search

material-components / material-components-web-react

Material Components for React (MDC React)
MIT License
2.02k stars 226 forks source link

chore(deps): bump minimist, mkdirp, extract-zip, handlebars, karma, karma-mocha and lerna #1121

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps minimist to 1.2.8 and updates ancestor dependencies minimist, mkdirp, extract-zip, handlebars, karma, karma-mocha and lerna. These dependencies need to be updated together.

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates mkdirp from 0.5.1 to 0.5.6

Commits
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.


Updates extract-zip from 1.6.7 to 1.7.0

Release notes

Sourced from extract-zip's releases.

1.7.0

Added

  • Error handler for zipfile object (#67)

Changed

  • Don't pin dependency requirements to specific versions (#88)

1.6.8

Dependencies

  • Update mkdirp to 0.5.4.
Commits


Updates handlebars from 4.1.2 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

Compatibility notes:

  • Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

  • Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

  • Node.js < v6 is no longer supported Reverted in 4.7.6

Commits

v4.7.4 - April 1st, 2020

Chore/Housekeeping:

Compatibility notes:

... (truncated)

Commits


Updates karma from 2.0.5 to 6.4.1

Release notes

Sourced from karma's releases.

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

v6.4.0

6.4.0 (2022-06-14)

Features

  • support SRI verification of link tags (dc51a2e)
  • support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

  • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

  • client: error out when opening a new tab fails (099b85e)

v6.3.18

6.3.18 (2022-04-13)

Bug Fixes

  • deps: upgrade socket.io to v4.4.1 (52a30bb)

v6.3.17

6.3.17 (2022-02-28)

Bug Fixes

  • deps: update colors to maintained version (#3763) (fca1884)

v6.3.16

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.1 (2022-09-19)

Bug Fixes

6.4.0 (2022-06-14)

Features

  • support SRI verification of link tags (dc51a2e)
  • support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

  • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

  • client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

  • deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

  • deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

  • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

... (truncated)

Commits
  • 0013121 chore(release): 6.4.1 [skip ci]
  • 63d86be fix: pass integrity value
  • 84f7cc3 chore(release): 6.4.0 [skip ci]
  • f2d0663 docs: add integrity parameter
  • dc51a2e feat: support SRI verification of link tags
  • 6a54b1c feat: support SRI verification of script tags
  • 5e71cf5 chore(release): 6.3.20 [skip ci]
  • e17698f fix: prefer IPv4 addresses when resolving domains
  • 60f4f79 build: add Node 16 and 18 to the CI matrix
  • 6ff5aaf chore(release): 6.3.19 [skip ci]
  • Additional commits viewable in compare view


Updates karma-mocha from 1.3.0 to 2.0.1

Release notes

Sourced from karma-mocha's releases.

v2.0.1

2.0.1 (2020-04-29)

Bug Fixes

  • deps: Report fails without emit 'test end' event (#223) (1a8226c)

v2.0.0

2.0.0 (2020-04-14)

Features

BREAKING CHANGES

  • drop support for node 8
Changelog

Sourced from karma-mocha's changelog.

2.0.1 (2020-04-29)

Bug Fixes

  • deps: Report fails without emit 'test end' event (#223) (1a8226c)

2.0.0 (2020-04-14)

Features

BREAKING CHANGES

  • drop support for node 8

Commits
  • bb5be9b chore(release): 2.0.1 [skip ci]
  • 1a8226c fix(deps): Report fails without emit 'test end' event (#223)
  • 5828416 chore(release): 2.0.0 [skip ci]
  • 4e35a55 chore(ci): semantic-release on success (#221)
  • 00b24b6 chore(deps-dev): bump eslint from 2.13.1 to 4.18.2 (#220)
  • f7ec4e7 Merge pull request #218 from karma-runner/semanitic-release
  • 5a5b6d5 feat(ci): enable semanitic-release
  • 36404cf Merge pull request #217 from franktopel/minimist-update
  • bab0416 updated minimum version of minimist dependency to ^1.2.3 instead of 1.2.0
  • 3f9e4b7 Revert "updated minimum version of minimist dependency to ^1.2.3 instead of 1...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by karmarunnerbot, a new releaser for karma-mocha since your current version.


Updates lerna from 2.11.0 to 6.5.1

Release notes

Sourced from lerna's releases.

6.5.1

6.5.1 (2023-02-14)

Bug Fixes

  • add missing dependency on js-yaml (187f480)

6.5.0

6.5.0 (2023-02-13)

Bug Fixes

  • create: normalize quotes and indents in generated test and lib files (#3529) (ad39fe2)
  • repair: re-enable repair generators (#3497) (510c3e9)

Features

  • publish: add --include-private option for testing private packages (#3503) (fa1f490)
  • publish: recover from network failure (#3513) (f03ee3e)
  • run: allow multiple script targets to be triggered at once (#3527) (937b02a)

v6.4.1

6.4.1 (2023-01-12)

Bug Fixes

v6.4.0

6.4.0 (2023-01-05)

Bug Fixes

  • run: add explicit nx dependency (#3486) (7e39397)
  • version: recognize .prettierignore when formatting files (#3482) (4e2c7a9)

Features

  • create: support relative path from root as lerna create location (#3478) (82825ce)
  • watch: Add lerna watch command (#3466) (008b995)

v6.3.0

6.3.0 (2022-12-26)

... (truncated)

Changelog

Sourced from lerna's changelog.

6.5.1 (2023-02-14)

Bug Fixes

  • add missing dependency on js-yaml (187f480)

6.5.0 (2023-02-13)

Features

  • publish: add --include-private option for testing private packages (#3503) (fa1f490)

6.4.1 (2023-01-12)

Bug Fixes

6.4.0 (2023-01-05)

Features

6.3.0 (2022-12-26)

Features

  • version: use npmClientArgs in npm install after lerna version (#3434) (e019e3f)

6.2.0 (2022-12-13)

Bug Fixes

  • schema: add the other format changelogPreset can assume (#3441) (d286973)

Features

6.1.0 (2022-11-29)

Features

  • version: bump prerelease versions from conventional commits (#3362) (2288b3a)

6.0.3 (2022-11-07)

Note: Version bump only for package lerna

... (truncated)

Commits
  • 0a7ac45 chore(misc): publish 6.5.1
  • 187f480 fix: add missing dependency on js-yaml
  • 5eafb62 chore: release 6.5.0
  • 02c534e chore: remove unnecessary write-json-file dep (#3534)
  • fa1f490 feat(publish): add --include-private option for testing private packages (#3503)
  • 6b50725 chore: remove non-runtime deps from lerna package.json (#3528)
  • aea79df chore(docs): add lerna watch -- build --include-dependents example (#3512)
  • fc094da chore: initial codebase refactor (#3517)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by jameshenry, a new releaser for lerna since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/material-components/material-components-web-react/network/alerts).