Closed dependabot[bot] closed 3 years ago
@dependabot merge
2021年5月27日(木) 8:07 azu @.***>:
@dependabot merge
2021年5月26日(水) 8:01 dependabot[bot] @.***>:
This automated pull request fixes a security vulnerability https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/security/dependabot/yarn.lock/browserslist/open (moderate severity).
Learn more about Dependabot security updates https://docs.github.com/github/managing-security-vulnerabilities/configuring-dependabot-security-updates.
Bumps browserslist https://github.com/browserslist/browserslist from 4.8.2 to 4.16.6. Changelog
Sourced from browserslist's changelog https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md.
4.16.6
- Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).
4.16.5
- Fixed unsafe RegExp (by Yeting Li).
4.16.4
- Fixed unsafe RegExp.
- Added artifactory support to --update-db (by Ittai Baratz).
4.16.3
- Fixed --update-db.
4.16.2
- Fixed --update-db (by @ialarmedalien https://github.com/ialarmedalien).
4.16.1
- Fixed Chrome 4 with mobileToDesktop (by Aron Woost).
4.16
- Add browserslist config query.
4.15
- Add TypeScript types (by Dmitry Semigradsky).
4.14.7
- Fixed Yarn Workspaces support to --update-db (by Fausto Núñez Alberro).
- Added browser changes to --update-db (by @AleksandrSl https://github.com/AleksandrSl).
- Added color output to --update-db.
- Updated package.funding to have link to our Open Collective.
4.14.6
- Fixed Yarn support in --update-db (by Ivan Storck).
- Fixed npm 7 support in --update-db.
4.14.5
- Fixed last 2 electron versions query (by Sergey Melyukov).
4.14.4
- Fixed Unknown version 59 of op_mob error.
4.14.3
- Update Firefox ESR.
4.14.2
- Fixed --update-db on Windows (by James Ross).
- Improved --update-db output.
4.14.1
- Added --update-db explanation (by Justin Zelinsky).
... (truncated) Commits
- 6fe3614 https://github.com/browserslist/browserslist/commit/6fe3614db05b40f9dc1c63588a83d2ada05bae75 Release 4.16.6 version
- 33ebac9 https://github.com/browserslist/browserslist/commit/33ebac933839847a62ede680273449f6cdca1e18 Update dependencies
- 2128170 https://github.com/browserslist/browserslist/commit/2128170f231a6c9f462276006e09f302d811df31 Add support for npm-shrinkwrap files alongside package-lock (#595 https://github-redirect.dependabot.com/browserslist/browserslist/issues/595 )
- 7cc2aed https://github.com/browserslist/browserslist/commit/7cc2aedd0047d800d44aa0259c02b6db1414105c Release 4.16.5 version
- 27e4afd https://github.com/browserslist/browserslist/commit/27e4afdc68798ca93f8c01c5ea6208b4b361a704 Update dependencies
- 1013a18 https://github.com/browserslist/browserslist/commit/1013a1847931a209c34a704aebc85a8c091286e7 Fix version RegExp
- b879a1a https://github.com/browserslist/browserslist/commit/b879a1a304def2563f42cc3d3f5711e760662be3 Use Node.js 16 on CI
- bd1e9e0 https://github.com/browserslist/browserslist/commit/bd1e9e01c95cad24be706fb11be7d151cd99ed0a Fix ReDoS (#593 https://github-redirect.dependabot.com/browserslist/browserslist/issues/593 )
- 209adf9 https://github.com/browserslist/browserslist/commit/209adf9e0051fa39a2b25354cffd493300f34b02 Release 4.16.4 version
- 3e2ae3b https://github.com/browserslist/browserslist/commit/3e2ae3b52daf7f5203247fd4f583b3bda66ea57d Fix types
- Additional commits viewable in compare view https://github.com/browserslist/browserslist/compare/4.8.2...4.16.6
[image: Dependabot compatibility score] https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/network/alerts .
You can view, comment on, or merge this pull request online at:
https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/pull/19 Commit Summary
- chore(deps): bump browserslist from 4.8.2 to 4.16.6
File Changes
Patch Links:
- https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/pull/19.patch
https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/pull/19.diff
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/pull/19, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAE2AWGA5S5FU5QC2ECKOTTPQT5RANCNFSM45QMGUEQ .
--
Name : azu Mail : @.***
@dependabot merge
This PR has already been merged! 🎉
Bumps browserslist from 4.8.2 to 4.16.6.
Changelog
Sourced from browserslist's changelog.
... (truncated)
Commits
6fe3614
Release 4.16.6 version33ebac9
Update dependencies2128170
Add support for npm-shrinkwrap files alongside package-lock (#595)7cc2aed
Release 4.16.5 version27e4afd
Update dependencies1013a18
Fix version RegExpb879a1a
Use Node.js 16 on CIbd1e9e0
Fix ReDoS (#593)209adf9
Release 4.16.4 version3e2ae3b
Fix typesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/textlint-ja/textlint-rule-preset-foreign-language-writing/network/alerts).