lsqlabs / ngx-smart-popover

45 stars 27 forks source link

chore(deps): bump minimist and protractor #110

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps minimist to 1.2.6 and updates ancestor dependency protractor. These dependencies need to be updated together.

Updates minimist from 1.2.5 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93
Commits


Updates protractor from 5.4.2 to 5.4.4

Release notes

Sourced from protractor's releases.

5.4.3

typescript 3.7 compatibility

Resolves #5348 which was causing incompatibility with TypeScript 3.7

Changelog

Sourced from protractor's changelog.

5.4.4

Fixes

  • fix: security prototype pollution

5.4.3

Fixes

fix(index.ts): Fix exports to unbreak TypeScript 3.7 build

Commits
  • a0ffa9b release: 5.4.4
  • 8b3ebf8 fix: security prototype pollution
  • 162f9e5 ci: Log sauce connect proxy to stdout, remove travis_wait, upgrade proxy to 4...
  • eb1d0fc docs(release): Update release docs for 5.4 series.
  • 6c46098 chore(release): Update changelog
  • faf0895 fix(ci): Don't update webdriver in pretest
  • d77731c fix(release): Pin CircleCI to Chrome v74
  • efe7fdd chore(dependencies): Update natives, so we can continue to run Gulp on
  • 0442e51 chore(release): Bugfix release 5.4.3
  • 7999a08 fix(index.ts): Fix exports to unbreak TypeScript 3.7 build
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lsqlabs/ngx-smart-popover/network/alerts).