This version was pushed to npm by google-wombot, a new releaser for @angular/cli since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
:warning: We detected 17 security issues in this pull request:
Vulnerable Libraries (17)
Severity | Details
----- | --------
Medium | [acorn@6.3.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>5.7.3 || >6.4.0 || >7.1.0`
Medium | [browserslist@4.6.6](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>4.16.4`
High | [dns-packet@1.3.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=1.3.2 || >=5.2.2`
High | [dot-prop@4.2.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=4.2.1 || >=5.1.1`
High | [elliptic@6.5.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>6.5.3`
Critical | [handlebars@4.1.2](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>4.7.6`
Medium | [hosted-git-info@2.8.4](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=2.8.9 || >=3.0.8`
High | [http-proxy@1.17.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=1.18.1`
High | [https-proxy-agent@2.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=2.2.3`
High | [merge@1.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=2.1.1`
High | [node-forge@0.7.5](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>0.9.2`
High | [serialize-javascript@1.9.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>3.0.0`
Medium | [ssri@5.3.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>6.0.1 || >7.1.0 || 8.0.0`
High | [tree-kill@1.2.1](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=1.2.2`
High | [url-parse@1.4.7](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=1.5.0`
Medium | [websocket-extensions@0.1.3](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=0.1.4`
High | [y18n@4.0.0](https://github.com/hisptz/ngx-dhis2-validation-rule-filter/blob/9c6a21bee497cb52dd51da46974606e229d1f12b/package.json) upgrade to `>=5.0.5`
More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr).
Bumps @angular/cli from 7.3.9 to 12.0.3.
Release notes
Sourced from
@angular/cli
's releases.... (truncated)
Commits
8990849
release: v12.0.3c68572f
perf(@angular-devkit/build-webpack
): include only required stats in webpackStats1ca193f
docs(@angular-devkit/build-angular
): updateincludePaths
descriptiona9c3a35
fix(@ngtools/webpack
): remove redundant inline style cache7bba446
fix(@angular-devkit/core
): transform path using getSystemPath for NodeJsAsync...bd88af5
perf(@angular-devkit/build-angular
): updatelicense-webpack-plugin
to2.3.19
b36c0c9
fix(@schematics/angular
): show better error when non existing project is pass...b8c5d56
build: bump dns-packet from 1.3.1 to 1.3.4ff87570
fix(@ngtools/webpack
): normalize paths when adding file dependencies8bee9cb
build: fix typings to works with webpack 5.37.0Maintainer changes
This version was pushed to npm by google-wombot, a new releaser for
@angular/cli
since your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)