@philipjonsen opened this Pull Request on May 7th 2022 Contributor

Description:

Bump minimist from 1.2.5 to 1.2.6

@dependabot
dependabot[bot] committed on 28 Mar

Dricks
Bump url-parse from 1.5.3 to 1.5.10

@dependabot
dependabot[bot] committed on 28 Mar

Dricks
Bump follow-redirects from 1.14.2 to 1.14.9

@dependabot
dependabot[bot] committed on 28 Mar

Dricks
Bump nanoid from 3.1.25 to 3.3.1

@dependabot
dependabot[bot] committed on 28 Mar

Dricks
Merge pull request #1 from cryptosweden/dependabot/npm_and_yarn/minim…

@philipjonsen
philipjonsen committed on 28 Mar

Dricks
Merge pull request #4 from cryptosweden/dependabot/npm_and_yarn/nanoi…

@philipjonsen
philipjonsen committed on 28 Mar

Dricks
Merge pull request #3 from cryptosweden/dependabot/npm_and_yarn/follo…

@philipjonsen
philipjonsen committed on 28 Mar

Dricks
Merge pull request #2 from cryptosweden/dependabot/npm_and_yarn/url-p…

Review

@sgiehl commented on May 8th 2022 Member

@diosmosis could you quickly check if updating those libs might have any implications? Guess all of them should be vue dependencies.

@diosmosis commented on May 8th 2022 Member

@sgiehl dev dependencies related to Vue are just used for building vue files, so if the vue build action runs and succeeds, and there are no changes to the built JS, then it's fine.

Note: it looks like the build vue files action didn't run here since we don't check package-lock. I'll make a quick PR.

@sgiehl commented on May 9th 2022 Member

I have checked out the changes locally and built the vue files. As there weren't any changes in the results there doesn't seem to be any issue with the updates though. Will merge it then...

This Pull Request was closed on May 9th 2022
Powered by GitHub Issue Mirror