openfonts
openfonts copied to clipboard
bedlaj
NPM packages for all graduated Google Fonts typefaces including non-english subsets.
Hi `bedlaj/openfonts`! This is a one-off automatically generated pull request from LGTM.com :robot:. You might have heard that we’ve integrated LGTM’s underlying CodeQL analysis engine natively into GitHub. The result...
![lgtm-com[bot] avatar](https://avatars.githubusercontent.com/in/17324?v=4 "lgtm-com[bot] avatar"){kind=avatar}
Bumps [thenify](https://github.com/thenables/thenify) from 3.3.0 to 3.3.1. Changelog Sourced from thenify's changelog. 3.3.1 / 2020-06-18 fixes [0d94a24] - fix: remove eval (#30) (Yiyu He ) Commits 1d054b4 Release 3.3.1 0d94a24 fix:...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...
Bumps [async](https://github.com/caolan/async) from 3.2.0 to 3.2.2. Changelog Sourced from async's changelog. v3.2.2 Fix potential prototype pollution exploit v3.2.1 Use queueMicrotask if available to the environment (#1761) Minor perf improvement in...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.0 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@ChALkeR). Fix boolean schemas with strictKeywords...
Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.3 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. v0.8.4 Small patch release to fix a circular dependency...
Bumps [tar](https://github.com/npm/node-tar) from 4.4.13 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...