Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump qs, gulp-less and tiny-lr #12

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump qs, gulp-less and tiny-lr #12

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Nov 2, 2022

Bumps qs to 6.11.0 and updates ancestor dependencies qs, gulp-less and tiny-lr. These dependencies need to be updated together.

Updates qs from 1.0.2 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

  • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
  • [readme] fix version badge

6.10.5

  • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

  • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
  • [meta] use npmignore to autogenerate an npmignore file
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [actions] reuse common workflows
  • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

  • [Fix] stringify: actually fix cyclic references (#426)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [actions] update codecov uploader
  • [actions] update workflows
  • [Tests] clean up stringify tests slightly
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

  • [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

  • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
  • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
  • [meta] fix README.md (#399)
  • [meta] only run npm run dist in publish, not install
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
  • [Tests] fix tests on node v0.6
  • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
  • [Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [Tests] clean up stringify tests slightly
  • [meta] fix README.md (#399)
  • Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits
  • 56763c1 v6.11.0
  • ddd3e29 [readme] fix version badge
  • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
  • 95bc018 v6.10.5
  • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
  • ba9703c v6.10.4
  • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
  • 113b990 [Dev Deps] update object-inspect
  • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
  • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for qs since your current version.


Updates gulp-less from 1.3.9 to 5.0.0

Release notes

Sourced from gulp-less's releases.

v5.0.0

  • Dependency updates
  • Add support for less 4.x
  • Drop support for less before 3.7.1

v4.0.0

v3.5.0

  • update dependency accord d706f87f10f6b3fe4277d0fb37b4baa979a7e1be @​zkochan

v3.4.0

  • remove gulp-util f58e0f789a2905317e1067ea1a9a546c4cee9a96

v3.3.2

  • update dependencies - dfefda34004ef462515ee52377b8a75e2bed0898

v3.3.0

  • update accord dependency to remove any GPL code from the tree cf6d8a6f2b5c11043a595baaf2cfddbf66721bf3

v3.2.0

  • skip less 2.7.0 6fa258b275223e7c5363a07f77ab583a4698d1cd
  • update deps c5a391daab3b86657e926f60cc39482b02483a89
  • fix less version c48064c08a603232ec5d3bf118772377a33e5019

v3.1.0

No release notes provided.

Commits
Maintainer changes

This version was pushed to npm by contra, a new releaser for gulp-less since your current version.


Updates tiny-lr from 0.1.7 to 2.0.0

Release notes

Sourced from tiny-lr's releases.

Back from the dead

BREAKING CHANGE: livereload-js dropped support for IE 6-9

Changelog:

  • Merge pull request #137 from mklabs/dependabot/npm_and_yarn/handlebars-4.7.6 (7cd34f3)
  • Merge pull request #136 from mklabs/dependabot/npm_and_yarn/is-my-json-valid-2.20.5 (7338d26)
  • Merge pull request #133 from smhg/patch-1 (5753beb)
  • Merge branch 'master' into patch-1 (28ff6a5)
  • Bump handlebars from 4.0.5 to 4.7.6 (ef796e9)
  • Bump is-my-json-valid from 2.15.0 to 2.20.5 (3707723)
  • Merge pull request #135 from nerdkid93/cve-2020-15133 (dc48cbc)
  • Bump faye-websocket to fix CVE-2020-15133 (97bb39d)
  • update dep lockfile (877a905)
  • update livereload client (closes #132) (8ddf07d)

Minor Security Patch

New Year, New Features!

2018 brings several new features & bugfixes to tiny-lr, including some that we've been waiting on for over 2 years now!

#93 - Add reloadMissingCSS Option (@​STRML) [Thanks @​smhg for handling the upstream merge!] #125 - Allow Undefined Errors (@​ShadSterling) #127 - Allow Server Path Prefix (@​chrmod) #128 - Fix Typo Preventing Done Callback From Firing (@​tmthrgd)

Vulnerability Fix

#124 Update debug dependency (@​mattcollier)

v1.0.4

#117 Updating NPM versioning scripts (@​elwayman02) #122 Call method instead of apply (@​frederikbosch) #123 Update qs to 6.4.0 (@​BrandonCopley)

v1.0.3

#114 Ignore ECONNRESET socket error (@​creeperyang) #116 Node 0.12 support (@​nathanhammond)

Commits
Maintainer changes

This version was pushed to npm by elwayman02, a new releaser for tiny-lr since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump qs, gulp-less and tiny-lr
6ab2530 
Bumps [qs](https://github.com/ljharb/qs) to 6.11.0 and updates ancestor dependencies [qs](https://github.com/ljharb/qs), [gulp-less](https://github.com/gulp-community/gulp-less) and [tiny-lr](https://github.com/mklabs/tiny-lr). These dependencies need to be updated together.


Updates `qs` from 1.0.2 to 6.11.0
- [Release notes](https://github.com/ljharb/qs/releases)
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v1.0.2...v6.11.0)

Updates `gulp-less` from 1.3.9 to 5.0.0
- [Release notes](https://github.com/gulp-community/gulp-less/releases)
- [Commits](https://github.com/gulp-community/gulp-less/commits/5.0.0)

Updates `tiny-lr` from 0.1.7 to 2.0.0
- [Release notes](https://github.com/mklabs/tiny-lr/releases)
- [Commits](mklabs/tiny-lr@v0.1.7...2.0.0)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: indirect
- dependency-name: gulp-less
  dependency-type: direct:development
- dependency-name: tiny-lr
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants