component-compiler-utils
component-compiler-utils copied to clipboard
vuejs
Lower level utilities for compiling Vue single file components
Please consider updating postcss to a version >= 8.2.13 since versions below are affected by Regular Expression Denial of Service. See https://github.com/advisories/GHSA-566m-qj78-rww5 for more information.
Our corporate compliance people have objections to us using projects without a full license text. It would be helpful if a license file could get added to this repo.
Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines) from 1.0.1 to 1.0.3. Commits c3b28d3 1.0.3 6226c95 Merge pull request #4 from Trott/fix-it-again c77691d fix: remediate ReDOS further 76ca93c chore: pin mocha to version that works with...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
component-compiler-utils has a direct dependency of `postcss@7`. It's been more than a year since `postcss@8` first stable release, so let's migrate it! ### Why? First of all the `postcss` plugin...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
[String.prototype.substr()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) is deprecated so we replace it with [String.prototype.slice()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/slice) which works similarily but isn't deprecated. .substr() probably isn't going away anytime soon but the change is trivial so it doesn't...
Specifying a different transpiler than the current `vue-template-es2015-compiler` would add the ability for code inside the templates to be processed the same (or a similar) way to the code from...
Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.4 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. Commits 70668a4 0.8.5 d919d22 fix(exec): lockdown file permissions (#1060)...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...