Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/eleventy-high-performance-blog/network/alerts).
Bumps cross-fetch to 3.1.5 and updates ancestor dependency @ampproject/toolbox-optimizer. These dependencies need to be updated together.
Updates
cross-fetchfrom 3.1.2 to 3.1.5Release notes
Sourced from cross-fetch's releases.
Commits
c6089dfchore(release): 3.1.5a3b3a94chore: updated node-fetch version to 2.6.7 (#124)efed703chore: updated node-fetch version to 2.6.5694ff77refactor: removed ora from dependenciesefc5956refactor: added .vscode to .gitignoreda605d5refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/mod...0f0d51dchore: updated minor and patch versions of dev dependenciesc6e34earefactor: removed sinon.jsf524a52fix: yargs was incompatible with node 107906fcfchore: updated dev dependenciesUpdates
@ampproject/toolbox-optimizerfrom 2.8.7 to 2.9.0Changelog
Sourced from
@ampproject/toolbox-optimizer's changelog.... (truncated)
Commits
0826825v2.9.072e1c96Update dependencies to fix critical security issues (#1331)90adbd7Reset main branch to v2.8.10 (#1326)678c0e2Implement SSR for amp-audio extension (#1324)1abaa6bFix i-amphtml-sizer responsive issue (#1319)e40c5c3More robust auto extension import (#1312)a1eaef5Fix for issue #1302: "SSR: Duplicated ids in rendered markup, if there are no...26e113bfix for transforming nodes with multiple media queries (#1305)49e00b4upgrade node-fetch1b7e896remove the latestVersion fix (#1282)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/eleventy-high-performance-blog/network/alerts).