vue-videojs7

vue-videojs7 copied to clipboard

Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...

dependabot[bot]

Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.6.1 to 1.7.3. Release notes Sourced from shell-quote's releases. v1.7.2 Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2) v1.7.1 Fix $...

dependabot[bot]

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) Commits aa7a408 1.1.1...

dependabot[bot]

Bumps [async](https://github.com/caolan/async) from 2.6.1 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...

dependabot[bot]

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.3 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.13.3 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...

dependabot[bot]

Bumps [video.js](https://github.com/videojs/video.js) from 7.11.8 to 7.14.3. Release notes Sourced from video.js's releases. v7.14.3 7.14.3 (2021-07-26) Bug Fixes don't add anchor to DOM for getAbsoluteURL (#7336) (b483a76) remove IE8 url parsing...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. Release notes Sourced from ws's releases. 5.2.3 Bug fixes Backported 00c425ec to the 5.x release line (76d47c14). Commits 6dd88e7 [dist] 5.2.3 76d47c1 [security] Fix...

dependabot[bot]