GitHub-Trending

GitHub-Trending copied to clipboard

Bumps [express](https://github.com/expressjs/express) from 4.16.3 to 4.17.3. Release notes Sourced from express's releases. 4.17.3 deps: accepts@~1.3.8 deps: mime-types@~2.1.34 deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps: [email protected] deps:...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) to 6.5.3 and updates ancestor dependencies [qs](https://github.com/ljharb/qs), [body-parser](https://github.com/expressjs/body-parser) and [express](https://github.com/expressjs/express). These dependencies need to be updated together. Updates `qs` from 6.5.1 to 6.5.3 Changelog Sourced from qs's changelog....

dependabot[bot]

Bumps [css-what](https://github.com/fb55/css-what) from 2.1.0 to 2.1.3. Commits 2db00ca 2.1.3 dc51092 fix(css-selectors): extend regex to include superscript in range, fix #27 (#28) a5f1991 Test on node LTS b2a2117 2.1.2 e9ef3f1 Run...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.13 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

This change is [](https://reviewable.io/reviews/thedillonb/github-trending/15)

ghost

Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. Commits - [`fee31c5`](https://github.com/mhart/StringStream/commit/fee31c5c4a5efc7c7cc2fde4aee633dedefd6d67) 0.0.6 - [`2f4a9d4`](https://github.com/mhart/StringStream/commit/2f4a9d496f94b0880e01a26857aa266a5a3ef274) Merge pull request [#9](https://github-redirect.dependabot.com/mhart/StringStream/issues/9) from mhart/fix-buffer-constructor-vuln - [`afbc744`](https://github.com/mhart/StringStream/commit/afbc7442220358419e330618e47f3a65fc265b1b) Ensure data is not a number in Buffer constructor -...

dependabot[bot]

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.11.0 to 3.13.1. Changelog *Sourced from [js-yaml's changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md).* > 3.13.1 / 2019-04-05 > ------------------- > > - Fix possible code execution in (already unsafe) `.load()`, [#480](https://github-redirect.dependabot.com/nodeca/js-yaml/issues/480). >...

dependabot[bot]

Bumps [morgan](https://github.com/expressjs/morgan) from 1.9.0 to 1.9.1. Release notes *Sourced from [morgan's releases](https://github.com/expressjs/morgan/releases).* > ## 1.9.1 > * Fix using special characters in format > * deps: depd@~1.1.2 > - perf:...

dependabot[bot]

Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.1 to 3.0.2. Changelog *Sourced from [extend's changelog](https://github.com/justmoon/node-extend/blob/master/CHANGELOG.md).* > 3.0.2 / 2018-07-19 > ================== > * [Fix] Prevent merging `__proto__` property ([#48](https://github-redirect.dependabot.com/justmoon/node-extend/issues/48)) > * [Dev Deps] update...

dependabot[bot]