dependabot[bot]
commented
2 years ago Looks like these dependencies are updatable in another way, so this is no longer needed.
Closed dependabot[bot] closed 2 years ago
dependabot[bot]
commented
2 years ago Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps semver-regex to 3.1.4 and updates ancestor dependencies semver-regex, gatsby-plugin-sharp and husky. These dependencies need to be updated together.
Updates
semver-regexfrom 2.0.0 to 3.1.4Release notes
Sourced from semver-regex's releases.
Commits
906cf403.1.47712ba5Fix ReDoS vulnerability backporta0203dbFix ReDoS vulnerability backportca0ee673.1.2626c0c2Move to GitHub Actions6baf2ccFix regex catastrophic backtrackingbf2f4c2Meta tweakscd7e6ba3.1.1c64c57fAllow 0 as numeric identifier (#19)d724367Create funding.ymlUpdates
gatsby-plugin-sharpfrom 2.6.24 to 4.24.0Release notes
Sourced from gatsby-plugin-sharp's releases.
... (truncated)
Changelog
Sourced from gatsby-plugin-sharp's changelog.
... (truncated)
Commits
9f4c0b9chore(release): Publish87f280achore(release): Publish nextea00e12chore(release): Publish next6815536chore(release): Publish next53a4e5achore(changelogs): update changelogs (#36605)ba43263chore(release): Publish next pre-minor3bc957bchore(changelogs): update changelogs (#36501)232d3b6chore(release): Publish next9dcc773chore(gatsby, gatsby-transformer-remark, gatsby-plugin-sharp): Cleanup v4 com...4707fb8chore(gatsby-plugin-sharp): upgrade svgo (#36445)Maintainer changes
This version was pushed to npm by marvinjudehk, a new releaser for gatsby-plugin-sharp since your current version.
Updates
huskyfrom 4.2.5 to 4.3.8Release notes
Sourced from husky's releases.
Commits
37b69254.3.8674f833fix 'toString' error and improve messages70442adUpdate LICENSE (#736)b9a09174.3.7839d84aupdate pkg-dir dependency and some devDependencies6a1b3daUpgrade find-versions to 4.0.0 (#837)cbb0af74.3.6eb1eeb8fix prepare-commit-msg on windows (#737)65bc6e5Update README.mdcbd0e06add prepare-commit-msg testDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/agneym/blog/network/alerts).