lighthouse-keeper

lighthouse-keeper copied to clipboard

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.0 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...

dependabot[bot]

Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.3 to 0.4.4. Release notes Sourced from jpeg-js's releases. v0.4.4 v0.4.4 (2022-06-07) feat: add comment tag encoding (#87) (13e1ffa), closes #87 fix: validate sampling factors (#106) (9ccd35f),...

dependabot[bot]

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Bumps [node-sass](https://github.com/sass/node-sass) from 4.12.0 to 7.0.0. Release notes Sourced from node-sass's releases. v7.0.0 Breaking changes Drop support for Node 15 (@​nschonni) Set rejectUnauthorized to true by default (@​scott-ut, #3149) Features...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [dot-prop](https://github.com/sindresorhus/dot-prop) from 4.2.0 to 4.2.1. Release notes Sourced from dot-prop's releases. v4.2.1 Backport https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 to the v4.x release line. Commits c914124 feat: patch 4.2.0 with fixes for CVE-2020-8116 See...

dependabot[bot]

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...

dependabot[bot]

Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.2 to 1.24.10. Release notes Sourced from grpc's releases. Node gRPC 1.24.10 Make callback function check properly handle async functions (#1786 contributed by @​amje) Node gRPC v1.24.7...

dependabot[bot]