easy-sauce

easy-sauce copied to clipboard

Bumps [async](https://github.com/caolan/async) from 2.6.1 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR aeb3e27 1.2.5...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.5.5 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.10 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...

dependabot[bot]

Bumps [decompress-zip](https://github.com/bower/decompress-zip) from 0.3.1 to 0.3.2. Changelog Sourced from decompress-zip's changelog. 0.3.2 and 0.2.2 Fix Zip Slip Vulnerability: https://snyk.io/research/zip-slip-vulnerability 0.3.0 Enable file mode preservation 0.2.1 Update graceful-fs to 4.x Commits...

dependabot[bot]

Bumps [https-proxy-agent](https://github.com/TooTallNate/node-https-proxy-agent) from 2.2.1 to 2.2.4. Release notes Sourced from https-proxy-agent's releases. 2.2.4 Patches Add .editorconfig file: a0d4a20458498fc31e5721471bd2b655e992d44b Add .eslintrc.js file: eecea74a1db1c943eaa4f667a561fd47c33da897 Use a net.Socket instead of a plain EventEmitter...

dependabot[bot]

Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.1 to 5.7.4. Commits 6370e90 Mark version 5.7.4 fbc15b1 More rigorously check surrogate pairs in regexp validator 910e62b Mark version 5.7.3 3442a80 Make generate-identifier-regex capable of rewriting...

dependabot[bot]

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.13.1. Changelog *Sourced from [js-yaml's changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md).* > ## [3.13.1] - 2019-04-05 > ### Security > - Fix possible code execution in (already unsafe) `.load()`, [#480](https://github-redirect.dependabot.com/nodeca/js-yaml/issues/480)....

dependabot[bot]