granite-clipboard

granite-clipboard copied to clipboard

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Removes [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git). It's no longer used after updating ancestor dependency [lint-staged](https://github.com/okonet/lint-staged). These dependencies need to be updated together. Removes `simple-git` Updates `lint-staged` from 8.2.1 to 13.1.0 Release notes Sourced from...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [engine.io](https://github.com/socketio/engine.io) to 3.6.1 and updates ancestor dependency [@open-wc/testing-karma](https://github.com/open-wc/open-wc/tree/HEAD/packages/testing-karma). These dependencies need to be updated together. Updates `engine.io` from 3.2.1 to 3.6.1 Release notes Sourced from engine.io's releases. 3.6.1 :warning:...

dependabot[bot]

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 3.4.1 and updates ancestor dependency [@open-wc/testing-karma](https://github.com/open-wc/open-wc/tree/HEAD/packages/testing-karma). These dependencies need to be updated together. Updates `socket.io-parser` from 3.2.0 to 3.4.1 Release notes Sourced from socket.io-parser's releases. 3.4.1 Bug...

dependabot[bot]

Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...

dependabot[bot]

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...

dependabot[bot]

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.13.0 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...

dependabot[bot]