search

Baltimore-County-Government / dotgov-components

UI design system for Baltimore County's primary website
https://baltimore-county-government.github.io/dotgov-components/
2 stars 0 forks source link

Bump shell-quote and react-styleguidist #414

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps shell-quote and react-styleguidist. These dependencies needed to be updated together. Updates shell-quote from 1.7.2 to 1.7.3

Changelog

Sourced from shell-quote's changelog.

1.7.3

  • Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)
Commits


Updates react-styleguidist from 9.2.0 to 12.0.0

Release notes

Sourced from react-styleguidist's releases.

v12.0.0

12.0.0 (2022-09-05)

Features

BREAKING CHANGES

  • Webpack 4 is no longer supported.

v12.0.0-alpha9.9

  • fix: Move sucrase back to dependencies 05825f79

https://github.com/styleguidist/react-styleguidist/compare/v12.0.0-alpha9.8...v12.0.0-alpha9.9

v12.0.0-alpha9.8

  • Polyfill process for webpack 5 925b40de
  • Avoid errors about imports without extension in webpack 5 70a06179
  • Fix pagePerSection, improve types, simplify 13898771
  • Fix isolation for the first (index = 0) example faf749c3
  • Refactor inline Markdown 3dffa2e1

v12.0.0-alpha9.7

  • Use // to instead of / for target index in the URL to avoid conflicts d563606e

https://github.com/styleguidist/react-styleguidist/compare/v12.0.0-alpha9.6...v12.0.0-alpha9.7

v12.0.0-alpha9.6

  • Fix path to Storybook components 3cbe042b

https://github.com/styleguidist/react-styleguidist/compare/v12.0.0-alpha9.5...v12.0.0-alpha9.6

v12.0.0-alpha9.5

  • Add a shortcut for Storybook components e3cc6bb4

https://github.com/styleguidist/react-styleguidist/compare/v12.0.0-alpha9.4...v12.0.0-alpha9.5

v12.0.0-alpha9.4

  • Fix exampleMode d06cb34f
  • Isolation mode for CSF stories 2c9eade6
  • Correct unindentation of code examples 599b7557
  • Fix wrong cursor position in the editor when there’s a tab in the line d7455266

https://github.com/styleguidist/react-styleguidist/compare/v12.0.0-alpha9.3...v12.0.0-alpha9.4

v12.0.0-alpha9.3

... (truncated)

Commits
  • a460fcc feat: Upgrade to Webpack 5 (#1996)
  • 4c55077 Build(deps): Bump ua-parser-js in /examples/webpack (#1928)
  • e630725 Build(deps): Bump browserslist in /examples/webpack (#1927)
  • 2c855fa Build(deps): Bump follow-redirects in /examples/react-native (#1924)
  • 7f4d1fa Build(deps): Bump follow-redirects in /examples/preact (#1921)
  • d486074 Build(deps): Bump follow-redirects in /examples/customised (#1920)
  • 4861363 Build(deps): Bump follow-redirects in /examples/express (#1919)
  • abfc18e Build(deps): Bump follow-redirects in /examples/sections (#1917)
  • 6d4c1e7 Build(deps): Bump follow-redirects in /examples/basic (#1916)
  • c66b152 Build(deps): Bump prismjs in /examples/styled-components (#1913)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/baltimorecounty/dotgov-components/network/alerts).
dependabot[bot] commented 2 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

tmccoy529 commented 2 years ago

Conflicts that cannot be easily resolved. Not worth the effort