chore(deps): bump lodash and rollup-plugin-license #57

dependabot · 2023-05-01T07:22:27Z

Bumps lodash to 4.17.21 and updates ancestor dependency rollup-plugin-license. These dependencies need to be updated together.

Updates lodash from 4.17.11 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
ded9bc6 Bump to v4.17.20.
63150ef Documentation fixes.
00f0f62 test.js: Remove trailing comma.
846e434 Temporarily use a custom fork of lodash-cli.
5d046f3 Re-enable Travis tests on 4.17 branch.
aa816b3 Remove /npm-package.
d7fbc52 Bump to v4.17.19
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates rollup-plugin-license from 0.9.0 to 3.0.1

Changelog

Sourced from rollup-plugin-license's changelog.

2.8.0 (2022-05-28)

release: prepare next release (30d3496)

release: release version (f20177d)

chore(ci): add node 18 (eef1f22)

chore(deps-dev): bump @babel/core from 7.17.10 to 7.17.12 (#1119) (67ca041), closes #1119

chore(deps-dev): bump @babel/core from 7.17.12 to 7.18.0 (#1122) (526c40c), closes #1122

chore(deps-dev): bump @babel/core from 7.17.9 to 7.17.10 (#1099) (74a1ff8), closes #1099

chore(deps-dev): bump @babel/core from 7.18.0 to 7.18.2 (#1131) (02ab949), closes #1131

chore(deps-dev): bump @babel/preset-env from 7.16.11 to 7.17.10 (#1098) (fc929c2), closes #1098

chore(deps-dev): bump @babel/preset-env from 7.17.10 to 7.18.0 (#1121) (63e99d4), closes #1121

chore(deps-dev): bump @babel/preset-env from 7.18.0 to 7.18.2 (#1130) (c43ce2d), closes #1130

chore(deps-dev): bump @rollup/plugin-commonjs from 21.0.3 to 22.0.0 (#1095) (ba58b44), closes #1095

chore(deps-dev): bump @rollup/plugin-node-resolve from 13.2.0 to 13.2.1 (#1086) (0a18112), closes #1086

chore(deps-dev): bump @rollup/plugin-node-resolve from 13.2.1 to 13.3.0 (#1102) (4f1d95c), closes #1102

chore(deps-dev): bump @typescript-eslint/eslint-plugin (#1094) (78dd84b), closes #1094

chore(deps-dev): bump @typescript-eslint/eslint-plugin (#1101) (6813f46), closes #1101

chore(deps-dev): bump @typescript-eslint/eslint-plugin (#1106) (9dde62e), closes #1106

chore(deps-dev): bump @typescript-eslint/eslint-plugin (#1117) (3761e6b), closes #1117

chore(deps-dev): bump @typescript-eslint/eslint-plugin (#1127) (d23eedc), closes #1127

chore(deps-dev): bump @typescript-eslint/parser from 5.19.0 to 5.21.0 (#1093) (2c69753), closes #1093

chore(deps-dev): bump @typescript-eslint/parser from 5.21.0 to 5.22.0 (#1100) (ff7bdbb), closes #1100

chore(deps-dev): bump @typescript-eslint/parser from 5.22.0 to 5.23.0 (#1105) (135a6d5), closes #1105

chore(deps-dev): bump @typescript-eslint/parser from 5.23.0 to 5.25.0 (#1116) (fc24975), closes #1116

chore(deps-dev): bump @typescript-eslint/parser from 5.25.0 to 5.26.0 (#1126) (48aa43f), closes #1126

chore(deps-dev): bump eslint from 8.13.0 to 8.14.0 (#1096) (f40dd18), closes #1096

chore(deps-dev): bump eslint from 8.14.0 to 8.15.0 (#1109) (27ac5d4), closes #1109

chore(deps-dev): bump eslint from 8.15.0 to 8.16.0 (#1125) (99f8a84), closes #1125

chore(deps-dev): bump fs-extra from 10.0.1 to 10.1.0 (#1088) (d89e120), closes #1088

chore(deps-dev): bump globalthis from 1.0.2 to 1.0.3 (#1108) (3b985a3), closes #1108

chore(deps-dev): bump rollup from 2.70.1 to 2.70.2 (#1085) (4a4dde1), closes #1085

chore(deps-dev): bump rollup from 2.70.2 to 2.71.1 (#1103) (55c95bf), closes #1103

chore(deps-dev): bump rollup from 2.71.1 to 2.72.0 (#1104) (4c08905), closes #1104

chore(deps-dev): bump rollup from 2.72.0 to 2.72.1 (#1107) (7316af4), closes #1107

chore(deps-dev): bump rollup from 2.72.1 to 2.73.0 (#1113) (2eb7cd9), closes #1113

chore(deps-dev): bump rollup from 2.73.0 to 2.74.1 (#1123) (3042aba), closes #1123

chore(deps-dev): bump rollup from 2.74.1 to 2.75.0 (#1132) (58ba053), closes #1132

chore(deps-dev): bump typescript from 4.6.3 to 4.6.4 (#1097) (a5a5a5c), closes #1097

chore(deps-dev): bump typescript from 4.6.4 to 4.7.2 (#1129) (77ea57d), closes #1129

chore(deps): bump magic-string from 0.26.1 to 0.26.2 (#1111) (71efd9d), closes #1111

chore(deps): bump moment from 2.29.2 to 2.29.3 (#1089) (c2db145), closes #1089

enh: relax dependency version (f8bcd03)

Add the missing 'none' comment style (#1124) (3277892), closes #1124

2.7.0 (2022-04-12)

release: prepare next release (6725895)

release: release version (624000c)

... (truncated)

Commits

0837951 release: release version
20df852 fix: resolve dir as soon as possible
68c57e0 refactor: use path#resolve instead of path#normalize
d946aa4 fix: ignore and skip virtual modules
0b14f37 release: prepare next release
7131206 release: release version
16b5c6d chore: upgrade to rollup ^3.0.0
aec0c3e release: prepare next release
bdfd236 release: release version
afce619 chore: upgrade rollup-plugin-prettier to version 2.3.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mickael.jeanroy, a new releaser for rollup-plugin-license since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [lodash](https://github.com/lodash/lodash) to 4.17.21 and updates ancestor dependency [rollup-plugin-license](https://github.com/mjeanroy/rollup-plugin-license). These dependencies need to be updated together. Updates `lodash` from 4.17.11 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.11...4.17.21) Updates `rollup-plugin-license` from 0.9.0 to 3.0.1 - [Release notes](https://github.com/mjeanroy/rollup-plugin-license/releases) - [Changelog](https://github.com/mjeanroy/rollup-plugin-license/blob/master/CHANGELOG.md) - [Commits](mjeanroy/rollup-plugin-license@v0.9.0...v3.0.1) --- updated-dependencies: - dependency-name: lodash dependency-type: indirect - dependency-name: rollup-plugin-license dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label May 1, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump lodash and rollup-plugin-license #57

chore(deps): bump lodash and rollup-plugin-license #57

dependabot bot commented on behalf of github May 1, 2023

chore(deps): bump lodash and rollup-plugin-license #57

Are you sure you want to change the base?

chore(deps): bump lodash and rollup-plugin-license #57

Conversation

dependabot bot commented on behalf of github May 1, 2023

2.8.0 (2022-05-28)

2.7.0 (2022-04-12)