rako
rako copied to clipboard
Coooooooola
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. Commits 754f0c2 1.3.2 90ee1fa ensure keys are valid when mixing in values See full diff in compare view Maintainer changes This version was pushed...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.13.1. Changelog *Sourced from [js-yaml's changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md).* > 3.13.1 / 2019-04-05 > ------------------- > > - Fix possible code execution in (already unsafe) `.load()`, [#480](https://github-redirect.dependabot.com/nodeca/js-yaml/issues/480). >...
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. Commits 6370e90 Mark version 5.7.4 fbc15b1 More rigorously check surrogate pairs in regexp validator See full diff in compare view [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...