graphql-binding-github

graphql-binding-github copied to clipboard

Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 2.1.1 to 3.1.5. Release notes Sourced from cross-fetch's releases. v3.1.5 What's Changed chore: updated node-fetch version to 2.6.7 by @​dlafreniere in lquixada/cross-fetch#124 New Contributors @​dlafreniere made their...

dependabot[bot]

Bumps [async](https://github.com/caolan/async) from 2.6.1 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...

dependabot[bot]

Bumps [object-path](https://github.com/mariocasciaro/object-path) from 0.11.4 to 0.11.8. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [tar](https://github.com/npm/node-tar) from 4.4.8 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.6.0 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.4 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...

dependabot[bot]

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...

dependabot[bot]

Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. Commits c74c8af 1.3.7 024b8b5 update deps, add linting 032fbaf Use Object.create(null) to avoid default object property hazards 2da9039 1.3.6 cfea636 better git push script,...

dependabot[bot]

Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. Commits fee31c5 0.0.6 2f4a9d4 Merge pull request #9 from mhart/fix-buffer-constructor-vuln afbc744 Ensure data is not a number in Buffer constructor See full diff in...

dependabot[bot]