Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security #1 #250

Open
wants to merge 60 commits into
base: master
Choose a base branch
from
Open

security #1 #250

wants to merge 60 commits into from

Commits on Sep 14, 2022

  1. Bump minimist, minimist and modernizr 

    Bumps [minimist](https://github.com/substack/minimist), [minimist](https://github.com/substack/minimist) and [modernizr](https://github.com/Modernizr/Modernizr). These dependencies needed to be updated together.

Updates `minimist` from 1.2.5 to 1.2.6
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

Updates `minimist` from 1.2.0 to 1.2.6
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

Updates `modernizr` from 3.5.0 to 3.12.0
- [Release notes](https://github.com/Modernizr/Modernizr/releases)
- [Changelog](https://github.com/Modernizr/Modernizr/blob/v3.12.0/CHANGELOG.md)
- [Commits](Modernizr/Modernizr@v3.5.0...v3.12.0)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: modernizr
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    a650cd5 View commit details
    Browse the repository at this point in the history

  2. Bump websocket-extensions from 0.1.2 to 0.1.4 

    Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.2 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/main/CHANGELOG.md)
- [Commits](faye/websocket-extensions-node@0.1.2...0.1.4)

---
updated-dependencies:
- dependency-name: websocket-extensions
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    5e5163f View commit details
    Browse the repository at this point in the history

  3. Bump lodash.merge from 4.6.0 to 4.6.2 

    Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.0 to 4.6.2.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/commits)

---
updated-dependencies:
- dependency-name: lodash.merge
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    49638e5 View commit details
    Browse the repository at this point in the history

  4. minimist 1.2.6

    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    e1fb501 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #1 from ValentinGratz/dependabot/npm_and_yarn/mini… 

    …mist-and-minimist-and-modernizr-1.2.6

Bump minimist, minimist and modernizr
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    7a1585e View commit details
    Browse the repository at this point in the history

  6. Merge pull request #3 from ValentinGratz/dependabot/npm_and_yarn/loda… 

    …sh.merge-4.6.2

Bump lodash.merge from 4.6.0 to 4.6.2
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    0ef7bd5 View commit details
    Browse the repository at this point in the history

  7. Merge pull request #2 from ValentinGratz/dependabot/npm_and_yarn/webs… 

    …ocket-extensions-0.1.4

Bump websocket-extensions from 0.1.2 to 0.1.4
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    031d16e View commit details
    Browse the repository at this point in the history

  8. Bump got and npm 

    Bumps [got](https://github.com/sindresorhus/got) and [npm](https://github.com/npm/cli). These dependencies needed to be updated together.

Removes `got`

Updates `npm` from 6.14.6 to 8.19.2
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/v8.19.2/CHANGELOG.md)
- [Commits](npm/cli@v6.14.6...v8.19.2)

---
updated-dependencies:
- dependency-name: got
  dependency-type: indirect
- dependency-name: npm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    dd3c4a5 View commit details
    Browse the repository at this point in the history

  9. Bump postcss and gulp-autoprefixer 

    Bumps [postcss](https://github.com/postcss/postcss) and [gulp-autoprefixer](https://github.com/sindresorhus/gulp-autoprefixer). These dependencies needed to be updated together.

Updates `postcss` from 6.0.16 to 8.4.16
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@6.0.16...8.4.16)

Updates `gulp-autoprefixer` from 4.1.0 to 8.0.0
- [Release notes](https://github.com/sindresorhus/gulp-autoprefixer/releases)
- [Commits](sindresorhus/gulp-autoprefixer@v4.1.0...v8.0.0)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: indirect
- dependency-name: gulp-autoprefixer
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    3a574df View commit details
    Browse the repository at this point in the history

  10. Bump shelljs and jshint 

    Bumps [shelljs](https://github.com/shelljs/shelljs) and [jshint](https://github.com/jshint/jshint). These dependencies needed to be updated together.

Removes `shelljs`

Updates `jshint` from 2.9.5 to 2.13.5
- [Release notes](https://github.com/jshint/jshint/releases)
- [Changelog](https://github.com/jshint/jshint/blob/main/CHANGELOG.md)
- [Commits](jshint/jshint@2.9.5...2.13.5)

---
updated-dependencies:
- dependency-name: shelljs
  dependency-type: indirect
- dependency-name: jshint
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    7e51664 View commit details
    Browse the repository at this point in the history

  11. Merge pull request #4 from ValentinGratz/dependabot/npm_and_yarn/got-… 

    …and-npm--removed

Bump got and npm
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    5b896b6 View commit details
    Browse the repository at this point in the history

  12. Merge pull request #5 from ValentinGratz/dependabot/npm_and_yarn/post… 

    …css-and-gulp-autoprefixer-8.4.16

Bump postcss and gulp-autoprefixer
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    35cbf70 View commit details
    Browse the repository at this point in the history

  13. Merge pull request #6 from ValentinGratz/dependabot/npm_and_yarn/shel… 

    …ljs-and-jshint--removed

Bump shelljs and jshint
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    60b204f View commit details
    Browse the repository at this point in the history

  14. Bump concat-with-sourcemaps from 1.0.4 to 1.1.0 

    Bumps [concat-with-sourcemaps](https://github.com/floridoo/concat-with-sourcemaps) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/floridoo/concat-with-sourcemaps/releases)
- [Commits](https://github.com/floridoo/concat-with-sourcemaps/commits)

---
updated-dependencies:
- dependency-name: concat-with-sourcemaps
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    4121f44 View commit details
    Browse the repository at this point in the history

  15. Bump lodash, lodash and gulp 

    Bumps [lodash](https://github.com/lodash/lodash), [lodash](https://github.com/lodash/lodash) and [gulp](https://github.com/gulpjs/gulp). These dependencies needed to be updated together.

Updates `lodash` from 4.17.21 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.21)

Updates `lodash` from 4.17.4 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.21)

Updates `gulp` from 3.9.1 to 4.0.2
- [Release notes](https://github.com/gulpjs/gulp/releases)
- [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md)
- [Commits](gulpjs/gulp@v3.9.1...v4.0.2)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
- dependency-name: lodash
  dependency-type: indirect
- dependency-name: gulp
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    ecaafd6 View commit details
    Browse the repository at this point in the history

  16. Bump json-schema from 0.2.3 to 0.4.0 

    Bumps [json-schema](https://github.com/kriszyp/json-schema) from 0.2.3 to 0.4.0.
- [Release notes](https://github.com/kriszyp/json-schema/releases)
- [Commits](kriszyp/json-schema@v0.2.3...v0.4.0)

---
updated-dependencies:
- dependency-name: json-schema
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    473015c View commit details
    Browse the repository at this point in the history

  17. Create codeql-analysis.yml

    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    e2c1d02 View commit details
    Browse the repository at this point in the history

  18. Merge pull request #10 from ValentinGratz/dependabot/npm_and_yarn/jso… 

    …n-schema-0.4.0

Bump json-schema from 0.2.3 to 0.4.0
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    014005a View commit details
    Browse the repository at this point in the history

  19. Merge pull request #9 from ValentinGratz/dependabot/npm_and_yarn/loda… 

    …sh-and-lodash-and-gulp-4.17.21

Bump lodash, lodash and gulp
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    e184631 View commit details
    Browse the repository at this point in the history

  20. Merge pull request #8 from ValentinGratz/dependabot/npm_and_yarn/conc… 

    …at-with-sourcemaps-1.1.0

Bump concat-with-sourcemaps from 1.0.4 to 1.1.0
    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    2d58fe8 View commit details
    Browse the repository at this point in the history

  21. Create SECURITY.md

    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    907f018 View commit details
    Browse the repository at this point in the history

  22. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Sep 14, 2022
    Configuration menu
    Copy the full SHA
    19d581d View commit details
    Browse the repository at this point in the history

Commits on Oct 1, 2022

  1. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Oct 1, 2022
    Configuration menu
    Copy the full SHA
    19eed97 View commit details
    Browse the repository at this point in the history

  2. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Oct 1, 2022
    Configuration menu
    Copy the full SHA
    fbe509c View commit details
    Browse the repository at this point in the history

Commits on Oct 25, 2022

  1. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Oct 25, 2022
    Configuration menu
    Copy the full SHA
    d5dbc5e View commit details
    Browse the repository at this point in the history

  2. Bump minimatch from 0.2.14 to 3.0.4 

    Bumps [minimatch](https://github.com/isaacs/minimatch) from 0.2.14 to 3.0.4.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](isaacs/minimatch@v0.2.14...v3.0.4)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Oct 25, 2022
    Configuration menu
    Copy the full SHA
    899c26a View commit details
    Browse the repository at this point in the history

Commits on Nov 13, 2022

  1. Merge pull request #13 from ValentinGratz/dependabot/npm_and_yarn/min… 

    …imatch-3.0.4

Bump minimatch from 0.2.14 to 3.0.4
    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    3b85a93 View commit details
    Browse the repository at this point in the history

  2. Bump hawk and node-sass 

    Removes [hawk](https://github.com/mozilla/hawk). It's no longer used after updating ancestor dependency [node-sass](https://github.com/sass/node-sass). These dependencies need to be updated together.


Removes `hawk`

Updates `node-sass` from 4.7.2 to 4.14.1
- [Release notes](https://github.com/sass/node-sass/releases)
- [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md)
- [Commits](sass/node-sass@v4.7.2...v4.14.1)

---
updated-dependencies:
- dependency-name: hawk
  dependency-type: indirect
- dependency-name: node-sass
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    651b879 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #12 from ValentinGratz/dependabot/npm_and_yarn/haw… 

    …k-and-node-sass--removed

Bump hawk and node-sass
    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    b53aeec View commit details
    Browse the repository at this point in the history

  4. Bump lodash.merge from 4.6.0 to 4.6.2 

    Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.0 to 4.6.2.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/commits)

---
updated-dependencies:
- dependency-name: lodash.merge
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    79c6311 View commit details
    Browse the repository at this point in the history

  5. Add files via upload

    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    060f671 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #14 from ValentinGratz/dependabot/npm_and_yarn/lod… 

    …ash.merge-4.6.2

Bump lodash.merge from 4.6.0 to 4.6.2
    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    fd74b17 View commit details
    Browse the repository at this point in the history

  7. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    6f9bdc0 View commit details
    Browse the repository at this point in the history

  8. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    6e1abee View commit details
    Browse the repository at this point in the history

  9. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 13, 2022
    Configuration menu
    Copy the full SHA
    30878be View commit details
    Browse the repository at this point in the history

Commits on Nov 14, 2022

  1. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 14, 2022
    Configuration menu
    Copy the full SHA
    9bf4377 View commit details
    Browse the repository at this point in the history

  2. scss 0.4.3

    @ValentinGratz
    ValentinGratz committed Nov 14, 2022
    Configuration menu
    Copy the full SHA
    2dd8967 View commit details
    Browse the repository at this point in the history

  3. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 14, 2022
    Configuration menu
    Copy the full SHA
    e5ddf5a View commit details
    Browse the repository at this point in the history

Commits on Nov 15, 2022

  1. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 15, 2022
    Configuration menu
    Copy the full SHA
    6b91d8f View commit details
    Browse the repository at this point in the history

  2. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 15, 2022
    Configuration menu
    Copy the full SHA
    4543139 View commit details
    Browse the repository at this point in the history

Commits on Nov 23, 2022

  1. hawk 9.0.1

    @ValentinGratz
    ValentinGratz committed Nov 23, 2022
    Configuration menu
    Copy the full SHA
    724fa88 View commit details
    Browse the repository at this point in the history

  2. Update package-lock.json

    @ValentinGratz
    ValentinGratz committed Nov 23, 2022
    Configuration menu
    Copy the full SHA
    c25b8b0 View commit details
    Browse the repository at this point in the history

  3. Create dependabot.yml

    @ValentinGratz
    ValentinGratz committed Nov 23, 2022
    Configuration menu
    Copy the full SHA
    0e487c5 View commit details
    Browse the repository at this point in the history

Commits on Nov 25, 2022

  1. update npm

    @ValentinGratz
    ValentinGratz committed Nov 25, 2022
    Configuration menu
    Copy the full SHA
    b47e6d2 View commit details
    Browse the repository at this point in the history

  2. Bump hosted-git-info from 2.5.0 to 2.8.9 

    Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.5.0 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.5.0...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Nov 25, 2022
    Configuration menu
    Copy the full SHA
    77ee39c View commit details
    Browse the repository at this point in the history

  3. Merge pull request #17 from ValentinGratz/dependabot/npm_and_yarn/hos… 

    …ted-git-info-2.8.9

Bump hosted-git-info from 2.5.0 to 2.8.9
    @ValentinGratz
    ValentinGratz committed Nov 25, 2022
    Configuration menu
    Copy the full SHA
    4021914 View commit details
    Browse the repository at this point in the history

  4. Bump extend from 3.0.1 to 3.0.2 

    Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/justmoon/node-extend/releases)
- [Changelog](https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md)
- [Commits](justmoon/node-extend@v3.0.1...v3.0.2)

---
updated-dependencies:
- dependency-name: extend
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Nov 25, 2022
    Configuration menu
    Copy the full SHA
    49584d6 View commit details
    Browse the repository at this point in the history

  5. Bump y18n from 3.2.1 to 3.2.2 

    Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Nov 25, 2022
    Configuration menu
    Copy the full SHA
    5f0eee9 View commit details
    Browse the repository at this point in the history

Commits on Dec 9, 2022

  1. Bump decode-uri-component from 0.2.0 to 0.2.2 

    Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Dec 9, 2022
    Configuration menu
    Copy the full SHA
    f84e870 View commit details
    Browse the repository at this point in the history

Commits on Dec 11, 2022

  1. Merge pull request #18 from ValentinGratz/dependabot/npm_and_yarn/dec… 

    …ode-uri-component-0.2.2

Bump decode-uri-component from 0.2.0 to 0.2.2
    @ValentinGratz
    ValentinGratz committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    74625b5 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #16 from ValentinGratz/dependabot/npm_and_yarn/ext… 

    …end-3.0.2

Bump extend from 3.0.1 to 3.0.2
    @ValentinGratz
    ValentinGratz committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    4d49698 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #15 from ValentinGratz/dependabot/npm_and_yarn/y18… 

    …n-3.2.2

Bump y18n from 3.2.1 to 3.2.2
    @ValentinGratz
    ValentinGratz committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    c45781e View commit details
    Browse the repository at this point in the history

  4. Bump minimatch from 3.0.4 to 3.0.8 

    Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.0.8.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.0.8)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    4a2119e View commit details
    Browse the repository at this point in the history

  5. Merge pull request #19 from ValentinGratz/dependabot/npm_and_yarn/min… 

    …imatch-3.0.8

Bump minimatch from 3.0.4 to 3.0.8
    @ValentinGratz
    ValentinGratz committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    8ddeee9 View commit details
    Browse the repository at this point in the history

  6. Bump concat-with-sourcemaps from 1.0.4 to 1.1.0 

    Bumps [concat-with-sourcemaps](https://github.com/floridoo/concat-with-sourcemaps) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/floridoo/concat-with-sourcemaps/releases)
- [Commits](https://github.com/floridoo/concat-with-sourcemaps/commits)

---
updated-dependencies:
- dependency-name: concat-with-sourcemaps
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    e4c48ce View commit details
    Browse the repository at this point in the history

  7. Merge pull request #20 from ValentinGratz/dependabot/npm_and_yarn/con… 

    …cat-with-sourcemaps-1.1.0

Bump concat-with-sourcemaps from 1.0.4 to 1.1.0
    @ValentinGratz
    ValentinGratz committed Dec 11, 2022
    Configuration menu
    Copy the full SHA
    6bf6b8f View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2023

  1. Bump semver and npm 

    Bumps [semver](https://github.com/npm/node-semver) to 5.7.2 and updates ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Updates `semver` from 5.4.1 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.4.1...v5.7.2)

Updates `npm` from 9.1.2 to 9.8.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](npm/cli@v9.1.2...v9.8.0)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
- dependency-name: npm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Jul 14, 2023
    Configuration menu
    Copy the full SHA
    2e61b0d View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2023

  1. Merge pull request #21 from ValentinGratz/dependabot/npm_and_yarn/sem… 

    …ver-and-npm-5.7.2

Bump semver and npm
    @ValentinGratz
    ValentinGratz committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    a403bd1 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2024

  1. Bump tar and npm 

    Removes [tar](https://github.com/isaacs/node-tar). It's no longer used after updating ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Removes `tar`

Updates `npm` from 9.8.0 to 10.5.2
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](npm/cli@v9.8.0...v10.5.2)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
- dependency-name: npm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Apr 11, 2024
    Configuration menu
    Copy the full SHA
    e77f4ec View commit details
    Browse the repository at this point in the history

Commits on May 4, 2024

  1. Merge pull request #22 from ValentinGratz/dependabot/npm_and_yarn/mul… 

    …ti-7633470765

Bump tar and npm
    @ValentinGratz
    ValentinGratz committed May 4, 2024
    Configuration menu
    Copy the full SHA
    ea20928 View commit details
    Browse the repository at this point in the history