restore
restore copied to clipboard
floating
A predictable & observable state container for React apps
Bumps [jsdom](https://github.com/jsdom/jsdom) from 16.4.0 to 16.7.0. Release notes Sourced from jsdom's releases. Version 16.7.0 Added AbortSignal.abort(). (ninevra) Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.1 to 1.19.11. Release notes Sourced from urijs's releases. 1.19.11 (April 3rd 2022) SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.5.1 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [trim-newlines](https://github.com/sindresorhus/trim-newlines) from 3.0.0 to 3.0.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. Release notes Sourced from glob-parent's releases. v5.1.2 Bug Fixes eliminate ReDoS (#36) (f923116) Changelog Sourced from glob-parent's changelog. 5.1.2 (2021-03-06) Bug Fixes eliminate ReDoS...
Bumps [ws](https://github.com/websockets/ws) from 7.4.1 to 7.4.6. Release notes Sourced from ws's releases. 7.4.6 Bug fixes Fixed a ReDoS vulnerability (00c425ec). A specially crafted value of the Sec-Websocket-Protocol header could be...
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.16.3 to 4.16.6. Changelog Sourced from browserslist's changelog. 4.16.6 Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman). 4.16.5 Fixed unsafe RegExp (by Yeting Li). 4.16.4 Fixed unsafe...