Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Security alerts #135

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Fix Security alerts #135

wants to merge 6 commits into from

Commits on Jun 28, 2024

  1. Bump braces from 3.0.2 to 3.0.3 

    Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    30f9d89 View commit details
    Browse the repository at this point in the history

  2. Bump vite from 4.4.9 to 4.5.3 

    Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 4.4.9 to 4.5.3.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v4.5.3/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v4.5.3/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    473cc66 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #133 from invopop/dependabot/npm_and_yarn/vite-4.5.3 

    Bump vite from 4.4.9 to 4.5.3
    @beliolfa
    beliolfa authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    e0d1d19 View commit details
    Browse the repository at this point in the history

  4. Merge pull request #132 from invopop/dependabot/npm_and_yarn/braces-3… 

    ….0.3

Bump braces from 3.0.2 to 3.0.3
    @beliolfa
    beliolfa authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    c8344f8 View commit details
    Browse the repository at this point in the history

  5. Bump undici and @sveltejs/kit 

    Bumps [undici](https://github.com/nodejs/undici) to 5.28.4 and updates ancestor dependency [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit). These dependencies need to be updated together.


Updates `undici` from 5.25.2 to 5.28.4
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.25.2...v5.28.4)

Updates `@sveltejs/kit` from 1.25.1 to 1.30.4
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/@sveltejs/[email protected]/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/[email protected]/packages/kit)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
- dependency-name: "@sveltejs/kit"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    2c2e3c3 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #134 from invopop/dependabot/npm_and_yarn/multi-c7… 

    …9feb92cf

Bump undici and @sveltejs/kit
    @beliolfa
    beliolfa authored Jun 28, 2024
    Configuration menu
    Copy the full SHA
    84b8b21 View commit details
    Browse the repository at this point in the history