path-loader
path-loader copied to clipboard
Bump minimist and gulp-mocha
Bumps minimist to 1.2.6 and updates ancestor dependency gulp-mocha. These dependencies need to be updated together.
Updates minimist
from 0.0.8 to 1.2.6
Changelog
Sourced from minimist's changelog.
v1.2.6 - 2022-03-21
Commits
- test from prototype pollution PR
bc8ecee
- isConstructorOrProto adapted from PR
c2b9819
- security notice for additional prototype pollution issue
ef88b93
v1.2.5 - 2020-03-12
v1.2.4 - 2020-03-11
Commits
v1.2.3 - 2020-03-10
Commits
- more failing proto pollution tests
13c01a5
- even more aggressive checks for protocol pollution
38a4d1c
v1.2.2 - 2020-03-10
Commits
- failing test for protocol pollution
0efed03
- cleanup
67d3722
- console.dir -> console.log
47acf72
- don't assign onto proto
63e7ed0
v1.2.1 - 2020-03-10
Merged
- move the
opts['--']
example back where it belongs[#63](https://github.com/minimistjs/minimist/issues/63)
Commits
v1.2.0 - 2015-08-24
Commits
... (truncated)
Commits
7efb22a
1.2.6ef88b93
security notice for additional prototype pollution issuec2b9819
isConstructorOrProto adapted from PRbc8ecee
test from prototype pollution PRaeb3e27
1.2.5278677b
1.2.44cf1354
security notice1043d21
additional test for constructor prototype pollution6457d74
1.2.338a4d1c
even more aggressive checks for protocol pollution- Additional commits viewable in compare view
Updates gulp-mocha
from 3.0.1 to 8.0.0
Release notes
Sourced from gulp-mocha's releases.
v8.0.0
Breaking
- Require Node.js 10
- Upgrade to Mocha 8 4fa531f
https://github.com/sindresorhus/gulp-mocha/compare/v7.0.2...v8.0.0
v7.0.2
- Make Gulp an optional peer dependency 8e452db
https://github.com/sindresorhus/gulp-mocha/compare/v7.0.1...v7.0.2
v7.0.1
- Fix regressions in v7 (#197) f60a346
https://github.com/sindresorhus/gulp-mocha/compare/v7.0.0...v7.0.1
v7.0.0
Breaking:
- Update Mocha (release notes) 4924437
- Require Node.js 8 and Gulp 4 4924437
https://github.com/sindresorhus/gulp-mocha/compare/v6.0.0...v7.0.0
4.0.0
- Drop support for Node.js 0.12 and 0.10.
- Now spawns the
mocha
binary instead using its broken programmatic API. This means you can use any of themocha
CLI flags (in a camelCased form). This should also fix most of the issues people have been having with this task. Thanks to@shellscape
for doing most of the work.If you were using Babel with
babel-register
in your gulpfile, you now need to use the Mochacompilers
option instead:{compilers: 'js:babel-core/register'}
. See https://babeljs.io/docs/setup/#installation
Commits
2f0b810
8.0.04fa531f
Require Node.js 10 and upgrade Mocha93e1cbc
Move to GitHub Actions (#201)94af2ed
Remove message from readme (#198)6ab007b
7.0.28e452db
Make Gulp an optional peer dependencya939d38
7.0.1f60a346
Fix regressions in v7 (#197)c1e272e
7.0.04924437
Update Mocha and require Node.js and Gulp 4- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.