GGHexo
GGHexo copied to clipboard
SwiftGGTeam
打造国内第一 Swift 译文站
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.0.4 and updates ancestor dependency [hexo-renderer-stylus](https://github.com/hexojs/hexo-renderer-stylus). These dependencies need to be updated together. Updates `minimatch` from 0.3.0 to 3.0.4 Commits e46989a v3.0.4 ddfacbd update brace-expansion 55ed736 update...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [moment-timezone](https://github.com/moment/moment-timezone) from 0.5.25 to 0.5.37. Release notes Sourced from moment-timezone's releases. 0.5.34 Updated data to IANA TZDB 2021e Release 0.5.33 Updated data to IANA TZDB 2021a Release 0.5.32 Updated...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.5 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...
Bumps [axios](https://github.com/axios/axios) from 0.18.1 to 0.21.1. Release notes Sourced from axios's releases. v0.21.1 0.21.1 (December 21, 2020) Fixes and Functionality: Hotfix: Prevent SSRF (#3410) Protocol not parsed when setting proxy...
Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.1 to 4.6.2. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. Commits 754f0c2 1.3.2 90ee1fa ensure keys are valid when mixing in values See full diff in compare view Maintainer changes This version was pushed...
Bumps [ejs](https://github.com/mde/ejs) to 3.1.9 and updates ancestor dependency [hexo-renderer-ejs](https://github.com/hexojs/hexo-renderer-ejs). These dependencies need to be updated together. Updates `ejs` from 1.0.0 to 3.1.9 Release notes Sourced from ejs's releases. v3.1.9 Version...