Skip to content

Bump the npm_and_yarn group across 1 directory with 7 updates #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 7 updates #29

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Aug 29, 2024

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
bootstrap 4.6.2 5.0.0
highlight.js 10.7.3 11.0.0
@babel/traverse 7.18.9 7.25.6
qs 6.5.2 6.5.3
browserify-sign 4.2.1 4.2.3
decode-uri-component 0.2.0 0.2.2
follow-redirects 1.15.1 1.15.6

Updates bootstrap from 4.6.2 to 5.0.0

Release notes

Sourced from bootstrap's releases.

v5.0.0

Highlights

#32155: Updated make-col() mixin to generate equal columns when no size is specified #32763: Added new color-scheme() mixin #33389: Dropdown menus now have option become clickable #33453: Added new docs footer #33548: Offcanvas header components are now vertically aligned #33549: Added offcanvas-top modifier #33634: Added support for .dropdown-items wrapped in <li>s #33626: Fix v5 regressions in tab dropdown functionality

🚀 Features

  • #32763: Add color-scheme mixin
  • #33389: Dropdown — Add option to make the dropdown menu clickable
  • #33549: Add offcanvas-top modifier

🎨 CSS

  • #32155: Add equal column mixin
  • #32763: Add color-scheme mixin
  • #33292: Make accordion icon rotation more natural
  • #33411: Fix validation feedback icon in select multiple
  • #33478: Make .nav-link color consistent when using buttons
  • #33482: Dropdown — Apply positioning only when Popper is not used
  • #33548: Vertically align offcanvas header components
  • #33549: Add offcanvas-top modifier
  • #33550: Spinner alignment changes
  • #33598: Hide validation icons from multiple selects
  • #33600: Have $form-check-input-border's default derive from $black
  • #33607: Reduce color-scheme complexity
  • #33642: use :read-only css selector instead [readonly] for consistency
  • #33658: fix: use list-group variable instead of alert
  • #33736: accordion: fix border-top on Firefox

☕️ JavaScript

  • #32439: Decouple BackDrop from modal
  • #33245: Decouple Modal's scrollbar functionality
  • #33249: Simplify Modal Config
  • #33250: Simplify ScrollSpy config
  • #33310: fix: make EventHandler better handle mouseenter/mouseleave events
  • #33389: Dropdown — Add option to make the dropdown menu clickable
  • #33429: Remove element event listeners through base component
  • #33451: Add missing things in hide method of dropdown
  • #33456: Use our isDisabled util on dropdown
  • #33466: Refactor dropdown's hide functionality
  • #33479: Fix dropdown escape propagation
  • #33496: Use cached noop function

... (truncated)

Commits

Updates highlight.js from 10.7.3 to 11.0.0

Release notes

Sourced from highlight.js's releases.

Version 11

Potentially Breaking Changes

This is a major release. As such it contains breaking changes which may require action from users. Most of the breaking changes work was done by the current maintainer [Josh Goebel][] (ref: #2558) while many other contributors contributed many other changes for this release. You'll find that list below the breaking changes summary.

Please read VERSION_11_UPGRADE.md for a detailed summary of all breaking changes. The below list should only be considered to be a summary.

Deprecations / Removals / API Changes:

  • initHighlighting() and initHighlightingOnLoad() deprecated. Use highlightAll().
  • highlightBlock(el) deprecated. Use highlightElement(el)
  • before:highlightBlock & after:highlightBlock callbacks deprecated. Use equivalent highlightElement callbacks.
  • highlight(languageName, code, ignoreIllegals, continuation) signature deprecated. Use highlight(code, {language, ignoreIllegals}).
  • Deprecated highlight() signature no longer supports continuation argument.
  • tabReplace option removed. Consider a plugin.
  • useBR option removed. Consider a plugin or CSS.
  • requireLanguage() removed. Use getLanguage().
  • endSameAsBegin mode key removed. Use hljs.END_SAME_AS_BEGIN.
  • lexemes mode key removed. Use keywords.$pattern.
  • The return values/keys of some APIs have changed slightly.

Security:

  • HTML auto-passthru has been removed. Consider a plugin.
  • Unescaped HTML is now stripped (for security). A warning is logged to the console. (#3057) [Josh Goebel][]

Themes:

  • The default padding of all themes increases (0.5em => 1em).
  • schoolbook has been updated to remove the lined background.
  • github updated to better match modern GitHub (#1616) [Jan Pilzer][]
  • github-gist has been removed in favor of github [Jan Pilzer][]
  • Base16 named themes have been updated to their "canonical" versions
  • nnfx updated for v11 xml styles and improved css support

Language Grammars:

  • Default CDN build drops support for several languages.
  • Some language grammar files have been removed.
  • Some redundant language aliases have been removed.

Other changes

Parser:

  • enh(vala) improve language detection for Vala (#3195) [Konrad Rudolph][]
  • enh(r) add support for operators, fix number highlighting bug (#3194, #3195) [Konrad Rudolph][]
  • enh(parser) add beginScope and endScope to allow separate scoping begin and end (#3159) [Josh Goebel][]
  • enh(parsed) endScope now supports multi-class matchers as well (#3159) [Josh Goebel][]
  • enh(parser) highlightElement now always tags blocks with a consistent language-[name] class [Josh Goebel][]

... (truncated)

Changelog

Sourced from highlight.js's changelog.

Version 11.0.0

This is a major release. As such it contains breaking changes which may require action from users. Please read VERSION_11_UPGRADE.md for a detailed summary of all breaking changes.

Potentially breaking changes

Unless otherwise attributed items below are thanks to [Josh Goebel][] (ref: #2558).

The below list should only be considered to be a high-level summary.

Deprecations / Removals / API Changes:

  • initHighlighting() and initHighlightingOnLoad() deprecated. Use highlightAll().
  • highlightBlock(el) deprecated. Use highlightElement(el)
  • before:highlightBlock & after:highlightBlock callbacks deprecated. Use equivalent highlightElement callbacks.
  • highlight(languageName, code, ignoreIllegals, continuation) signature deprecated. Use highlight(code, {language, ignoreIllegals}).
  • Deprecated highlight() signature no longer supports continuation argument.
  • tabReplace option removed. Consider a plugin.
  • useBR option removed. Consider a plugin or CSS.
  • requireLanguage() removed. Use getLanguage().
  • endSameAsBegin mode key removed. Use hljs.END_SAME_AS_BEGIN.
  • lexemes mode key removed. Use keywords.$pattern.
  • The return values/keys of some APIs have changed slightly.

Security:

  • HTML auto-passthru has been removed. Consider a plugin.
  • Unescaped HTML is now stripped (for security). A warning is logged to the console. (#3057) [Josh Goebel][]

Themes:

  • The default padding of all themes increases (0.5em => 1em).
  • schoolbook has been updated to remove the lined background.
  • github updated to better match modern GitHub (#1616) [Jan Pilzer][]
  • github-gist has been removed in favor of github [Jan Pilzer][]
  • Base16 named themes have been updated to their "canonical" versions
  • nnfx updated for v11 xml styles and improved css support

Language Grammars:

  • Default CDN build drops support for several languages.
  • Some language grammar files have been removed.
  • Some redundant language aliases have been removed.

Other changes

Parser:

  • enh(vala) improve language detection for Vala (#3195) [Konrad Rudolph][]
  • enh(r) add support for operators, fix number highlighting bug (#3194, #3195) [Konrad Rudolph][]

... (truncated)

Commits

Updates @babel/traverse from 7.18.9 to 7.25.6

Release notes

Sourced from @​babel/traverse's releases.

v7.25.5 (2024-08-23)

🐛 Bug Fix

  • babel-generator, babel-traverse

💅 Polish

Committers: 2

v7.25.4 (2024-08-22)

🐛 Bug Fix

💅 Polish

  • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • babel-generator, babel-plugin-transform-class-properties
  • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread

🔬 Output optimization

Committers: 4

v7.25.3 (2024-07-31)

🐛 Bug Fix

  • babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.25.6 (2024-08-29)

🐛 Bug Fix

💅 Polish

  • babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
  • babel-generator

🏠 Internal

v7.25.5 (2024-08-23)

🐛 Bug Fix

💅 Polish

v7.25.4 (2024-08-22)

🐛 Bug Fix

💅 Polish

  • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • babel-generator, babel-plugin-transform-class-properties

... (truncated)

Commits

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
  • [Fix] correctly parse nested arrays
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
  • [Fix] when parseArrays is false, properly handle keys ending in []
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
  • [Fix] utils.merge: avoid a crash with a null target and an array source
  • [Refactor] utils: reduce observable [[Get]]s
  • [Refactor] use cached Array.isArray
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
  • [Refactor] parse: only need to reassign the var once
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
  • [Docs] Clarify the need for "arrayLimit" option
  • [meta] fix README.md (#399)
  • [meta] add FUNDING.yml
  • [actions] backport actions from main
  • [Tests] always use String(x) over x.toString()
  • [Tests] remove nonexistent tape option
  • [Dev Deps] backport from main
Commits
  • 298bfa5 v6.5.3
  • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
  • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
  • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
  • 12ac1c4 [meta] fix README.md (#399)
  • 0338716 [actions] backport actions from main
  • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
  • 51b8a0b add FUNDING.yml
  • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
  • f814a7f [Dev Deps] backport from main
  • Additional commits viewable in compare view

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates follow-redirects from 1.15.1 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 29, 2024
@dependabot @drikusroor
Bump the npm_and_yarn group across 1 directory with 7 updates
ae66ad3 
Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [bootstrap](https://github.com/twbs/bootstrap) | `4.6.2` | `5.0.0` |
| [highlight.js](https://github.com/highlightjs/highlight.js) | `10.7.3` | `11.0.0` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.9` | `7.25.6` |
| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` |



Updates `bootstrap` from 4.6.2 to 5.0.0
- [Release notes](https://github.com/twbs/bootstrap/releases)
- [Commits](twbs/bootstrap@v4.6.2...v5.0.0)

Updates `highlight.js` from 10.7.3 to 11.0.0
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/main/CHANGES.md)
- [Commits](highlightjs/highlight.js@10.7.3...11.0.0)

Updates `@babel/traverse` from 7.18.9 to 7.25.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.25.6/packages/babel-traverse)

Updates `qs` from 6.5.2 to 6.5.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.5.2...v6.5.3)

Updates `browserify-sign` from 4.2.1 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.2.1...v4.2.3)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `follow-redirects` from 1.15.1 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6)

---
updated-dependencies:
- dependency-name: bootstrap
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: highlight.js
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@drikusroor drikusroor force-pushed the dependabot/npm_and_yarn/npm_and_yarn-cd53587a17 branch from 9efeb7f to ae66ad3 Compare August 29, 2024 13:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant