Skip to content

deployed/20210331_150535

deployed/20210331_150535: Bump yargs-parser from 5.0.0 to 5.0.1 in /client (#16026)
@dependabot dependabot tagged this 31 Mar 18:25 
Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 5.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/releases">yargs-parser's releases</a>.</em></p>
<blockquote>
<h2>yargs-parser v5.0.1</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> address GHSA-p9pc-299p-vxgp (<a href="https://www.github-redirect.dependabot.com/yargs/yargs-parser/issues/362">#362</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36">1c417bd</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/yargs/yargs-parser/blob/v5.0.1/CHANGELOG.md">yargs-parser's changelog</a>.</em></p>
<blockquote>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.2.1...v5.0.0">5.0.0</a> (2017-02-18)</h1>
<h3>Bug Fixes</h3>
<ul>
<li>environment variables should take precedence over config file (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/81">#81</a>) (<a href="https://github.com/yargs/yargs-parser/commit/76cee1f">76cee1f</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>environment variables will now override config files (args, env, config-file, config-object)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h3><a href="https://www.github.com/yargs/yargs-parser/compare/v5.0.0...v5.0.1">5.0.1</a> (2021-03-10)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> address GHSA-p9pc-299p-vxgp (<a href="https://www.github-redirect.dependabot.com/yargs/yargs-parser/issues/362">#362</a>) (<a href="https://www.github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36">1c417bd</a>)</li>
</ul>
<h2><a href="https://github.com/yargs/yargs-parser/compare/v4.2.0...v4.2.1">4.2.1</a> (2017-01-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>flatten/duplicate regression (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/75">#75</a>) (<a href="https://github.com/yargs/yargs-parser/commit/68d68a0">68d68a0</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.1.0...v4.2.0">4.2.0</a> (2016-12-01)</h1>
<h3>Bug Fixes</h3>
<ul>
<li>inner objects in configs had their keys appended to top-level key when dot-notation was disabled (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/72">#72</a>) (<a href="https://github.com/yargs/yargs-parser/commit/0b1b5f9">0b1b5f9</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>allow multiple arrays to be provided, rather than always combining (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/71">#71</a>) (<a href="https://github.com/yargs/yargs-parser/commit/0f0fb2d">0f0fb2d</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h1><a href="https://github.com/yargs/yargs-parser/compare/v4.0.2...v4.1.0">4.1.0</a> (2016-11-07)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/yargs/yargs-parser/commit/eab6c039888bd5d51f33dda7a98808564acfa938"><code>eab6c03</code></a> chore: release 5.0.1 (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/363">#363</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36"><code>1c417bd</code></a> fix(security): address GHSA-p9pc-299p-vxgp (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/362">#362</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/e93a345e1e585ba5df97c1da438673e7f2e8909b"><code>e93a345</code></a> chore: mark release in commit history (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/361">#361</a>)</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/ee15863f7c62418c4fc92b64c3488778c46833dc"><code>ee15863</code></a> chore: push new package version</li>
<li><a href="https://github.com/yargs/yargs-parser/commit/47742078426f0e4e02aa988062b5fb0fa61182b9"><code>4774207</code></a> fix: back-porting prototype fixes for <em>really</em> old version (<a href="https://github-redirect.dependabot.com/yargs/yargs-parser/issues/271">#271</a>)</li>
<li>See full diff in <a href="https://github.com/yargs/yargs-parser/compare/v5.0.0...v5.0.1">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~oss-bot">oss-bot</a>, a new releaser for yargs-parser since your current version.</p>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=yargs-parser&package-manager=npm_and_yarn&previous-version=5.0.0&new-version=5.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/department-of-veterans-affairs/caseflow/network/alerts).

</details>
Assets 2
Loading