…dates
Bumps the npm_and_yarn group with 7 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.3` |
| [form-data](https://github.com/form-data/form-data) | `4.0.5` | `4.0.6` |
| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |
| [mermaid](https://github.com/mermaid-js/mermaid) | `11.13.0` | `11.16.0` |
| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.19` |
| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.10.0` |
| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.2` | `5.2.6` |
Updates `qs` from 6.13.0 to 6.15.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.13.0...v6.15.3)
Updates `form-data` from 4.0.5 to 4.0.6
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.5...v4.0.6)
Updates `lodash` from 4.17.23 to 4.18.1
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.23...4.18.1)
Updates `mermaid` from 11.13.0 to 11.16.0
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.13.0...mermaid@11.16.0)
Updates `postcss` from 8.5.6 to 8.5.19
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.19)
Updates `shell-quote` from 1.8.3 to 1.10.0
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.8.3...v1.10.0)
Updates `webpack-dev-server` from 5.2.2 to 5.2.6
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v5.2.6/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v5.2.2...v5.2.6)
---
updated-dependencies:
- dependency-name: qs
dependency-version: 6.15.3
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: form-data
dependency-version: 4.0.6
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: lodash
dependency-version: 4.18.1
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: mermaid
dependency-version: 11.16.0
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: postcss
dependency-version: 8.5.19
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: shell-quote
dependency-version: 1.10.0
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
dependency-version: 5.2.6
dependency-type: indirect
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm_and_yarn group with 7 updates in the / directory:
6.13.06.15.34.0.54.0.64.17.234.18.111.13.011.16.08.5.68.5.191.8.31.10.05.2.25.2.6Updates
qsfrom 6.13.0 to 6.15.3Changelog
Sourced from qs's changelog.
... (truncated)
Commits
18d085ev6.15.3c38af42[Deps] updateside-channeladce539[Dev Deps] updateeslint,mock-property,tape74a0f6a[Robustness]utils: enforcearrayLimitconsistently acrossmerge's arra...f4938f5[Tests]parse: characterize current lenient handling of unbalanced bracket ...5d5f723[Perf]utils: makecompactO(n) via a side-channel visited-set instead of...52afe00[Robustness]parse: throw thearrayLimiterror before splitting oversized...963e538[Fix]parse: enforcethrowOnLimitExceededfor cumulative array growth via...59da434[Fix]utils: respect encoding of surrogate pairs across chunks9532969[Robustness]utils.merge/utils.assign: avoid invoking__proto__sette...Updates
form-datafrom 4.0.5 to 4.0.6Changelog
Sourced from form-data's changelog.
Commits
64190dbv4.0.692ae0eb[Deps] updatehasown,mime-typesf31d21e[Dev Deps] update@ljharb/eslint-config,auto-changelog,tape8dff42c[Fix] escape CR, LF, and"in field names and filenames67b0f65[Dev Deps] updatejs-randomness-predictorUpdates
lodashfrom 4.17.23 to 4.18.1Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)Updates
mermaidfrom 11.13.0 to 11.16.0Release notes
Sourced from mermaid's releases.
... (truncated)
Commits
7c0cafcVersion Packages: v11.16.0 (#7916)26acd1aMerge pull request #7915 from mermaid-js/release/11.16.05a8eae7Merge branch 'master' into release/11.16.0dd5ea77Merge pull request #7913 from mermaid-js/pebr/fix-changesets658ee66docs: fix missing bumps of@mermaid-js/parser04259a1docs: fix author and commit on examples changesetc9dcfb1docs: update changeset diagram scopesa34dab9docs: remove swimlane/cynefin bugfix changesetse81f31fdocs: remove local-editor changeset7223f03Minor correctionUpdates
postcssfrom 8.5.6 to 8.5.19Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
9543b22Release 8.5.19 version3d13bf9Fix CI on Windows too00d0dd2Keep explicitly set raws.before when inserting nodes into root (#2111)7a05b33Temporary fix CI4c0d194Release 8.5.18 version92b4e78Update dependencies95663d3Limit where source map can be loaded for security reasons74e25aeRelease 8.5.17 versiond1518afFix Maximum call stack size exceeded error2421312Fix linterMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.
Updates
shell-quotefrom 1.8.3 to 1.10.0Changelog
Sourced from shell-quote's changelog.
Commits
64988d9v1.10.0617d119[Tests]quote: the tilde test escapes every~, not just a leading one (#9)59bbf8b[types] fix an error TS v6 ignores but v7 fails on190e236[Tests]quote: pin that a backslash with whitespace is not doubled in singl...a04d475[Dev Deps] update@arethetypeswrong/cli,evalmdb9545b3[New]parse: add opt-insplitUnquotedoption for shell field-splitting of...1b36468[readme]quote: use output verbatim; do not re-quote it (#11)1c36f3f[Tests]quote: pin conservative escaping of=,@,^,,,:,!(#11)e1c75cd[readme] documentparse's supported parameter-expansion subsetc0842c8[Fix]parse: match nested${...}braces so nested parameter expansion is ...Updates
webpack-dev-serverfrom 5.2.2 to 5.2.6Release notes
Sourced from webpack-dev-server's releases.
Changelog
Sourced from webpack-dev-server's changelog.
Commits
8a37b0echore(release): new release (#5697)f21ed0ffix: handle malformed Host and Origin headers (#5699)80cd9eefix: reject cross-site requests to open-editor and invalidate endpoints (#5698)308e853fix: handle undefined options in Server constructor (#5695)8b2b915chore: update branch references from v4 to v5 in workflow configuration870ed22chore: add v5 branch to release workflow triggersc3ee325chore(release): new release (#5682)60173befeat: add changeset validation and release workflow (#5680)948d5e6fix(proxy): match the HMR upgrade path exactly like the ws server (#5678)93e8996fix: skip HMR websocket path when forwarding upgrades to user-defined proxies...Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for webpack-dev-server since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.