pythonVSCode

pythonVSCode copied to clipboard

This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of...

DonJayamanne

Bump mheap/github-action-required-labels from 3 to 5

1

Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels) from 3 to 5. Release notes Sourced from mheap/github-action-required-labels's releases. v5 Tag that always points to the latest commit in the v5.x.x series of releases v5.0.0 What's Changed...

dependabot[bot]

Bump brettcannon/check-for-changed-files from 1.1.0 to 1.1.1

1

Bumps [brettcannon/check-for-changed-files](https://github.com/brettcannon/check-for-changed-files) from 1.1.0 to 1.1.1. Release notes Sourced from brettcannon/check-for-changed-files's releases. v1.1.1 What's Changed Update to Node 16 by @​brettcannon in brettcannon/check-for-changed-files#81 Full Changelog: https://github.com/brettcannon/check-for-changed-files/compare/v1...v1.1.1 Commits c76b104 Update to...

dependabot[bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. #### Changes included in this PR - Changes to the following...

snyk-bot

Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.23 to 0.5.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of...

DonJayamanne

Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.2 to 39.0.1. Changelog Sourced from cryptography's changelog. 39.0.1 - 2023-02-07 * **SECURITY ISSUE** - Fixed a bug where ``Cipher.update_into`` accepted Python buffer protocol objects, but allowed...

dependabot[bot]

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...

dependabot[bot]

Bumps [json5](https://github.com/json5/json5) and [json5](https://github.com/json5/json5). These dependencies needed to be updated together. Updates `json5` from 2.1.0 to 2.2.3 Release notes Sourced from json5's releases. v2.2.3 Fix: [email protected] is now the 'latest'...

dependabot[bot]

Bumps [wheel](https://github.com/pypa/wheel) from 0.37.1 to 0.38.1. Changelog Sourced from wheel's changelog. Release Notes UNRELEASED Updated vendored packaging to 22.0 0.38.4 (2022-11-09) Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values...

dependabot[bot]