smallbets / userbase

Create secure and private web apps using only static JavaScript, HTML, and CSS.
https://userbase.com
MIT License
2.29k stars 125 forks source link

Bump minimist and forever #425

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps minimist to 1.2.8 and updates ancestor dependency forever. These dependencies need to be updated together.

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates forever from 1.0.1 to 4.0.3

Release notes

Sourced from forever's releases.

4.0.0

  • [security] Replace nconf with configstore #1112
  • [security] Replace yargs with getopts #1110

No changes should be needed for migration, but considering the library switch, this is marked as a semver-major to be on a safe side.

3.0.1

Replace optimist with yargs

3.0.0

No release notes provided.

Changelog

Sourced from forever's changelog.

4.0.3 / Fri, 28 January 2022

  • [fix] Upgrade Winston #1128

4.0.2 / Mon, 10 January 2022

  • [fix] Pin colors.js version #1127

4.0.1 / Sat, 12 June 2021

  • [fix] Configstore init and usage fixes #1115

4.0.0 / Tue, 06 May 2021

  • [security] Replace nconf with configstore #1112
  • [security] Replace yargs with getopts #1110

3.0.4 / Sat, 21 Nov 2020

  • [security] Update forever-monitor and remove utile to get rid of vulnerabilities

3.0.3 / Sat, 21 Nov 2020

  • [security] Update forever-monitor and remove broadway to get rid of vulnerable minimist version #1098

3.0.2 / Sat, 21 Nov 2020

  • [doc] Add project deprecation warning

3.0.1 / Sun, 22 Aug 2020

  • [security] Replaced optimist with yargs #1093

3.0.0 / Fri, 22 May 2020

  • [security] Update forever-monitor #1081

2.0.0 / Sun, 05 Jan 2020

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/smallbets/userbase/network/alerts).