…dates
Bumps the npm_and_yarn group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.3` | `3.4.12` |
| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.6` | `5.10.0` |
| [form-data](https://github.com/form-data/form-data) | `4.0.5` | `4.0.6` |
| [launch-editor](https://github.com/vitejs/launch-editor) | `2.11.1` | `2.14.1` |
| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.19` |
| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `5.2.2` | `5.2.6` |
Updates `dompurify` from 3.3.3 to 3.4.12
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.3.3...3.4.12)
Updates `fast-xml-parser` from 4.5.6 to 5.10.0
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.5.6...v5.10.0)
Updates `form-data` from 4.0.5 to 4.0.6
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.5...v4.0.6)
Updates `launch-editor` from 2.11.1 to 2.14.1
- [Commits](vitejs/launch-editor@v2.11.1...v2.14.1)
Updates `postcss` from 8.5.6 to 8.5.19
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.19)
Updates `shell-quote` from 1.8.3 to 1.10.0
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.8.3...v1.10.0)
Updates `webpack-dev-server` from 5.2.2 to 5.2.6
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v5.2.6/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v5.2.2...v5.2.6)
---
updated-dependencies:
- dependency-name: dompurify
dependency-version: 3.4.12
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
dependency-version: 5.10.0
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: form-data
dependency-version: 4.0.6
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: launch-editor
dependency-version: 2.14.1
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: postcss
dependency-version: 8.5.19
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: shell-quote
dependency-version: 1.10.0
dependency-type: indirect
dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
dependency-version: 5.2.6
dependency-type: indirect
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm_and_yarn group with 6 updates in the / directory:
3.3.33.4.124.5.65.10.04.0.54.0.62.11.12.14.18.5.68.5.195.2.25.2.6Updates
dompurifyfrom 3.3.3 to 3.4.12Release notes
Sourced from dompurify's releases.
... (truncated)
Commits
a9ca1e5release: 3.4.12 (#1537)0cae518release: 3.4.11 (#1494)6ee5716release: 3.4.10 (#1478)5210247release: 3.4.9 (#1459)bcdd828release: 3.4.8 (#1439)ca30f07release: 3.4.7 (#1414)bb7739erelease: 3.4.6 (#1394)011b0c7release: 3.4.5 (#1382)5817ad9release: 3.4.4 (#1374)520edb0release: 3.4.3 (#1352)Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
fast-xml-parserfrom 4.5.6 to 5.10.0Release notes
Sourced from fast-xml-parser's releases.
... (truncated)
Changelog
Sourced from fast-xml-parser's changelog.
... (truncated)
Commits
296b3325.10.075f7565update package guide2d8d1d0update detailse58e4ddupgrade: xml-naming v0.3.0, PEM v1.6.2, is-unsafe v2.0.0545e491Bump zizmorcore/zizmor-action from 0.5.6 to 0.5.7 (#848)5ea8aa1Bump actions/checkout from 6.0.3 to 7.0.0 (#849)93a09f15.9.39c1905eupdate strnum8d71292GitHub Actions workflow fixes (#844)784a044Harden GitHub Actions workflows (#841)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for fast-xml-parser since your current version.
Updates
form-datafrom 4.0.5 to 4.0.6Changelog
Sourced from form-data's changelog.
Commits
64190dbv4.0.692ae0eb[Deps] updatehasown,mime-typesf31d21e[Dev Deps] update@ljharb/eslint-config,auto-changelog,tape8dff42c[Fix] escape CR, LF, and"in field names and filenames67b0f65[Dev Deps] updatejs-randomness-predictorUpdates
launch-editorfrom 2.11.1 to 2.14.1Commits
3f97c64v2.14.10cc9550fix: reject UNC paths (#138)afd1ab9ci: run tests on mac and windows (#136)0bfa328test: add some tests for launch-editor package (#135)1b006aechore: add README (#134)383ef26v2.14.06277209ci: harden publish settings520b2f7fix(deps): update all non-major dependencies (#129)475ac66chore(deps): update dependency lint-staged to v17 (#130)247bf1dchore(deps): update dependency yorkie to v2 (#131)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for launch-editor since your current version.
Updates
postcssfrom 8.5.6 to 8.5.19Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
9543b22Release 8.5.19 version3d13bf9Fix CI on Windows too00d0dd2Keep explicitly set raws.before when inserting nodes into root (#2111)7a05b33Temporary fix CI4c0d194Release 8.5.18 version92b4e78Update dependencies95663d3Limit where source map can be loaded for security reasons74e25aeRelease 8.5.17 versiond1518afFix Maximum call stack size exceeded error2421312Fix linterMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.
Updates
shell-quotefrom 1.8.3 to 1.10.0Changelog
Sourced from shell-quote's changelog.
Commits
64988d9v1.10.0617d119[Tests]quote: the tilde test escapes every~, not just a leading one (#9)59bbf8b[types] fix an error TS v6 ignores but v7 fails on190e236[Tests]quote: pin that a backslash with whitespace is not doubled in singl...a04d475[Dev Deps] update@arethetypeswrong/cli,evalmdb9545b3[New]parse: add opt-insplitUnquotedoption for shell field-splitting of...1b36468[readme]quote: use output verbatim; do not re-quote it (#11)1c36f3f[Tests]quote: pin conservative escaping of=,@,^,,,:,!(#11)e1c75cd[readme] documentparse's supported parameter-expansion subsetc0842c8[Fix]parse: match nested${...}braces so nested parameter expansion is ...Updates
webpack-dev-serverfrom 5.2.2 to 5.2.6Release notes
Sourced from webpack-dev-server's releases.
Changelog
Sourced from webpack-dev-server's changelog.
Commits
8a37b0echore(release): new release (#5697)f21ed0ffix: handle malformed Host and Origin headers (#5699)80cd9eefix: reject cross-site requests to open-editor and invalidate endpoints (#5698)308e853fix: handle undefined options in Server constructor (#5695)8b2b915chore: update branch references from v4 to v5 in workflow configuration870ed22chore: add v5 branch to release workflow triggersc3ee325chore(release): new release (#5682)60173befeat: add changeset validation and release workflow (#5680)948d5e6fix(proxy): match the HMR upgrade path exactly like the ws server (#5678)93e8996fix: skip HMR websocket path when forwarding upgrades to user-defined proxies...Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for webpack-dev-server since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.