MatthewDorner / react-native-songbook

React Native app for viewing music in ABC notation format.
GNU General Public License v3.0
18 stars 4 forks source link

Bump serialize-javascript from 2.1.0 to 2.1.2 #1

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps serialize-javascript from 2.1.0 to 2.1.2.

Release notes *Sourced from [serialize-javascript's releases](https://github.com/yahoo/serialize-javascript/releases).* > ## v2.1.2 > - Ignore .nyc_output ([@​styfle](https://github.com/styfle), [#64](https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64)) > > ## v2.1.1 > - Fix regular expressions Cross-Site Scripting (XSS) vulnerability (see [security advisory](https://github.com/yahoo/serialize-javascript/security/advisories/GHSA-h9rv-jmmf-4pgx)) > - Migrate to nyc from istanbul
Commits - [`6c43b02`](https://github.com/yahoo/serialize-javascript/commit/6c43b02710bab8ddaf0d86dd2f9602af74ade7fc) v2.1.2 - [`3e05a3f`](https://github.com/yahoo/serialize-javascript/commit/3e05a3f0128e541f4130359b4074f0b2ca4af326) Ignore .nyc_output ([#64](https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/64)) - [`3c46e8e`](https://github.com/yahoo/serialize-javascript/commit/3c46e8e55deedefb2fbf0c396ece4b6fb8db1036) Bump mocha from 6.2.0 to 6.2.2 ([#62](https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/62)) - [`433fc9c`](https://github.com/yahoo/serialize-javascript/commit/433fc9cafe375b3f376efd12730b226035c3ee3a) 2.1.1 - [`16a68ab`](https://github.com/yahoo/serialize-javascript/commit/16a68ab53d9626fc7c942b48a1163108fcd184c8) Merge pull request from GHSA-h9rv-jmmf-4pgx - [`3bab6de`](https://github.com/yahoo/serialize-javascript/commit/3bab6dee8db7317310a97af5d28f0f0479d21930) Bump mocha from 6.2.1 to 6.2.2 ([#60](https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/60)) - [`7a6b13d`](https://github.com/yahoo/serialize-javascript/commit/7a6b13dda9a8fda08bd2befecd9bbe833ddcc592) Bump mocha from 6.2.0 to 6.2.1 ([#59](https://github-redirect.dependabot.com/yahoo/serialize-javascript/issues/59)) - [`40cf793`](https://github.com/yahoo/serialize-javascript/commit/40cf79364e71a5b5e50d1674859b4844f86d3879) Migrate to nyc from istanbul - See full diff in [compare view](https://github.com/yahoo/serialize-javascript/compare/v2.1.0...v2.1.2)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/MatthewDorner/react-native-songbook/network/alerts).
dependabot[bot] commented 4 years ago

Looks like serialize-javascript is no longer a dependency, so this is no longer needed.