Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump shell-quote from 1.7.2 to 1.7.4 (#271)
Bumps [shell-quote](https://github.com/ljharb/shell-quote) from 1.7.2 to 1.7.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md">shell-quote's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/ljharb/shell-quote/compare/1.7.3...v1.7.4">v1.7.4</a> - 2022-10-12</h2> <h3>Merged</h3> <ul> <li>Add node_modules to .gitignore <a href="https://github-redirect.dependabot.com/ljharb/shell-quote/pull/48"><code>[#48](https://github.com/ljharb/shell-quote/issues/48)</code></a></li> </ul> <h3>Commits</h3> <ul> <li>[eslint] fix indentation and whitespace <a href="https://github.com/ljharb/shell-quote/commit/aaa9d1f65bf3445e6af1efaa4a8f8c13a21aa593"><code>aaa9d1f</code></a></li> <li>[eslint] additional cleanup <a href="https://github.com/ljharb/shell-quote/commit/397cb628f3d96e4e47763147c0d6074997a13880"><code>397cb62</code></a></li> <li>[meta] add <code>auto-changelog</code> <a href="https://github.com/ljharb/shell-quote/commit/497fca509af3b7d6daaba459bad1f45ac0af3ff1"><code>497fca5</code></a></li> <li>[actions] add reusable workflows <a href="https://github.com/ljharb/shell-quote/commit/4763c36274c5881a2d141ce9f2b17b7d1d95e8cd"><code>4763c36</code></a></li> <li>[eslint] add eslint <a href="https://github.com/ljharb/shell-quote/commit/6ee1437df1b10a79bdf2aaa04f2bacc9f420dc15"><code>6ee1437</code></a></li> <li>[readme] rename, add badges <a href="https://github.com/ljharb/shell-quote/commit/7eb513483d931602452ec572ed456714148acd2b"><code>7eb5134</code></a></li> <li>[meta] update URLs <a href="https://github.com/ljharb/shell-quote/commit/67381b61fa95e57819333463f491428747893186"><code>67381b6</code></a></li> <li>[meta] create FUNDING.yml; add <code>funding</code> in package.json <a href="https://github.com/ljharb/shell-quote/commit/86415722d875578adf1f95f9e649ba42c805bc32"><code>8641572</code></a></li> <li>[meta] use <code>npmignore</code> to autogenerate an npmignore file <a href="https://github.com/ljharb/shell-quote/commit/2e2007a393f90bf079fc556a921120b3508c4fc3"><code>2e2007a</code></a></li> <li>Only apps should have lockfiles <a href="https://github.com/ljharb/shell-quote/commit/f97411ef4d2f183200fc8a28beca9faf9b08a640"><code>f97411e</code></a></li> <li>[Dev Deps] update <code>tape</code> <a href="https://github.com/ljharb/shell-quote/commit/051f60857ad5035280208abdc348bf5ba42a6254"><code>051f608</code></a></li> <li>[meta] add <code>safe-publish-latest</code> <a href="https://github.com/ljharb/shell-quote/commit/18cadf95357392fcd78ea8619956fd41eed62649"><code>18cadf9</code></a></li> <li>[Tests] add <code>aud</code> in <code>posttest</code> <a href="https://github.com/ljharb/shell-quote/commit/dc1cc12b956ccd93d58aaaad263bee7d50576d27"><code>dc1cc12</code></a></li> </ul> <!-- raw HTML omitted --> <h2>1.7.3</h2> <ul> <li>Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/shell-quote/commit/5409e72ef6c905c4d1637883cd394f6f07abd934"><code>5409e72</code></a> v1.7.4</li> <li><a href="https://github.com/ljharb/shell-quote/commit/4763c36274c5881a2d141ce9f2b17b7d1d95e8cd"><code>4763c36</code></a> [actions] add reusable workflows</li> <li><a href="https://github.com/ljharb/shell-quote/commit/86415722d875578adf1f95f9e649ba42c805bc32"><code>8641572</code></a> [meta] create FUNDING.yml; add <code>funding</code> in package.json</li> <li><a href="https://github.com/ljharb/shell-quote/commit/497fca509af3b7d6daaba459bad1f45ac0af3ff1"><code>497fca5</code></a> [meta] add <code>auto-changelog</code></li> <li><a href="https://github.com/ljharb/shell-quote/commit/7eb513483d931602452ec572ed456714148acd2b"><code>7eb5134</code></a> [readme] rename, add badges</li> <li><a href="https://github.com/ljharb/shell-quote/commit/67381b61fa95e57819333463f491428747893186"><code>67381b6</code></a> [meta] update URLs</li> <li><a href="https://github.com/ljharb/shell-quote/commit/2e2007a393f90bf079fc556a921120b3508c4fc3"><code>2e2007a</code></a> [meta] use <code>npmignore</code> to autogenerate an npmignore file</li> <li><a href="https://github.com/ljharb/shell-quote/commit/18cadf95357392fcd78ea8619956fd41eed62649"><code>18cadf9</code></a> [meta] add <code>safe-publish-latest</code></li> <li><a href="https://github.com/ljharb/shell-quote/commit/397cb628f3d96e4e47763147c0d6074997a13880"><code>397cb62</code></a> [eslint] additional cleanup</li> <li><a href="https://github.com/ljharb/shell-quote/commit/aaa9d1f65bf3445e6af1efaa4a8f8c13a21aa593"><code>aaa9d1f</code></a> [eslint] fix indentation and whitespace</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/shell-quote/compare/v1.7.2...v1.7.4">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~ljharb">ljharb</a>, a new releaser for shell-quote since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/circlefin/payments-sample-app/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Isaac Gaskin <[email protected]>
- Loading branch information
1 parent
c5a4dc5
commit 25c9bd3