Skip to content

Bump the npm_and_yarn group with 4 updates#814

Merged
dependabot[bot] merged 2 commits intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-753485c05d
Mar 26, 2025
Merged

Bump the npm_and_yarn group with 4 updates#814
dependabot[bot] merged 2 commits intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-753485c05d

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 17, 2025
edited
Loading

Bumps the npm_and_yarn group with 4 updates: bootstrap-sass, got, gry and postcss.

Updates bootstrap-sass from 3.4.1 to 3.4.3

Changelog

Sourced from bootstrap-sass's changelog.

3.4.3 (non-ruby only)

  • Fix malformed math.div expressions. #1225

3.4.2 (non-ruby only)

  • Compatibility with Sass 1.33. #1221

3.4.0

  • Bootstrap rubygem now depends on SassC instead of Sass.
  • Compass no longer supported.

3.3.7

  • Allows jQuery 3.x in bower.json. #1048
  • Adds the style and sass fields to package.json. #1045
  • Adds Eyeglass support. #1007

3.3.6

  • Bumps Sass dependency to 3.3.4+ to avoid compatibility issues with @​at-root.
  • Bumps node-sass dependency to ~3.4.2 for Node.js v5 compatibility. #986
  • Fixes breadcrumb content issues on libsass. #919
  • Fixes a Rails 5 compatibility issue. #965

Framework version: Bootstrap v3.3.6

3.3.5

Fix for standalone Compass extension compatibility. #914

Framework version: Bootstrap v3.3.5

3.3.4

No Sass-specific changes.

Framework version: Bootstrap v3.3.4

3.3.3

This is a re-packaged release of 3.3.2.1 (v3.3.2+1).

Versions are now strictly semver. The PATCH version may be ahead of the upstream.

Framework version: Bootstrap v3.3.2.

3.3.2.1

... (truncated)

Commits

Updates got from 14.4.5 to 14.4.6

Release notes

Sourced from got's releases.

v14.4.6

  • Fix timeout error firing even though it's cancelled (#2399) 7a92064

sindresorhus/got@v14.4.5...v14.4.6

Commits

Updates gry from 6.1.0 to 6.1.1

Release notes

Sourced from gry's releases.

6.1.1

 - Update the documentation.

  • Add the GitHub Sponsors link. 

As always, I am very grateful to those supporting my projects! You can do that by donating via PayPal or via GitHub Sponsors.

Thank you very much! ❤️

Commits

Updates postcss from 8.4.49 to 8.5.0

Release notes

Sourced from postcss's releases.

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

Changelog

Sourced from postcss's changelog.

Change Log

This project adheres to Semantic Versioning.

8.5.2

8.5.1

8.5 “Duke Alloces”

  • Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @lucydodo.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group with 4 updates
11ff4c4 
Bumps the npm_and_yarn group with 4 updates: [bootstrap-sass](https://github.com/twbs/bootstrap-sass), [got](https://github.com/sindresorhus/got), [gry](https://github.com/IonicaBizau/node-gry) and [postcss](https://github.com/postcss/postcss).


Updates `bootstrap-sass` from 3.4.1 to 3.4.3
- [Release notes](https://github.com/twbs/bootstrap-sass/releases)
- [Changelog](https://github.com/twbs/bootstrap-sass/blob/master/CHANGELOG.md)
- [Commits](twbs/bootstrap-sass@v3.4.1...v3.4.3)

Updates `got` from 14.4.5 to 14.4.6
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](sindresorhus/got@v14.4.5...v14.4.6)

Updates `gry` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/IonicaBizau/node-gry/releases)
- [Commits](IonicaBizau/node-gry@6.1.0...6.1.1)

Updates `postcss` from 8.4.49 to 8.5.0
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.49...8.5.0)

---
updated-dependencies:
- dependency-name: bootstrap-sass
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: got
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: gry
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 17, 2025
lucydodo
lucydodo approved these changes Feb 18, 2025
View reviewed changes
Copy link
Member

@lucydodo lucydodo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot dependabot bot merged commit 3ed1e48 into master Mar 26, 2025
7 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-753485c05d branch March 26, 2025 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lucydodo lucydodo lucydodo approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lucydodo