [Commits](https://github.com/delvedor/find-my-way/compare/v2.1.1...v2.2.5)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-11-09 22:45:12 +00:00 |
|
Martijn de Boer
|
50f511be4b
|
Merge pull request #22 from sexybiggetje/dependabot/npm_and_yarn/bl-4.0.3
Bump bl from 4.0.2 to 4.0.3
|
2020-10-28 15:12:40 +01:00 |
|
Martijn de Boer
|
9ae39e00ba
|
Merge pull request #20 from sexybiggetje/dependabot/npm_and_yarn/lodash-4.17.19
Bump lodash from 4.17.15 to 4.17.19
|
2020-10-28 15:12:24 +01:00 |
|
dependabot[bot]
|
44945cfab5
|
Bump bl from 4.0.2 to 4.0.3
Bumps [bl](https://github.com/rvagg/bl) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/rvagg/bl/releases)
- [Commits](https://github.com/rvagg/bl/compare/v4.0.2...v4.0.3)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-09-02 16:23:51 +00:00 |
|
dependabot[bot]
|
2194ffdb02
|
Bump jpeg-js from 0.3.4 to 0.4.0
Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.3.4 to 0.4.0.
- [Release notes](https://github.com/eugeneware/jpeg-js/releases)
- [Commits](https://github.com/eugeneware/jpeg-js/commits/v0.4.0)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-07-27 15:53:05 +00:00 |
|
dependabot[bot]
|
e841c9d04c
|
Bump lodash from 4.17.15 to 4.17.19
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-07-15 23:28:21 +00:00 |
|
dependabot[bot]
|
2b8938cb0a
|
Bump npm from 6.13.4 to 6.14.6
Bumps [npm](https://github.com/npm/cli) from 6.13.4 to 6.14.6.
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/compare/v6.13.4...v6.14.6)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-07-07 20:34:08 +00:00 |
|
snyk-bot
|
540a1ea2d9
|
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
|
2020-04-30 23:13:50 +02:00 |
|
snyk-bot
|
2278a4b284
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOTPROP-543489
|
2020-01-31 21:07:50 +00:00 |
|
snyk-bot
|
c7e00eb13d
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-KINDOF-537849
|
2020-01-21 21:07:44 +00:00 |
|
dependabot[bot]
|
0069b5d25d
|
Bump handlebars from 4.1.2 to 4.5.3
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.2 to 4.5.3.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.2...v4.5.3)
Signed-off-by: dependabot[bot] <support@github.com>
|
2019-12-26 21:42:08 +00:00 |
|
dependabot[bot]
|
87522b0e05
|
Bump npm from 6.11.3 to 6.13.4
Bumps [npm](https://github.com/npm/cli) from 6.11.3 to 6.13.4.
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/compare/v6.11.3...v6.13.4)
Signed-off-by: dependabot[bot] <support@github.com>
|
2019-12-13 19:48:43 +00:00 |
|
snyk-bot
|
a81e319616
|
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-TREEKILL-536781
|
2019-12-11 21:07:23 +00:00 |
|
snyk-bot
|
b63061c419
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VM2-473188
|
2019-10-16 21:07:09 +00:00 |
|
snyk-bot
|
a9bd0ff2c6
|
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-HTTPSPROXYAGENT-469131
|
2019-10-03 21:07:13 +00:00 |
|
snyk-bot
|
4ad9eb13e8
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CSVPARSE-467403
|
2019-09-22 21:07:05 +00:00 |
|
|
3518fec1fc
|
Updates
|
2019-07-23 12:38:26 +02:00 |
|
Martijn de Boer
|
cd75fb1570
|
Merge pull request #8 from sexybiggetje/dependabot/npm_and_yarn/extend-3.0.2
Bump extend from 3.0.1 to 3.0.2
|
2019-07-23 12:33:14 +02:00 |
|
dependabot[bot]
|
20f4fb9b7b
|
Bump js-yaml from 3.12.0 to 3.13.1
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.13.1.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.12.0...3.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
2019-07-23 10:07:12 +00:00 |
|
dependabot[bot]
|
e5a5561184
|
Bump extend from 3.0.1 to 3.0.2
Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/justmoon/node-extend/releases)
- [Changelog](https://github.com/justmoon/node-extend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/justmoon/node-extend/compare/v3.0.1...v3.0.2)
Signed-off-by: dependabot[bot] <support@github.com>
|
2019-07-23 10:07:09 +00:00 |
|
snyk-test
|
35cf024d4a
|
fix: .snyk, package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
|
2019-07-04 19:14:28 +00:00 |
|
snyk-test
|
2e5172b3d6
|
fix: .snyk, package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
|
2019-07-03 21:07:16 +00:00 |
|