search

pantheon-systems / WordPress

WordPress upstream for the Pantheon website platform. Includes a platform integration plugins and a pre-configured wp-config.php.
Other
179 stars 226 forks source link

Bump the npm_and_yarn group across 3 directories with 37 updates #390

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the npm_and_yarn group with 9 updates in the /wp-content/themes/twentynineteen directory:

Package From To
node-sass 4.9.3 7.0.0
braces 2.3.2 3.0.3
chokidar-cli 1.2.1 3.0.0
postcss-cli 6.0.1 11.0.0
minimist 0.0.8 1.2.8
mkdirp 0.5.1 0.5.6
postcss 7.0.2 8.4.39
rtlcss 2.4.0 4.1.1
shell-quote 1.6.1 1.8.1

Bumps the npm_and_yarn group with 11 updates in the /wp-content/themes/twentytwenty directory:

Package From To
ajv 6.10.2 6.12.6
ansi-regex 4.1.0 4.1.1
ansi-regex 3.0.0 4.1.1
lodash 4.17.15 4.17.21
yargs-parser 10.1.0 21.1.1
@wordpress/scripts 5.0.0 28.2.0
concurrently 4.1.2 8.2.2
postcss-cli 6.1.3 11.0.0
minimist 0.0.8 1.2.8
mkdirp 0.5.1 0.5.6
postcss 7.0.18 8.4.39
rtlcss 2.4.0 4.1.1

Bumps the npm_and_yarn group with 12 updates in the /wp-content/themes/twentytwentyone directory:

Package From To
ansi-regex 4.1.0 4.1.1
braces 3.0.2 3.0.3
lodash 4.17.20 4.17.21
ini 1.3.5 1.3.8
minimist 1.2.5 1.2.6
postcss 7.0.35 8.4.39
postcss-css-variables 0.17.0 0.19.0
rtlcss 2.6.2 4.1.1
shell-quote 1.7.2 1.8.1
y18n 4.0.1 4.0.3
@babel/traverse 7.12.9 7.24.7
json5 2.1.3 2.2.3

Updates node-sass from 4.9.3 to 7.0.0

Release notes

Sourced from node-sass's releases.

v7.0.0

Breaking changes

Features

Dependencies

Community

  • Remove double word "support" from documentation (@​pzrq, #3159)

Misc

Supported Environments

OS Architecture Node
Windows x86 & x64 12, 14, 16, 17
OSX x64 12, 14, 16, 17
Linux* x64 12, 14, 16, 17
Alpine Linux x64 12, 14, 16, 17
FreeBSD i386 amd64 12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.1

Dependencies

Misc

Supported Environments

... (truncated)

Changelog

Sourced from node-sass's changelog.

v4.14.0

https://github.com/sass/node-sass/releases/tag/v4.14.0

v4.13.1

https://github.com/sass/node-sass/releases/tag/v4.13.1

v4.13.0

https://github.com/sass/node-sass/releases/tag/v4.13.0

v4.12.0

https://github.com/sass/node-sass/releases/tag/v4.12.0

v4.11.0

https://github.com/sass/node-sass/releases/tag/v4.11.0

v4.10.0

https://github.com/sass/node-sass/releases/tag/v4.10.0

v4.9.4

https://github.com/sass/node-sass/releases/tag/v4.9.4

Commits


Updates ajv from 5.5.2 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

Commits
  • fe59143 6.12.6
  • d580d3e Merge pull request #1298 from ajv-validator/fix-url
  • fd36389 fix: regular expression for "url" format
  • 490e34c docs: link to v7-beta branch
  • 9cd93a1 docs: note about v7 in readme
  • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
  • f1c8e45 6.12.5
  • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
  • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
  • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
  • Additional commits viewable in compare view


Updates braces from 2.3.2 to 3.0.3

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

  • The undocumented .makeRe method was removed

Non-breaking changes

  • Caching was removed
Commits


Updates chokidar-cli from 1.2.1 to 3.0.0

Release notes

Sourced from chokidar-cli's releases.

v3.0.0

  • Remove windows from GH actions test machine matrix ad5e2d7
  • Update dependencies bbf17af
  • Update node version matrix for GH actions 75831e3
  • Update references to new repository owner org 7e16ff1
  • Don't throttle or debounce if those options were not specified. (#90) 331243f
  • Switch to GitHub Actions CI. (#85) 99e4b47

https://github.com/open-npm-tools/chokidar-cli/compare/2.1.0...v3.0.0

2.1.0

Updated chokidar to 3.2.

2.0.0

  • Updated chokidar itself to latest version
  • Requires node.js v8.0.0 or newer as chokidar requires that as well as of v3+

1.2.3

  • Update all dependencies to latest versions (fixes kimmobrunfeldt/chokidar-cli#66)
    • chokidar is updated to latest v2.x - to avoid breaking changes at this point

1.2.2

Commits
  • d960f90 3.0.0
  • ad5e2d7 Remove windows from GH actions test machine matrix
  • bbf17af Update dependencies
  • 75831e3 Update node version matrix for GH actions
  • 7e16ff1 Update references to new repository owner org
  • 331243f Don't throttle or debounce if those options were not specified. (#90)
  • 99e4b47 Switch to GitHub Actions CI. (#85)
  • 42a6ea8 Release 2.1.0.
  • 9fac94b Merge pull request #89 from XhmikosR/deps
  • 85ab77b chokidar 3.2.3
  • Additional commits viewable in compare view


Updates postcss-cli from 6.0.1 to 11.0.0

Release notes

Sourced from postcss-cli's releases.

8.0.0 / 2020-09-21

  • BREAKING: Support postcss v8 (#344, #349)
  • BREAKING: postcss is now a peerDependency, you must install it seperately (#344, #349)
  • Upgrade dependencies (#340)

7.0.0 / 2020-01-07

6.1.0

  • Add --include-dotfiles flag to allow globs to match dotfiles. (#254)
  • Only log warning messages. This has always been intended behavior, but it wasn't working as expected. (#244)
Changelog

Sourced from postcss-cli's changelog.

11.0.0 / 2023-12-05

10.1.0 / 2022-11-29

  • Allow running --watch mode in non-TTY contexts, like Docker (#448)
  • Update dependencies

10.0.0 / 2022-06-29

  • BREAKING: Drop Node 12 support (#438)
  • Add support for ESM config files (#437)

9.1.0 / 2021-12-10

  • Don't write to files if they're unchanged (#320, #417)

9.0.2 / 2021-11-04

  • Switch to picocolors (#409)
  • Remove test files from npm package

9.0.1 / 2021-09-28

  • Actually exit with error when attempting to stdout in watch mode
  • Remove bin/ from files in package.json

9.0.0 / 2021-09-24

  • BREAKING: Require Node.js v12+
  • BREAKING: Must specify full file path, including .js extension, when loading local plugins with --use (#401)
  • BREAKING: Officially remove support for watching postcss config (was already broken in previous releases)
  • Add support for dir-dependency messages (#383, #391)
  • Update deps

8.3.1 / 2020-12-12

  • Ensure paths are not interpreted as numbers (#360)
  • Better errors for incorrect postcss version (#361, #362)

8.3.0 / 2020-11-17

  • Exit on EOF/^D (#358)

8.2.0 / 2020-10-29

  • Allow backslashes in paths for better Windows experience (#355)

... (truncated)

Commits


Updates lodash from 4.17.10 to 4.17.11

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • d7fbc52 Bump to v4.17.19
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates yargs-parser from 5.0.0 to 13.1.2

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

yargs-parser yargs-parser-v20.2.9

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

20.2.9 (2021-06-20)

Bug Fixes

... (truncated)

Commits
  • 3aba24c chore(main): release yargs-parser 21.1.1 (#455)
  • d69f9c3 fix(typescript): ignore .cts files during publish (#454)
  • 90067a0 chore(main): release yargs-parser 21.1.0 (#446)
  • d07bcdb fix: node version check now uses process.versions.node (#450)
  • c0c6079 chore(deps): update dependency puppeteer to v16 (#451)
  • a89259f feat: allow the browser build to be imported (#443)
  • c474bc1 fix(halt-at-non-option): prevent known args from being parsed when "unknown-o...
  • fd30238 chore(deps): update dependency serve to v14 (#449)
  • a072f9a chore(deps): update dependency puppeteer to v15 (#444)
  • 4f1060b fix: parse options ending with 3+ hyphens (#434)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.


Updates fsevents from 1.2.4 to 2.3.3

Release notes

Sourced from fsevents's releases.

Release v2.3.3

Released to npm as v2.3.3

Release v2.3.2

Released to npm as v2.3.2

Release v2.3.1

Released to npm as v2.3.1

Release contains universal binary for x86 & amd64 (m1) chips

Release v2.2.2

Released to npm as v2.2.2

Universal Binary Support x86-64 & amd64(m1)

Release v2.2.0

Electron Enabled (no static functions/variables)

Release v1.2.3

No release notes provided.

Release v2.1.2

No release notes provided.

2.1.0

Latest stable release

Release NAPI v2.0.6

Include essential files only.

Release NAPI v2.0.5

No release notes provided.

Release NAPI v2.0.4

No release notes provided.

Release NAPI v2.0.3

Moved NAPI version out of experimental.

NAPI release

No release notes provided.

deprecated

Fixing the API for chokidar since it was calling FSEvents as a constructor

deprecated

We have upgraded to N-API. For that reason we have also dropped support for node < 6.

For that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on fsevents, it should be as simple as changing the version number in your package.json.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by pipobscure, a new releaser for fsevents since your current version.


Updates chownr from 1.0.1 to 2.0.0

Commits


Updates minimist from 0.0.8 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates mkdirp from 0.5.1 to 0.5.6

Commits
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.


Updates tar from 2.2.1 to 6.2.1

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

Documentation

Changelog

Sourced from tar's changelog.

Changelog

7.4

  • Deprecate onentry in favor of onReadEntry for clarity.

7.3

  • Add onWriteEntry option

7.2

  • DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

  • Update minipass to v7.1.0
  • Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

  • Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
  • Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
  • Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
  • Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

6.2

  • Add support for brotli compression
  • Add maxDepth option to prevent extraction into excessively deep folders.

6.1

  • remove dead link to benchmarks (#313) (@​yetzt)
  • add examples/explanation of using tar.t (@​isaacs)
  • ensure close event is emited after stream has ended (@​webark)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.


Updates json-schema from 0.2.3 to 0.4.0

Commits
  • f6f6a3b Use a little more robust method of checking instances
  • ef60987 Update version
  • b62f1da Protect against constructor modification, #84
  • fb427cd Link to json-schema-org repository in addition to site, fixes #54
  • 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
  • c52a27c Get basic test to pass
  • b3f42b3 Add security policy
  • 3b0cec3 Update version
  • c28470f Update readme to acknowledge the state of the package
  • 7dff9cd Merge pull request
    jazzsequence commented 3 months ago

    @dependabot ignore this dependency

dependabot[bot] commented 3 months ago

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml