juzisang / picgo-plugin-compress

Image compression plugin for PicGo
MIT License
129 stars 31 forks source link

build(deps): bump degenerator and urllib #55

Open dependabot[bot] opened 2 years ago

dependabot[bot] commented 2 years ago

Bumps degenerator and urllib. These dependencies needed to be updated together. Updates degenerator from 1.0.4 to 3.0.2

Release notes

Sourced from degenerator's releases.

3.0.2

Patches

  • Update vm2 to v3.9.8: f690e194041f9dacba5341d5a98bbd1a65996048

3.0.1

Patches

  • Fix return undefined: ccc3445354135398b6eb1a04c7d27c13b833f2d5
  • Fix filename option: 9d25bb67d957bc2e5425fea7bf7a58b3fc64ff9e

3.0.0

Major Changes

  • Remove "generator" output mode: #12
  • Use vm2 module to prevent privilege escalation of untrusted code: #11

Minor Changes

  • Add any default return type to compile(): e0b9fc83faabb101944b63bc73b710be7787f15b

2.2.0

Minor Changes

  • Update @types/node to v12.12.17: 9835e04511cb06676d5af96c1723387663f342d9
  • Update typescript to v3.7.3: b9cbd261cad40736a92a1ab1aebb788a4834b678
  • Make CompileOptions be an interface: ffe0931e4f5b28a94c6af21ebdb949b4c18c92c0
  • More strict "output" type: 1fc0f45f63601cd00dd421dc4ae09d30cbd19e0c
  • Export supportsAsync: d56395cf8400e6d36af31db595d6caa1c9e54aba
  • toString() contains the compiled code for "generator" mode: d5bea6018876fbc19034c0f6cfe6e63d0e43ccd8
  • Update "description": 9c8d43adfeb7b5ff926d7886b771f0e1ae62c345

Patches

  • Fix test: 9b8a8da8834249524e56e2d683339fc80d67c30e
  • Fix comment: fcf682393407bfc3db0cc6735abea7f124f7023a
  • Fix nested yield statements: d41a91d2b66b27b954662d90f3d36ce5480e1710

2.1.4

Patches

  • Fix passing arguments to converted generator function: 3aa6caa70ef87047f52c786c097f2c9f8ab1f2ad
  • Include returnName in error message: 1da95f51666c0c365065217dd842315a8ae7d667

2.1.3

Patches

  • Fix regular sync functions into async: 66f0229943a4f91f154b98023c107b4cf0c6471f

2.1.2

... (truncated)

Commits


Updates urllib from 2.36.1 to 2.38.1

Changelog

Sourced from urllib's changelog.

2.38.1 / 2022-07-05

fixes

  • [f343daa] - fix: ignore request error if request is done (#384) (killa )

others

  • [518d22c] - Create codeql-analysis.yml (fengmk2 )
  • [7daf2fa] - chore: update contributors (fengmk2 )
  • [20451f2] - test: add tsd for timing interface (#377) (fengmk2 )
  • [f662c2b] - chore: update contributors (fengmk2 )

2.38.0 / 2021-11-24

others

  • [6d19f99] - tsd: add timing interface (#375) (弘树@阿里 )
  • [9c9c65b] - test: check TypeScript type definitions (#373) (fengmk2 )

2.37.4 / 2021-09-07

fixes

  • [1e6622a] - fix: upgrade proxy-agent to fix the security vulnerability. (#368) (hyj1991 )

others

  • [ae27498] - docs: notes contentType's value (#349) (changzhi )

2.37.3 / 2021-07-05

fixes

  • [b730a6c] - fix: 🐛 redirect status code (#363) (Hongcai Deng )

2.37.2 / 2021-06-07

fixes

  • [04734a1] - fix: 🐛 should trigger response event when follow redirect (#361) (Hongcai Deng )

2.37.1 / 2021-04-15

others

  • [d50afda] - Update proxy-agent to v4 to resolve vulnerability (#355) (Chad McElligott )

2.37.0 / 2021-04-02

features

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/JuZiSang/picgo-plugin-compress/network/alerts).