react-typekit

react-typekit copied to clipboard

Bumps [qs](https://github.com/ljharb/qs) from 6.4.0 to 6.4.1. Changelog Sourced from qs's changelog. 6.4.1 [Fix] parse: ignore __proto__ keys (#428) [Fix] fix for an impossible situation: when the formatter is called with...

dependabot[bot]

Bumps [css-what](https://github.com/fb55/css-what) from 2.1.0 to 2.1.3. Commits 2db00ca 2.1.3 dc51092 fix(css-selectors): extend regex to include superscript in range, fix #27 (#28) a5f1991 Test on node LTS b2a2117 2.1.2 e9ef3f1 Run...

dependabot[bot]

Bumps [jsdom](https://github.com/jsdom/jsdom) from 11.0.0 to 16.5.0. Release notes Sourced from jsdom's releases. Version 16.5.0 Added window.queueMicrotask(). Added window.event. Added inputEvent.inputType. (diegohaz) Removed ondragexit from Window and friends, per a spec...

dependabot[bot]

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.12 to 0.7.31. Commits 97f3368 Bump version 0.7.31 b86860e Merge pull request #546 from hansott/master 157af1e Merge pull request #547 from sunny-mwx/patch-1 b4cfe1b Merge pull request #535...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. Commits 523c5c7 2.2.2 7ecef07 Bump fstream to fix hardlink overwriting vulnerability 9fc84b9 Use {} for hardlink tracking instead of [] 15e59f1 Only track previously...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.4.2 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [ini](https://github.com/isaacs/ini) from 1.3.4 to 1.3.7. Commits c74c8af 1.3.7 024b8b5 update deps, add linting 032fbaf Use Object.create(null) to avoid default object property hazards 2da9039 1.3.6 cfea636 better git push script,...

dependabot[bot]

Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.0 to 4.6.2. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]