Dac Chartrand
262df22b4a
Better Pressbooks-build-tools Solution ( #197 )
...
* unused wpapi, update js-cookie, npm audit fix
* build dist with updated versions
See: https://github.com/pressbooks/pressbooks/pull/1834
5 years ago
Dac Chartrand
ac3521420e
Better Pressbooks-build-tools Solution ( #196 )
...
See: https://github.com/pressbooks/pressbooks/pull/1834
5 years ago
Dac Chartrand
ced4c365cd
Change Travis API key
5 years ago
Dac Chartrand
b04f1ce557
Fix composer/installers version
5 years ago
Dac Chartrand
922d4b7151
Fix build?
5 years ago
Dac Chartrand
4966d11def
Update version and localizations
5 years ago
Dac Chartrand
f1189366ba
Fix: Contact link customization ( #193 )
...
Fixes: https://github.com/pressbooks/pressbooks-aldine/issues/191
5 years ago
Dac Chartrand
60100a08dc
Fix syntax error
...
Trailing commas in functions only supported in PHP 7.3
The unit tests, they do nothing!
5 years ago
Dac Chartrand
139d01f558
Use wp_blogmeta to speed up catalog ( #192 )
...
Use wp_blogmeta to speed up catalog
Fixes TODO in reference to: https://core.trac.wordpress.org/ticket/37923
Depends on https://github.com/pressbooks/pressbooks/pull/1805
5 years ago
dependabot-preview[bot]
c74ce31d5b
[Security] Bump eslint-utils from 1.3.1 to 1.4.2 ( #190 )
...
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils ) from 1.3.1 to 1.4.2. **This update includes a security fix.**
- [Release notes](https://github.com/mysticatea/eslint-utils/releases )
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
b2a9f9f324
[Security] Bump mixin-deep from 1.3.0 to 1.3.2 ( #188 )
...
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep ) from 1.3.0 to 1.3.2. **This update includes security fixes.**
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases )
- [Commits](https://github.com/jonschlinkert/mixin-deep/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
6 years ago
Dac Chartrand
915cfb6d3c
Put back 1.6.5-dev
6 years ago
Dac Chartrand
f59fad8e9a
Update version and localizations (1.6.4)
6 years ago
Dac Chartrand
60262f6876
Contact Link, Another Alternative ( #187 )
...
Remove the Contact footer link altogether when neither the form nor a link has been added
Fixes : pressbooks/ideas#180
6 years ago
Daniel Fernandes
9a9c110427
Contact link form, color picker a11y tweaks ( #186 )
...
Fixes : pressbooks/ideas#180
Fixes : pressbooks/pressbooks#1659
6 years ago
Ned Zimmerman
95605f2390
Add fallback for CTA shortcode using old attribute ( fix #184 ) ( #185 )
6 years ago
Dac Chartrand
440b7782b3
Back to 1.6.4-dev [ci skip]
6 years ago
Dac Chartrand
34e1562a7f
Update aetna to 1.0.0-alpha.26
6 years ago
Dac Chartrand
c2394c48b5
1.6.3, Update languages, new threshold
...
The minimum translation completion threshold required in order for a file to be downloaded is 25%
6 years ago
Dac Chartrand
0c9f6a2106
Fix Croatian ( #183 )
6 years ago
Dac Chartrand
1882ad0f3d
Update version and localizations, build assets
6 years ago
Daniel Fernandes
017f8dbf50
Update site/admin footers following website launch ( #180 )
...
Fixes https://github.com/pressbooks/pressbooks/issues/1690
6 years ago
dependabot[bot]
df250e5b97
[Security] Bump tar from 4.4.1 to 4.4.8 ( #179 )
...
Bumps [tar](https://github.com/npm/node-tar ) from 4.4.1 to 4.4.8. **This update includes security fixes.**
- [Release notes](https://github.com/npm/node-tar/releases )
- [Commits](https://github.com/npm/node-tar/compare/v4.4.1...v4.4.8 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
Dac Chartrand
848fb55bea
Merge pull request #177 from pressbooks/dependabot/npm_and_yarn/jquery-3.4.0
...
[Security] Bump jquery from 3.2.1 to 3.4.0
6 years ago
dependabot[bot]
88faa2fd09
[Security] Bump jquery from 3.2.1 to 3.4.0
...
Bumps [jquery](https://github.com/jquery/jquery ) from 3.2.1 to 3.4.0. **This update includes security fixes.**
- [Release notes](https://github.com/jquery/jquery/releases )
- [Commits](https://github.com/jquery/jquery/compare/3.2.1...3.4.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
Dac Chartrand
4ecea13c49
Change version back to 1.7.0-dev
6 years ago
Dac Chartrand
7c97512314
Update localizations
6 years ago
Dac Chartrand
c24ec977c2
Changelogs, changelogs, changelogs
6 years ago
Dac Chartrand
ed68ab8857
Next version and changelogs
6 years ago
Dac Chartrand
144da94e6f
Load translations
6 years ago
Dac Chartrand
4d117a9d97
Bump to 1.7.0-dev
6 years ago
Dac Chartrand
ba8b71c661
Update localizations
6 years ago
Dac Chartrand
f0075b8a4f
Update readme.txt
6 years ago
Ned Zimmerman
7db5ebfec3
Bump version, localizations
6 years ago
dependabot[bot]
dafbb6cbe3
[Security] Bump handlebars from 4.0.12 to 4.1.0 ( #173 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.0.12 to 4.1.0. **This update includes security fixes.**
<details>
<summary>Vulnerabilities fixed</summary>
*Sourced from [The npm Advisory Database](https://npmjs.com/advisories/755 ).*
> **Prototype Pollusion**
> All versions of `handlebars` are vulnerable to Prototype Pollusion. Templates may alter an Objects' prototype, thus allowing an attacker to execute arbitrary code on the server.
>
> Affected versions: <=4.0.12
</details>
<details>
<summary>Changelog</summary>
*Sourced from [handlebars's changelog](https://github.com/wycats/handlebars.js/blob/v4.1.0/release-notes.md ).*
> ## v4.1.0 - February 7th, 2019
> New Features
>
> - import TypeScript typings - 27ac1ee
>
> Security fixes:
>
> - disallow access to the constructor in templates to prevent RCE - 42841c4, [#1495 ](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1495 )
>
> Housekeeping
>
> - chore: fix components/handlebars package.json and auto-update on release - bacd473
> - chore: Use node 10 to build handlebars - 78dd89c
> - chore/doc: Add more release docs - 6b87c21
>
> Compatibility notes:
>
> Access to class constructors (i.e. `({}).constructor`) is now prohibited to prevent
> Remote Code Execution. This means that following construct will no work anymore:
>
> ```
> class SomeClass {
> }
>
> SomeClass.staticProperty = 'static'
>
> var template = Handlebars.compile('{{constructor.staticProperty}}');
> document.getElementById('output').innerHTML = template(new SomeClass());
> // expected: 'static', but now this is empty.
> ```
>
> This kind of access is not the intended use of Handlebars and leads to the vulnerability described in [#1495 ](https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1495 ). We will **not** increase the major version, because such use is not intended or documented, and because of the potential impact of the issue (we fear that most people won't use a new major version and the issue may not be resolved on many systems).
>
>
>
> [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.12...v4.1.0 )
</details>
<details>
<summary>Commits</summary>
- [`7caca94`](7caca944b1
) v4.1.0
- [`7bd34fb`](7bd34fb466
) Update release notes
- [`56fc676`](56fc6768d1
) test: run appveyor tests in Node 10
- [`ee30222`](ee3022228b
) chore: disable sauce-labs
- [`05e6293`](05e6293bb3
) chore: bump version of grunt-saucelabs
- [`2db0d12`](2db0d123c8
) chore: add .idea and yarn-error.log to .gitignore
- [`edc6220`](edc6220d51
) fix: disallow access to the constructor in templates to prevent RCE
- [`bacd473`](bacd473fe6
) chore: fix components/handlebars package.json and auto-update on release
- [`27ac1ee`](27ac1ee396
) Feat: Import TypeScript typings
- [`78dd89c`](78dd89c13a
) chore: Use node 10 to build handlebars
- Additional commits viewable in [compare view](https://github.com/wycats/handlebars.js/compare/v4.0.12...v4.1.0 )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=handlebars&package-manager=npm_and_yarn&previous-version=4.0.12&new-version=4.1.0 )](https://dependabot.com/compatibility-score.html?dependency-name=handlebars&package-manager=npm_and_yarn&previous-version=4.0.12&new-version=4.1.0 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
dependabot[bot]
930d611c09
Bump pressbooks-build-tools from 1.3.1 to 1.3.3 ( #174 )
...
Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools ) from 1.3.1 to 1.3.3.
<details>
<summary>Release notes</summary>
*Sourced from [pressbooks-build-tools's releases](https://github.com/pressbooks/pressbooks-build-tools/releases ).*
> ## 1.3.3
> ### Patches
>
> - Bump eslint-loader from 2.1.1 to 2.1.2: [#246 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/246 )
> - Bump stylelint-scss from 3.5.2 to 3.5.3: [#247 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/247 )
> - Bump eslint-config-react-app from 3.0.6 to 3.0.7: [#250 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/250 )
>
> ## 1.3.2
> ### Patches
>
> - [Security] Bump lodash from 4.17.10 to 4.17.11: [#245 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/245 )
> - [Security] Bump extend from 3.0.1 to 3.0.2: [#244 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/244 )
</details>
<details>
<summary>Commits</summary>
- [`78187a6`](78187a6fee
) 1.3.3
- [`372ca18`](372ca182fb
) Bump eslint-config-react-app from 3.0.6 to 3.0.7 ([#250 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/250 ))
- [`97f7e6e`](97f7e6e116
) Bump stylelint-scss from 3.5.2 to 3.5.3 ([#247 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/247 ))
- [`af5ae7d`](af5ae7d2c0
) Bump eslint-loader from 2.1.1 to 2.1.2 ([#246 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/246 ))
- [`6120204`](61202040f2
) 1.3.2
- [`237b40c`](237b40c93c
) [Security] Bump extend from 3.0.1 to 3.0.2 ([#244 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/244 ))
- [`765d195`](765d195af0
) [Security] Bump lodash from 4.17.10 to 4.17.11 ([#245 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/245 ))
- See full diff in [compare view](https://github.com/pressbooks/pressbooks-build-tools/compare/1.3.1...1.3.3 )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.3 )](https://dependabot.com/compatibility-score.html?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.3 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
dependabot[bot]
b1f912e2cb
Merge pull request #171 from pressbooks/dependabot/npm_and_yarn/extend-3.0.2
6 years ago
dependabot[bot]
d9d796bb20
[Security] Bump extend from 3.0.1 to 3.0.2
...
Bumps [extend](https://github.com/justmoon/node-extend ) from 3.0.1 to 3.0.2. **This update includes security fixes.**
- [Release notes](https://github.com/justmoon/node-extend/releases )
- [Changelog](https://github.com/justmoon/node-extend/blob/master/CHANGELOG.md )
- [Commits](https://github.com/justmoon/node-extend/compare/v3.0.1...v3.0.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
dependabot[bot]
c34abf3481
Merge pull request #170 from pressbooks/dependabot/npm_and_yarn/node.extend-1.1.8
6 years ago
dependabot[bot]
dbf2b96c81
[Security] Bump node.extend from 1.1.6 to 1.1.8
...
Bumps [node.extend](https://github.com/dreamerslab/node.extend ) from 1.1.6 to 1.1.8. **This update includes security fixes.**
- [Release notes](https://github.com/dreamerslab/node.extend/releases )
- [Changelog](https://github.com/dreamerslab/node.extend/blob/master/History.md )
- [Commits](https://github.com/dreamerslab/node.extend/compare/v1.1.6...v1.1.8 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
dependabot[bot]
2e0ef1bef2
Bump pressbooks-build-tools from 1.2.1 to 1.3.1 ( #169 )
...
Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools ) from 1.2.1 to 1.3.1.
<details>
<summary>Release notes</summary>
*Sourced from [pressbooks-build-tools's releases](https://github.com/pressbooks/pressbooks-build-tools/releases ).*
> ## 1.3.1
> ### Patches
>
> - Bump eslint-plugin-jsx-a11y from 6.2.0 to 6.2.1: [#240 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/240 )
> - Bump stylelint-scss from 3.5.1 to 3.5.2: [#241 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/241 )
> - Bump prettier from 1.16.1 to 1.16.4: [#242 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/242 )
>
> ## 1.3.0
> ### Minor Changes
>
> - Bump stylelint-scss from 3.4.4 to 3.5.0: [#227 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/227 )
> - Bump eslint from 5.11.1 to 5.12.1: [#231 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/231 )
> - Bump sass from 1.15.3 to 1.16.1: [#232 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/232 )
> - Bump stylelint from 9.9.0 to 9.10.1: [#233 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/233 )
> - Bump prettier from 1.15.3 to 1.16.1: [#234 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/234 )
> - Bump eslint-plugin-jsx-a11y from 6.1.2 to 6.2.0: [#235 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/235 )
> - Bump eslint-plugin-import from 2.14.0 to 2.15.0: [#238 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/238 )
>
> ### Patches
>
> - Bump laravel-mix from 4.0.13 to 4.0.14: [#230 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/230 )
> - Bump stylelint-scss from 3.5.0 to 3.5.1: [#236 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/236 )
> - Bump eslint-plugin-react from 7.12.3 to 7.12.4: [#237 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/237 )
</details>
<details>
<summary>Commits</summary>
- [`65d8f96`](65d8f961ae
) 1.3.1
- [`3ec31e2`](3ec31e2ccf
) Bump prettier from 1.16.1 to 1.16.4 ([#242 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/242 ))
- [`fae84f5`](fae84f54aa
) Bump stylelint-scss from 3.5.1 to 3.5.2 ([#241 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/241 ))
- [`3dd62eb`](3dd62ebec8
) Bump eslint-plugin-jsx-a11y from 6.2.0 to 6.2.1 ([#240 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/240 ))
- [`3aed18f`](3aed18f0d5
) Bump prettier from 1.16.1 to 1.16.4
- [`bc9af6a`](bc9af6a588
) 1.3.0
- [`90699f0`](90699f0b9e
) Bump eslint-plugin-import from 2.14.0 to 2.15.0 ([#238 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/238 ))
- [`0967535`](0967535c14
) Bump eslint-plugin-react from 7.12.3 to 7.12.4 ([#237 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/237 ))
- [`22e6617`](22e6617c95
) Bump stylelint-scss from 3.5.0 to 3.5.1 ([#236 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/236 ))
- [`7c8c384`](7c8c384127
) Bump eslint-plugin-jsx-a11y from 6.1.2 to 6.2.0 ([#235 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/235 ))
- Additional commits viewable in [compare view](https://github.com/pressbooks/pressbooks-build-tools/compare/1.2.1...1.3.1 )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.2.1&new-version=1.3.1 )](https://dependabot.com/compatibility-score.html?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.2.1&new-version=1.3.1 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
dependabot[bot]
51ceae4c78
Bump aetna from 1.0.0-alpha.22 to 1.0.0-alpha.24 ( #168 )
...
Bumps [aetna](https://github.com/pressbooks/aetna ) from 1.0.0-alpha.22 to 1.0.0-alpha.24.
<details>
<summary>Commits</summary>
- See full diff in [compare view](https://github.com/pressbooks/aetna/commits )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=aetna&package-manager=npm_and_yarn&previous-version=1.0.0-alpha.22&new-version=1.0.0-alpha.24 )](https://dependabot.com/compatibility-score.html?dependency-name=aetna&package-manager=npm_and_yarn&previous-version=1.0.0-alpha.22&new-version=1.0.0-alpha.24 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
dependabot[bot]
2e4dc4c8f9
Bump pressbooks-build-tools from 1.2.0 to 1.2.1 ( #165 )
...
Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools ) from 1.2.0 to 1.2.1.
<details>
<summary>Release notes</summary>
*Sourced from [pressbooks-build-tools's releases](https://github.com/pressbooks/pressbooks-build-tools/releases ).*
> ## 1.2.1
> ### Patches
>
> - Bump rimraf from 2.6.2 to 2.6.3: [#220 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/220 )
> - Bump laravel-mix from 4.0.12 to 4.0.13: [#222 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/222 )
> - Bump eslint-plugin-react from 7.12.1 to 7.12.2: [#221 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/221 )
> - Bump eslint-plugin-flowtype from 3.2.0 to 3.2.1: [#226 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/226 )
> - Bump eslint-plugin-react from 7.12.2 to 7.12.3: [#225 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/225 )
> - Bump sass from 1.15.2 to 1.15.3: [#224 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/224 )
> - Bump vue-template-compiler from 2.5.21 to 2.5.22: [#229 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/229 )
</details>
<details>
<summary>Commits</summary>
- [`d7dc8a9`](d7dc8a9225
) 1.2.1
- [`ec0e50c`](ec0e50c3a9
) Bump vue-template-compiler from 2.5.21 to 2.5.22 ([#229 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/229 ))
- [`2b877c9`](2b877c934f
) Bump sass from 1.15.2 to 1.15.3 ([#224 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/224 ))
- [`820cc27`](820cc27794
) Bump eslint-plugin-react from 7.12.2 to 7.12.3 ([#225 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/225 ))
- [`7863e6a`](7863e6a6f5
) Bump eslint-plugin-flowtype from 3.2.0 to 3.2.1 ([#226 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/226 ))
- [`a23c743`](a23c7438d7
) Bump eslint-plugin-react from 7.12.1 to 7.12.2 ([#221 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/221 ))
- [`e97e77b`](e97e77b673
) Bump laravel-mix from 4.0.12 to 4.0.13 ([#222 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/222 ))
- [`30b1e2f`](30b1e2f5f1
) Bump rimraf from 2.6.2 to 2.6.3 ([#220 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/220 ))
- See full diff in [compare view](https://github.com/pressbooks/pressbooks-build-tools/compare/1.2.0...1.2.1 )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.2.0&new-version=1.2.1 )](https://dependabot.com/compatibility-score.html?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.2.0&new-version=1.2.1 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
Ned Zimmerman
ab7e88c040
Update Aetna, simplify font size button ( #163 )
...
Accompanies https://github.com/pressbooks/pressbooks-book/pull/452 .
6 years ago
Ned Zimmerman
32de704ac1
Update package files
6 years ago
dependabot[bot]
cde2fe53f3
Bump pressbooks-build-tools from 1.1.0 to 1.2.0 ( #161 )
...
Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools ) from 1.1.0 to 1.2.0.
<details>
<summary>Release notes</summary>
*Sourced from [pressbooks-build-tools's releases](https://github.com/pressbooks/pressbooks-build-tools/releases ).*
> ## 1.2.0
> ### Minor Changes
>
> - Bump eslint-plugin-react from 7.11.1 to 7.12.1: [#219 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/219 )
> - Bump eslint-plugin-jquery from 1.3.2 to 1.5.0: [#218 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/218 )
> - Bump eslint from 5.10.0 to 5.11.1: [#214 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/214 )
>
> ### Patches
>
> - Bump stylelint-scss from 3.4.1 to 3.4.2: [#209 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/209 )
> - [Security] Bump webpack-dev-server from 3.1.10 to 3.1.14: [#215 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/215 )
> - Bump stylelint-scss from 3.4.2 to 3.4.4: [#213 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/213 )
> - Bump eslint-config-react-app from 3.0.5 to 3.0.6: [#212 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/212 )
</details>
<details>
<summary>Commits</summary>
- [`f890c29`](f890c298bf
) 1.2.0
- [`aba8ce1`](aba8ce17bc
) Bump eslint from 5.10.0 to 5.11.1 ([#214 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/214 ))
- [`e930274`](e930274ed3
) Bump eslint-config-react-app from 3.0.5 to 3.0.6 ([#212 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/212 ))
- [`e40ea1f`](e40ea1f1cb
) Bump stylelint-scss from 3.4.2 to 3.4.4 ([#213 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/213 ))
- [`4d65a07`](4d65a07885
) [Security] Bump webpack-dev-server from 3.1.10 to 3.1.14 ([#215 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/215 ))
- [`f5a69f4`](f5a69f496e
) Bump eslint-plugin-jquery from 1.3.2 to 1.5.0 ([#218 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/218 ))
- [`84c45ca`](84c45cad71
) Bump eslint-plugin-react from 7.11.1 to 7.12.1 ([#219 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/219 ))
- [`9e97b4a`](9e97b4a1eb
) Bump stylelint-scss from 3.4.1 to 3.4.2 ([#209 ](https://github-redirect.dependabot.com/pressbooks/pressbooks-build-tools/issues/209 ))
- See full diff in [compare view](https://github.com/pressbooks/pressbooks-build-tools/compare/1.1.0...1.2.0 )
</details>
<br />
[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.1.0&new-version=1.2.0 )](https://dependabot.com/compatibility-score.html?dependency-name=pressbooks-build-tools&package-manager=npm_and_yarn&previous-version=1.1.0&new-version=1.2.0 )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com ):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot .
</details>
6 years ago
Ned Zimmerman
ac520a738d
Switch to Coding Standards 1.0
6 years ago
dependabot[bot]
158051e89e
Merge pull request #160 from pressbooks/dependabot/npm_and_yarn/webpack-dev-server-3.1.14
6 years ago
dependabot[bot]
b9381bbae1
[Security] Bump webpack-dev-server from 3.1.10 to 3.1.14
...
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server ) from 3.1.10 to 3.1.14. **This update includes security fixes.**
- [Release notes](https://github.com/webpack/webpack-dev-server/releases )
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.1.10...v3.1.14 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
dependabot[bot]
730ebda2aa
[Security] Bump sshpk from 1.13.0 to 1.16.0 ( #159 )
...
Bumps [sshpk](https://github.com/joyent/node-sshpk ) from 1.13.0 to 1.16.0. **This update includes security fixes.**
- [Release notes](https://github.com/joyent/node-sshpk/releases )
- [Commits](https://github.com/joyent/node-sshpk/compare/v1.13.0...v1.16.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago