Closed dependabot[bot] closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
@dependabot recreate
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml
Bumps the npm_and_yarn group with 2 updates in the / directory: postcss and @quasar/app.
Updates
postcss
from 7.0.39 to 8.4.38Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
a69d45e
Release 8.4.38 version64e35d9
Update dependenciesc1ad8fb
Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...b45e7e9
fix endIndex1bea246
failing test: for endIndex 0 in rangeBy0fd1d86
Add changelog auto release on Github49c906e
Release 8.4.37 versionb5bd92c
Fix another broken prev source map issue2882039
Update dependenciese5ad939
Release 8.4.36 versionUpdates
@quasar/app
from 2.4.3 to 3.3.3Commits
ad27458
chore(app): Bump versionf6856ac
feat(app): upgrade depsba04f89
feat(docs): update vue links (since v3 is now default/latest version)453dfda
feat(docs): update vue links (since v3 is now default/latest version)656a42d
fix(app): Capacitor not opening IDE when configured to do so (regression) #123682437d97
feat(docs): make some instances of quasar.conf more clear that they refer to ...9f8a083
chore(ui): Bump version7d9ab19
feat(ui): various small improvements7dfca62
feat(TS/QForm): broaden the definition of the submit event #12399dc6d64a
Merge branch 'dev' of github.com:quasarframework/quasar into devUpdates
braces
from 2.3.2 to 3.0.2Changelog
Sourced from braces's changelog.
Commits
Updates
express
from 4.17.3 to 4.17.2Changelog
Sourced from express's changelog.
... (truncated)
Commits
ea537d9
4.17.2eee93a2
build: update example dependenciesb35773c
build: eslint@7.32.0c8a4200
build: mocha@9.1.321cf522
examples: improve 404 message wordinga24f27a
deps: serve-static@1.14.2a33266a
build: support Node.js 14.x6fe271e
build: support Node.js 13.xcbe25d6
deps: setprototypeof@1.2.03bb6d96
examples: demonstrate sub directory downloadUpdates
webpack-dev-middleware
from 3.7.3 to 5.3.4Release notes
Sourced from webpack-dev-middleware's releases.
... (truncated)
Changelog
Sourced from webpack-dev-middleware's changelog.
... (truncated)
Commits
86071ea
chore(release): 5.3.4189c4ac
fix(security): do not allow to read files above (#1779)f3c62b8
chore(release): 5.3.3eeb8aa8
fix: types forRequest
andResponse
(#1271)1a45388
chore(release): 5.3.2b8fb945
chore(deps): memfs force update (#1269)f88067d
chore: update deps and ci (#1260)7186318
chore(deps-dev): bump@commitlint/cli
57c50ef
ci: updatecheckout
,setup-node
, andcodecov
actions (#1267)840146a
chore(deps-dev): bump@babel/preset-env
Updates
ws
from 6.2.3 to 7.5.10Release notes
Sourced from ws's releases.
... (truncated)
Commits
d962d70
[dist] 7.5.1022c2876
[security] Fix crash when the Upgrade header cannot be read (#2231)8a78f87
[dist] 7.5.90435e6e
[security] Fix same host check for ws+unix: redirects4271f07
[dist] 7.5.8dc1781b
[security] Drop sensitive headers when following insecure redirects2758ed3
[fix] Abort the handshake if the Upgrade header is invalida370613
[dist] 7.5.71f72e2e
[security] Drop sensitive headers when following redirects (#2013)8ecd890
[dist] 7.5.6Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions | | --- | --- | | @quasar/app | [>= 3.a, < 4] |Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show