Npm package updates caught via Dependabot#87
Npm package updates caught via Dependabot#87clin1234 wants to merge 9 commits intohieunc229:masterfrom
Conversation
Bumps the npm_and_yarn group with 4 updates in the / directory: [semver](https://github.com/npm/node-semver), [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse), [tough-cookie](https://github.com/salesforce/tough-cookie) and [word-wrap](https://github.com/jonschlinkert/word-wrap). Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `@babel/traverse` from 7.17.3 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `tough-cookie` from 4.0.0 to 4.1.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…yarn-649290fc7b Bump the npm_and_yarn group across 1 directory with 4 updates
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Silences a GH Action deprecation warning about outdated Node versions.
|
Appreciate for the contribution @clin1234. This PR doesn't have a description, and I'm not familiar with codeql or npm_audit. Can you explain what it does, why we need it and how do we use it? Thank you |
|
Sorry for the delay; the |
3 participants
No description provided.