gcnet-frontend merge requestshttps://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests2021-05-17T09:25:45Zhttps://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/8Bump ssri from 6.0.1 to 6.0.22021-05-17T09:25:45ZSamBump ssri from 6.0.1 to 6.0.2*Created by: dependabot[bot]*
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md">ssri's changelog</a>....*Created by: dependabot[bot]*
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md">ssri's changelog</a>.</em></p>
<blockquote>
<h2><a href="https://github.com/zkat/ssri/compare/v6.0.1...v6.0.2">6.0.2</a> (2021-04-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>backport regex change from 8.0.1 (<a href="https://github.com/zkat/ssri/commit/b30dfdb">b30dfdb</a>), closes <a href="https://github-redirect.dependabot.com/zkat/ssri/issues/19">#19</a></li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/npm/ssri/commit/b7c8c7c61db89aeb9fbf7596c0ef17071bc216ef"><code>b7c8c7c</code></a> chore(release): 6.0.2</li>
<li><a href="https://github.com/npm/ssri/commit/b30dfdb00bb94ddc49a25a85a18fb27afafdfbb1"><code>b30dfdb</code></a> fix: backport regex change from 8.0.1</li>
<li>See full diff in <a href="https://github.com/npm/ssri/compare/v6.0.1...v6.0.2">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~nlf">nlf</a>, a new releaser for ssri since your current version.</p>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ssri&package-manager=npm_and_yarn&previous-version=6.0.1&new-version=6.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/6Bump elliptic from 6.5.3 to 6.5.42021-05-17T08:56:16ZSamBump elliptic from 6.5.3 to 6.5.4*Created by: dependabot[bot]*
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/indutny/elliptic/commit/43ac7f230069bd1575e1e4a58394a5123...*Created by: dependabot[bot]*
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/indutny/elliptic/commit/43ac7f230069bd1575e1e4a58394a512303ba803"><code>43ac7f2</code></a> 6.5.4</li>
<li><a href="https://github.com/indutny/elliptic/commit/f4bc72be11b0a508fb790f445c43534307c9255b"><code>f4bc72b</code></a> package: bump deps</li>
<li><a href="https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f"><code>441b742</code></a> ec: validate that a point before deriving keys</li>
<li><a href="https://github.com/indutny/elliptic/commit/e71b2d9359c5fe9437fbf46f1f05096de447de57"><code>e71b2d9</code></a> lib: relint using eslint</li>
<li><a href="https://github.com/indutny/elliptic/commit/8421a01aa3ff789c79f91eaf8845558a7be2b9fa"><code>8421a01</code></a> build(deps): bump elliptic from 6.4.1 to 6.5.3 (<a href="https://github-redirect.dependabot.com/indutny/elliptic/issues/231">#231</a>)</li>
<li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=elliptic&package-manager=npm_and_yarn&previous-version=6.5.3&new-version=6.5.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/11Bump hosted-git-info from 2.8.8 to 2.8.92021-05-17T08:56:15ZSamBump hosted-git-info from 2.8.8 to 2.8.9*Created by: dependabot[bot]*
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/npm/hosted-git-info/blob/v2.8.9/CH...*Created by: dependabot[bot]*
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md">hosted-git-info's changelog</a>.</em></p>
<blockquote>
<h2><a href="https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9">2.8.9</a> (2021-04-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a> (<a href="https://github.com/npm/hosted-git-info/commit/29adfe5">29adfe5</a>), closes <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/84">#84</a></li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/npm/hosted-git-info/commit/8d4b3697d79bcd89cdb36d1db165e3696c783a01"><code>8d4b369</code></a> chore(release): 2.8.9</li>
<li><a href="https://github.com/npm/hosted-git-info/commit/29adfe5ef789784c861b2cdeb15051ec2ba651a7"><code>29adfe5</code></a> fix: backport regex fix from <a href="https://github-redirect.dependabot.com/npm/hosted-git-info/issues/76">#76</a></li>
<li>See full diff in <a href="https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~nlf">nlf</a>, a new releaser for hosted-git-info since your current version.</p>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hosted-git-info&package-manager=npm_and_yarn&previous-version=2.8.8&new-version=2.8.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/10Bump lodash from 4.17.19 to 4.17.212021-05-17T08:56:15ZSamBump lodash from 4.17.19 to 4.17.21*Created by: dependabot[bot]*
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c...*Created by: dependabot[bot]*
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li>
<li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li>
<li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li>
<li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li>
<li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li>
<li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li>
<li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li>
<li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li>
<li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li>
<li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.19...4.17.21">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash&package-manager=npm_and_yarn&previous-version=4.17.19&new-version=4.17.21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/9Bump url-parse from 1.4.7 to 1.5.12021-05-17T08:56:15ZSamBump url-parse from 1.4.7 to 1.5.1*Created by: dependabot[bot]*
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/unshiftio/url-parse/commit/eb6d9f51e395b7e47bf2594e45...*Created by: dependabot[bot]*
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/unshiftio/url-parse/commit/eb6d9f51e395b7e47bf2594e457d541db21c713b"><code>eb6d9f5</code></a> [dist] 1.5.1</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/750d8e8a9d45dbce9ff09759f0fe4564cdd47d74"><code>750d8e8</code></a> [fix] Fixes relative path resolving <a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/199">#199</a> <a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/200">#200</a> (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/201">#201</a>)</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/3ac777474ba5dc48a7e33771cbb311fc6f69bef8"><code>3ac7774</code></a> [test] Make test consistent for browser testing</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/267a0c6f7ef1a58271be61611c5103daace602c9"><code>267a0c6</code></a> [dist] 1.5.0</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/d1e7e8822f26e8a49794b757123b51386325b2b0"><code>d1e7e88</code></a> [security] More backslash fixes (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/197">#197</a>)</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/d99bf4cf259b7378c855f786edc253e70405ffdc"><code>d99bf4c</code></a> [ignore] Remove npm-debug.log from .gitignore</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/422c8b5e4cac6a79cd35b4e86731476dcbeec7e4"><code>422c8b5</code></a> [pkg] Replace nyc with c8</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/933809d630c7b21399b4e5df59fccccd80033b21"><code>933809d</code></a> [pkg] Move coveralls to dev dependencies</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/190b2168035899a2a88f2dc2625963bf7e2f338f"><code>190b216</code></a> [pkg] Add .npmrc</li>
<li><a href="https://github.com/unshiftio/url-parse/commit/ce3783f4ea25753cfa36376769c14e4e2fe6ea80"><code>ce3783f</code></a> [test] Do not test on all available versions of Edge and Safari</li>
<li>Additional commits viewable in <a href="https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.1">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=url-parse&package-manager=npm_and_yarn&previous-version=1.4.7&new-version=1.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/7Bump y18n from 4.0.0 to 4.0.12021-05-17T08:56:15ZSamBump y18n from 4.0.0 to 4.0.1*Created by: dependabot[bot]*
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/yargs/y18n/blob/master/CHANGELOG.md">y18n's changelog<...*Created by: dependabot[bot]*
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/yargs/y18n/blob/master/CHANGELOG.md">y18n's changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p>
<h3><a href="https://www.github.com/yargs/y18n/compare/v5.0.4...v5.0.5">5.0.5</a> (2020-10-25)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>address prototype pollution issue (<a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/108">#108</a>) (<a href="https://www.github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25">a9ac604</a>)</li>
</ul>
<h3><a href="https://www.github.com/yargs/y18n/compare/v5.0.3...v5.0.4">5.0.4</a> (2020-10-16)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>exports:</strong> node 13.0 and 13.1 require the dotted object form <em>with</em> a string fallback (<a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/105">#105</a>) (<a href="https://www.github.com/yargs/y18n/commit/4f85d80dbaae6d2c7899ae394f7ad97805df4886">4f85d80</a>)</li>
</ul>
<h3><a href="https://www.github.com/yargs/y18n/compare/v5.0.2...v5.0.3">5.0.3</a> (2020-10-16)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>exports:</strong> node 13.0-13.6 require a string fallback (<a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/103">#103</a>) (<a href="https://www.github.com/yargs/y18n/commit/e39921e1017f88f5d8ea97ddea854ffe92d68e74">e39921e</a>)</li>
</ul>
<h3><a href="https://www.github.com/yargs/y18n/compare/v5.0.1...v5.0.2">5.0.2</a> (2020-10-01)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deno:</strong> update types for deno ^1.4.0 (<a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/100">#100</a>) (<a href="https://www.github.com/yargs/y18n/commit/3834d9ab1332f2937c935ada5e76623290efae81">3834d9a</a>)</li>
</ul>
<h3><a href="https://www.github.com/yargs/y18n/compare/v5.0.0...v5.0.1">5.0.1</a> (2020-09-05)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>main had old index path (<a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/98">#98</a>) (<a href="https://www.github.com/yargs/y18n/commit/124f7b047ba9596bdbdf64459988304e77f3de1b">124f7b0</a>)</li>
</ul>
<h2><a href="https://www.github.com/yargs/y18n/compare/v4.0.0...v5.0.0">5.0.0</a> (2020-09-05)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>exports maps are now used, which modifies import behavior.</li>
<li>drops Node 6 and 4. begin following Node.js LTS schedule (<a href="https://github-redirect.dependabot.com/yargs/y18n/issues/89">#89</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>add support for ESM and Deno <a href="https://www.github-redirect.dependabot.com/yargs/y18n/issues/95">#95</a>) (<a href="https://www.github.com/yargs/y18n/commit/4d7ae94bcb42e84164e2180366474b1cd321ed94">4d7ae94</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/yargs/y18n/commits">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~oss-bot">oss-bot</a>, a new releaser for y18n since your current version.</p>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=y18n&package-manager=npm_and_yarn&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/5Bump axios from 0.19.2 to 0.21.12021-01-12T10:27:56ZSamBump axios from 0.19.2 to 0.21.1*Created by: dependabot[bot]*
Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.21.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</e...*Created by: dependabot[bot]*
Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.21.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p>
<blockquote>
<h2>v0.21.1</h2>
<h3>0.21.1 (December 21, 2020)</h3>
<p>Fixes and Functionality:</p>
<ul>
<li>Hotfix: Prevent SSRF (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3410">#3410</a>)</li>
<li>Protocol not parsed when setting proxy config from env vars (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3070">#3070</a>)</li>
<li>Updating axios in types to be lower case (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2797">#2797</a>)</li>
<li>Adding a type guard for <code>AxiosError</code> (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2949">#2949</a>)</li>
</ul>
<p>Internal and Tests:</p>
<ul>
<li>Remove the skipping of the <code>socket</code> http test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3364">#3364</a>)</li>
<li>Use different socket for Win32 test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3375">#3375</a>)</li>
</ul>
<p>Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:</p>
<ul>
<li>Daniel Lopretto <a href="mailto:timemachine3030@users.noreply.github.com">timemachine3030@users.noreply.github.com</a></li>
<li>Jason Kwok <a href="mailto:JasonHK@users.noreply.github.com">JasonHK@users.noreply.github.com</a></li>
<li>Jay <a href="mailto:jasonsaayman@gmail.com">jasonsaayman@gmail.com</a></li>
<li>Jonathan Foster <a href="mailto:jonathan@jonathanfoster.io">jonathan@jonathanfoster.io</a></li>
<li>Remco Haszing <a href="mailto:remcohaszing@gmail.com">remcohaszing@gmail.com</a></li>
<li>Xianming Zhong <a href="mailto:chinesedfan@qq.com">chinesedfan@qq.com</a></li>
</ul>
<h2>v0.21.0</h2>
<h3>0.21.0 (October 23, 2020)</h3>
<p>Fixes and Functionality:</p>
<ul>
<li>Fixing requestHeaders.Authorization (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3287">#3287</a>)</li>
<li>Fixing node types (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3237">#3237</a>)</li>
<li>Fixing axios.delete ignores config.data (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3282">#3282</a>)</li>
<li>Revert "Fixing overwrite Blob/File type as Content-Type in browser. (<a href="https://github-redirect.dependabot.com/axios/axios/issues/1773">#1773</a>)" (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3289">#3289</a>)</li>
<li>Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3200">#3200</a>)</li>
</ul>
<p>Internal and Tests:</p>
<ul>
<li>Lock travis to not use node v15 (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3361">#3361</a>)</li>
</ul>
<p>Documentation:</p>
<ul>
<li>Fixing simple typo, existant -> existent (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3252">#3252</a>)</li>
<li>Fixing typos (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3309">#3309</a>)</li>
</ul>
<p>Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:</p>
<ul>
<li>Allan Cruz <a href="mailto:57270969+Allanbcruz@users.noreply.github.com">57270969+Allanbcruz@users.noreply.github.com</a></li>
<li>George Cheng <a href="mailto:Gerhut@GMail.com">Gerhut@GMail.com</a></li>
<li>Jay <a href="mailto:jasonsaayman@gmail.com">jasonsaayman@gmail.com</a></li>
<li>Kevin Kirsche <a href="mailto:Kev.Kirsche+GitHub@gmail.com">Kev.Kirsche+GitHub@gmail.com</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/axios/axios/blob/v0.21.1/CHANGELOG.md">axios's changelog</a>.</em></p>
<blockquote>
<h3>0.21.1 (December 21, 2020)</h3>
<p>Fixes and Functionality:</p>
<ul>
<li>Hotfix: Prevent SSRF (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3410">#3410</a>)</li>
<li>Protocol not parsed when setting proxy config from env vars (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3070">#3070</a>)</li>
<li>Updating axios in types to be lower case (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2797">#2797</a>)</li>
<li>Adding a type guard for <code>AxiosError</code> (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2949">#2949</a>)</li>
</ul>
<p>Internal and Tests:</p>
<ul>
<li>Remove the skipping of the <code>socket</code> http test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3364">#3364</a>)</li>
<li>Use different socket for Win32 test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3375">#3375</a>)</li>
</ul>
<p>Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:</p>
<ul>
<li>Daniel Lopretto <a href="mailto:timemachine3030@users.noreply.github.com">timemachine3030@users.noreply.github.com</a></li>
<li>Jason Kwok <a href="mailto:JasonHK@users.noreply.github.com">JasonHK@users.noreply.github.com</a></li>
<li>Jay <a href="mailto:jasonsaayman@gmail.com">jasonsaayman@gmail.com</a></li>
<li>Jonathan Foster <a href="mailto:jonathan@jonathanfoster.io">jonathan@jonathanfoster.io</a></li>
<li>Remco Haszing <a href="mailto:remcohaszing@gmail.com">remcohaszing@gmail.com</a></li>
<li>Xianming Zhong <a href="mailto:chinesedfan@qq.com">chinesedfan@qq.com</a></li>
</ul>
<h3>0.21.0 (October 23, 2020)</h3>
<p>Fixes and Functionality:</p>
<ul>
<li>Fixing requestHeaders.Authorization (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3287">#3287</a>)</li>
<li>Fixing node types (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3237">#3237</a>)</li>
<li>Fixing axios.delete ignores config.data (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3282">#3282</a>)</li>
<li>Revert "Fixing overwrite Blob/File type as Content-Type in browser. (<a href="https://github-redirect.dependabot.com/axios/axios/issues/1773">#1773</a>)" (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3289">#3289</a>)</li>
<li>Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3200">#3200</a>)</li>
</ul>
<p>Internal and Tests:</p>
<ul>
<li>Lock travis to not use node v15 (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3361">#3361</a>)</li>
</ul>
<p>Documentation:</p>
<ul>
<li>Fixing simple typo, existant -> existent (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3252">#3252</a>)</li>
<li>Fixing typos (<a href="https://github-redirect.dependabot.com/axios/axios/pull/3309">#3309</a>)</li>
</ul>
<p>Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:</p>
<ul>
<li>Allan Cruz <a href="mailto:57270969+Allanbcruz@users.noreply.github.com">57270969+Allanbcruz@users.noreply.github.com</a></li>
<li>George Cheng <a href="mailto:Gerhut@GMail.com">Gerhut@GMail.com</a></li>
<li>Jay <a href="mailto:jasonsaayman@gmail.com">jasonsaayman@gmail.com</a></li>
<li>Kevin Kirsche <a href="mailto:Kev.Kirsche+GitHub@gmail.com">Kev.Kirsche+GitHub@gmail.com</a></li>
<li>Remco Haszing <a href="mailto:remcohaszing@gmail.com">remcohaszing@gmail.com</a></li>
<li>Taemin Shin <a href="mailto:cprayer13@gmail.com">cprayer13@gmail.com</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/axios/axios/commit/a64050a6cfbcc708a55a7dc8030d85b1c78cdf38"><code>a64050a</code></a> Releasing 0.21.1</li>
<li><a href="https://github.com/axios/axios/commit/d57cd976f3cc0f1c5bb1f0681660e50004781db5"><code>d57cd97</code></a> Updating changelog for 0.21.1 release</li>
<li><a href="https://github.com/axios/axios/commit/8b0f373df0574b7cb3c6b531b4092cd670dac6e3"><code>8b0f373</code></a> Use different socket for Win32 test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3375">#3375</a>)</li>
<li><a href="https://github.com/axios/axios/commit/e426910be7c417bdbcde9c18cb184ead826fc0e1"><code>e426910</code></a> Protocol not parsed when setting proxy config from env vars (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3070">#3070</a>)</li>
<li><a href="https://github.com/axios/axios/commit/c7329fefc890050edd51e40e469a154d0117fc55"><code>c7329fe</code></a> Hotfix: Prevent SSRF (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3410">#3410</a>)</li>
<li><a href="https://github.com/axios/axios/commit/f472e5da5fe76c72db703d6a0f5190e4ad31e642"><code>f472e5d</code></a> Adding a type guard for <code>AxiosError</code> (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2949">#2949</a>)</li>
<li><a href="https://github.com/axios/axios/commit/768825589fd0d36b64a66717ca6df2efd8fb7844"><code>7688255</code></a> Remove the skipping of the <code>socket</code> http test (<a href="https://github-redirect.dependabot.com/axios/axios/issues/3364">#3364</a>)</li>
<li><a href="https://github.com/axios/axios/commit/820fe6e41a96f05fb4781673ce07486f1b37515d"><code>820fe6e</code></a> Updating axios in types to be lower case (<a href="https://github-redirect.dependabot.com/axios/axios/issues/2797">#2797</a>)</li>
<li><a href="https://github.com/axios/axios/commit/94ca24b5b23f343769a15f325693246e07c177d2"><code>94ca24b</code></a> Releasing 0.21.0</li>
<li><a href="https://github.com/axios/axios/commit/2130a0c8acc588c72b53dfef31a11442043ffb06"><code>2130a0c</code></a> Updating changelog for 0.21.0 release</li>
<li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v0.19.2...v0.21.1">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=0.19.2&new-version=0.21.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/3Bump lodash from 4.17.15 to 4.17.192020-08-18T09:36:10ZSamBump lodash from 4.17.15 to 4.17.19*Created by: dependabot[bot]*
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases...*Created by: dependabot[bot]*
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p>
<blockquote>
<h2>4.17.16</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/lodash/lodash/commit/d7fbc52ee0466a6d248f047b5d5c3e6d1e099056"><code>d7fbc52</code></a> Bump to v4.17.19</li>
<li><a href="https://github.com/lodash/lodash/commit/2e1c0f22f425e9c013815b2cd7c2ebd51f49a8d6"><code>2e1c0f2</code></a> Add npm-package</li>
<li><a href="https://github.com/lodash/lodash/commit/1b6c282299f4e0271f932b466c67f0f822aa308e"><code>1b6c282</code></a> Bump to v4.17.18</li>
<li><a href="https://github.com/lodash/lodash/commit/a370ac81408de2da77a82b3c4b61a01a3b9c2fac"><code>a370ac8</code></a> Bump to v4.17.17</li>
<li><a href="https://github.com/lodash/lodash/commit/1144918f3578a84fcc4986da9b806e63a6175cbb"><code>1144918</code></a> Rebuild lodash and docs</li>
<li><a href="https://github.com/lodash/lodash/commit/3a3b0fd339c2109563f7e8167dc95265ed82ef3e"><code>3a3b0fd</code></a> Bump to v4.17.16</li>
<li><a href="https://github.com/lodash/lodash/commit/c84fe82760fb2d3e03a63379b297a1cc1a2fce12"><code>c84fe82</code></a> fix(zipObjectDeep): prototype pollution (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4759">#4759</a>)</li>
<li><a href="https://github.com/lodash/lodash/commit/e7b28ea6cb17b4ca021e7c9d66218c8c89782f32"><code>e7b28ea</code></a> Sanitize sourceURL so it cannot affect evaled code (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4518">#4518</a>)</li>
<li><a href="https://github.com/lodash/lodash/commit/0cec225778d4ac26c2bac95031ecc92a94f08bbb"><code>0cec225</code></a> Fix lodash.isEqual for circular references (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4320">#4320</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4515">#4515</a>)</li>
<li><a href="https://github.com/lodash/lodash/commit/94c3a8133cb4fcdb50db72b4fd14dd884b195cd5"><code>94c3a81</code></a> Document matches* shorthands for over* methods (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4510">#4510</a>) (<a href="https://github-redirect.dependabot.com/lodash/lodash/issues/4514">#4514</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.15...4.17.19">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~mathias">mathias</a>, a new releaser for lodash since your current version.</p>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash&package-manager=npm_and_yarn&previous-version=4.17.15&new-version=4.17.19)](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/4Bump elliptic from 6.5.2 to 6.5.32020-08-18T09:36:09ZSamBump elliptic from 6.5.2 to 6.5.3*Created by: dependabot[bot]*
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061b...*Created by: dependabot[bot]*
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li>
<li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li>
<li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=elliptic&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>https://gitlabext.wsl.ch/EnviDat/gcnet-frontend/-/merge_requests/2Bump websocket-extensions from 0.1.3 to 0.1.42020-06-24T09:26:25ZSamBump websocket-extensions from 0.1.3 to 0.1.4*Created by: dependabot[bot]*
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/faye/websocket-ext...*Created by: dependabot[bot]*
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md">websocket-extensions's changelog</a>.</em></p>
<blockquote>
<h3>0.1.4 / 2020-06-02</h3>
<ul>
<li>Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by
Robert McLaughlin)</li>
<li>Change license from MIT to Apache 2.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/8efd0cd6e35faf9bb9cb08759be1e27082177d43"><code>8efd0cd</code></a> Bump version to 0.1.4</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/3dad4ad44a8c5f74d4f8f4efd3f9d6e0b5df3051"><code>3dad4ad</code></a> Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/4a76c75efb1c5d6a2f60550e9501757458d19533"><code>4a76c75</code></a> Add Node versions 13 and 14 on Travis</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/44a677a9c0631daed0b0f4a4b68c095b624183b8"><code>44a677a</code></a> Formatting change: {...} should have spaces inside the braces</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/f6c50aba0c20ff45b0f87cea33babec1217ec3f5"><code>f6c50ab</code></a> Let npm reformat package.json</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/2d211f3705d52d9efb4f01daf5a253adf828592e"><code>2d211f3</code></a> Change markdown formatting of docs.</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/0b620834cc1e1f2eace1d55ab17f71d90d88271d"><code>0b62083</code></a> Update Travis target versions.</li>
<li><a href="https://github.com/faye/websocket-extensions-node/commit/729a4653073fa8dd020561113513bfa2e2119415"><code>729a465</code></a> Switch license to Apache 2.0.</li>
<li>See full diff in <a href="https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=websocket-extensions&package-manager=npm_and_yarn&previous-version=0.1.3&new-version=0.1.4)](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/EnviDat/gcnet-frontend/network/alerts).
</details>