Bump the npm_and_yarn group across 1 directory with 12 updates #53

dependabot · 2024-05-29T00:20:22Z

Bumps the npm_and_yarn group with 10 updates in the / directory:

Package	From	To
postcss	`8.4.8`	`8.4.31`
semver	`5.7.1`	`5.7.2`
@babel/traverse	`7.18.13`	`7.24.6`
axios	`0.21.4`	`removed`
@11ty/eleventy	`1.0.2`	`2.0.1`
express	`4.17.3`	`4.19.2`
nunjucks	`3.2.3`	`3.2.4`
pug	`3.0.2`	`3.0.3`
sharp	`0.30.6`	`0.33.4`
@11ty/eleventy-img	`1.1.0`	`4.0.2`

Updates postcss from 8.4.8 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by @romainmenke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by @KingSora).

8.4.17

Fixed Node.before() unexpected behavior (by @romainmenke).

Added TOC to docs (by @muddv).

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

Fixed Node.before() unexpected behavior (by Romain Menke).

Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

90208de Release 8.4.31 version
58cc860 Fix carrier return parsing
4fff8e4 Improve pnpm test output
cd43ed1 Update dependencies
caa916b Update dependencies
8972f76 Typo
11a5286 Typo
45c5501 Release 8.4.30 version
bc3c341 Update linter
b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates @babel/traverse from 7.18.13 to 7.24.6

Release notes

Sourced from @babel/traverse's releases.

v7.24.6 (2024-05-24)

Thanks @amjed-98, @blakewilson, @coelhucas, and @SukkaW for your first PRs!

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

Committers: 9

Amjad Yahia Robeen Hassan (@amjed-98)

Babel Bot (@babel-bot)

Blake Wilson (@blakewilson)

Huáng Jùnliàng (@JLHwung)

Lucas Coelho (@coelhucas)

Nicolò Ribaudo (@nicolo-ribaudo)

Sukka (@SukkaW)

Zzzen (@Zzzen)

@liuxingbaoyu

v7.24.5 (2024-04-29)

Thanks @romgrk and @sossost for your first PRs!

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.6 (2024-05-24)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

#16407 Recover from exported using declaration (@JLHwung)

🏠 Internal

Other

#16414 Relax ESLint peerDependency constraint to allow v9 (@liuxingbaoyu)

babel-parser

#16425 Improve @babel/parser AST types (@nicolo-ribaudo)

#16417 Always pass type argument to .startNode (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse

#16439 Make NodePath<T | U> distributive (@nicolo-ribaudo)

babel-plugin-proposal-partial-application, babel-types

#16421 Remove JSXNamespacedName from valid CallExpression args (@nicolo-ribaudo)

babel-plugin-transform-class-properties, babel-preset-env

... (truncated)

Commits

9630250 v7.24.6
1f010df Explicitly define NodePath.prototype.* (#16488)
6e3539b [babel 8] Publish .d.ts files for every package (#16416)
e37e64d Use eslint v9 (#16479)
3ff20b9 Statically generate boilerplate for bitfield accessors (#16482)
97c3eb1 Remove syntaxType option for record-and-tuple (parser&plugin) (#16458)
71c247a [babel 8] Require Node.js ^18.20.0 || ^20.10.0 || >=21.0.0 (#16457)
ddbea7d v7.24.5
e779cad fix: TypeScript annotation affects output (#16377)
ee48754 Use multiple TypeScript projects (#16430)
Additional commits viewable in compare view

Removes axios

Updates @11ty/eleventy from 1.0.2 to 2.0.1

Release notes

Sourced from @11ty/eleventy's releases.

Eleventy v2.0.1: a Bug Fix Release

Eleventy v2.0.1 is now available! You can try it out in your project now:
npm install @11ty/eleventy@latest
Read more about project versus global installation.

New to Eleventy?

Eleventy is a flexible and production-ready site generator known for its zero-client JavaScript footprint, speedy sites, speedy builds, and full control over the output.

Build a blog from scratch in 6 minutes with Eleventy

Watch The State of Eleventy in Two Minutes

Read more about Eleventy’s project goals.

Features and Fixes

Fixed: this.eleventy in JavaScript template functions #2790

Fixed: lodash security audits #2877

Fixed: pagination targets with object bracket notation #2851

Fixed: 11ty.js templates were too aggressively cached on watch/serve #2839 #2838

Fixed: Handlebars partials were too aggressively cached on watch/serve #2799

Fixed: Configuration reload fixes #2864 #2869 #2867

New: Serverless pagination now works with Arrays and Objects #2853 #2544 Learn more: https://www.11ty.dev/docs/plugins/serverless/#dynamic-slugs-to-subset-your-pagination

Typo fixes by @deining in #2845

Housekeeping

Full milestone/issue list: https://github.com/11ty/eleventy/milestone/43?closed=1

Full changelog: 11ty/eleventy@v2.0.0...v2.0.1

Thank You Notes

This project would not be possible without our lovely community. Thank you to everyone that built something with Eleventy (×684 authors on our web site!), wrote a blog post about Eleventy, contributed code, wrote a plugins, helped with documentation, asked questions, answered questions, braved The Leaderboards, participated on Discord, filed issues, attended (or organized!) a meetup, said a kind word on social media ❤️.

A huge thank you to Netlify, especially: @biilmann, Chris Bach, Lauren Sell (alum), and Claire Knight, without whom this release would not have been possible.

🏆 A special thanks to @pdehaan for their tireless contributions on the Eleventy Issue tracker.

Yet more thanks to the all star Discord Moderators and Meetup Coordinators @BenDMyers, @clottman, @dleatherman, @darthmall, @nachtfunke, @siakaramalegos and @5t3ph.

All of our supporters on Open Collective ❤️

Contribute on Open Collective

How else can you contribute to Eleventy?

Open Collective Supporters

Gold Sponsors: Sanity.io, Nordhealth, CloudCannon, Transloadit

Silver Sponsors: Unabridged Software, PQINA, Bejamas, Nathan Smith, Monarch Air Group, Getform.io, Mercury Jets, OCEG

Backers: Tyler Gaw, Ariel Salminen, Peter deHaan, Melanie Sumner, Ben Nash, Alejandro Rodríguez, Mat Marquis, Philip Borenstein, Jérôme Coupé, Nicolas Hoizey, Mike Aparicio, Ben Myers, Katie Sylor-Miller, Mark Buskbjerg, mortendk, Aaron Hans, Lauris Consulting, John Meyerhofer, Todd Libby, shawn j sandy, Luke Bonaccorsi, Higby, Jenn Schiffer, Dimitrios Grammatikogiannis, Devin Clark, Eric Bailey, Manuel Matuzovic, Tim Giles, Kyosuke Nakamura, Rob Sterlini, Horacio Gonzalez, Hans Gerwitz, Makoto Kawasaki, Josh Crain, Richard Hemmer, Nick Nisi, John SJ Anderson, Ryan Swaney, Alistair Shepherd, Ivo Herrmann, Flaki, Angelique Weger, John Hall, Scott McCracken, James Steinbach, Miriam Suzanne, Bentley Davis, Ara Abcarians, vince falconi, Martin Schneider, Stephanie Eckles, Frontend Weekly Tokyo, Dorin Vancea, Chris Burnell, Ximenav Vf., Rich Holman, Kasper Storgaard, Kevin Healy, Greg Gibson, Michelle Barker, Alesandro Ortiz, David A. Herron, Paul Robert Lloyd, Andrea Vaghi, Bryan Robinson, Ashur Cabrera, Raymond Camden, John Meguerian, Joe Lamyman, Dan Ryan, Sam, Brett Nelson, Paul Welsh, Ingo Steinke, Noel Forte, Melanie Richards, Marco Zehe, Wes Ruvalcaba, Luc Poupard, Entle Web Solutions, Ken Hawkins, Fershad Irani, Nikita Dubko, Aaron Gustafson, Chris, Christian Miles, Benjamin Geese, Marcus Relacion, Netin nopeustesti, Raphael Höser, Cthos, Sia Karamalegos, Jon Kuperman, Saneef Ansari, Michel van der Kroef, Flemming Meyer, Colin Fahrion, Dan Burzo, Dan Ott, Mobilemall.pk, Cheap VPS, David Darnes, Jon Roobottom, Dana Byerly, Oisín Quinn, Renkaatsopivasti, Windesol Sähkön Kilpailutus, Luke Mitchell, SignpostMarv, THE PADDING, Bob Monsour, Richmond Insulation, Patrick Byrne, zapscribbles, Frank Reding, quinnanya, Cory Birdsong, Aram ZS, Andy Stevenson, Robin Rendle, HelppoHinta.fi, Tanner Dolby, jpoehnelt, xdesro, Alex Zappa, Richmond Concrete, Alexander Wunschik, Tom, CelineDesign, Nic Chan, Duc Lam, Stephen Bell, Robert Haselbacher, Lene, Brett DeWoody, alistairtweedie, Meta Tier List, Iva Tech, Daniel Saunders, Josh Vickerson, Dan Urbanowicz, dan leatherman, Jens Grochtdreis, CBD Review, Eric Gallager, Softermii, Eric Carlisle, Claus Conrad, Anna E. Cook, David Luhr, Matt Obee, Kiekkotorni - Nikotiinipussit

... (truncated)

Commits

e71cb94 Coverage
bbc3fc1 v2.0.1
347d41b v2.0.1-beta.2
3203e3a Update dependencies
716f65a v2.0.1-beta.1
273bf3b v2.0.1-alpha.3
916805e Publish the dependency graph in eleventy.after args
67ce615 Fixes #2754
30c7113 Custom lodash build, fixes #2877
a9323c3 Fixes #2790
Additional commits viewable in compare view

Updates ejs from 3.1.8 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates express from 4.17.3 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

... (truncated)

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates liquidjs from 9.43.0 to 10.13.1

Release notes

Sourced from liquidjs's releases.

v10.13.1

10.13.1 (2024-05-24)

Bug Fixes

allow liquidMethodMissing to return any supported value type (#698) (0983f2c)

isComparable full interface check (#701) (55e144a)

v10.13.0

10.13.0 (2024-05-13)

Features

array_to_sentence_string and number_of_words filters from Jekyll, #443 (50253a9)

date filters from Jekyll (4955e75)

escape filters from Jekyll, #443 (b12eb8a)

jsonify, inspect, to_integer, normalize_whitespace filters (842b45c)

slugify filter from Jekyll, #443 (47ddc11)

v10.12.0

10.12.0 (2024-04-28)

Bug Fixes

case/when array equality, #673 (2b63035)

Features

introduce where_exp filter from Jekyll (8c7cef9)

v10.11.1

10.11.1 (2024-04-21)

Bug Fixes

allow %Z for TimezoneDate, update docs accordingly #684 (e09657c)

Allow lenientIf for multiple operands (issue #682) (#683) (490ff43)

v10.11.0

10.11.0 (2024-04-14)

Features

group_by/group_by_exp/find/find_exp from Jekyll, #443 (2b713b7)

... (truncated)

Changelog

Sourced from liquidjs's changelog.

10.13.1 (2024-05-24)

Bug Fixes

allow liquidMethodMissing to return any supported value type (#698) (0983f2c)

isComparable full interface check (#701) (55e144a)

10.13.0 (2024-05-13)

Features

array_to_sentence_string and number_of_words filters from Jekyll, #443 (50253a9)

date filters from Jekyll (4955e75)

escape filters from Jekyll, #443 (b12eb8a)

jsonify, inspect, to_integer, normalize_whitespace filters (842b45c)

slugify filter from Jekyll, #443 (47ddc11)

10.12.0 (2024-04-28)

Bug Fixes

case/when array equality, #673 (2b63035)

Features

introduce where_exp filter from Jekyll (8c7cef9)

10.11.1 (2024-04-21)

Bug Fixes

allow %Z for TimezoneDate, update docs accordingly #684 (e09657c)

Allow lenientIf for multiple operands (issue #682) (#683) (490ff43)

10.11.0 (2024-04-14)

Features

group_by/group_by_exp/find/find_exp from Jekyll, #443 (2b713b7)

pop/shift/unshift filters from Jekyll (258780e)

10.10.2 (2024-03-21)

... (truncated)

Commits

513940d chore(release): 10.13.1 [skip ci]
8f700ae docs: add GuillermoCasalCaro as a contributor for code (#702)
55e144a fix: isComparable full interface check (#701)
6ca5376 docs: add admtnnr as a contributor for code (#699)
0983f2c fix: allow liquidMethodMissing to return any supported value type (#698)
12001b6 docs: update .all-contributorsrc [skip ci]
7591ddc docs: update README.md [skip ci]
3b24f07 docs: update broken link
bd571d1 chore(release): 10.13.0 [skip ci]
47ddc11 feat: slugify filter from Jekyll, #443
Additional commits viewable in compare view

Updates nunjucks from 3.2.3 to 3.2.4

Release notes

Sourced from nunjucks's releases.

v3.2.4

What's Changed

fix: html encode backslashes if used with escape filter or autoescape by @fdintino in mozilla/nunjucks#1437. Fixes CVE-2023-2142 ([bugzilla #1825980](https://bugzilla.mozilla.org/show_bug.cgi?id=1825980))

Full Changelog: mozilla/nunjucks@v3.2.3...v3.2.4

Changelog

Sourced from nunjucks's changelog.

3.2.4 (Apr 13 2023)

HTML encode backslashes when expressions are passed through the escape filter (including when this is done automatically with autoescape). Merge of #1437.

Commits

86a77f4 Release v3.2.4
ec16d21 fix: html encode back...
Description has been truncated

Bumps the npm_and_yarn group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [postcss](https://github.com/postcss/postcss) | `8.4.8` | `8.4.31` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.13` | `7.24.6` | | [axios](https://github.com/axios/axios) | `0.21.4` | `removed` | | [@11ty/eleventy](https://github.com/11ty/eleventy) | `1.0.2` | `2.0.1` | | [express](https://github.com/expressjs/express) | `4.17.3` | `4.19.2` | | [nunjucks](https://github.com/mozilla/nunjucks) | `3.2.3` | `3.2.4` | | [pug](https://github.com/pugjs/pug) | `3.0.2` | `3.0.3` | | [sharp](https://github.com/lovell/sharp) | `0.30.6` | `0.33.4` | | [@11ty/eleventy-img](https://github.com/11ty/eleventy-img) | `1.1.0` | `4.0.2` | Updates `postcss` from 8.4.8 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.8...8.4.31) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `@babel/traverse` from 7.18.13 to 7.24.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse) Removes `axios` Updates `@11ty/eleventy` from 1.0.2 to 2.0.1 - [Release notes](https://github.com/11ty/eleventy/releases) - [Changelog](https://github.com/11ty/eleventy/blob/main/docs/release-instructions.md) - [Commits](11ty/eleventy@v1.0.2...v2.0.1) Updates `ejs` from 3.1.8 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.8...v3.1.10) Updates `express` from 4.17.3 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.3...4.19.2) Updates `liquidjs` from 9.43.0 to 10.13.1 - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](harttle/liquidjs@v9.43.0...v10.13.1) Updates `nunjucks` from 3.2.3 to 3.2.4 - [Release notes](https://github.com/mozilla/nunjucks/releases) - [Changelog](https://github.com/mozilla/nunjucks/blob/master/CHANGELOG.md) - [Commits](mozilla/nunjucks@v3.2.3...v3.2.4) Updates `pug` from 3.0.2 to 3.0.3 - [Release notes](https://github.com/pugjs/pug/releases) - [Commits](https://github.com/pugjs/pug/compare/[email protected]@3.0.3) Updates `sharp` from 0.30.6 to 0.33.4 - [Release notes](https://github.com/lovell/sharp/releases) - [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md) - [Commits](lovell/sharp@v0.30.6...v0.33.4) Updates `@11ty/eleventy-img` from 1.1.0 to 4.0.2 - [Release notes](https://github.com/11ty/eleventy-img/releases) - [Commits](11ty/eleventy-img@v1.1.0...v4.0.2) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: axios dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@11ty/eleventy" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: liquidjs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nunjucks dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pug dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: sharp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@11ty/eleventy-img" dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-06-18T14:39:06Z

Superseded by #55.

dependabot bot added the dependencies Pull requests that update a dependency file label May 29, 2024

dependabot bot mentioned this pull request May 29, 2024

Bump the npm_and_yarn group across 1 directory with 11 updates #51

Closed

dependabot bot closed this Jun 18, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-b5f0a03167 branch June 18, 2024 14:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 12 updates #53

Bump the npm_and_yarn group across 1 directory with 12 updates #53

dependabot bot commented on behalf of github May 29, 2024

dependabot bot commented on behalf of github Jun 18, 2024

Bump the npm_and_yarn group across 1 directory with 12 updates #53

Bump the npm_and_yarn group across 1 directory with 12 updates #53

Conversation

dependabot bot commented on behalf of github May 29, 2024

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

Committers: 9

v7.24.5 (2024-04-29)

🐛 Bug Fix

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

🏠 Internal

Eleventy v2.0.1: a Bug Fix Release

New to Eleventy?

Features and Fixes

Housekeeping

Thank You Notes

Open Collective Supporters

v3.1.10

v3.1.9

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes