Closed dependabot[bot] closed 2 months ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/micromatch@4.0.8 | None | 0 |
56.6 kB | doowb |
npm/webpack@5.94.0 | None | 0 |
5.08 MB | evilebottnawi, jhnns, sokra, ...1 more |
🚮 Removed packages: npm/@types/eslint-scope@3.7.7), npm/@types/eslint@9.6.0), npm/micromatch@4.0.7), npm/webpack@5.93.0)
Looks like these dependencies are no longer updatable, so this is no longer needed.
Bumps the npm_and_yarn group with 2 updates: webpack and micromatch.
Updates
webpack
from 5.93.0 to 5.94.0Release notes
Sourced from webpack's releases.
Commits
eabf85d
chore(release): 5.94.0955e057
security: fix DOM clobbering in auto public path9822387
test: fixcbb86ed
test: fix5ac3d7f
fix: unexpected asi generation with sequence expression2411661
security: fix DOM clobbering in auto public pathb8c03d4
fix: unexpected asi generation with sequence expressionf46a03c
revert: do not use heuristic fallback for "module-import"60f1898
fix: do not use heuristic fallback for "module-import"66306aa
Revert "fix: module-import get fallback from externalsPresets"Updates
micromatch
from 4.0.7 to 4.0.8Release notes
Sourced from micromatch's releases.
Changelog
Sourced from micromatch's changelog.
Commits
8bd704e
4.0.8a0e6841
run verb to generate README documentation4ec2884
Merge branch 'v4' into hauserkristof-feature/v4.0.803aa805
Merge pull request #266 from hauserkristof/feature/v4.0.8814f5f7
lint67fcce6
fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5113f2e3
fix: CVE numbers in CHANGELOGd9dbd9a
feat: updated CHANGELOG2ab1315
fix: use actions/setup-node@v41406ea3
feat: rework test to work on macos with node 10,12 and 14Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show