dw-ui

dw-ui copied to clipboard

build(deps): bump path-parse from 1.0.6 to 1.0.7 in /storybook

1

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

build(deps): bump minimist from 1.2.5 to 1.2.6 in /storybook

1

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...

dependabot[bot]

build(deps): bump shelljs from 0.8.4 to 0.8.5 in /storybook

1

Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.4 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. Commits 70668a4 0.8.5 d919d22 fix(exec): lockdown file permissions (#1060)...

dependabot[bot]

build(deps): bump lodash from 4.17.20 to 4.17.21 in /storybook

1

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

build(deps): bump ws from 7.4.3 to 7.5.6 in /storybook

1

Bumps [ws](https://github.com/websockets/ws) from 7.4.3 to 7.5.6. Release notes Sourced from ws's releases. 7.5.6 Bug fixes Backported b8186dd1 to the 7.x release line (73dec34b). Backported ed2b8039 to the 7.x release line...

dependabot[bot]

build(deps): bump tmpl from 1.0.4 to 1.0.5 in /storybook

1

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

build(deps): bump tar from 6.1.0 to 6.1.11 in /storybook

1

Bumps [tar](https://github.com/npm/node-tar) from 6.1.0 to 6.1.11. Commits e573aee 6.1.11 edb8e9a fix: perf regression on hot string munging path a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache 24b8bda fix(test): use posix path...

dependabot[bot]

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.32 to 0.7.33. Changelog Sourced from ua-parser-js's changelog. Version 0.7.32 / 1.0.32 Add new browser : DuckDuckGo, Huawei Browser, LinkedIn Add new OS : HarmonyOS Add some...

dependabot[bot]

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.22 to 0.7.33. Changelog Sourced from ua-parser-js's changelog. Version 0.7.33 / 1.0.33 Add new browser : Cobalt Identify Macintosh as an Apple device Fix ReDoS vulnerability Version...

dependabot[bot]

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...

dependabot[bot]