Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump tough-cookie and critical #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 8, 2023

Removes tough-cookie. It's no longer used after updating ancestor dependency critical. These dependencies need to be updated together.

Removes tough-cookie

Updates critical from 1.3.2 to 1.3.10

Release notes

Sourced from critical's releases.

v1.3.10

  • CI: switch to actions/checkout@v2 b9c17ef

addyosmani/critical@v1.3.9...v1.3.10

v1.3.9

  • 1.x: use destructuring when importing lodash (#433) bd24282

addyosmani/critical@v1.3.8...v1.3.9

Thanks @​XhmikosR

v1.3.8

  • Update dependencies. (#431) b5cd07d
  • fix: backport #415 fix to 1.x (#430) 9ee2632
  • [1.x] Update dependencies. (#419) bb601a9
  • ES6-ify (#427) 4da2919

addyosmani/critical@v1.3.7...v1.3.8

Thanks @​XhmikosR

v1.3.7

  • Update dependencies. (#410) 96bc0eb
  • Switch to GitHub Actions CI. (#403) d46b599
  • Update dependencies. 672e680

addyosmani/critical@v1.3.6...v1.3.7

v1.3.6

  • Skip the PAGE_UNLOADED_DURING_EXECUTION` tests. (#393) 54a1cb7
  • Skip the PAGE_UNLOADED_DURING_EXECUTION` tests. bf51c17

addyosmani/critical@v1.3.5...v1.3.6

v1.3.5

  • README.md: Optimize and add the preview image to the repo (#388) 6959f4f
  • Clean up .gitignore. (#384) 5e412de
  • Update test files. 26e05c2
  • Separate npm scripts. 8ced8fe
  • Fix PostCSS warning. dab82a4
  • Move get-port to devDependencies. 537256a
  • Update AppVeyor config from master. 1fadc30
  • Update Travis config from master. 440d613
  • Fix tests on Windows. (#330) 25ee370
  • Lint. 1c2e7ba
  • Update all dependencies to their safe versions. 0825d31
  • Remove yarn.lock. 4e4ce13

addyosmani/critical@v1.3.4...v1.3.5

... (truncated)

Changelog

Sourced from critical's changelog.

v2.0.0 / 2020-06-16

  • Drop support for Node.js < 10
  • Bump dependencies
  • Use Jest for testing
  • Drop include and timeout options as they can be specified in the penthouse options.
  • Drop options styleTarget & dest in favour of target You can specify either a css file, an html file or an object {css: dest.css, html: dest.html} if you want to store both. We may also add an extract target here in a future release.
  • Drop options destFolder, folder and pathPrefix. We tried our best to improve the way critical auto-detects the paths to used assets in the critical css which should suit for most cases. If this doesn't work out you can use the new rebase option to either specify the location of the css & the html file like this: {from: '/styles/main.css', to: '/en/test.html'}. You can also pass a callback function to dynamically compute the path or specify a cdn for example. We utilize postcss-url for this task.
  • Due to some limitations with modern css features we replaced filter-css as the library of choice for handling ignores with postcss-discard. We tried to keep things backwards compatible but you may have to change your ignore configuration.
  • Add concurrency option to specify how many operations can run in parallel.
  • Add the ability to specify used css files using file globs. See supported minimatch patterns.

v1.3.4 / 2018-07-19

  • fix: return Promise.reject instead of re-throw
  • fix: handle PAGE_UNLOADED_DURING_EXECUTION error (#314)
  • output warning on invalid extract setting
  • Add user agent option (#316)
  • Bump dependencies
  • npm audit fix

v1.3.3 / 2018-06-06

  • Bump dependencies
  • Docs: fix typo (#310)
  • Reduced vulnerabilities (#308)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [tough-cookie](https://github.com/salesforce/tough-cookie). It's no longer used after updating ancestor dependency [critical](https://github.com/addyosmani/critical). These dependencies need to be updated together.


Removes `tough-cookie`

Updates `critical` from 1.3.2 to 1.3.10
- [Release notes](https://github.com/addyosmani/critical/releases)
- [Changelog](https://github.com/addyosmani/critical/blob/master/CHANGELOG.md)
- [Commits](addyosmani/critical@v1.3.2...v1.3.10)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: critical
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Development

Successfully merging this pull request may close these issues.

0 participants