search

idaholab / STIG

Structured Threat Intelligence Graph
BSD 3-Clause "New" or "Revised" License
87 stars 29 forks source link

Bump glob-parent and webpack #98

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 1 year ago

Bumps glob-parent to 5.1.2 and updates ancestor dependency webpack. These dependencies need to be updated together.

Updates glob-parent from 3.1.0 to 5.1.2

Release notes

Sourced from glob-parent's releases.

v5.1.2

Bug Fixes

v5.1.1

Bug Fixes

v5.1.0

Features

  • add flipBackslashes option to disable auto conversion of slashes (closes #24) (#25) (eecf91d)

v5.0.0

⚠ BREAKING CHANGES

  • Drop support for node <6 & bump dependencies

Miscellaneous Chores

  • Drop support for node <6 & bump dependencies (896c0c0)

v4.0.0

⚠ BREAKING CHANGES

  • question marks are valid path characters on Windows so avoid flagging as a glob when alone
  • Update is-glob dependency

Features

  • hoist regexps and strings for performance gains (4a80667)
  • question marks are valid path characters on Windows so avoid flagging as a glob when alone (2a551dd)
  • Update is-glob dependency (e41fcd8)
Changelog

Sourced from glob-parent's changelog.

5.1.2 (2021-03-06)

Bug Fixes

6.0.2 (2021-09-29)

Bug Fixes

6.0.1 (2021-07-20)

Bug Fixes

  • Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

  • Correct mishandled escaped path separators (#34)
  • upgrade scaffold, dropping node <10 support

Bug Fixes

  • Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

  • upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

5.1.0 (2021-01-27)

Features

  • add flipBackslashes option to disable auto conversion of slashes (closes #24) (#25) (eecf91d)

5.0.0 (2021-01-27)

⚠ BREAKING CHANGES

  • Drop support for node <6 & bump dependencies

... (truncated)

Commits
  • eb2c439 chore: update changelog
  • 12bcb6c chore: release 5.1.2
  • f923116 fix: eliminate ReDoS (#36)
  • 0b014a7 chore: add JSDoc returns information (#33)
  • 2b24ebd chore: generate initial changelog
  • 9b6e874 chore: release 5.1.1
  • 749c35e ci: try wrapping the JOB_ID in a string
  • 5d39def ci: attempt to switch to published coveralls
  • 0b5b37f ci: put the npm step back in for only Windows
  • 473f5d8 ci: update azure build images
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by phated, a new releaser for glob-parent since your current version.


Updates webpack from 4.46.0 to 5.62.1

Release notes

Sourced from webpack's releases.

v5.62.1

Bugfix

  • fix invalid generated code when omitting ;

v5.62.0

Features

  • add options to configure export presence checking
    • parser.javascript.reexportExportsPresence: false allows to disable warnings for non-existing exports during the migration from export ... from "..." to export type ... from "..." for type reexports in TypeScript
  • add experiments.backCompat: false to disable some expensive deprecations for better performance

Bugfixes

  • use ['catch'] instead of .catch for better ES3 support
  • fix removed parentheses when using new (require("...")).Something()
  • fix { require } object literals
  • splitChunks.chunks option is now correctly used for splitChunks.fallbackCacheGroup.maxSize too
  • fix schema of listen option, allow to omit port
  • add better support for Promises from different isolates

Developer Experience

  • add typings for the webpack API that is available within modules
    • use /// <reference types="webpack/module" /> to use the typings in typescript modules
    • or "types": [..., "webpack/module"] in tsconfig

v5.61.0

Bugfixes

  • use a wasm md4 implementation for node 17 support
  • include the path submodules in the node.js default externals

Performance

  • improve string to binary conversion performance for hashing

Contribution

  • CI runs on node.js 17

v5.60.0

Features

  • Allow to pass more options to experiments.lazyCompilation. e. g. port, https stuff

Bugfixes

  • fix output.hashFunction used to persistent caching too
  • Initialize buildDependencies Set correctly when loaders are added in beforeLoaders hook

... (truncated)

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/idaholab/STIG/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

gliese1337 commented 9 months ago

@dependabot rebase

dependabot[bot] commented 9 months ago

Superseded by #108.