google / eleventy-high-performance-blog

A high performance blog template for the 11ty static site generator.
https://www.industrialempathy.com/posts/eleventy-high-performance-blog/
MIT License
4.03k stars 283 forks source link

Bump the npm_and_yarn group across 1 directory with 4 updates #185

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 6 months ago

Bumps the npm_and_yarn group with 4 updates in the / directory: phin, sharp, jsdom and ejs.

Updates phin from 3.5.0 to 3.7.1

Commits
Maintainer changes

This version was pushed to npm by ethan_, a new releaser for phin since your current version.


Updates sharp from 0.30.5 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

  • Upgrade to libvips v8.14.5 for upstream bug fixes.

  • Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

  • Ensure withMetadata can add ICC profiles to RGB16 output. #3773

  • Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

  • TypeScript: Add definitions for block and unblock. #3799 @​ldrick

v0.32.5 - 15th August 2023

  • Upgrade to libvips v8.14.4 for upstream bug fixes.

  • TypeScript: Add missing WebpPresetEnum to definitions. #3748 @​pilotso11

  • Ensure compilation using musl v1.2.4. #3755 @​kleisauke

  • Ensure resize with a fit of inside respects 90/270 degree rotation. #3756

  • TypeScript: Ensure minSize property of WebpOptions is boolean. #3758 @​sho-xizz

  • Ensure withMetadata adds default sRGB profile. #3761

v0.32.4 - 21st July 2023

  • Upgrade to libvips v8.14.3 for upstream bug fixes.

  • Expose ability to (un)block low-level libvips operations by name.

  • Prebuilt binaries: restore support for tile-based output. #3581

v0.32.3 - 14th July 2023

... (truncated)

Commits


Updates jsdom from 16.5.0 to 16.5.1

Release notes

Sourced from jsdom's releases.

Version 16.5.1

  • Fixed a regression that broke customElements.get() in v16.5.0. (fdesforges)
  • Fixed window.event to have a setter which overwrites the window.event property with the given value, per the specification. This fixes an issue where after upgrading to jsdom v16.5.0 you would no longer be able to set a global variable named event in the jsdom context.
Changelog

Sourced from jsdom's changelog.

16.5.1

  • Fixed a regression that broke customElements.get() in v16.5.0. (fdesforges)
  • Fixed window.event to have a setter which overwrites the window.event property with the given value, per the specification. This fixes an issue where after upgrading to jsdom v16.5.0 you would no longer be able to set a global variable named event in the jsdom context.
Commits


Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/google/eleventy-high-performance-blog/network/alerts).
dependabot[bot] commented 5 months ago

Superseded by #186.