__proto__ will now be replaced with ___proto___ in parse (#258), patching a potential
prototype pollution vulnerability. This was reported by the Snyk Security Research Team. (63810ca)
This version was pushed to npm by oss-bot, a new releaser for yargs since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/wix-incubator/vscode-glean/network/alerts).
Bumps yargs-parser, conventional-commits-parser, npm, conventional-changelog-writer and yargs. These dependencies needed to be updated together. Updates
yargs-parser
from 9.0.2 to 20.2.9Release notes
Sourced from yargs-parser's releases.
Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
3859e74
chore: release main (#404)1fe9135
fix(build): fixed automated release pipeline9eb9c2f
chore: release main (#398)4b9e134
build: should be releases_created441f059
fix(perf): address slow parse when using unknown-options-as-args (#394)fb22816
build: switch from master to maina0a0814
build: switch to manifest based releases (#396)088481c
docs: fix typos in README.md (#379)6877a2d
test: add test for optimized output (#373)2cfab05
refactor: quote properties used for meta-programmingMaintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Updates
conventional-commits-parser
from 3.0.8 to 3.2.4Release notes
Sourced from conventional-commits-parser's releases.
Changelog
Sourced from conventional-commits-parser's changelog.
Commits
1d0f62d
chore(master): release conventional-commits-parser 3.2.4 (#896)95384db
chore(master): release git-raw-commits 2.0.11 (#894)e6f44ad
fix: support BREAKING-CHANGE alongside BREAKING CHANGE (#882)b2245a7
fix: allow raw commits to be filtered by path and date range (#893)1fe2f29
build: switch order of tag and release1827696
chore(master): release conventional-changelog-conventionalcommits 4.6.2 (#877)a46590f
chore(deps): update dependency sinon to v12 (#869)8ce6a7b
chore(master): release conventional-changelog-cli 2.2.2 (#884)4da337a
build: confirm configuration issuec010c88
build: add conventional-changelog to configMaintainer changes
This version was pushed to npm by oss-bot, a new releaser for conventional-commits-parser since your current version.
Updates
npm
from 6.13.3 to 6.14.18Changelog
Sourced from npm's changelog.
... (truncated)
Commits
1314dc0
6.14.1804cb2c7
update AUTHORS771245f
docs: changelog for v6.14.18ade941c
chore: remove gh legacy url test0a5f8d9
chore: remove verify no scoped testd3e7eed
lock-verify@2.2.28b357e5
decode-uri-component@0.2.2db32f16
chore: minimatch is not a depf521320
chore: cleanup lockfile0437207
chore: should only lint sourceMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for npm since your current version.
Updates
conventional-changelog-writer
from 4.0.11 to 4.1.0Release notes
Sourced from conventional-changelog-writer's releases.
Commits
77725cf
chore: release conventional-changelog-writer 4.1.0 (#724)5984bfc
build: allow CI/CD to be kicked off with label2bd09e9
build: move to release-please for publishing (#722)872dcab
chore(deps): update dependency split2 to v3 (#721)a0b348c
fix: normalize git show signature option to false (#671)a11026c
build: package-lock.json not working with renovate20e2fe2
build: stop updating package-lock.json (#713)7551bf5
chore(deps): update actions/setup-node action to v2 (#704)181cf8c
docs(conventionalcommits): correct value of package.json#homepage field (#701)e869fe6
feat: add helper for parsing array of commits (#711)Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for conventional-changelog-writer since your current version.
Updates
yargs
from 15.0.2 to 15.4.1Changelog
Sourced from yargs's changelog.
... (truncated)
Commits
0b519a4
chore: update package.json22d7ec0
fix(deps): decamelize@3.x is 12mb028b50d
chore: release 15.4.0 (#1635)225ab82
feat: support array of examples (#1682)e68334b
refactor(ts): move and tsify most of root yargs.js to lib/yargs (#1670)cb7fbb8
chore: remove old entries fromfiles
field in `package.json (#1677)34949f8
Revert "chore(deps): update dependency eslint to v7 (#1656)" (#1673)18c2efd
docs(api): clarify process.argv handling and the order of API methods (#1644)791cc59
docs: describe commandDir() parameters (#1540) (#1613)83a90f0
chore(deps): update typescript-eslint monorepo to v3 (#1662)Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/wix-incubator/vscode-glean/network/alerts).