systemjs-riot

systemjs-riot copied to clipboard

Bump eslint from 4.19.1 to 7.32.0

1

Bumps [eslint](https://github.com/eslint/eslint) from 4.19.1 to 7.32.0. Release notes Sourced from eslint's releases. v7.32.0 3c78a7b Chore: Adopt eslint-plugin/prefer-message-ids rule internally (#14841) (Bryan Mishkin) faecf56 Update: change reporting location for curly rule...

dependabot-preview[bot]

[Security] Bump tar from 4.4.1 to 4.4.15

1

Bumps [tar](https://github.com/npm/node-tar) from 4.4.1 to 4.4.15. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. High severity vulnerability that affects tar A vulnerability was found...

dependabot-preview[bot]

Bump mocha from 5.2.0 to 9.0.3

1

Bumps [mocha](https://github.com/mochajs/mocha) from 5.2.0 to 9.0.3. Release notes Sourced from mocha's releases. v9.0.3 9.0.3 / 2021-07-25 :bug: Fixes #4702: Error rethrow from cwd-relative path while loading .mocharc.js (@​kirill-golovan) #4688: Usage...

dependabot-preview[bot]

Upgrade to GitHub-native Dependabot

2

_Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then._ Dependabot has...

dependabot-preview[bot]

[Security] Bump serve from 9.6.0 to 10.1.2

1

Bumps [serve](https://github.com/vercel/serve) from 9.6.0 to 10.1.2. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Path Traversal in serve Versions of serve prior to 10.1.2...

dependabot-preview[bot]

[Security] Bump lodash from 4.17.10 to 4.17.21

1

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.10 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Critical severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge,...

dependabot-preview[bot]

[Security] Bump ini from 1.3.5 to 1.3.8

1

Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The ini npm package before version...

dependabot-preview[bot]

[Security] Bump js-yaml from 3.12.0 to 3.14.1

1

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.14.1. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Denial of Service in js-yaml Versions of js-yaml prior to...

dependabot-preview[bot]

Bumps [bl](https://github.com/rvagg/bl) from 1.2.2 to 1.2.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Remote Memory Exposure in bl A buffer over-read vulnerability...

dependabot-preview[bot]

Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 8.2.5 to 10.1.0. Release notes Sourced from babel-eslint's releases. v10.0.3 Fixes babel/babel-eslint#791, also eslint/eslint#12117 Some context: babel/babel-eslint#793 We ended up going with @JLHwung's PR babel/babel-eslint#794 which uses...

dependabot-preview[bot]