Auto merge of #500 - servo:dependabot/npm_and_yarn/examples/canvas_webgl_minimal/www/url-parse-1.5.7, r=jdm · 0e3c44914e - michael/pathfinder

Auto merge of #500 - servo:dependabot/npm_and_yarn/examples/canvas_webgl_minimal/www/url-parse-1.5.7, r=jdm

Bump url-parse from 1.5.1 to 1.5.7 in /examples/canvas_webgl_minimal/www

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.5.1 to 1.5.7.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8b3f5f2c88"><code>8b3f5f2</code></a> 1.5.7</li>
<li><a href="ef45a13553"><code>ef45a13</code></a> [fix] Readd the empty userinfo to <code>url.href</code> (<a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/226">#226</a>)</li>
<li><a href="88df234685"><code>88df234</code></a> [doc] Add soft deprecation notice</li>
<li><a href="78e9f2f412"><code>78e9f2f</code></a> [security] Fix nits</li>
<li><a href="e6fa43422c"><code>e6fa434</code></a> [security] Add credits for incorrect handling of userinfo vulnerability</li>
<li><a href="4c9fa234c0"><code>4c9fa23</code></a> 1.5.6</li>
<li><a href="7b0b8a6671"><code>7b0b8a6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/unshiftio/url-parse/issues/223">#223</a> from unshiftio/fix/at-sign-handling-in-userinfo</li>
<li><a href="e4a5807d95"><code>e4a5807</code></a> 1.5.5</li>
<li><a href="193b44baf3"><code>193b44b</code></a> [minor] Simplify whitespace regex</li>
<li><a href="319851bf1c"><code>319851b</code></a> [fix] Remove CR, HT, and LF</li>
<li>Additional commits viewable in <a href="https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.7">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=url-parse&package-manager=npm_and_yarn&previous-version=1.5.1&new-version=1.5.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/servo/pathfinder/network/alerts).

</details>

This commit is contained in:

bors-servo

2022-03-27 23:49:15 -04:00

committed by

GitHub

parent b1d197236e 6ad77eb858

commit 0e3c44914e

No known key found for this signature in database

GPG Key ID: 4AEE18F83AFDEB23

1 changed files with 3 additions and 3 deletions

									
										6

examples/canvas_webgl_minimal/www/package-lock.jsongenerated

										View File
									
					@ -5391,9 +5391,9 @@

					      }

					      }

					    },

					    },

					    "url-parse": {

					    "url-parse": {

					      "version": "1.5.1",

					      "version": "1.5.7",

					      "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.1.tgz",

					      "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.7.tgz",

					      "integrity": "sha512-HOfCOUJt7iSYzEx/UqgtwKRMC6EU91NFhsCHMv9oM03VJcVo2Qrp8T8kI9D7amFf1cu+/3CEhgb3rF9zL7k85Q==",

					      "integrity": "sha512-HxWkieX+STA38EDk7CE9MEryFeHCKzgagxlGvsdS7WBImq9Mk+PGwiT56w82WI3aicwJA8REp42Cxo98c8FZMA==",

					      "dev": true,

					      "dev": true,

					      "requires": {

					      "requires": {

					        "querystringify": "^2.1.1",

					        "querystringify": "^2.1.1",

Auto merge of #500 - servo:dependabot/npm_and_yarn/examples/canvas_webgl_minimal/www/url-parse-1.5.7, r=jdm

6 examples/canvas_webgl_minimal/www/package-lock.json generated Unescape Escape View File

6

examples/canvas_webgl_minimal/www/package-lock.json generated

View File