bloom
bloom copied to clipboard
kinglisky
写一些 5 毛
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.20 to 3.2.0. Changelog Sourced from nanoid's changelog. Change Log This project adheres to Semantic Versioning. 3.2 Added --size and --alphabet arguments to binary (by Vitaly Baev)....
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.35 to 7.0.36. Release notes Sourced from postcss's releases. 7.0.36 Backport ReDoS vulnerabilities from PostCSS 8. Changelog Sourced from postcss's changelog. 7.0.36 Backport ReDoS vulnerabilities from PostCSS...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. Release notes Sourced from glob-parent's releases. v5.1.2 Bug Fixes eliminate ReDoS (#36) (f923116) Changelog Sourced from glob-parent's changelog. 5.1.2 (2021-03-06) Bug Fixes eliminate ReDoS...
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.0 to 4.16.6. Changelog Sourced from browserslist's changelog. 4.16.6 Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman). 4.16.5 Fixed unsafe RegExp (by Yeting Li). 4.16.4 Fixed unsafe...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...