chore(deps-dev): bump pnpm from 7.1.9 to 7.33.4 #36

dependabot · 2023-08-01T17:06:11Z

Bumps pnpm from 7.1.9 to 7.33.4.

Release notes

v7.33.4

Patch Changes

When the same file is appended multiple times into a tarball, the last occurrence is selected when unpacking the tarball.

Added support for publishConfig.registry in package.json for publishing #6775.

Fixed a bug in which pnpm passed the wrong scheme to git ls-remote, causing a fallback to git+ssh and resulting in a 'host key verification failed' issue #6805

Our Gold Sponsors

Our Silver Sponsors

... (truncated)

Commits

9c2a7b3 chore(release): 7.33.4
2b4a0d2 fix: audit
491965b feat: publishConfig.registry (#6803)
3c72879 fix(git-resolver): wrong scheme to git ls-remote (#6806)
e92d23a Merge pull request from GHSA-5r98-f33j-g8h7
7fdaaf0 chore(release): 7.33.3
5bff45c test: fix
751c87d test: fix
b46a911 test(patching): fix
e6ca1aa style: fix
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [pnpm](https://github.com/pnpm/pnpm) from 7.1.9 to 7.33.4. - [Release notes](https://github.com/pnpm/pnpm/releases) - [Commits](pnpm/pnpm@v7.1.9...v7.33.4) --- updated-dependencies: - dependency-name: pnpm dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

Dodalun · 2023-08-02T04:06:56Z

I have no clue what this is about ? Someone have been hacking my phone, and they have done a lot og bad things...at least it's bad against me...and maybe the banks...🙈Best regard Anita Lunde.iPhone 11 pro1. aug. 2023 kl. 19:06 skrev dependabot[bot] ***@***.***>:Bumps pnpm from 7.1.9 to 7.33.4. Release notes Sourced from pnpm's releases. v7.33.4 Patch Changes When the same file is appended multiple times into a tarball, the last occurrence is selected when unpacking the tarball. Added support for publishConfig.registry in package.json for publishing #6775. Fixed a bug in which pnpm passed the wrong scheme to git ls-remote, causing a fallback to git+ssh and resulting in a 'host key verification failed' issue #6805 Our Gold Sponsors Our Silver Sponsors ... (truncated) Commits 9c2a7b3 chore(release): 7.33.4 2b4a0d2 fix: audit 491965b feat: publishConfig.registry (#6803) 3c72879 fix(git-resolver): wrong scheme to git ls-remote (#6806) e92d23a Merge pull request from GHSA-5r98-f33j-g8h7 7fdaaf0 chore(release): 7.33.3 5bff45c test: fix 751c87d test: fix b46a911 test(patching): fix e6ca1aa style: fix Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page. You can view, comment on, or merge this pull request online at: #36 Commit Summary da0bbc9 chore(deps-dev): bump pnpm from 7.1.9 to 7.33.4 File Changes (1 file) M pnpm-lock.yaml (2053) Patch Links: https://github.com/wessberg/cjstoesm/pull/36.patch https://github.com/wessberg/cjstoesm/pull/36.diff —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

dependabot · 2023-08-02T04:06:58Z