build(deps): bump the npm_and_yarn group with 8 updates #159

dependabot · 2024-04-28T17:53:28Z

Bumps the npm_and_yarn group with 9 updates:

Package	From	To
nuxt	`2.15.8`	`2.17.3`
@babel/traverse	`7.20.1`	`7.24.1`
browserify-sign	`4.2.1`	`4.2.3`
glob-parent	`3.1.0`	`6.0.2`
nuxt	`2.17.3`	`3.11.2`
nth-check	`1.0.2`	`2.1.1`
tar	`6.1.12`	`6.2.1`
tough-cookie	`4.1.2`	`4.1.3`
word-wrap	`1.2.3`	`1.2.5`

Updates nuxt from 2.15.8 to 2.17.3

Release notes

Sourced from nuxt's releases.

v2.17.3

2.17.3 is the next patch release for the 2.x branch.

👉 Changelog

compare changes

💅 Refactors

Migrate to hookable package (#24426)

🏡 Chore

Fix invalid package files with npm pkg fix (4d0474c4b)

✅ Tests

Skip lib check with vue-tsc test (90ffd8170)

🤖 CI

Split type check into separate test (40f1f301e)

❤️ Contributors

Andrey Yolkin (@AndreyYolkin)

Daniel Roe (@danielroe)

v2.17.2

👉 Changelog

compare changes

🩹 Fixes

types: Prevent overwriting vue types in template (#22802)

types: Don't pin webpack types to exact version (#23531)

Remove md4 patch now that webpack has it in core (#23703)

🤖 CI

Add script to update changelog for 2.x releases (#23031)

Revert to codecov-action v3 (e66e44803)

Remove node version from matrix (#23706)

Use node 18 for ci jobs (#23701)

❤️ Contributors

Daniel Roe (@danielroe)

Rafał Chłodnicki (@rchl)

... (truncated)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by danielroe, a new releaser for nuxt since your current version.

Updates @babel/traverse from 7.20.1 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates glob-parent from 3.1.0 to 6.0.2

Release notes

Sourced from glob-parent's releases.

glob-parent v6.0.2

Bug Fixes

Improve performance (#53) (843f8de)

glob-parent v6.0.1

Bug Fixes

Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

glob-parent v6.0.0

⚠ BREAKING CHANGES

Correct mishandled escaped path separators (#34)

upgrade scaffold, dropping node <10 support

Bug Fixes

Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

upgrade scaffold, dropping node <10 support (e83d0c5)

v5.1.2

Bug Fixes

eliminate ReDoS (#36) (f923116)

v5.1.1

Bug Fixes

unescape exclamation mark (#26) (a98874f)

v5.1.0

Features

... (truncated)

Changelog

Sourced from glob-parent's changelog.

6.0.2 (2021-09-29)

Bug Fixes

Improve performance (#53) (843f8de)

6.0.1 (2021-07-20)

Bug Fixes

Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

Correct mishandled escaped path separators (#34)

upgrade scaffold, dropping node <10 support

Bug Fixes

Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

unescape exclamation mark (#26) (a98874f)

5.1.0 (2021-01-27)

Features

add flipBackslashes option to disable auto conversion of slashes (closes #24) (#25) (eecf91d)

5.0.0 (2021-01-27)

⚠ BREAKING CHANGES

Drop support for node <6 & bump dependencies

Miscellaneous Chores

Drop support for node <6 & bump dependencies (896c0c0)

4.0.0 (2021-01-27)

... (truncated)

Commits

26ce5ec chore: release 6.0.2 (#54)
98c4781 chore: Run prettier
843f8de fix: Improve performance (#53)
3ad3690 chore: Run prettier
e1a15e1 chore: release 6.0.1 (#52)
8cdac1e chore: Run prettier
3e9f04a fix: Resolve ReDoS vulnerability from CVE-2021-35065 (#49)
3ad9597 chore: Run prettier
6fd137b chore: release 6.0.0 (#41)
32f6d52 fix!: Correct mishandled escaped path separators (#34)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by phated, a new releaser for glob-parent since your current version.

Updates nuxt from 2.17.3 to 3.11.2

Release notes

Sourced from nuxt's releases.

v2.17.3

2.17.3 is the next patch release for the 2.x branch.

👉 Changelog

compare changes

💅 Refactors

Migrate to hookable package (#24426)

🏡 Chore

Fix invalid package files with npm pkg fix (4d0474c4b)

✅ Tests

Skip lib check with vue-tsc test (90ffd8170)

🤖 CI

Split type check into separate test (40f1f301e)

❤️ Contributors

Andrey Yolkin (@AndreyYolkin)

Daniel Roe (@danielroe)

v2.17.2

👉 Changelog

compare changes

🩹 Fixes

types: Prevent overwriting vue types in template (#22802)

types: Don't pin webpack types to exact version (#23531)

Remove md4 patch now that webpack has it in core (#23703)

🤖 CI

Add script to update changelog for 2.x releases (#23031)

Revert to codecov-action v3 (e66e44803)

Remove node version from matrix (#23706)

Use node 18 for ci jobs (#23701)

❤️ Contributors

Daniel Roe (@danielroe)

Rafał Chłodnicki (@rchl)

... (truncated)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by danielroe, a new releaser for nuxt since your current version.

Updates nth-check from 1.0.2 to 2.1.1

Release notes

Sourced from nth-check's releases.

v2.1.1

The ESM code had some issues that are now fixed aeeb067

fb55/nth-check@v2.1.0...v2.1.1

v2.1.0

What's Changed

nth-check is now a dual CommonJS and ESM module fb55/nth-check#206

With the new sequence and generate methods, it is now possible to generate a sequence of indices for a given formula fb55/nth-check#207

Full Changelog: fb55/nth-check@v2.0.1...v2.1.0

v2.0.1

Fixes:

Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d

Ensures parsing will always have linear time complexity.

Internal:

chore(ci): Use GitHub Actions, Dependabot (#10) e02b4dd

Bump dependencies

fb55/nth-check@v2.0.0...v2.0.1

v2.0.0

Port module to TS, Jest, ESLint

Breaking:

The main export is now a default export.

The module now throws regular Errors on invalid selectors instead of SyntaxErrors.

Commits

639fd2a 2.1.1
0eec65b fix(test): Add moduleNameMapper
aeeb067 fix: Fix ESM
432ebc6 2.1.0
3e8cd1e feat: Add generate and sequence methods (#207)
57a5c62 feat: Add ESM (#206)
1ce0c7c chore(deps-dev): Bump @types/node from 17.0.34 to 17.0.35 (#205)
eebb040 chore(deps-dev): Bump @typescript-eslint/parser from 5.24.0 to 5.25.0 (#204)
a316aaa chore(deps-dev): Bump @typescript-eslint/eslint-plugin (#203)
454c0de chore(deps-dev): Bump @typescript-eslint/eslint-plugin (#202)
Additional commits viewable in compare view

Updates tar from 6.1.12 to 6.2.1

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

Changelog

Sourced from tar's changelog.

Changelog

7.0

Rewrite in TypeScript, provide ESM and CommonJS hybrid interface

Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.

Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.

Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

6.2

Add support for brotli compression

Add maxDepth option to prevent extraction into excessively deep folders.

6.1

remove dead link to benchmarks (#313) (@yetzt)

add examples/explanation of using tar.t (@isaacs)

ensure close event is emited after stream has ended (@webark)

replace deprecated String.prototype.substr() (@CommanderRoot, @lukekarrys)

6.0

Drop support for node 6 and 8

fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

Address unpack race conditions using path reservations

Change large-numbers errors from TypeError to Error

Add TAR_* error codes

Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive

do not treat ignored entries as an invalid archive

drop support for node v4

unpack: conditionally use a file mapping to write files on Windows

Set more portable 'mode' value in portable mode

Set portable gzip option in portable mode

... (truncated)

Commits

bef7b1e 6.2.1
fe8cd57 prevent extraction in excessively deep subfolders
fe7ebfd remove security.md
5bc9d40 6.2.0
fe1ef5e changelog 6.2
e483220 get rid of npm lint stuff
689928a ci that works outside of npm org
db6f539 file inference improvements for .tbr and .tgz
336fa8f refactor: dry and other pr comments
eeba222 chore: lint fixes
Additional commits viewable in compare view

Updates tough-cookie from 4.1.2 to 4.1.3

Release notes

Sourced from tough-cookie's releases.

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

Commits

4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
12d4747 Prevent prototype pollution in cookie memstore (#283)
f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
See full diff in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24

🔒fix: CVE 2023 26115 (2) by @OlafConijn in jonschlinkert/word-wrap#41

🔒 fix: CVE-2023-26115 by @aashutoshrathi in jonschlinkert/word-wrap#33

chore: publish workflow by @OlafConijn in jonschlinkert/word-wrap#42

New Contributors

@mohd-akram made their first contribution in jonschlinkert/word-wrap#24

@OlafConijn made their first contribution in jonschlinkert/word-wrap#41

@aashutoshrathi made their first contribution in jonschlinkert/word-wrap#33

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

207044e 1.2.5
9894315 revert default indent
f64b188 run verb to generate README
03ea082 Merge pull request #42 from jonschlinkert/chore/publish-workflow
420dce9 Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2
bfa694e Update .github/workflows/publish.yml
ace0b3c chore: bump version to 1.2.4
6fd7275 chore: add publish workflow
30d6daf chore: fix test
655929c chore: remove package-lock
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps the npm_and_yarn group with 9 updates: | Package | From | To | | --- | --- | --- | | [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `2.15.8` | `2.17.3` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.20.1` | `7.24.1` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [glob-parent](https://github.com/gulpjs/glob-parent) | `3.1.0` | `6.0.2` | | [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `2.17.3` | `3.11.2` | | [nth-check](https://github.com/fb55/nth-check) | `1.0.2` | `2.1.1` | | [tar](https://github.com/isaacs/node-tar) | `6.1.12` | `6.2.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.2` | `4.1.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `nuxt` from 2.15.8 to 2.17.3 - [Release notes](https://github.com/nuxt/nuxt/releases) - [Commits](https://github.com/nuxt/nuxt/commits/v2.17.3/packages/nuxt) Updates `@babel/traverse` from 7.20.1 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `glob-parent` from 3.1.0 to 6.0.2 - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](gulpjs/glob-parent@v3.1.0...v6.0.2) Updates `nuxt` from 2.17.3 to 3.11.2 - [Release notes](https://github.com/nuxt/nuxt/releases) - [Commits](https://github.com/nuxt/nuxt/commits/v2.17.3/packages/nuxt) Updates `nth-check` from 1.0.2 to 2.1.1 - [Release notes](https://github.com/fb55/nth-check/releases) - [Commits](fb55/nth-check@v1.0.2...v2.1.1) Updates `tar` from 6.1.12 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.12...v6.2.1) Updates `tough-cookie` from 4.1.2 to 4.1.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.3) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: nuxt dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob-parent dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nuxt dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nth-check dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

changeset-bot · 2024-04-28T17:53:32Z

⚠️ No Changeset found

Latest commit: 8f197fc

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

netlify · 2024-04-28T17:53:44Z

❌ Deploy Preview for binz-nuxt-static failed.

Name	Link
🔨 Latest commit	`8f197fc`
🔍 Latest deploy log	https://app.netlify.com/sites/binz-nuxt-static/deploys/662e8d1adb98110008e5987e

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 28, 2024

dependabot bot mentioned this pull request Apr 28, 2024

build(deps): bump the npm_and_yarn group with 8 updates #155

Closed

binzcodes added the bug Something isn't working label Nov 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the npm_and_yarn group with 8 updates #159

build(deps): bump the npm_and_yarn group with 8 updates #159

Uh oh!

dependabot bot commented on behalf of github Apr 28, 2024 •

edited

Loading

Uh oh!

changeset-bot bot commented Apr 28, 2024

Uh oh!

netlify bot commented Apr 28, 2024 •

edited

Loading

Uh oh!

Uh oh!

build(deps): bump the npm_and_yarn group with 8 updates #159

Are you sure you want to change the base?

build(deps): bump the npm_and_yarn group with 8 updates #159

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 28, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.17.3

👉 Changelog

💅 Refactors

🏡 Chore

✅ Tests

🤖 CI

❤️ Contributors

v2.17.2

👉 Changelog

🩹 Fixes

🤖 CI

❤️ Contributors

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

glob-parent v6.0.2

Bug Fixes

glob-parent v6.0.1

Bug Fixes

glob-parent v6.0.0

⚠ BREAKING CHANGES

Bug Fixes

Miscellaneous Chores

v5.1.2

Bug Fixes

v5.1.1

Bug Fixes

v5.1.0

Features

6.0.2 (2021-09-29)

Bug Fixes

6.0.1 (2021-07-20)

Bug Fixes

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

Bug Fixes

Miscellaneous Chores

5.1.1 (2021-01-27)

Bug Fixes

5.1.0 (2021-01-27)

Features

5.0.0 (2021-01-27)

⚠ BREAKING CHANGES

Miscellaneous Chores

4.0.0 (2021-01-27)

v2.17.3

👉 Changelog

💅 Refactors

🏡 Chore

✅ Tests

🤖 CI

❤️ Contributors

v2.17.2

👉 Changelog

🩹 Fixes

🤖 CI

dependabot bot commented on behalf of github Apr 28, 2024 •

edited

Loading

netlify bot commented Apr 28, 2024 •

edited

Loading