Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SwissBitcoinPay/app/network/alerts).
Bumps the npm_and_yarn group with 4 updates in the / directory: postcss, @dotlottie/react-player, follow-redirects and ip.
Updates
postcss
from 8.4.21 to 8.4.35Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
edda95e
Release 8.4.35 version612f360
Merge pull request #1924 from postcss/refactor/types5e7449f
Fix node.parent.nodes type65075df
Allow to pass undefined to adding methods to simplify type check477b3bb
Release 8.4.34 version25af117
Update dependenciesbb0314a
Merge pull request #1922 from tim-we/improve-at-rule-types9dd5a93
Fix at-rule test8322d11
Fix visitor testee7fcd4
Fix Document#nodesUpdates
@dotlottie/react-player
from 1.6.6 to 1.6.18Release notes
Sourced from
@dotlottie/react-player
's releases.... (truncated)
Commits
2e3cfcb
chore: 🤖 update versions (#319)0587998
fix: 🐛 box-sizing css rule scope (#318)87708de
chore: 🤖 update versions (#316)9c78f2a
chore: 🤖 fix homepage link in package.json (#315)04bfbda
chore: 🤖 update versions (#312)163dcc2
refactor: 💡 theming from lss to lottie slots (#311)0687c9b
chore: 🤖 update versions (#305)82fa43d
chore: 🤖 add missing changeset (#303)970e565
chore: upgrade dependencies with vulnerability issues (#302)3731d4f
chore: 🤖 update versions (#301)Updates
follow-redirects
from 1.15.5 to 1.15.6Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.Updates
ip
from 1.1.8 to 1.1.9Commits
1ecbf2f
1.1.96a3ada9
lib: fixed CVE-2023-42282 and added unit testUpdates
sharp
from 0.32.5 to 0.32.6Changelog
Sourced from sharp's changelog.
Commits
eefaa99
Release v0.32.6dbce6fa
Upgrade to libvips v8.14.5af0fcb3
Docs: changelog for #3799c6f54e5
Bump devDeps846563e
TypeScript: add definitions for block and unblock (#3799)9c217ab
Ensure withMetadata can add RGB16 profiles #3773e7381e5
Alternative fix for 4340d60, uses existing StaySequential4340d60
Ensure composite tile images fully decoded #37677f64d46
Docs: add missing returns property to raw67e927b
Docs: ensure all functions include method signature #3777Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show