search

google / openhtf

The open-source hardware testing framework.
Apache License 2.0
530 stars 217 forks source link

Bump the npm_and_yarn group across 1 directory with 50 updates #1156

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the npm_and_yarn group with 32 updates in the /openhtf/output/web_gui directory:

Package From To
@angular/core 4.4.6 10.2.5
webpack-dev-server 2.3.0 3.1.11
adm-zip 0.4.4 0.5.14
protractor 4.0.14 7.0.0
async 2.6.0 2.6.4
browserify-sign 4.2.1 4.2.3
y18n 4.0.0 4.0.3
y18n 3.2.1 4.0.3
minimist 1.2.0 1.2.8
mkdirp 0.5.1 0.5.6
handlebars 4.0.11 4.7.8
tslint 4.5.1 6.1.3
typedoc 0.5.10 0.25.13
decode-uri-component 0.2.0 0.2.2
eventsource 0.1.6 2.0.2
sockjs-client 1.1.4 1.6.1
json-schema 0.2.3 0.4.0
jsprim 1.4.1 1.4.2
lodash 4.17.5 4.17.21
karma-coverage 1.1.1 1.1.2
karma-webpack 2.0.2 2.0.13
postcss 5.2.18 8.4.38
autoprefixer 6.7.7 10.4.19
css-loader 0.28.11 7.1.2
postcss-loader 1.3.3 8.1.1
js-yaml 3.7.0 3.14.1
mixin-deep 1.3.1 1.3.2
serialize-javascript 1.4.0 6.0.2
copy-webpack-plugin 4.5.1 12.0.2
set-value 2.0.0 2.0.1
union-value 1.0.0 1.0.1
socket.io-parser 4.2.1 4.2.4
webpack-dev-middleware 1.12.2 removed
karma-webpack 2.0.13 5.0.1
webpack-dev-server 3.1.11 5.0.4

Updates @angular/core from 4.4.6 to 10.2.5

Changelog

Sourced from @​angular/core's changelog.

10.2.5 (2021-04-14)

Bug Fixes

  • compiler-cli: show a more specific error for Ivy NgModules (#41534) (#41598) (f630f33)
  • core: fix possible XSS attack in development through SSR (#40525) (ba8da74)

10.2.4 (2020-12-17)

Bug Fixes

  • core: fix possible XSS attack in development through SSR. (#40152) (0b8e3d5)
  • core: set ngDevMode to false when calling enableProdMode() (#40160) (90570c0)

10.2.3 (2020-11-09)

Bug Fixes

  • compiler: ensure that i18n message-parts have the correct source-span (#39589) (e67a331)
  • compiler: skipping leading whitespace should not break placeholder source-spans (#39589) (2b684b7), closes #39195
  • compiler-cli: avoid duplicate diagnostics about unknown pipes (#39517) (861e4fa)
  • compiler-cli: do not drop non-Angular decorators when downleveling (#39577) (1c6cf8a), closes #39574

10.2.2 (2020-11-04)

Bug Fixes

  • compiler-cli: report missing pipes when fullTemplateTypeCheck is disabled (#39320) (71d0063), closes #38195
  • core: markDirty() should only mark flags when really scheduling tick. (#39316) (8c82106), closes #39296
  • router: Ensure all outlets are used when commands have a prefix (#39456) (85d5242)

Performance Improvements

  • core: do not recurse into modules that have already been registered (#39514) (812355c), closes #39487

... (truncated)

Commits
  • ba8da74 fix(core): fix possible XSS attack in development through SSR (#40525)
  • 90570c0 fix(core): set ngDevMode to false when calling enableProdMode() (#40160)
  • 0b8e3d5 fix(core): fix possible XSS attack in development through SSR. (#40152)
  • 1aee8b3 refactor(compiler): store the fullStart location on ParseSourceSpans (#39...
  • 812355c perf(core): do not recurse into modules that have already been registered (#3...
  • 8f36c21 refactor(router): Small refactor of createUrlTree and extra tests (#39456)
  • 90acb91 docs: tView.preOrderHooks and tView.preOrderCheckHooks docs update (#39497)
  • 8c82106 fix(core): markDirty() should only mark flags when really scheduling tick. (#...
  • 0b37249 docs(core): update a typo in the comment of ngZoneEventCoalescing (#39423)
  • 3b779a1 docs: fix typo in initializeInputAndOutputAliases docstring (#39438)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular/core since your current version.


Updates webpack-dev-server from 2.3.0 to 3.1.11

Release notes

Sourced from webpack-dev-server's releases.

v3.1.11

3.1.11 (2018-12-21)

Bug Fixes

v3.1.10

2018-10-23

Bug Fixes

  • options: add writeToDisk option to schema (#1520) (d2f4902)
  • package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
  • Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

v3.1.9

No release notes provided.

v3.1.8

2018-09-06

Bug Fixes

  • package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
  • utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

v3.1.7

2018-08-29

Bug Fixes

  • Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

v3.1.6

2018-08-26

Bug Fixes

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

3.1.11 (2018-12-21)

Bug Fixes

3.1.10 (2018-10-23)

Bug Fixes

  • options: add writeToDisk option to schema (#1520) (d2f4902)
  • package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#1537) (e719959)
  • Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#1531) (c12def3)

3.1.9 (2018-09-24)

3.1.8 (2018-09-06)

Bug Fixes

  • package: yargs security vulnerability (dependencies) (#1492) (8fb67c9)
  • utils/createLogger: ensure quiet always takes precedence (options.quiet) (#1486) (7a6ca47)

3.1.7 (2018-08-29)

Bug Fixes

  • Server: don't use spdy on node >= v10.0.0 (#1451) (8ab9eb6)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack-dev-server since your current version.


Updates adm-zip from 0.4.4 to 0.5.14

Release notes

Sourced from adm-zip's releases.

v0.5.14

Fixed an issue introduced on version 0.1.13 requiring a new mandatory parameter on the inflater on nodejs version >= 15

v0.5.13

  • Fixed extractAllToAsync callback @​5saviahv
  • Fixed issue with "toAsyncBuffer" where after that command all entries are gone @​5saviahv
  • Minor fixes (tests, typos etc) @​5saviahv
  • Added a an option to specificy the maximum expectedLength of the file to protect against zip bombs or limit memory usage @​undefined-moe
  • Add check for invalid large disk entries @​criyle

v0.5.12

Fixed extraction error

v0.5.11

Add support for Info-Zip password check spec for ZipCrypto @​lukemalcolm Extraction of password protected zip entries @​Santa77 Fixed unnecessary scanning a local file headers (except in the case of corrupted archives) @​likev

v0.5.10

Add Unix mode attribute even when archive is created from Windows Fixed an issue where addLocalFolderAsync causes stack overflow when a lot of files are filtered Support to unzip symlinks Fix parameter initialization bug of extractAllToAsync Allow for custom stat or permissions value in addLocalFolder Various small fixes and tests

.

No release notes provided.

Changelog

Sourced from adm-zip's changelog.

0.5.4 / 2021-03-08

  • Fixed relative paths
  • Added zipcrypto encryption
  • Lower verMade for macOS when generating zip file

0.5.3 / 2021-02-07

  • Fixed filemode when unzipping

0.5.2 / 2021-01-27

  • Fixed path traversal issue (GHSL-2020-198)

0.5.1 / 2020-11-27

  • Incremented version (cthackers)
  • Fixed outFileName (cthackers)

0.5.0 / 2020-11-19

  • Added extra parameter to extractEntryTo so target filename can be renamed (cthackers)
  • Updated dev dependency (cthackers)
  • modified addLocalFolder method (5saviahv)
  • modified addLocalFile method (5saviahv)
  • Deflate needs min V2.0 (5saviahv)
  • Node v6 (5saviahv)
  • Added ZipCrypto decrypting ability (5saviahv)
  • LICENSE filename in package.json (5saviahv)
  • add multibyte-encoded comment with byte length instead of character length (Kosuke Suzuki)
  • Bump lodash from 4.17.15 to 4.17.19 (dependabot[bot])
  • now it works in browser (Emiliano Necciari)

0.4.16 / 2020-06-23

  • Updated mocha version to fix vulnerability (cthackers)
  • Update project version (cthackers)
  • fix: throw real exception objects on error (Matthew Sainsbury)
  • Version number incremented (Saqib M)
  • Update zipFile.js (Saqib M)
  • Update README.md with the latest URLs (Takuya Noguchi)
  • Update Node.js version to use in CI tests (Takuya Noguchi)
  • process.versions is null when the library is used in browser (Emiliano Necciari)

0.4.14 / 2020-02-06

  • Version increment for npm publish (cthackers)
  • Iterate over entries without storing their metadata (Pierre Lehnen)
  • Add partial support for zip64 (larger number of entries) (Pierre Lehnen)

... (truncated)

Commits


Updates protractor from 4.0.14 to 7.0.0

Release notes

Sourced from protractor's releases.

5.4.3

typescript 3.7 compatibility

Resolves #5348 which was causing incompatibility with TypeScript 3.7

Changelog

Sourced from protractor's changelog.

7.0.0

  • (9d2e18e) refactor: use console.log instead of util.puts

    utils.puts is no longer available in Node.JS 12

  • (c281157) refactor: remove debugger and explore methods

    BREAKING CHANGE: Debugger and explore methods are not compatable with Node 8+. Use debugger keyword instead. See: https://goo.gl/MvWqFh

  • (7cdb978) build: update several dev packages that have security issues

  • (8e82835) build: update webdriver-manager

  • (a1fe5f2) ci: update tests to run on Node 10 and 12

  • (3fc9220) fix: prototype Pollution vulnerability through outdated yargs package

    BREAKING CHANGE:

    Node.Js version 6 and 8 are no longer supported. Please update to Node.Js 10+

    Closes #5431

5.4.4

Fixes

  • fix: security prototype pollution

5.4.3

Fixes

fix(index.ts): Fix exports to unbreak TypeScript 3.7 build

5.4.2

Features

  • (db1b638) feat(saucelabs): add sauceRegion support for eu datacenters (#5083)

... (truncated)

Commits
  • 71771de release: 7.0.0
  • 9d2e18e refactor: use console.log instead of util.puts
  • c281157 refactor: remove debugger and explore methods
  • 7cdb978 build: update several dev packages that have security issues
  • 8e82835 build: update webdriver-manager
  • a1fe5f2 ci: update tests to run on Node 10 and 12
  • 3fc9220 fix: prototype Pollution vulnerability through outdated yargs package
  • a0ffa9b release: 5.4.4
  • 8b3ebf8 fix: security prototype pollution
  • 162f9e5 ci: Log sauce connect proxy to stdout, remove travis_wait, upgrade proxy to 4...
  • Additional commits viewable in compare view


Updates ajv from 4.11.8 to 5.5.2

Release notes

Sourced from ajv's releases.

v5.5.0

Support chaining of methods add* and remove* (#625, @​pithu), see Api.

v5.4.0

Option logger to disable logging or to specify a custom logger (#618, @​meirotstein).

v5.3.0

Replace json-stable-stringify with a faster fork without jsonify.

5.2.0

Refactor: separate "equal" into package fast-deep-equal

v5.1.0

Changed order of type validation - "type" keyword is now validated before keywords that apply to all types.

5.0.4-beta.3

Added format "url"

5.0.4-beta.1

More comprehencive uri-reference format in {format: "full"} mode.

5.0.4-beta.0

Rename format uri-ref to uri-reference Cross-platform scripts Update draft-6 meta-schema

5.0.0

This release is fully backward compatible, but it may require either migrating your schemas (recommended, e.g. using "migrate" command of ajv-cli) or changing your code that uses Ajv.

You can still use draft-04 and v5 schemas with this release (see Migration guide below).

The changes below are based on 4.11.7 version.

JSON-Schema draft-06 support

  • Support for boolean schemas: wherever a schema is required, true/false can be used in order to always pass/fail validation.
  • $id keyword is used as schema URI (previously id).
  • exclusiveMaximum and exclusiveMinimum keywords must be numbers (previously boolean).
  • additional validation keywords: const, contains, propertyNames.
  • additional formats: uri-reference, uri-template.

See Internet drafts: JSON Schema, JSON Schema Validation.

Migrating from Ajv 4.x.x

Migrate your schemas

It is a recommended approach.

... (truncated)

Commits
  • cecd4ec 5.5.2
  • b915832 docs: update performance chart
  • 90bd281 chore: update typescript
  • 33efef3 Merge branch 'Delagen-master'
  • ef0fc0f Merge branch 'master' of ssh://github.com/Delagen/ajv into Delagen-master
  • 7a7812f chore: regenerator semver
  • 217c5e3 Merge branch 'greenkeeper/regenerator-0.12.2'
  • 88b3018 replace Object to object due (Object=any), add CompilationContext interface
  • 2e75568 chore(package): update regenerator to version 0.12.2
  • 2d4ca22 Merge pull request #642 from epoberezkin/greenkeeper/json-schema-test-2.0.0
  • Additional commits viewable in compare view


Updates braces from 1.8.5 to 2.3.2

Changelog

Sourced from braces's changelog.

[2.3.2] - 2018-04-08

  • start refactoring
  • cover sets
  • better range handling

[2.3.1] - 2018-02-17

  • Remove unnecessary escape in Regex. (#14)

[2.3.0] - 2017-10-19

  • minor code reorganization
  • optimize regex
  • expose maxLength option

[2.2.1] - 2017-05-30

  • don't condense when braces contain extglobs

[2.2.0] - 2017-05-28

  • ensure word boundaries are preserved
  • fixes edge case where extglob characters precede a brace pattern

[2.1.1] - 2017-04-27

  • use snapdragon-node
  • handle edge case
  • optimizations, lint

[2.0.4] - 2017-04-11

  • pass opts to compiler
  • minor optimization in create method
  • re-write parser handlers to remove negation regex

[2.0.3] - 2016-12-10

  • use split-string
  • clear queue at the end
  • adds sequences example
  • add unit tests

[2.0.2] - 2016-10-21

  • fix comma handling in nested extglobs

[2.0.1] - 2016-10-20

... (truncated)

Commits


Updates async from 2.6.0 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

  • Fix potential prototype pollution exploit (#1828)

v2.6.3

  • Updated lodash to squelch a security warning (#1675)

v2.6.2

  • Updated lodash to squelch a security warning (#1620)

v2.6.1

  • Updated lodash to prevent npm audit warnings. (#1532, #1533)
  • Made async-es more optimized for webpack users (#1517)
  • Fixed a stack overflow with large collections and a synchronous iterator (#1514)
  • Various small fixes/chores (#1505, #1511, #1527, #1530)
Commits
Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.


Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates y18n from 4.0.0 to 4.0.3

Changelog

Sourced from y18n's changelog.

4.0.3 (2021-04-07)

Bug Fixes

  • release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

4.0.1 (2020-11-30)

Bug Fixes

Commits
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.


Updates y18n from 3.2.1 to 4.0.3

Changelog

Sourced from y18n's changelog.

4.0.3 (2021-04-07)

Bug Fixes

  • release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

4.0.1 (2020-11-30)

Bug Fixes

Commits
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.


Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
dependabot[bot] commented 4 months ago

Superseded by #1159.