Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 11 updates #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 11 updates #1

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 19, 2024

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
grunt 1.0.2 1.5.3
extend 3.0.1 3.0.2
hosted-git-info 2.6.0 2.8.9
qs 6.4.0 6.4.1
semver 5.5.0 5.7.2
stringstream 0.0.5 0.0.6

Updates grunt from 1.0.2 to 1.5.3

Release notes

Sourced from grunt's releases.

v1.5.3

  • Merge pull request #1745 from gruntjs/fix-copy-op 572d79b
  • Patch up race condition in symlink copying. 58016ff
  • Merge pull request #1746 from JamieSlome/patch-1 0749e1d
  • Create SECURITY.md 69b7c50

gruntjs/grunt@v1.5.2...v1.5.3

v1.5.2

  • Update Changelog 7f15fd5
  • Merge pull request #1743 from gruntjs/cleanup-link b0ec6e1
  • Clean up link handling 433f91b

gruntjs/grunt@v1.5.1...v1.5.2

v1.5.1

  • Merge pull request #1742 from gruntjs/update-symlink-test ad22608
  • Fix symlink test 0652305

gruntjs/grunt@v1.5.0...v1.5.1

v1.5.0

  • Updated changelog b2b2c2b
  • Merge pull request #1740 from gruntjs/update-deps-22-10 3eda6ae
  • Update testing matrix 47d32de
  • More updates 2e9161c
  • Remove console log 04b960e
  • Update dependencies, tests... aad3d45
  • Merge pull request #1736 from justlep/main fdc7056
  • support .cjs extension e35fe54

gruntjs/grunt@v1.4.1...v1.5.0

v1.4.1

  • Update Changelog e7625e5
  • Merge pull request #1731 from gruntjs/update-options 5d67e34
  • Fix ci install d13bf88
  • Switch to Actions 08896ae
  • Update grunt-known-options eee0673
  • Add note about a breaking change 1b6e288

gruntjs/grunt@v1.4.0...v1.4.1

v1.4.0

  • Merge pull request #1728 from gruntjs/update-deps-changelog 63b2e89
  • Update changelog and util dep 106ed17
  • Merge pull request #1727 from gruntjs/update-deps-apr 49de70b
  • Update CLI and nodeunit 47cf8b6
  • Merge pull request #1722 from gruntjs/update-through e86db1c
  • Update deps 4952368

... (truncated)

Changelog

Sourced from grunt's changelog.

v1.5.3 date: 2022-04-23 changes: - Patch up race condition in symlink copying. v1.5.2 date: 2022-04-12 changes: - Unlink symlinks when copy destination is a symlink. v1.5.1 date: 2022-04-11 changes: - Fixed symlink destination handling. v1.5.0 date: 2022-04-10 changes: - Updated dependencies. - Add symlink handling for copying files. v1.4.1 date: 2021-05-24 changes: - Fix --preload option to be a known option - Switch to GitHub Actions v1.4.0 date: 2021-04-21 changes: - Security fixes in production and dev dependencies - Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: gulpjs/liftoff@e7a969d. v1.3.0 date: 2020-08-18 changes: - Switch to use safeLoad for loading YML files via file.readYAML. - Upgrade legacy-log to ~3.0.0. - Upgrade legacy-util to ~2.0.0. v1.2.1 date: 2020-07-07 changes: - Remove path-is-absolute dependency. (PR: gruntjs/grunt#1715) v1.2.0 date: 2020-07-03 changes: - Allow usage of grunt plugins that are located in any location that is visible to Node.js and NPM, instead of node_modules directly inside package that have a dev dependency to these plugins. (PR: gruntjs/grunt#1677) - Removed coffeescript from dependencies. To ease transition, if coffeescript is still around, Grunt will attempt to load it. If it is not, and the user loads a CoffeeScript file, Grunt will print a useful error indicating that the coffeescript package should be installed as a dev dependency.

... (truncated)

Commits

Updates async from 1.5.2 to 2.6.0

Release notes

Sourced from async's releases.

v2.3.0

  • Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#1386, #1390)

v2.2.0

  • Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#1364)
  • Fixed transform bug when callback was not passed (#1381)

v2.1.5

  • Fix auto bug when function names collided with Array.prototype (#1358)
  • Improve some error messages (#1349)
  • Avoid stack overflow case in queue
  • Fixed an issue in some, every and find where processing would continue after the result was determined.
  • Cleanup implementations of some, every and find

v2.1.3

  • Make bundle size smaller
  • Create optimized hotpath for filter in array case.

v2.1.2

  • Fixed a stackoverflow bug with detect, some, every on large inputs (#1293).

v2.1.0

  • retry and retryable now support an optional errorFilter function that determines if the task should retry on the error (#1256, #1261)
  • Optimized array iteration in race, cargo, queue, and priorityQueue (#1253)

v2.0.0

Lots of changes here!

First and foremost, we have a slick new site for docs. Special thanks to @​hargasinski for his work converting our old docs to jsdoc format and implementing the new website. Also huge ups to @​ivanseidel for designing our new logo. It was a long process for both of these tasks, but I think these changes turned out extraordinary well.

The biggest feature is modularization. You can now require("async/series") to only require the series function. Every Async library function is available this way. You still can require("async") to require the entire library, like you could do before.

We also provide Async as a collection of ES2015 modules. You can now import {each} from 'async-es' or import waterfall from 'async-es/waterfall'. If you are using only a few Async functions, and are using a ES bundler such as Rollup, this can significantly lower your build size.

Major thanks to @​Kikobeats, @​aearly and @​megawac for doing the majority of the modularization work, as well as @​jdalton and @​Rich-Harris for advisory work on the general modularization strategy.

Another one of the general themes of the 2.0 release is standardization of what an "async" function is. We are now more strictly following the node-style continuation passing style. That is, an async function is a function that:

  1. Takes a variable number of arguments
  2. The last argument is always a callback
  3. The callback can accept any number of arguments
  4. The first argument passed to the callback will be treated as an error result, if the argument is truthy
  5. Any number of result arguments can be passed after the "error" argument
  6. The callback is called once and exactly once, either on the same tick or later tick of the JavaScript event loop.

There were several cases where Async accepted some functions that did not strictly have these properties, most notably auto, every, some, and filter.

Another theme is performance. We have eliminated internal deferrals in all cases where they make sense. For example, in waterfall and auto, there was a setImmediate between each task -- these deferrals have been removed. A setImmediate call can add up to 1ms of delay. This might not seem like a lot, but it can add up if you are using many Async functions in the course of processing a HTTP request, for example. Nearly all asynchronous functions that do I/O already have some sort of deferral built in, so the extra deferral is unnecessary. The trade-off of this change is removing our built-in stack-overflow defense. Many synchronous callback calls in series can quickly overflow the JS call stack. If you do have a function that is sometimes synchronous (calling its callback on the same tick), and are running into stack overflows, wrap it with async.ensureAsync().

Another big performance win has been re-implementing queue, cargo, and priorityQueue with doubly linked lists instead of arrays. This has lead to queues being an order of magnitude faster on large sets of tasks.

... (truncated)

Changelog

Sourced from async's changelog.

v2.6.0

  • Added missing aliases for many methods. Previously, you could not (e.g.) require('async/find') or use async.anyLimit. (#1483)
  • Improved queue performance. (#1448, #1454)
  • Add missing sourcemap (#1452, #1453)
  • Various doc updates (#1448, #1471, #1483)

v2.5.0

  • Added concatLimit, the Limit equivalent of concat (#1426, #1430)
  • concat improvements: it now preserves order, handles falsy values and the iteratee callback takes a variable number of arguments (#1437, #1436)
  • Fixed an issue in queue where there was a size discrepancy between workersList().length and running() (#1428, #1429)
  • Various doc fixes (#1422, #1424)

v2.4.1

  • Fixed a bug preventing functions wrapped with timeout() from being re-used. (#1418, #1419)

v2.4.0

  • Added tryEach, for running async functions in parallel, where you only expect one to succeed. (#1365, #687)
  • Improved performance, most notably in parallel and waterfall (#1395)
  • Added queue.remove(), for removing items in a queue (#1397, #1391)
  • Fixed using eval, preventing Async from running in pages with Content Security Policy (#1404, #1403)
  • Fixed errors thrown in an asyncifyed function's callback being caught by the underlying Promise (#1408)
  • Fixed timing of queue.empty() (#1367)
  • Various doc fixes (#1314, #1394, #1412)

v2.3.0

  • Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#1386, #1390)
  • Small doc fix (#1392)

v2.2.0

  • Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#1364)
  • Fixed transform bug when callback was not passed (#1381)
  • Added note about reflect to parallel docs (#1385)

v2.1.5

  • Fix auto bug when function names collided with Array.prototype (#1358)
  • Improve some error messages (#1349)
  • Avoid stack overflow case in queue
  • Fixed an issue in some, every and find where processing would continue after the result was determined.
  • Cleanup implementations of some, every and find

v2.1.3

  • Make bundle size smaller
  • Create optimized hotpath for filter in array case.

v2.1.2

  • Fixed a stackoverflow bug with detect, some, every on large inputs (#1293).

v2.1.0

  • retry and retryable now support an optional errorFilter function that determines if the task should retry on the error (#1256, #1261)

... (truncated)

Commits

Updates extend from 3.0.1 to 3.0.2

Changelog

Sourced from extend's changelog.

3.0.2 / 2018-07-19

  • [Fix] Prevent merging __proto__ property (#48)
  • [Dev Deps] update eslint, @ljharb/eslint-config, tape
  • [Tests] up to node v10.7, v9.11, v8.11, v7.10, v6.14, v4.9; use nvm install-latest-npm
Commits
  • 8d106d2 v3.0.2
  • e97091f [Dev Deps] update tape
  • e841aac [Tests] up to node v10.7
  • 0e68e71 [Fix] Prevent merging proto property
  • a689700 Only apps should have lockfiles
  • f13c1c4 [Dev Deps] update eslint, @ljharb/eslint-config, tape
  • f3570fe [Tests] up to node v10.0, v9.11, v8.11, v7.10, v6.14, v4.9; use...
  • See full diff in compare view

Updates getobject from 0.1.0 to 1.0.2

Release notes

Sourced from getobject's releases.

v1.0.2

  • Merge pull request #8 from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7 6f86cf7
  • Bump path-parse from 1.0.6 to 1.0.7 6e79841

cowboy/node-getobject@v1.0.1...v1.0.2

v1.0.1

  • Update deps 141e3a5
  • Merge pull request #7 from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9 c97cf3e
  • Bump hosted-git-info from 2.8.8 to 2.8.9 201e91b
  • Update dev deps 5ffb873

cowboy/node-getobject@v1.0.0...v1.0.1

v1.0.0

No release notes provided.

Commits
Maintainer changes

This version was pushed to npm by vladikoff, a new releaser for getobject since your current version.


Updates hosted-git-info from 2.6.0 to 2.8.9

Changelog

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

2.8.8 (2020-02-29)

Bug Fixes

  • #61 & #65 addressing issues w/ url.URL implmentation which regressed node 6 support (5038b18), closes #66

2.8.7 (2020-02-26)

Bug Fixes

  • Do not attempt to use url.URL when unavailable (2d0bb66), closes #61 #62
  • Do not pass scp-style URLs to the WhatWG url.URL (f2cdfcf), closes #60

2.8.6 (2020-02-25)

2.8.5 (2019-10-07)

Bug Fixes

  • updated pathmatch for gitlab (e8325b5), closes #51
  • updated pathmatch for gitlab (ffe056f)

2.8.4 (2019-08-12)

... (truncated)

Commits
  • 8d4b369 chore(release): 2.8.9
  • 29adfe5 fix: backport regex fix from #76
  • afeaefd chore(release): 2.8.8
  • 5038b18 fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...
  • 7440afa chore(release): 2.8.7
  • 2d0bb66 fix: Do not attempt to use url.URL when unavailable
  • f2cdfcf fix: Do not pass scp-style URLs to the WhatWG url.URL
  • e1b83df chore(release): 2.8.6
  • ff259a6 Ensure passwords in hosted Git URLs are correctly escaped
  • 624fd6f chore(release): 2.8.5
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.


Updates js-yaml from 3.5.5 to 3.14.1

Changelog

Sourced from js-yaml's changelog.

[3.14.1] - 2020-12-07

Security

  • Fix possible code execution in (already unsafe) .load() (in &anchor).

[3.14.0] - 2020-05-22

Changed

  • Support safe/loadAll(input, options) variant of call.
  • CI: drop outdated nodejs versions.
  • Dev deps bump.

Fixed

  • Quote = in plain scalars #519.
  • Check the node type for !<?> tag in case user manually specifies it.
  • Verify that there are no null-bytes in input.
  • Fix wrong quote position when writing condensed flow, #526.

[3.13.1] - 2019-04-05

Security

  • Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

  • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

  • Fix noArrayIndent option for root level, #468.

[3.12.1] - 2019-01-05

Added

  • Added noArrayIndent option, #432.

[3.12.0] - 2018-06-02

Changed

  • Support arrow functions without a block statement, #421.

[3.11.0] - 2018-03-05

Added

  • Add arrow functions suport for !!js/function.

Fixed

  • Fix dump in bin/octal/hex formats for negative integers, #399.

... (truncated)

Commits
  • 37caaad 3.14.1 released
  • 094c0f7 dist rebuild
  • 9586ebe Avoid calling hasOwnProperty of user-controlled objects
  • 34e5072 3.14.0 released
  • 7b25c83 Browser files rebuild
  • 6f73473 Dev deps bump
  • 0c29349 Travis-CI: drop old nodejs versions
  • 10be97e fix(loader): Add support for safe/loadAll(input, options)
  • d6983dd Fix issue #526: wrong quote position writing condensed flow (#527)
  • 93fbf7d fix issue 526 (wrong quote position writing condensed flow)
  • Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.0.8

Commits

Updates qs from 6.4.0 to 6.4.1

Changelog

Sourced from qs's changelog.

6.4.1

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
  • [Fix] use safer-buffer instead of Buffer constructor
  • [Fix] utils.merge: avoid a crash with a null target and an array source
  • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
  • [Fix] when parseArrays is false, properly handle keys ending in []
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [Refactor] use cached Array.isArray
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] Clarify the need for "arrayLimit" option
  • [meta] fix README.md (#399)
  • [meta] Clean up license text so it’s properly detected as BSD-3-Clause
  • [meta] add FUNDING.yml
  • [actions] backport actions from main
  • [Tests] remove nonexistent tape option
  • [Dev Deps] backport from main
Commits
  • 486aa46 v6.4.1
  • 727ef5d [Fix] parse: ignore __proto__ keys (#428)
  • cd1874e [Robustness] stringify: avoid relying on a global undefined (#427)
  • 45e987c [readme] remove travis badge; add github actions/codecov badges; update URLs
  • 90a3bce [meta] fix README.md (#399)
  • 9566d25 [Fix] fix for an impossible situation: when the formatter is called with a no...
  • 74227ef Clean up license text so it’s properly detected as BSD-3-Clause
  • 35dfb22 [actions] backport actions from main
  • 7d4670f [Dev Deps] backport from main
  • 0485440 [Fix] use safer-buffer instead of Buffer constructor
  • Additional commits viewable in compare view

Updates semver from 5.5.0 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates stringstream from 0.0.5 to 0.0.6

Commits

Updates underscore.string from 3.2.3 to 3.3.6

Changelog

Sourced from underscore.string's changelog.

3.3.6

  • Rebuild all assets for the release packages

3.3.5

3.3.4

  • set standalone in browserify s

3.3.1 / 3.3.2 / 3.3.3

  • fix release script

3.3.0

  • sprintf and vsprintf is now marked as deprecated #479
  • wrap is added to exports #489
  • new build chain without gulp
  • Full changelog
Commits
Maintainer changes

This version was pushed to npm by esamatti, a new releaser for underscore.string since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 11 updates
604756d 
Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [grunt](https://github.com/gruntjs/grunt) | `1.0.2` | `1.5.3` |
| [extend](https://github.com/justmoon/node-extend) | `3.0.1` | `3.0.2` |
| [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.6.0` | `2.8.9` |
| [qs](https://github.com/ljharb/qs) | `6.4.0` | `6.4.1` |
| [semver](https://github.com/npm/node-semver) | `5.5.0` | `5.7.2` |
| [stringstream](https://github.com/mhart/StringStream) | `0.0.5` | `0.0.6` |



Updates `grunt` from 1.0.2 to 1.5.3
- [Release notes](https://github.com/gruntjs/grunt/releases)
- [Changelog](https://github.com/gruntjs/grunt/blob/main/CHANGELOG)
- [Commits](gruntjs/grunt@v1.0.2...v1.5.3)

Updates `async` from 1.5.2 to 2.6.0
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v1.5.2...v2.6.0)

Updates `extend` from 3.0.1 to 3.0.2
- [Changelog](https://github.com/justmoon/node-extend/blob/main/CHANGELOG.md)
- [Commits](justmoon/node-extend@v3.0.1...v3.0.2)

Updates `getobject` from 0.1.0 to 1.0.2
- [Release notes](https://github.com/cowboy/node-getobject/releases)
- [Commits](cowboy/node-getobject@v0.1.0...v1.0.2)

Updates `hosted-git-info` from 2.6.0 to 2.8.9
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](npm/hosted-git-info@v2.6.0...v2.8.9)

Updates `js-yaml` from 3.5.5 to 3.14.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.5.5...3.14.1)

Updates `minimatch` from 3.0.4 to 3.0.8
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.0.8)

Updates `qs` from 6.4.0 to 6.4.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.4.0...v6.4.1)

Updates `semver` from 5.5.0 to 5.7.2
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](npm/node-semver@v5.5.0...v5.7.2)

Updates `stringstream` from 0.0.5 to 0.0.6
- [Commits](mhart/StringStream@v0.0.5...v0.0.6)

Updates `underscore.string` from 3.2.3 to 3.3.6
- [Release notes](https://github.com/epeli/underscore.string/releases)
- [Changelog](https://github.com/esamattis/underscore.string/blob/master/CHANGELOG.markdown)
- [Commits](esamattis/underscore.string@3.2.3...3.3.6)

---
updated-dependencies:
- dependency-name: grunt
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: extend
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: getobject
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: hosted-git-info
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: stringstream
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: underscore.string
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 19, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants