Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build(deps): Bump minimist from 1.2.5 to 1.2.6 #12513

Merged
merged 2 commits into from Mar 24, 2022
Merged

Build(deps): Bump minimist from 1.2.5 to 1.2.6 #12513

merged 2 commits into from Mar 24, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2022
edited

Bumps minimist from 1.2.5 to 1.2.6.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added javascript Pull requests that update Javascript code scope:dependency Issues that cannot be solved inside Prettier itself, and must be fixed in a dependency labels Mar 23, 2022
@dependabot
Build(deps): Bump minimist from 1.2.5 to 1.2.6
ab36445 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/minimist-1.2.6 branch from 4eef73e to ab36445 Compare March 23, 2022 04:54
@fisker
Copy link
Sponsor Member

fisker commented Mar 23, 2022

Should we add changelog for this? https://security.snyk.io/vuln/SNYK-JS-MINIMIST-2429795

@fisker
Copy link
Sponsor Member

fisker commented Mar 24, 2022

@sosukesuzuki Let's merge this change and do a patch release?

@sosukesuzuki
Copy link
Member

Yes, but I remembered that we need to fix the OTP interface in the release script...

@sosukesuzuki
Copy link
Member

Should we add changelog for this? https://security.snyk.io/vuln/SNYK-JS-MINIMIST-2429795

it sounds good

@fisker fisker merged commit 67edeea into main Mar 24, 2022
@fisker fisker deleted the dependabot/npm_and_yarn/minimist-1.2.6 branch March 24, 2022 04:03
@github-actions
Copy link

Size Change: -3.71 kB (0%)

Total Size: 17.7 MB

Filename Size Change
./dist/cli.js 420 kB +163 B (0%)
./dist/esm/parser-typescript.mjs 3.51 MB -509 B (0%)
./dist/esm/standalone.mjs 440 kB -286 B (0%)
./dist/index.js 1.46 MB -2.28 kB (0%)
./dist/parser-typescript.js 3.51 MB -509 B (0%)
./dist/standalone.js 440 kB -287 B (0%)
ℹ️ View Unchanged
Filename Size
./dist/bin-prettier.js 1.98 kB
./dist/doc.js 68.3 kB
./dist/esm 4.1 kB
./dist/esm/parser-angular.mjs 58.8 kB
./dist/esm/parser-babel.mjs 314 kB
./dist/esm/parser-espree.mjs 154 kB
./dist/esm/parser-flow.mjs 2.07 MB
./dist/esm/parser-glimmer.mjs 192 kB
./dist/esm/parser-graphql.mjs 42.8 kB
./dist/esm/parser-html.mjs 162 kB
./dist/esm/parser-markdown.mjs 169 kB
./dist/esm/parser-meriyah.mjs 161 kB
./dist/esm/parser-postcss.mjs 157 kB
./dist/esm/parser-yaml.mjs 129 kB
./dist/LICENSE 279 kB
./dist/package.json 616 B
./dist/parser-angular.js 59.2 kB
./dist/parser-babel.js 314 kB
./dist/parser-espree.js 154 kB
./dist/parser-flow.js 2.07 MB
./dist/parser-glimmer.js 192 kB
./dist/parser-graphql.js 43.2 kB
./dist/parser-html.js 162 kB
./dist/parser-markdown.js 170 kB
./dist/parser-meriyah.js 161 kB
./dist/parser-postcss.js 157 kB
./dist/parser-yaml.js 130 kB
./dist/README.md 4.13 kB
./dist/third-party.js 303 kB

compressed-size-action

@fisker
Copy link
Sponsor Member

fisker commented Mar 24, 2022
edited

Can you give me the npm access? I won't use it now, but just in case I need it in future. My NPM account https://www.npmjs.com/~fisker

@sosukesuzuki
Copy link
Member

Sure

@sosukesuzuki sosukesuzuki mentioned this pull request Mar 24, 2022
Merged
2 tasks
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 25, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@fisker fisker fisker approved these changes

@sosukesuzuki sosukesuzuki sosukesuzuki approved these changes

Assignees
No one assigned
Labels
javascript Pull requests that update Javascript code scope:dependency Issues that cannot be solved inside Prettier itself, and must be fixed in a dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@fisker @sosukesuzuki