norrisbot
norrisbot copied to clipboard
lmammino
a Slack bot that kicks asses (roundhouse-kicks to be accurate...)
Bumps [codecov](https://github.com/codecov/codecov-node) from 2.1.0 to 3.8.3. Release notes Sourced from codecov's releases. v3.8.3 Fixes #329 fix: Test if response has two lines Dependencies #306 Bump eslint-config-prettier from 7.2.0 to 8.3.0...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project. #### Changes included in this PR - Changes to the following...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.  #### Changes included in this PR - Changes to...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. Commits 523c5c7 2.2.2 7ecef07 Bump fstream to fix hardlink overwriting vulnerability 9fc84b9 Use {} for hardlink tracking instead of [] 15e59f1 Only track previously...
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project. #### Changes included in this PR - Changes to the following...
Bumps [merge](https://github.com/yeikos/js.merge) from 1.2.0 to 1.2.1. Commits b31e67f link broken 6ad6035 Fix prototype pollution See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.4.2 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.4 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...