vue-guidebook
vue-guidebook copied to clipboard
chore(deps): bump json5 and umi
Bumps json5 and umi. These dependencies needed to be updated together.
Updates json5
from 2.2.0 to 2.2.3
Release notes
Sourced from json5's releases.
v2.2.3
- Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
- Fix: Properties with the name
__proto__
are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).v2.2.1
- Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Changelog
Sourced from json5's changelog.
v2.2.3 [code, diff]
- Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2 [code, diff]
- Fix: Properties with the name
__proto__
are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).v2.2.1 [code, diff]
- Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readme- Additional commits viewable in compare view
Updates umi
from 3.5.17 to 3.5.36
Release notes
Sourced from umi's releases.
v3.5.36
- fix(bundler-webpack): compatibility of extraBabelIncludes config (#8811) e7e2688a0
https://github.com/umijs/umi/compare/v3.5.35...v3.5.36
v3.5.35
- feat(umi): export deps that bigfish depend on (#9584) 47cbe0963
- feat(preset-built-in): add env to disable app runtime plugin (#9579) fa3f62a00
- dep(bundler-webpack): bump terser to 5.14.2 (#9242) 2636ef266
- dep(preset-built-in): bump ansi-html to ^0.0.8 (#9223) 7e79dfd38
- dep(preset-built-in): bump mime to 1.4.1 (#9209) 006fe5929
https://github.com/umijs/umi/compare/v3.5.34...v3.5.35
v3.5.34
- fix(server): keep origin by default in proxy (#9193) 4fdf4782c
https://github.com/umijs/umi/compare/v3.5.33...v3.5.34
v3.5.33
- fix(preset-built-in): babel warn from mfsu (#8949) 2fa6b5d34
- fix(server): 处理用户传入的自定义 proxyReq 回调 (#8874) 9cd06d848
- fix(server): remove dev server backlog limit (#8861) 597ac1378
- fix(server): proxy throw error 403 (#8828) 8cdb9bc69
https://github.com/umijs/umi/compare/v3.5.32...v3.5.33
v3.5.32
What's Changed
- fix(utils): utils resolve wrong babel preset when dev umijs/umi#8826
Full Changelog: https://github.com/umijs/umi/compare/v3.5.31...v3.5.32
v3.5.31
What's Changed
Full Changelog: https://github.com/umijs/umi/compare/v3.5.30...v3.5.31
v3.5.30
What's Changed
- Revert "fix(bundler-webpack): 修复 extraBabelIncludes 不能支持 htmlparser2 特例的问题" by
@sorrycc
in umijs/umi#8536Full Changelog: https://github.com/umijs/umi/compare/v3.5.29...v3.5.30
v3.5.29
What's Changed
... (truncated)
Commits
1b65df0
release: v3.5.36e7e2688
fix(bundler-webpack): compatibility of extraBabelIncludes config (#8811)1170355
release: v3.5.3547cbe09
feat(umi): export deps that bigfish depend on (#9584)fa3f62a
feat(preset-built-in): add env to disable app runtime plugin (#9579)93c73ef
chore: upgrade package.json (#9274)2636ef2
dep: bump terser to 5.14.2 (#9242)7e79dfd
fix: bump ansi-html to ^0.0.8 (#9223)006fe59
Update package.json (#9209)18d5f3f
release: v3.5.34- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by peachscript, a new releaser for umi since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.