waze-traffic

waze-traffic copied to clipboard

Bumps [qs](https://github.com/ljharb/qs) from 6.2.1 to 6.2.4. Changelog Sourced from qs's changelog. 6.2.4 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and an array...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Build(deps): [security] bump hosted-git-info from 2.1.5 to 2.8.9

1

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.1.5 to 2.8.9. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service in hosted-git-info The npm...

dependabot-preview[bot]

Build(deps): [security] bump y18n from 3.2.1 to 3.2.2

1

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...

dependabot-preview[bot]

Build(deps): [security] bump lodash from 4.17.15 to 4.17.21

1

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in lodash Versions of lodash prior to 4.17.19...

dependabot-preview[bot]

Build(deps): [security] bump handlebars from 4.4.3 to 4.7.7

1

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.4.3 to 4.7.7. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in handlebars Versions of handlebars prior to 3.0.8...

dependabot-preview[bot]

Build(deps): [security] bump axios from 0.18.1 to 0.21.1

1

Bumps [axios](https://github.com/axios/axios) from 0.18.1 to 0.21.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Server-Side Request Forgery in Axios Axios NPM package 0.21.0...

dependabot-preview[bot]

Build(deps): bump lodash from 4.17.15 to 4.17.19

4

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19. Release notes Sourced from lodash's releases. 4.17.16 Commits d7fbc52 Bump to v4.17.19 2e1c0f2 Add npm-package 1b6c282 Bump to v4.17.18 a370ac8 Bump to v4.17.17 1144918...

dependabot[bot]

Build(deps): [security] bump qs from 6.2.1 to 6.2.3

1

Bumps [qs](https://github.com/ljharb/qs) from 6.2.1 to 6.2.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. NPM qs is vulnerable to DoS the web framework...

dependabot-preview[bot]