nodesource / ncm-cli

Command-line tool for NodeSource Certified Modules 2.0
Other
19 stars 13 forks source link

build(deps): bump degenerator and proxy-agent #223

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps degenerator to 3.0.2 and updates ancestor dependency proxy-agent. These dependencies need to be updated together.

Updates degenerator from 2.2.0 to 3.0.2

Release notes

Sourced from degenerator's releases.

3.0.2

Patches

  • Update vm2 to v3.9.8: f690e194041f9dacba5341d5a98bbd1a65996048

3.0.1

Patches

  • Fix return undefined: ccc3445354135398b6eb1a04c7d27c13b833f2d5
  • Fix filename option: 9d25bb67d957bc2e5425fea7bf7a58b3fc64ff9e

3.0.0

Major Changes

  • Remove "generator" output mode: #12
  • Use vm2 module to prevent privilege escalation of untrusted code: #11

Minor Changes

  • Add any default return type to compile(): e0b9fc83faabb101944b63bc73b710be7787f15b
Commits


Updates proxy-agent from 4.0.1 to 5.0.0

Release notes

Sourced from proxy-agent's releases.

5.0.0

Major Changes

  • Drop Node v6 support: dabbfb34ccf11b4a3c67aaecc583e04db5e0f499
  • Update "pac-proxy-agent" to v5: 31be875e45e565b7bff38845f9590bc250f8ac79
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nodesource/ncm-cli/network/alerts).
dependabot[bot] commented 2 years ago

Looks like these dependencies are up-to-date now, so this is no longer needed.