Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 12 updates #21

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 12 updates #21

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 26, 2024

Bumps the npm_and_yarn group with 12 updates in the /src/Presentation/Nop.Web directory:

Package From To
moment 2.29.4 2.30.0
tinymce 5.10.5 7.0.0
crypto-js 4.1.1 4.2.0
decode-uri-component 0.2.0 0.2.2
es5-ext 0.10.53 0.10.64
follow-redirects 1.15.1 1.15.6
jszip 3.7.1 3.10.1
minimatch 3.0.4 3.1.2
moment-timezone 0.5.34 0.5.45
word-wrap 1.2.3 1.2.5
yargs-parser 5.0.0-security.0 5.0.1
yargs 7.1.1 7.1.2

Updates moment from 2.29.4 to 2.30.0

Changelog

Sourced from moment's changelog.

2.30.0 Full changelog

  • Release Dec 26, 2023
Commits
  • ddd6809 Build 2.30.0
  • be64d00 Bump version to 2.30.0
  • ad41179 Update changelog for 2.30.0
  • 63fe479 [misc] Make code ES6 compatible
  • 0f0195f Revert "Merge pull request #5599 from Alanscut:issue_4985"
  • 15b82f5 Revert "Merge pull request #5597 from Alanscut:issue-5596"
  • 8dd12f6 Merge pull request #5607 from Alanscut:issue_5603
  • 6a80ca2 Do not re-create asMilliseconds for valueOf
  • cf4eee9 valueOf and asMilliseconds have the same function
  • 443d5de Merge pull request #5748 from rasidre:adjust-bs-locale
  • Additional commits viewable in compare view

Updates tinymce from 5.10.5 to 7.0.0

Changelog

Sourced from tinymce's changelog.

7.0.0 - 2024-03-20

Added

  • New license_key option that must be set to gpl or a valid license key. #TINY-10681
  • New custom tooltip functionality, tooltip will be shown when hovering with a mouse or with keyboard focus. #TINY-9275
  • New sandbox_iframes_exclusions option that holds a list of URL host names to be excluded from iframe sandboxing when sandbox_iframes is set to true. #TINY-10350
  • Added 'getAllEmojis' api function to the emoticons plugin. #TINY-10572
  • Element preset support for the valid_children option and Schema.addValidChildren API. #TINY-9979
  • A new trigger property for block text pattern configurations, allowing pattern activation with either Space or Enter keys. #TINY-10324
  • onFocus callback for CustomEditor dialog component. #TINY-10596
  • icons for the import from Word, export to Word and export to PDF premium plugins. #TINY-10612
  • data is now a valid element in the Schema. #TINY-10611
  • More advanced schema config for custom elements. #TINY-9980
  • Custom tooltip for autocompleter, now visible on both mouse hover and keyboard focus, except single column cases. #TINY-9638

Improved

  • Included keyboard shortcut in custom tooltip for ToolbarButton and ToolbarToggleButton. #TINY-10487
  • Improved showing which element has focus for keyboard navigation. #TINY-9176
  • Custom tooltips will now show for items in collection which is rendered inside a dialog, on mouse hover and keyboard focus. #TINY-9637
  • Autocompleter will now work with IMEs. #TINY-10637
  • Make table ghost element better reflect height changes when resizing. #TINY-10658

Changed

  • TinyMCE is now licensed GPL Version 2 or later. #TINY-10578
  • convert_unsafe_embeds editor option is now defaulted to true. #TINY-10351
  • sandbox_iframes editor option is now defaulted to true. #TINY-10350
  • The DOMUtils.isEmpty API function has been modified to consider nodes containing only comments as empty. #TINY-10459
  • The highlight_on_focus option now defaults to true, adding a focus outline to every editor. #TINY-10574
  • Delay before the tooltip to show up, from 800ms to 300ms. #TINY-10475
  • Now tox-view__pane has position: relative instead of static. #TINY-10561
  • Update outbound link for statusbar Tiny logo #TINY-10494
  • Remove the height field from the table plugin cell dialog. The table plugin row dialog now controls the row height by setting the height on the tr element, not the td elements. #TINY-10617
  • Change table height resizing handling to remove heights from td/th elements and only apply to tr elements. #TINY-10589
  • Removed incorrect aria-placeholder attribute from editor body when placeholder option is set. #TINY-10452
  • The tooltip property for dialog's footer togglebutton is now optional. #TINY-10672
  • Changed the media_url_resolver option to use promises. #TINY-9154
  • Styles bespoke toolbar button fallback changed to Formats if Paragraph is not configured in style_formats option. #TINY-10603
  • Updated deprecation/removed console message. #TINY-10694

Removed

  • Deprecated force_hex_color option, with the default now being all colors are forced to hex format as lower case. #TINY-10436
  • Deprecated remove_trailing_brs option from DomParser. #TINY-10454
  • title attribute on buttons with visible label. #TINY-10453
  • InsertOrderedList and InsertUnorderedList commands from core, these now only exist in the lists plugin. #TINY-10644
  • closeButton from the notification API, close buttons in notifications are now required. #TINY-10646
  • The autocompleter ch configuration property has been removed. Use the trigger property instead. #TINY-8929
  • Deprecated template plugin. #TINY-10654

Fixed

  • When deleting the last row in a table, the cursor would jump to the first cell (top left), instead of moving to the next adjacent cell in some cases. #TINY-6309

... (truncated)

Commits
  • 3ac1f87 TINY-10775: Added missing changelog item (#9488)
  • d96642e TINY-10712: Tweaked changelog wording
  • c34a99d TINY-10712: Changelogs
  • 07d1157 TINY-10712: Temporary rollback of package.json
  • 2123e27 TINY-10754: Updated the license message (#9477)
  • e13c27a TINY-10639: Update Jenkins to Safari 17 and fix test failures (#9473)
  • 0decc9d TINY-10650: Add a link referencing custom view doc page to the addView API do...
  • 809fd24 TINY-10717: Fixed Esc and arrow keys and IME not starting (#9463)
  • df7b989 TINY-10732: Fallback FooterToggleButton in dialog to use spec.text to se...
  • 43769de TINY-10602: Reverted requirement for build to run lint.
  • Additional commits viewable in compare view

Updates crypto-js from 4.1.1 to 4.2.0

Commits

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates es5-ext from 0.10.53 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

0.10.58 (2022-03-11)

... (truncated)

Commits
  • f76b03d chore: Release v0.10.64
  • 2881acd chore: Bump dependencies
  • c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
  • 16f2b72 docs: Fix date in the changelog
  • de4e03c chore: Release v0.10.63
  • 3fd53b7 chore: Upgrade lint-staged to v13
  • bf8ed79 chore: Ensure postinstall script does not crash on Windows
  • 2cbbb07 chore: Bump dependencies
  • 22d0416 chore: Bump LICENSE year
  • a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
  • Additional commits viewable in compare view

Updates follow-redirects from 1.15.1 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates jszip from 3.7.1 to 3.10.1

Changelog

Sourced from jszip's changelog.

v3.10.1 2022-08-02

  • Add sponsorship files.
    • If you appreciate the time spent maintaining JSZip then I would really appreciate your sponsorship.
  • Consolidate metadata types and expose OnUpdateCallback #851 and #852
  • use const instead var in example from README.markdown #828
  • Switch manual download link to HTTPS #839

Internals:

  • Replace jshint with eslint #842
  • Add performance tests #834

v3.10.0 2022-05-20

  • Change setimmediate dependency to more efficient one. Fixes Stuk/jszip#617 (see #829)
  • Update types of currentFile metadata to include null (see #826)

v3.9.1 2022-04-06

  • Fix recursive definition of InputFileFormat introduced in 3.9.0.

v3.9.0 2022-04-04

  • Update types JSZip#loadAsync to accept a promise for data, and remove arguments from new JSZip() (see #752)
  • Update types for compressionOptions to JSZipFileOptions and JSZipGeneratorOptions (see #722)
  • Add types for generateInternalStream (see #774)

v3.8.0 2022-03-30

  • Santize filenames when files are loaded with loadAsync, to avoid "zip slip" attacks. The original filename is available on each zip entry as unsafeOriginalName. See the documentation. Many thanks to McCaulay Hudson for reporting.
Commits

Updates minimatch from 3.0.4 to 3.1.2

Commits

Updates moment-timezone from 0.5.34 to 0.5.45

Release notes

Sourced from moment-timezone's releases.

Release 0.5.45

  • Updated data to IANA TZDB 2024a.

Release 0.5.44

  • Updated data to IANA TZDB 2023d.
  • Fixed .valueOf() to return NaN for invalid zoned objects (matching default moment) #1082.
  • Performance improvements:
    • Use binary search when looking up zone information #720.
    • Avoid redundant checks in tz.guess().
    • Avoid redundant getZone() calls in .tz().

Release 0.5.43

* Updated data to IANA TZDB 2023c

Release 0.5.42

  • Updated data to IANA TZDB 2023b

Release 0.5.41

  • Updated moment npm dependency to 2.29.4 to remove automated warnings about insecure dependencies #1004. Moment Timezone still works with core Moment 2.9.0 and higher.
  • Updated all dev dependencies including UglifyJS, which produces the minified builds.
  • Added deprecation warning to the pre-built moment-timezone-with-data-2012-2022 bundles #1035. Use the rolling moment-timezone-with-data-10-year-range files instead.

Release 0.5.40

  • Updated data to IANA TZDB 2022g

Release 0.5.39

  • Updated data to IANA TZDB 2022f

Release 0.5.38

  • Updated data to IANA TZDB 2022e
  • Added moment.tz.dataVersion property to TypeScript definitions #930
  • Removed temporary .tar.gz files from npm releases #1000

Release 0.5.37

Release 0.5.36

  • Updated data to IANA TZDB 2022c
  • Improvements/fixes to data pipeline

Release 0.5.35

Thanks to the OpenSSF Alpha-Omega project for reporting these!

Changelog

Sourced from moment-timezone's changelog.

0.5.45 2024-02-04

  • Updated data to IANA TZDB 2024a.

0.5.44 2023-12-29

  • Updated data to IANA TZDB 2023d.
  • Fixed .valueOf() to return NaN for invalid zoned objects (matching default moment) #1082.
  • Performance improvements:
    • Use binary search when looking up zone information #720.
    • Avoid redundant checks in tz.guess().
    • Avoid redundant getZone() calls in .tz().

0.5.43 2023-03-31

  • Updated data to IANA TZDB 2023c

0.5.42 2023-03-24

  • Updated data to IANA TZDB 2023b

0.5.41 2023-02-25

  • Updated moment npm dependency to 2.29.4 to remove automated warnings about insecure dependencies. Moment Timezone still works with core Moment 2.9.0 and higher.
  • Updated all dev dependencies including UglifyJS, which produces the minified builds.
  • Added deprecation warning to the pre-built moment-timezone-with-data-2012-2022 bundles #1035. Use the rolling moment-timezone-with-data-10-year-range files instead.

0.5.40 2022-12-11

  • Updated data to IANA TZDB 2022g

0.5.39 2022-11-13

  • Updated data to IANA TZDB 2022f

0.5.38 2022-10-15

  • Updated data to IANA TZDB 2022e
  • Added moment.tz.dataVersion property to TypeScript definitions #930
  • Removed temporary .tar.gz files from npm releases #1000

0.5.37 2022-08-25

0.5.36 2022-08-25

  • IANA TZDB 2022c
  • improvements/fixes to data pipeline

0.5.35 2022-08-23

Thanks to the OpenSSF Alpha-Omega project for reporting these!

Commits
  • 16157c7 Build moment-timezone 0.5.45
  • 2d2b9a3 Bump version to 0.5.45
  • 0a32e82 ci: Update to latest version of all actions
  • 253bb00 Add editorconfig file for consistent indentation
  • 526030f docs: Clarify data update PRs in contributing guide
  • 6c31d29 Merge pull request #1095 from moment/automated/data-update
  • 4d6bced ci: Force running tests after updating data files
  • a276881 data: Add 2024a
  • ba275d2 ci: Allow downloading tzcode archive as well as tzdata
  • 6bf33a2 build(deps): bump @​babel/traverse from 7.17.3 to 7.23.2 (#1094)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by gilmoreorless, a new releaser for moment-timezone since your current version.


Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

New Contributors

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

Updates yargs-parser from 5.0.0-security.0 to 5.0.1

Changelog

Sourced from yargs-parser's changelog.

5.0.1 (2021-03-10)

Bug Fixes

4.2.1 (2017-01-02)

Bug Fixes

4.2.0 (2016-12-01)

Bug Fixes

  • inner objects in configs had their keys appended to top-level key when dot-notation was disabled (#72) (0b1b5f9)

Features

  • allow multiple arrays to be provided, rather than always combining (#71) (0f0fb2d)

4.1.0 (2016-11-07)

Features

  • apply coercions to default options (#65) (c79052b)
  • handle dot notation boolean options (#63) (02c3545)

4.0.2 (2016-09-30)

Bug Fixes

  • whoops, let's make the assign not change the Object key order (29d069a)

... (truncated)

Commits

Updates yargs from 7.1.1 to 7.1.2

Release notes

Sourced from yargs's releases.

yargs yargs-v7.1.2

Bug Fixes

Changelog

Sourced from yargs's changelog.

7.1.2 (2021-04-25)

Bug Fixes

7.0.2 (2017-03-10)

Bug Fixes

  • populating placeholder arguments broke validation (b3eb2fe)

7.0.1 (2017-03-03)

Bug Fixes

  • --help with default command should print top-level help (#810) (9c03fa4)

7.0.0 (2017-02-26)

Bug Fixes

  • address min/max validation message regression (#750) (2e5ce0f)
  • address positional argument strict() bug introduced in #766 (#784) (a8528e6)
  • console.warn() rather than throwing errors when api signatures are incorrect (#804) (a607061)
  • context should override parsed argv (#786) (0997288)
  • context variables are now recognized in strict() mode (#796) (48575cd)
  • errors were not bubbling appropriately from sub-commands to top-level (#802) (8a992f5)
  • positional arguments of sub-commands threw strict() exception (#805) (f3f074b)
  • pull in yargs-parser with modified env precedence (#787) (e0fbbe5)
  • running parse() multiple times on the same yargs instance caused exception if help() enabled (#790) (07e39b7)
  • use path.resolve() to support node 0.10 (#797) (49a93fc)

Features

  • add conflicts and implies shorthands. (#753) (bd1472b)
  • add traditional Chinese translation (#780) (6ab6a95)
  • allow provided config object to extend other configs (#779) (3280dd0)
  • function argument validation (#773) (22ed9bb)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 12 updates
c10ee69 
Bumps the npm_and_yarn group with 12 updates in the /src/Presentation/Nop.Web directory:

| Package | From | To |
| --- | --- | --- |
| [moment](https://github.com/moment/moment) | `2.29.4` | `2.30.0` |
| [tinymce](https://github.com/tinymce/tinymce/tree/HEAD/modules/tinymce) | `5.10.5` | `7.0.0` |
| [crypto-js](https://github.com/brix/crypto-js) | `4.1.1` | `4.2.0` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` |
| [jszip](https://github.com/Stuk/jszip) | `3.7.1` | `3.10.1` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [moment-timezone](https://github.com/moment/moment-timezone) | `0.5.34` | `0.5.45` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |
| [yargs-parser](https://github.com/yargs/yargs-parser) | `5.0.0-security.0` | `5.0.1` |
| [yargs](https://github.com/yargs/yargs) | `7.1.1` | `7.1.2` |


Updates `moment` from 2.29.4 to 2.30.0
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.4...2.30.0)

Updates `tinymce` from 5.10.5 to 7.0.0
- [Changelog](https://github.com/tinymce/tinymce/blob/main/modules/tinymce/CHANGELOG.md)
- [Commits](https://github.com/tinymce/tinymce/commits/7.0.0/modules/tinymce)

Updates `crypto-js` from 4.1.1 to 4.2.0
- [Commits](brix/crypto-js@4.1.1...4.2.0)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `es5-ext` from 0.10.53 to 0.10.64
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](medikoo/es5-ext@v0.10.53...v0.10.64)

Updates `follow-redirects` from 1.15.1 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6)

Updates `jszip` from 3.7.1 to 3.10.1
- [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md)
- [Commits](Stuk/jszip@v3.7.1...v3.10.1)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `moment-timezone` from 0.5.34 to 0.5.45
- [Release notes](https://github.com/moment/moment-timezone/releases)
- [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md)
- [Commits](moment/moment-timezone@0.5.34...0.5.45)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `yargs-parser` from 5.0.0-security.0 to 5.0.1
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs-parser/commits/v5.0.1)

Updates `yargs` from 7.1.1 to 7.1.2
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/yargs-v7.1.2/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/commits/yargs-v7.1.2)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: tinymce
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: crypto-js
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: es5-ext
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: jszip
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: moment-timezone
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: yargs-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: yargs
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added javascript Pull requests that update Javascript code Mend: dependency security vulnerability Security vulnerability detected by Mend labels Mar 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
javascript Pull requests that update Javascript code Mend: dependency security vulnerability Security vulnerability detected by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants