Bump moment and rollup-plugin-license #2

dependabot · 2024-09-16T08:49:59Z

Bumps moment to 2.29.4 and updates ancestor dependency rollup-plugin-license. These dependencies need to be updated together.

Updates moment from 2.29.1 to 2.29.4

Changelog

Sourced from moment's changelog.

2.29.4

Release Jul 6, 2022

#6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

Release Apr 17, 2022

#5995 [bugfix] Remove const usage

#5990 misc: fix advisory link

2.29.2 See full changelog

Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

Commits

000ac18 Build 2.24.4
f2006b6 Bump version to 2.24.4
536ad0c Update changelog for 2.29.4
9a3b589 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
6374fd8 Merge branch 'master' into develop
b4e6153 Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"
7aebb16 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
57c9062 Build 2.29.3
aaf50b6 Fixup release complaints
26f4aef Bump version to 2.29.3
Additional commits viewable in compare view

Updates rollup-plugin-license from 2.6.1 to 2.9.1

Changelog

Sourced from rollup-plugin-license's changelog.

3.5.0 (2024-06-22)

release: prepare next release (71f5bcf)

release: prepare next release (2c51c64)

release: release version (f27f51d)

release: release version (8a7f79c)

chore: fix lint task (a7c455f)

chore: remove (deprecated) eslint-config-google (0ba031f)

chore(ci): push release to current branch (03112e9)

chore(deps-dev): bump @rollup/plugin-commonjs from 25.0.7 to 25.0.8 (#1732) (8bd6fb3), closes #1732

chore(deps-dev): bump @rollup/plugin-commonjs from 25.0.8 to 26.0.1 (#1741) (25f03f2), closes #1741

chore(deps-dev): bump globalthis from 1.0.3 to 1.0.4 (#1721) (54084da), closes #1721

chore(deps-dev): bump gulp-conventional-changelog from 4.0.0 to 5.0.0 (#1723) (d6ae13f), closes #1723

chore(deps-dev): bump prettier from 3.2.5 to 3.3.0 (#1737) (3e80b2a), closes #1737

chore(deps-dev): bump prettier from 3.3.0 to 3.3.1 (#1740) (ef8aabf), closes #1740

chore(deps-dev): bump prettier from 3.3.1 to 3.3.2 (#1746) (e4fbe41), closes #1746

chore(deps-dev): bump rimraf from 5.0.5 to 5.0.7 (#1727) (44fd2d4), closes #1727

chore(deps-dev): bump rollup from 4.14.3 to 4.16.2 (#1715) (0126778), closes #1715

chore(deps-dev): bump rollup from 4.16.2 to 4.16.4 (#1716) (2256205), closes #1716

chore(deps-dev): bump rollup from 4.16.4 to 4.17.2 (#1722) (084276a), closes #1722

chore(deps-dev): bump the babel group with 2 updates (#1720) (6720a77), closes #1720

chore(deps-dev): bump the babel group with 2 updates (#1739) (2d3d1d3), closes #1739

chore(deps-dev): bump the babel group with 3 updates (#1733) (b56dc88), closes #1733

chore(deps-dev): bump the typescript-eslint group across 1 directory with 2 updates (#1729) (5cfc7c0), closes #1729

chore(deps-dev): bump the typescript-eslint group across 1 directory with 2 updates (#1748) (c0abf2d), closes #1748

chore(deps-dev): bump the typescript-eslint group with 2 updates (#1714) (1deea69), closes #1714

chore(deps-dev): bump the typescript-eslint group with 2 updates (#1717) (3571d80), closes #1717

chore(deps-dev): bump the typescript-eslint group with 2 updates (#1735) (c3d769f), closes #1735

chore(deps-dev): bump the typescript-eslint group with 2 updates (#1736) (2e053de), closes #1736

chore(deps-dev): bump typescript from 5.4.5 to 5.5.2 (#1750) (374962d), closes #1750

--- (#1730) (40dc5e6), closes #1730

Update readme (780ff50)

feat: drop glob usage (#1742) (2623a1b), closes #1742

feat: drop mkdirp (#1743) (2f90c74), closes #1743

feat: include private self dependency (1401f5d)

docs: update README & changelog (bdfca87)

3.4.0 (2024-04-18)

release: prepare next release (1c6c911)

release: release version (a576572)

chore: add changelog update workflow (5f4ed57)

chore: update changelog (a48e164)

chore: update readme (8254eae)

chore(ci): add node 21 (80cefa0)

chore(ci): remove invalid option (16e4d5d)

chore(ci): update actions/checkout to version 4.1.2 (9742e59)

chore(ci): use node 20 (184cc0b)

... (truncated)

Commits

b1d4a26 release: release version
3c6f67e fix: resolve dir as soon as possible
0719283 refactor: use path#resolve instead of path#normalize
0bcc7f1 fix: ignore and skip virtual modules
bdfd236 release: release version
afce619 chore: upgrade rollup-plugin-prettier to version 2.3.0
e305455 chore: upgrade rollup-plugin-strip-banner to version 2.1.0
3dea8e8 chore: update npmignore
e6b4210 chore(deps-dev): bump eslint from 8.25.0 to 8.26.0 (#1258)
e27887a chore(deps-dev): bump @rollup/plugin-node-resolve from 15.0.0 to 15.0.1 (#1259)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [moment](https://github.com/moment/moment) to 2.29.4 and updates ancestor dependency [rollup-plugin-license](https://github.com/mjeanroy/rollup-plugin-license). These dependencies need to be updated together. Updates `moment` from 2.29.1 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.1...2.29.4) Updates `rollup-plugin-license` from 2.6.1 to 2.9.1 - [Changelog](https://github.com/mjeanroy/rollup-plugin-license/blob/master/CHANGELOG.md) - [Commits](mjeanroy/rollup-plugin-license@v2.6.1...v2.9.1) --- updated-dependencies: - dependency-name: moment dependency-type: indirect - dependency-name: rollup-plugin-license dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump moment and rollup-plugin-license #2

Bump moment and rollup-plugin-license #2

dependabot bot commented on behalf of github Sep 16, 2024

Bump moment and rollup-plugin-license #2

Are you sure you want to change the base?

Bump moment and rollup-plugin-license #2

Conversation

dependabot bot commented on behalf of github Sep 16, 2024

2.29.4

2.29.3 Full changelog

2.29.2 See full changelog

3.5.0 (2024-06-22)

3.4.0 (2024-04-18)