lux-widget
lux-widget copied to clipboard
lux-org
Jupyter Widget for Lux
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) Commits See full diff in compare...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [moment](https://github.com/moment/moment) from 2.29.1 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...
_Originally posted by @tomsing1 in https://github.com/lux-org/lux/issues/167#issuecomment-886130725_ On the VSCode widget , when the action tabs are clicked. VSCode is tries to open up a new page on the browser with...
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. Commits 64735d2 v4.1.1 75a657d Fix potential ReDoS (#37) See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this...
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.22 to 3.3.3. Changelog Sourced from nanoid's changelog. 3.3.3 Reduced size (by Anton Khlynovskiy). 3.3.2 Fixed enhanced-resolve support. 3.3.1 Reduced package size. 3.3 Added size argument to...
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.35 to 7.0.39. Release notes Sourced from postcss's releases. 7.0.39 Reduce package size. Backport nanocolors to picocolors migration. 7.0.38 Update Processor#version. 7.0.37 Backport chalk to nanocolors migration....
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...
Bumps [tar](https://github.com/npm/node-tar) from 6.1.0 to 6.1.11. Commits e573aee 6.1.11 edb8e9a fix: perf regression on hot string munging path a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache 24b8bda fix(test): use posix path...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...