Bump minimist and roadhog in /github-projects

[dependabot[bot]]

Bumps minimist and roadhog. These dependencies needed to be updated together. Updates minimist from 0.0.8 to 1.2.6

Commits

• 7efb22a 1.2.6
• ef88b93 security notice for additional prototype pollution issue
• c2b9819 isConstructorOrProto adapted from PR
• bc8ecee test from prototype pollution PR
• aeb3e27 1.2.5
• 278677b 1.2.4
• 4cf1354 security notice
• 1043d21 additional test for constructor prototype pollution
• 6457d74 1.2.3
• 38a4d1c even more aggressive checks for protocol pollution
• Additional commits viewable in compare view

Updates roadhog from 0.5.4 to 2.4.9

Release notes

Sourced from roadhog's releases.

2.4.3

• fix: proxy file uploading，sorrycc/roadhog#786 (@​yesmeck)

2.4.0

build and dev

upgrade af-webpack from 0.18 to 0.22

• umijs/umi#421 feat: support disable files watch with WATCH_FILES=none. (@​sorrycc)
• umijs/umi#407 feat(af-webpack): new option es5ImcompatibleVersions. (@​sorrycc)
• umijs/umi#385 feat(af-webpack): support babel transform jsx in node_modules. (@​sorrycc)
• umijs/umi#360 feat(af-webpack): add preprocessor for config. (@​jdz321)
• umijs/umi#370 feat: don't connect socket if SOCKET_SERVER is set to none. (@​sorrycc)
• umijs/umi#371 feat: lock babel related dependency version since it's in beta. (@​sorrycc)
• umijs/umi#327 feat(af-webpack): support disable detect-port via DETECT_PORT=none. (@​sorrycc)
• umijs/umi#322 feat(af-webpack): support umi dev with https server. (@​gaokai)
• umijs/umi#294 feat(af-webpack):add progress-bar-webpack-plugin for indicating progress of build process. (@​dickeylth)
• umijs/umi#293 feat(af-webpack): support opts.tsConfigFile and resolve default tsconfig.json under cwd. (@​sorrycc)
• umijs/umi#72 feat(af-webpack): use HashedModuleIdsPlugin. (@​pigcan)

test

upgrade umi-test from 0.4 to 0.5

• umijs/umi#461 fix: umi test's exit code incorrect. (@​sorrycc)
• umijs/umi#452 fix(umi-test): module-resovle pllugin conflict and json ext support. (@​sorrycc)
• umijs/umi#182 umi test support extend jest config with jest.config.js

2.3.0

build and dev

• fix sourcemap don't work, #554, umijs/umi#43
• process.env.NO_COMPRESS work for service-worker.js too
• fix typo, opts.serviceworker 大小写，#594
• force reload when process.env.RELOAD is set
• deprecate DISABLE_ESLINT, DISABLE_TSLINT, prefer ESLINT=none, TSLINT=none
• don't minify CSS when process.env.CSS_COMPRESS=none is truthy
• support setPublicPath with env SET_PUBLIC_PATH, #633

test

• use identity-obj-proxy for css/less files
• improve test with ts

2.3.0-beta.1

• #632
• #633

... (truncated)

Commits

• 6bdadde Release 2.4.9
• 4955505 Merge pull request #846 from sorrycc/removeAtoolMonitor
• cd3fce2 feat: 去掉 atool-monitor
• 8bef19b 2.4.8
• 69354c3 feat: add umi-notify for notification
• 71bee08 update .gitignore
• 0900b4f Release 2.4.7
• 6c612ff Merge pull request #837 from sorrycc/bigbrotherDev
• f49475f feat: bigbrother dev
• db649f6 Release 2.4.6
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ikobe, a new releaser for roadhog since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xrlin/xrlin.github.io/network/alerts).