•  


chore(deps): bump json5 from 1.0.1 to 1.0.2 by dependabot[bot] · Pull Request #7100 · bootstrap-vue/bootstrap-vue · GitHub
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump json5 from 1.0.1 to 1.0.2 #7100

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 6, 2023

Bumps json5 from 1.0.1 to 1.0.2.

Release notes

Sourced from json5's releases .

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. ( #199 ) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ( #295 ). This has been backported to v1. ( #298 )
Changelog

Sourced from json5's changelog .

Unreleased [ code , diff ]

v2.2.3 [ code , diff ]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. ( #299 )

v2.2.2 [ code , diff ]

  • Fix: Properties with the name __proto__ are added to objects and arrays. ( #199 ) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ( #295 ).

v2.2.1 [ code , diff ]

v2.2.0 [ code , diff ]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5 . ( #236 , #244 )

v2.1.3 [ code , diff ]

  • Fix: An out of memory bug when parsing numbers has been fixed. ( #228 , #229 )

v2.1.2 [ code , diff ]

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase .


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page .

@vercel
Copy link

vercel bot commented Jan 6, 2023

The latest updates on your projects . Learn more about Vercel for Git ↗?

Name Status Preview Updated
bootstrap-vue ? Ready ( Inspect ) Visit Preview Jan 8, 2023 at 4:44PM (UTC)

@codesandbox-ci
Copy link

codesandbox-ci bot commented Jan 6, 2023

This pull request is automatically built and testable in CodeSandbox .

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit cc15b27 :

Sandbox Source
BootstrapVue Starter Project Configuration
BootstrapVue Nuxt.js Starter Project Configuration

@codecov
Copy link

codecov bot commented Jan 6, 2023

Codecov Report

Merging #7100 ( cc15b27 ) into dev ( a8a5d4e ) will not change coverage.
The diff coverage is n/a .

@@            Coverage Diff            @@

#
#               dev     #7100   +/-   ##

=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          305       305           
  Lines        10453     10453           
  Branches      2551      2551           
=========================================
  Hits         10453     10453           
Flag Coverage Δ
unittests 100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Help us with your feedback. Take ten seconds to tell us how you rate us . Have a feature suggestion? Share it here.

@VividLemon
Copy link
Member

@dependabot recreate

@VividLemon
Copy link
Member

@dependabot rebase

Bumps [json5](
https://github.com/json5/json5
) from 1.0.1 to 1.0.2.
- [Release notes](
https://github.com/json5/json5/releases
)
- [Changelog](
https://github.com/json5/json5/blob/main/CHANGELOG.md
)
- [Commits](
json5/json5@
v1.0.1...v1.0.2
)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub . Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant
- "漢字路" 한글한자자동변환 서비스는 교육부 고전문헌국역지원사업의 지원으로 구축되었습니다.
- "漢字路" 한글한자자동변환 서비스는 전통문화연구회 "울산대학교한국어처리연구실 옥철영(IT융합전공)교수팀"에서 개발한 한글한자자동변환기를 바탕하여 지속적으로 공동 연구 개발하고 있는 서비스입니다.
- 현재 고유명사(인명, 지명등)을 비롯한 여러 변환오류가 있으며 이를 해결하고자 많은 연구 개발을 진행하고자 하고 있습니다. 이를 인지하시고 다른 곳에서 인용시 한자 변환 결과를 한번 더 검토하시고 사용해 주시기 바랍니다.
- 변환오류 및 건의,문의사항은 juntong@juntong.or.kr로 메일로 보내주시면 감사하겠습니다. .
Copyright ⓒ 2020 By '전통문화연구회(傳統文化硏究會)' All Rights reserved.
 한국   대만   중국   일본