dawn
dawn copied to clipboard
alibaba
:sunrise: Dawn is a lightweight task management and build tool for front-end and nodejs.
Bumps [terser](https://github.com/terser/terser) from 5.7.0 to 5.14.2. Changelog Sourced from terser's changelog. v5.14.2 Security fix for RegExps that should not be evaluated (regexp DDOS) Source maps improvements (#1211) Performance improvements in...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
Bumps [react-dev-utils](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-dev-utils) from 5.0.3 to 11.0.4. Changelog Sourced from react-dev-utils's changelog. 2.0.3 and Newer Versions Please refer to CHANGELOG-2.x.md for the 2.x range, and https://github.com/facebook/create-react-app/blob/master/CHANGELOG.md for the newer versions. 1.1.5...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...
Bumps [nth-check](https://github.com/fb55/nth-check) from 2.0.0 to 2.0.1. Release notes Sourced from nth-check's releases. v2.0.1 Fixes: Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d Ensures parsing will always have linear time...
Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.4 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. Commits 70668a4 0.8.5 d919d22 fix(exec): lockdown file permissions (#1060)...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.5 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.23 to 3.3.1. Changelog Sourced from nanoid's changelog. 3.3.1 Reduced package size. 3.3 Added size argument to function from customAlphabet (by Stefan Sundin). 3.2 Added --size and...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...