search

mapcentia / vidi

Vidi – a modern take on browser GIS. It is the front-end client for GC2.
https://www.osgeo.org/projects/gc2-vidi/
GNU Affero General Public License v3.0
44 stars 24 forks source link

Bump minimist, grunt-contrib-handlebars, karma, karma-mocha, mocha and nyc #273

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps minimist to 1.2.7 and updates ancestor dependencies minimist, grunt-contrib-handlebars, karma, karma-mocha, mocha and nyc. These dependencies need to be updated together.

Updates minimist from 0.0.8 to 1.2.7

Changelog

Sourced from minimist's changelog.

v1.2.7 - 2022-10-10

Commits

  • [meta] add auto-changelog 0ebf4eb
  • [actions] add reusable workflows e115b63
  • [eslint] add eslint; rules to enable later are warnings f58745b
  • [Dev Deps] switch from covert to nyc ab03356
  • [readme] rename and add badges 236f4a0
  • [meta] create FUNDING.yml; add funding in package.json 783a49b
  • [meta] use npmignore to autogenerate an npmignore file f81ece6
  • Only apps should have lockfiles 56cad44
  • [Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f
  • [Tests] add aud in posttest 228ae93
  • [meta] add safe-publish-latest 01fc23f
  • [meta] update repo URLs 6b164c7

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

  • security notice 4cf1354
  • additional test for constructor prototype pollution 1043d21

v1.2.3 - 2020-03-10

Commits

  • more failing proto pollution tests 13c01a5
  • even more aggressive checks for protocol pollution 38a4d1c

v1.2.2 - 2020-03-10

Commits

... (truncated)

Commits
  • c590d75 v1.2.7
  • 0ebf4eb [meta] add auto-changelog
  • e115b63 [actions] add reusable workflows
  • 01fc23f [meta] add safe-publish-latest
  • f58745b [eslint] add eslint; rules to enable later are warnings
  • 228ae93 [Tests] add aud in posttest
  • 236f4a0 [readme] rename and add badges
  • ab03356 [Dev Deps] switch from covert to nyc
  • 49c5f9f [Dev Deps] update covert, tape; remove unnecessary tap
  • 783a49b [meta] create FUNDING.yml; add funding in package.json
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates grunt-contrib-handlebars from 1.0.0 to 3.0.0

Release notes

Sourced from grunt-contrib-handlebars's releases.

v3.0.0

  • v3.0.0 90ad7de
  • Merge pull request #182 from gruntjs/updates2 11695bb
  • Remove old CI 5213487
  • Add Actions 1a0aa8d
  • Bump hosted-git-info from 2.8.4 to 2.8.9 (#181) b9387c3
  • Bump lodash from 4.17.15 to 4.17.21 (#180) c4bc6e8
  • Merge pull request #178 from gruntjs/dependabot/npm_and_yarn/grunt-1.3.0 a88002c
  • Bump grunt from 1.0.4 to 1.3.0 3a44358
  • Merge pull request #177 from gruntjs/dependabot/npm_and_yarn/y18n-4.0.1 0f89e69
  • Bump y18n from 4.0.0 to 4.0.1 c261c7e
  • Merge pull request #175 from gruntjs/dependabot/npm_and_yarn/yargs-parser-13.1.2 cb8162c
  • Bump yargs-parser from 13.1.1 to 13.1.2 cedc05c

https://github.com/gruntjs/grunt-contrib-handlebars/compare/v2.0.0...v3.0.0

Changelog

Sourced from grunt-contrib-handlebars's changelog.

v3.0.0: date: 2021-05-14 changes: - Docs, CI and dependency updates. Requires node 12+. v2.0.0: date: 2019-09-30 changes: - Docs, CI and dependency updates.

Commits


Updates karma from 2.0.5 to 6.4.1

Release notes

Sourced from karma's releases.

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

v6.4.0

6.4.0 (2022-06-14)

Features

  • support SRI verification of link tags (dc51a2e)
  • support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

  • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

  • client: error out when opening a new tab fails (099b85e)

v6.3.18

6.3.18 (2022-04-13)

Bug Fixes

  • deps: upgrade socket.io to v4.4.1 (52a30bb)

v6.3.17

6.3.17 (2022-02-28)

Bug Fixes

  • deps: update colors to maintained version (#3763) (fca1884)

v6.3.16

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.1 (2022-09-19)

Bug Fixes

6.4.0 (2022-06-14)

Features

  • support SRI verification of link tags (dc51a2e)
  • support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

  • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

  • client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

  • deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

  • deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

  • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

... (truncated)

Commits
  • 0013121 chore(release): 6.4.1 [skip ci]
  • 63d86be fix: pass integrity value
  • 84f7cc3 chore(release): 6.4.0 [skip ci]
  • f2d0663 docs: add integrity parameter
  • dc51a2e feat: support SRI verification of link tags
  • 6a54b1c feat: support SRI verification of script tags
  • 5e71cf5 chore(release): 6.3.20 [skip ci]
  • e17698f fix: prefer IPv4 addresses when resolving domains
  • 60f4f79 build: add Node 16 and 18 to the CI matrix
  • 6ff5aaf chore(release): 6.3.19 [skip ci]
  • Additional commits viewable in compare view


Updates karma-mocha from 1.3.0 to 2.0.1

Release notes

Sourced from karma-mocha's releases.

v2.0.1

2.0.1 (2020-04-29)

Bug Fixes

  • deps: Report fails without emit 'test end' event (#223) (1a8226c)

v2.0.0

2.0.0 (2020-04-14)

Features

BREAKING CHANGES

  • drop support for node 8
Changelog

Sourced from karma-mocha's changelog.

2.0.1 (2020-04-29)

Bug Fixes

  • deps: Report fails without emit 'test end' event (#223) (1a8226c)

2.0.0 (2020-04-14)

Features

BREAKING CHANGES

  • drop support for node 8

Commits
  • bb5be9b chore(release): 2.0.1 [skip ci]
  • 1a8226c fix(deps): Report fails without emit 'test end' event (#223)
  • 5828416 chore(release): 2.0.0 [skip ci]
  • 4e35a55 chore(ci): semantic-release on success (#221)
  • 00b24b6 chore(deps-dev): bump eslint from 2.13.1 to 4.18.2 (#220)
  • f7ec4e7 Merge pull request #218 from karma-runner/semanitic-release
  • 5a5b6d5 feat(ci): enable semanitic-release
  • 36404cf Merge pull request #217 from franktopel/minimist-update
  • bab0416 updated minimum version of minimist dependency to ^1.2.3 instead of 1.2.0
  • 3f9e4b7 Revert "updated minimum version of minimist dependency to ^1.2.3 instead of 1...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by karmarunnerbot, a new releaser for karma-mocha since your current version.


Updates mocha from 5.2.0 to 10.2.0

Release notes

Sourced from mocha's releases.

v10.2.0

10.2.0 / 2022-12-11

:tada: Enhancements

  • #4945: API: add possibility to decorate ESM name before import (@​j0tunn)

:bug: Fixes

:book: Documentation

v10.1.0

10.1.0 / 2022-10-16

:tada: Enhancements

:nut_and_bolt: Other

v10.0.0

10.0.0 / 2022-05-01

:boom: Breaking Changes

:nut_and_bolt: Other

... (truncated)

Changelog

Sourced from mocha's changelog.

10.2.0 / 2022-12-11

:tada: Enhancements

  • #4945: API: add possibility to decorate ESM name before import (@​j0tunn)

:bug: Fixes

:book: Documentation

10.1.0 / 2022-10-16

:tada: Enhancements

:nut_and_bolt: Other

10.0.0 / 2022-05-01

:boom: Breaking Changes

:nut_and_bolt: Other

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by juergba, a new releaser for mocha since your current version.


Updates nyc from 12.0.2 to 15.1.0

Changelog

Sourced from nyc's changelog.

15.1.0 (2020-06-01)

Features

  • experimental: Support using --all with node.js ESM (#1320) (992359a)

15.0.1 (2020-04-02)

Bug Fixes

15.0.0 (2019-12-20)

⚠ BREAKING CHANGES

  • The flow and jsx parser plugins are no longer enabled by default.
  • Node.js 8 is now required to run nyc
  • Remove NYC_ROOT_ID and NYC_INSTRUMENTER environmental variables.
  • The root field has been removed from processinfo files.

Features

Bug Fixes

14.1.1 (2019-05-09)

... (truncated)

Commits
  • de7baa4 chore(release): 15.1.0
  • 992359a feat(experimental): Support using --all with node.js ESM (#1320)
  • 086fd20 chore: Regenerate package-lock, update source-map-support test (#1314)
  • b20f751 chore: add bugs (used, e.g., by npmjs) (#1313)
  • 6898e88 chore: Fix CHANGELOG.md version header
  • d9a76d5 chore(release): 15.0.1
  • 3a577f0 fix: Ignore insignificant lines when coalesce text report (#1300)
  • df34c1c fix: Data merge concurrency limit to prevent OOM (#1293)
  • befbf08 chore: A test where nyc output help text to stderr was flaky (#1269)
  • 9260a70 docs: Remove nyc containing object in json config examples (#1276)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by coreyfarrell, a new releaser for nyc since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mapcentia/vidi/network/alerts).