This merges in https://github.com/prettier/prettier/commit/8eb8f9ed2dc5eb1c3e6f787e5a5e6fe68af2b8d1 from upstream Prettier, see the changelog at https://github.com/prettier/prettier/blob/4eba049fb60369b683e39942fbcad97341125618/CHANGELOG.md#212

Bumps node-fetch from 2.1.2 to 2.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bitinn/node-fetch/releases">node-fetch's releases</a>.</em></p> <blockquote> <h2>v2.6.1</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v261">CHANGELOG</a> for details.</p> <h2>v2.6.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.6.0/CHANGELOG.md#v260">CHANGELOG</a>.</p> <h2>v2.5.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.5.0/CHANGELOG.md#v250">CHANGELOG</a>.</p> <h2>v2.4.1</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.4.1/CHANGELOG.md#v241">CHANGELOG</a>.</p> <h2>v2.4.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.4.0/CHANGELOG.md#v240">CHANGELOG</a>.</p> <h2>v2.3.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.3.0/CHANGELOG.md#v230">CHANGELOG</a>.</p> <h2>v2.2.1</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.2.1/CHANGELOG.md#v221">CHANGELOG</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md">node-fetch's changelog</a>.</em></p> <blockquote> <h2>v2.6.1</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <ul> <li>Fix: honor the <code>size</code> option after following a redirect.</li> </ul> <h2>v2.6.0</h2> <ul> <li>Enhance: <code>options.agent</code>, it now accepts a function that returns custom http(s).Agent instance based on current URL, see readme for more information.</li> <li>Fix: incorrect <code>Content-Length</code> was returned for stream body in 2.5.0 release; note that <code>node-fetch</code> doesn't calculate content length for stream body.</li> <li>Fix: <code>Response.url</code> should return empty string instead of <code>null</code> by default.</li> </ul> <h2>v2.5.0</h2> <ul> <li>Enhance: <code>Response</code> object now includes <code>redirected</code> property.</li> <li>Enhance: <code>fetch()</code> now accepts third-party <code>Blob</code> implementation as body.</li> <li>Other: disable <code>package-lock.json</code> generation as we never commit them.</li> <li>Other: dev dependency update.</li> <li>Other: readme update.</li> </ul> <h2>v2.4.1</h2> <ul> <li>Fix: <code>Blob</code> import rule for node < 10, as <code>Readable</code> isn't a named export.</li> </ul> <h2>v2.4.0</h2> <ul> <li>Enhance: added <code>Brotli</code> compression support (using node's zlib).</li> <li>Enhance: updated <code>Blob</code> implementation per spec.</li> <li>Fix: set content type automatically for <code>URLSearchParams</code>.</li> <li>Fix: <code>Headers</code> now reject empty header names.</li> <li>Fix: test cases, as node 12+ no longer accepts invalid header response.</li> </ul> <h2>v2.3.0</h2> <ul> <li>Enhance: added <code>AbortSignal</code> support, with README example.</li> <li>Enhance: handle invalid <code>Location</code> header during redirect by rejecting them explicitly with <code>FetchError</code>.</li> <li>Fix: update <code>browser.js</code> to support react-native environment, where <code>self</code> isn't available globally.</li> </ul> <h2>v2.2.1</h2> <ul> <li>Fix: <code>compress</code> flag shouldn't overwrite existing <code>Accept-Encoding</code> header.</li> <li>Fix: multiple <code>import</code> rules, where <code>PassThrough</code> etc. doesn't have a named export when using node <10 and <code>--experimental-modules</code> flag.</li> <li>Other: Better README.</li> </ul> <h2>v2.2.0</h2> <ul> <li>Enhance: Support all <code>ArrayBuffer</code> view types</li> <li>Enhance: Support Web Workers</li> <li>Enhance: Support Node.js' <code>--experimental-modules</code> mode; deprecate <code>.es.js</code> file</li> <li>Fix: Add <code>__esModule</code> property to the exports object</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/node-fetch/node-fetch/commit/b5e2e41b2b50bf2997720d6125accaf0dd68c0ab"><code>b5e2e41</code></a> update version number</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/2358a6c2563d1730a0cdaccc197c611949f6a334"><code>2358a6c</code></a> Honor the <code>size</code> option after following a redirect and revert data uri support</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/8c197f8982a238b3c345c64b17bfa92e16b4f7c4"><code>8c197f8</code></a> docs: Fix typos and grammatical errors in README.md (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/686">#686</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1e99050f944ac435fce26a9549eadcc2419a968a"><code>1e99050</code></a> fix: Change error message thrown with redirect mode set to error (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/653">#653</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/244e6f63d42025465796e3ca4ce813bf2c31fc5b"><code>244e6f6</code></a> docs: Show backers in README</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/6a5d192034a0f438551dffb6d2d8df2c00921d16"><code>6a5d192</code></a> fix: Properly parse meta tag when parameters are reversed (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/682">#682</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/47a24a03eb49a49d81b768892aee10074ed54a91"><code>47a24a0</code></a> chore: Add opencollective badge</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/7b136627c537cb24430b0310638c9177a85acee1"><code>7b13662</code></a> chore: Add funding link</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/5535c2ed478d418969ecfd60c16453462de2a53f"><code>5535c2e</code></a> fix: Check for global.fetch before binding it (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/674">#674</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1d5778ad0d910dbd1584fb407a186f5a0bc1ea22"><code>1d5778a</code></a> docs: Add Discord badge</li> <li>Additional commits viewable in <a href="https://github.com/bitinn/node-fetch/compare/v2.1.2...v2.6.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~akepinski">akepinski</a>, a new releaser for node-fetch since your current version.</p> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps prismjs from 1.17.1 to 1.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PrismJS/prism/releases">prismjs's releases</a>.</em></p> <blockquote> <h2>v1.21.0</h2> <p>Release 1.21.0</p> <h2>v1.20.0</h2> <p>Release 1.20.0</p> <h2>v1.19.0</h2> <p>Release 1.19.0</p> <h2>v1.18.0</h2> <p>Release 1.18.0</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PrismJS/prism/blob/master/CHANGELOG.md">prismjs's changelog</a>.</em></p> <blockquote> <h2>1.21.0 (2020-08-06)</h2> <h3>New components</h3> <ul> <li><strong>.ignore</strong> & <strong>.gitignore</strong> & <strong>.hgignore</strong> & <strong>.npmignore</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2481">#2481</a>) <a href="https://github.com/PrismJS/prism/commit/3fcce6fe"><code>3fcce6fe</code></a></li> <li><strong>Agda</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2430">#2430</a>) <a href="https://github.com/PrismJS/prism/commit/3a127c7d"><code>3a127c7d</code></a></li> <li><strong>AL</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2300">#2300</a>) <a href="https://github.com/PrismJS/prism/commit/de21eb64"><code>de21eb64</code></a></li> <li><strong>Cypher</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2459">#2459</a>) <a href="https://github.com/PrismJS/prism/commit/398e2943"><code>398e2943</code></a></li> <li><strong>Dhall</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2473">#2473</a>) <a href="https://github.com/PrismJS/prism/commit/649e51e5"><code>649e51e5</code></a></li> <li><strong>EditorConfig</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2471">#2471</a>) <a href="https://github.com/PrismJS/prism/commit/ed8fff91"><code>ed8fff91</code></a></li> <li><strong>HLSL</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2318">#2318</a>) <a href="https://github.com/PrismJS/prism/commit/87a5c7ae"><code>87a5c7ae</code></a></li> <li><strong>JS stack trace</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2418">#2418</a>) <a href="https://github.com/PrismJS/prism/commit/ae0327b3"><code>ae0327b3</code></a></li> <li><strong>PeopleCode</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2302">#2302</a>) <a href="https://github.com/PrismJS/prism/commit/bd4d8165"><code>bd4d8165</code></a></li> <li><strong>PureBasic</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2369">#2369</a>) <a href="https://github.com/PrismJS/prism/commit/d0c1c70d"><code>d0c1c70d</code></a></li> <li><strong>Racket</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2315">#2315</a>) <a href="https://github.com/PrismJS/prism/commit/053016ef"><code>053016ef</code></a></li> <li><strong>Smali</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2419">#2419</a>) <a href="https://github.com/PrismJS/prism/commit/22eb5cad"><code>22eb5cad</code></a></li> <li><strong>Structured Text (IEC 61131-3)</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2311">#2311</a>) <a href="https://github.com/PrismJS/prism/commit/8704cdfb"><code>8704cdfb</code></a></li> <li><strong>UnrealScript</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2305">#2305</a>) <a href="https://github.com/PrismJS/prism/commit/1093ceb3"><code>1093ceb3</code></a></li> <li><strong>WarpScript</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2307">#2307</a>) <a href="https://github.com/PrismJS/prism/commit/cde5b0fa"><code>cde5b0fa</code></a></li> <li><strong>XML doc (.net)</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2340">#2340</a>) <a href="https://github.com/PrismJS/prism/commit/caec5e30"><code>caec5e30</code></a></li> <li><strong>YANG</strong> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2467">#2467</a>) <a href="https://github.com/PrismJS/prism/commit/ed1df1e1"><code>ed1df1e1</code></a></li> </ul> <h3>Updated components</h3> <ul> <li>Markup & JSON: Added new aliases (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2390">#2390</a>) <a href="https://github.com/PrismJS/prism/commit/9782cfe6"><code>9782cfe6</code></a></li> <li>Fixed several cases of exponential backtracking (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2268">#2268</a>) <a href="https://github.com/PrismJS/prism/commit/7a554b5f"><code>7a554b5f</code></a></li> <li><strong>APL</strong> <ul> <li>Added <code>⍥</code> (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2409">#2409</a>) <a href="https://github.com/PrismJS/prism/commit/0255cb6a"><code>0255cb6a</code></a></li> </ul> </li> <li><strong>AutoHotkey</strong> <ul> <li>Added missing <code>format</code> built-in (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2450">#2450</a>) <a href="https://github.com/PrismJS/prism/commit/7c66cfc4"><code>7c66cfc4</code></a></li> <li>Improved comments and other improvements (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2412">#2412</a>) <a href="https://github.com/PrismJS/prism/commit/ddf3cc62"><code>ddf3cc62</code></a></li> <li>Added missing definitions (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2400">#2400</a>) <a href="https://github.com/PrismJS/prism/commit/4fe03676"><code>4fe03676</code></a></li> </ul> </li> <li><strong>Bash</strong> <ul> <li>Added <code>composer</code> command (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2298">#2298</a>) <a href="https://github.com/PrismJS/prism/commit/044dd271"><code>044dd271</code></a></li> </ul> </li> <li><strong>Batch</strong> <ul> <li>Fix escaped double quote (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2485">#2485</a>) <a href="https://github.com/PrismJS/prism/commit/f0f8210c"><code>f0f8210c</code></a></li> </ul> </li> <li><strong>C</strong> <ul> <li>Improved macros and expressions (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2440">#2440</a>) <a href="https://github.com/PrismJS/prism/commit/8a72fa6f"><code>8a72fa6f</code></a></li> <li>Improved macros (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2320">#2320</a>) <a href="https://github.com/PrismJS/prism/commit/fdcf7ed2"><code>fdcf7ed2</code></a></li> </ul> </li> <li><strong>C#</strong> <ul> <li>Improved pattern matching (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2411">#2411</a>) <a href="https://github.com/PrismJS/prism/commit/7f341fc1"><code>7f341fc1</code></a></li> <li>Fixed adjacent string interpolations (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2402">#2402</a>) <a href="https://github.com/PrismJS/prism/commit/2a2e79ed"><code>2a2e79ed</code></a></li> </ul> </li> <li><strong>C++</strong> <ul> <li>Added support for default comparison operator (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2426">#2426</a>) <a href="https://github.com/PrismJS/prism/commit/8e9d161c"><code>8e9d161c</code></a></li> <li>Improved class name detection (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2348">#2348</a>) <a href="https://github.com/PrismJS/prism/commit/e3fe9040"><code>e3fe9040</code></a></li> <li>Fixed <code>enum class</code> class names (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2342">#2342</a>) <a href="https://github.com/PrismJS/prism/commit/30b4e254"><code>30b4e254</code></a></li> </ul> </li> <li><strong>Content-Security-Policy</strong> <ul> <li>Fixed directives (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2461">#2461</a>) <a href="https://github.com/PrismJS/prism/commit/537a9e80"><code>537a9e80</code></a></li> </ul> </li> <li><strong>CSS</strong> <ul> <li>Improved url and added keywords (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2432">#2432</a>) <a href="https://github.com/PrismJS/prism/commit/964de5a1"><code>964de5a1</code></a></li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PrismJS/prism/commit/187c8a607ee70c7914682870156faa31ed01f001"><code>187c8a6</code></a> 1.21.0</li> <li><a href="https://github.com/PrismJS/prism/commit/bf4f323391d546d4b2e1a388f05c512a27491e9c"><code>bf4f323</code></a> Changelog for v1.21.0 (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2507">#2507</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/8bba4880202ef6bd7a1e379fe9aebe69dd75f7be"><code>8bba488</code></a> Previewers: Fixed XSS (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2506">#2506</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/158caf52343e59a66c2351ff1d83648efe871e33"><code>158caf5</code></a> JSON: Greedy comments (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2479">#2479</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/f0f8210c1a9745c064d49bfb985544c654986b24"><code>f0f8210</code></a> Batch: Fix escaped double quote (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2485">#2485</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/649e51e56250a81dc0b0c4f5b3a4ea23e1c21834"><code>649e51e</code></a> Added support for Dhall (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2473">#2473</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/453079bf96746e0c44f90cb7cd90fcae9a5f94cc"><code>453079b</code></a> Line Numbers: Fixed class name on website</li> <li><a href="https://github.com/PrismJS/prism/commit/a0efa40bde420ac3923947be611ebe6b3f077dce"><code>a0efa40</code></a> Fixed Treeview page (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2484">#2484</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/78161d607fe7d493831ff19759aac951330134a1"><code>78161d6</code></a> VB: Added VBA alias (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2469">#2469</a>)</li> <li><a href="https://github.com/PrismJS/prism/commit/ed1df1e1208401a8b84330ecc39689fa37d0e9f6"><code>ed1df1e</code></a> Added support for YANG (<a href="https://github-redirect.dependabot.com/PrismJS/prism/issues/2467">#2467</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PrismJS/prism/compare/v1.17.1...v1.21.0">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps elliptic from 6.4.1 to 6.5.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/8647803dc3d90506aa03021737f7b061ba959ae1"><code>8647803</code></a> 6.5.3</li> <li><a href="https://github.com/indutny/elliptic/commit/856fe4d99fe7b6200556e6400b3bf585b1721bec"><code>856fe4d</code></a> signature: prevent malleability and overflows</li> <li><a href="https://github.com/indutny/elliptic/commit/60489415e545efdfd3010ae74b9726facbf08ca8"><code>6048941</code></a> 6.5.2</li> <li><a href="https://github.com/indutny/elliptic/commit/9984964457c9f8a63b91b01ea103260417eca237"><code>9984964</code></a> package: bump dependencies</li> <li><a href="https://github.com/indutny/elliptic/commit/ec735edde187a43693197f6fa3667ceade751a3a"><code>ec735ed</code></a> utils: leak less information in <code>getNAF()</code></li> <li><a href="https://github.com/indutny/elliptic/commit/71e4e8e2f5b8f0bdbfbe106c72cc9fbc746d3d60"><code>71e4e8e</code></a> 6.5.1</li> <li><a href="https://github.com/indutny/elliptic/commit/7ec66ffa255079260126d87b1762a59ea10de5ea"><code>7ec66ff</code></a> short: add infinity check before multiplying</li> <li><a href="https://github.com/indutny/elliptic/commit/ee7970b92f388e981d694be0436c4c8036b5d36c"><code>ee7970b</code></a> travis: really move on</li> <li><a href="https://github.com/indutny/elliptic/commit/637d0216b58de7edee4f3eb5641295ac323acadb"><code>637d021</code></a> travis: move on</li> <li><a href="https://github.com/indutny/elliptic/commit/5ed0babb6467cd8575a9218265473fda926d9d42"><code>5ed0bab</code></a> package: update deps</li> <li>Additional commits viewable in <a href="https://github.com/indutny/elliptic/compare/v6.4.1...v6.5.3">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps node-fetch from 2.3.0 to 2.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bitinn/node-fetch/releases">node-fetch's releases</a>.</em></p> <blockquote> <h2>v2.6.1</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v261">CHANGELOG</a> for details.</p> <h2>v2.6.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.6.0/CHANGELOG.md#v260">CHANGELOG</a>.</p> <h2>v2.5.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.5.0/CHANGELOG.md#v250">CHANGELOG</a>.</p> <h2>v2.4.1</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.4.1/CHANGELOG.md#v241">CHANGELOG</a>.</p> <h2>v2.4.0</h2> <p>See <a href="https://github.com/bitinn/node-fetch/blob/v2.4.0/CHANGELOG.md#v240">CHANGELOG</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md">node-fetch's changelog</a>.</em></p> <blockquote> <h2>v2.6.1</h2> <p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p> <ul> <li>Fix: honor the <code>size</code> option after following a redirect.</li> </ul> <h2>v2.6.0</h2> <ul> <li>Enhance: <code>options.agent</code>, it now accepts a function that returns custom http(s).Agent instance based on current URL, see readme for more information.</li> <li>Fix: incorrect <code>Content-Length</code> was returned for stream body in 2.5.0 release; note that <code>node-fetch</code> doesn't calculate content length for stream body.</li> <li>Fix: <code>Response.url</code> should return empty string instead of <code>null</code> by default.</li> </ul> <h2>v2.5.0</h2> <ul> <li>Enhance: <code>Response</code> object now includes <code>redirected</code> property.</li> <li>Enhance: <code>fetch()</code> now accepts third-party <code>Blob</code> implementation as body.</li> <li>Other: disable <code>package-lock.json</code> generation as we never commit them.</li> <li>Other: dev dependency update.</li> <li>Other: readme update.</li> </ul> <h2>v2.4.1</h2> <ul> <li>Fix: <code>Blob</code> import rule for node < 10, as <code>Readable</code> isn't a named export.</li> </ul> <h2>v2.4.0</h2> <ul> <li>Enhance: added <code>Brotli</code> compression support (using node's zlib).</li> <li>Enhance: updated <code>Blob</code> implementation per spec.</li> <li>Fix: set content type automatically for <code>URLSearchParams</code>.</li> <li>Fix: <code>Headers</code> now reject empty header names.</li> <li>Fix: test cases, as node 12+ no longer accepts invalid header response.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/node-fetch/node-fetch/commit/b5e2e41b2b50bf2997720d6125accaf0dd68c0ab"><code>b5e2e41</code></a> update version number</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/2358a6c2563d1730a0cdaccc197c611949f6a334"><code>2358a6c</code></a> Honor the <code>size</code> option after following a redirect and revert data uri support</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/8c197f8982a238b3c345c64b17bfa92e16b4f7c4"><code>8c197f8</code></a> docs: Fix typos and grammatical errors in README.md (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/686">#686</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1e99050f944ac435fce26a9549eadcc2419a968a"><code>1e99050</code></a> fix: Change error message thrown with redirect mode set to error (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/653">#653</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/244e6f63d42025465796e3ca4ce813bf2c31fc5b"><code>244e6f6</code></a> docs: Show backers in README</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/6a5d192034a0f438551dffb6d2d8df2c00921d16"><code>6a5d192</code></a> fix: Properly parse meta tag when parameters are reversed (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/682">#682</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/47a24a03eb49a49d81b768892aee10074ed54a91"><code>47a24a0</code></a> chore: Add opencollective badge</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/7b136627c537cb24430b0310638c9177a85acee1"><code>7b13662</code></a> chore: Add funding link</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/5535c2ed478d418969ecfd60c16453462de2a53f"><code>5535c2e</code></a> fix: Check for global.fetch before binding it (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/674">#674</a>)</li> <li><a href="https://github.com/node-fetch/node-fetch/commit/1d5778ad0d910dbd1584fb407a186f5a0bc1ea22"><code>1d5778a</code></a> docs: Add Discord badge</li> <li>Additional commits viewable in <a href="https://github.com/bitinn/node-fetch/compare/v2.3.0...v2.6.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~akepinski">akepinski</a>, a new releaser for node-fetch since your current version.</p> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Before that:

yarn upgrade eslint to fix eslint-utils vuln

See https://github.com/josephfrazier/Reported-Web/network/alert/yarn.lock/eslint-utils/open

Upgrade lodash.template to fix vuln

See https://github.com/josephfrazier/Reported-Web/network/alert/yarn.lock/lodash.template/open and https://github.com/yarnpkg/yarn/issues/4986#issuecomment-467558472

Bumps tree-kill from 1.2.1 to 1.2.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pkrumins/node-tree-kill/commit/cb478381547107f5c53362668533f634beff7e6e"><code>cb47838</code></a> 1.2.2</li> <li><a href="https://github.com/pkrumins/node-tree-kill/commit/deee138a8cbc918463d8af5ce8c2bec33c3fd164"><code>deee138</code></a> fix: handle sanitising better, add tests</li> <li><a href="https://github.com/pkrumins/node-tree-kill/commit/ff73dbf144c4c2daa67799a50dfff59cd455c63c"><code>ff73dbf</code></a> fix: sanitise pid parameter (<a href="https://github-redirect.dependabot.com/pkrumins/node-tree-kill/issues/31">#31</a>)</li> <li><a href="https://github.com/pkrumins/node-tree-kill/commit/3b5b8feeb3175a3e16ea7e0e09fdf5b8d2b87b08"><code>3b5b8fe</code></a> update Changelog</li> <li>See full diff in <a href="https://github.com/pkrumins/node-tree-kill/compare/v1.2.1...v1.2.2">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps puppeteer from 1.7.0 to 1.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/puppeteer/puppeteer/releases">puppeteer's releases</a>.</em></p> <blockquote> <h2>v1.13.0</h2> <h2>Big Changes</h2> <ul> <li>Chromium 74.0.3723.0 (r637110)</li> </ul> <h2>API Changes</h2> <p>No API changes.</p> <h2>Bug Fixes</h2> <ul> <li><a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/3762">#3762</a> - uploadFile in puppeteer-firefox</li> <li><a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/3889">#3889</a> - firefox: merge Puppeteer-Firefox tests with Puppeteer tests</li> <li><a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4011">#4011</a> - Page.Content freezes without error after running 101 times</li> <li><a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4102">#4102</a> - Firefox macOS installation fails</li> </ul> <h2>Raw Notes</h2> <p>ba5f94d - test: disable flaky cookies test (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4112">#4112</a>) 02b2451 - fix: check if async error has a stack (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4017">#4017</a>) 9db09fe - test: add test to validate redirecting in request.respond (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4106">#4106</a>) c68df32 - test: add failing test for bad request interception (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4108">#4108</a>) 02859c3 - feat(chromium): roll Chromium to r637110 (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4099">#4099</a>) bc28f3b - fix(firefox): fix executablePath() on OSX (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4105">#4105</a>) c9f6a3d - chore(firefox): bump version to v0.5.0 (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4089">#4089</a>) a6d8ecc - fix(firefox): keyboard tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4082">#4082</a>) e8a4963 - test: cleanup tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4078">#4078</a>) dae998e - fix(firefox): enable domains in a proper order (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4077">#4077</a>) 9ef23b1 - feat(firefox): implement cookies api (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4076">#4076</a>) 03d06f5 - feat(firefox): page.accessibility.snapshot() (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4071">#4071</a>) f21486f - feat(firefox): implement Page.touchscreen (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4070">#4070</a>) 3541b89 - test: split out all chromium-specific tests into chromiumonly.spec.js (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4068">#4068</a>) 77a4ea5 - test: split out fixture tests and make them work with FF (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4067">#4067</a>) d04a8d5 - refactor(firefox): split out DOMWorld (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4066">#4066</a>) 4ecbd91 - refactor(firefox): migrate onto ExecutionContext events (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4064">#4064</a>) 56dafd7 - feat: support Response.buffer(), Response.json() and Response.text() (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4063">#4063</a>) 3bea5d6 - feat(firefox): implement browserContext.overridePermissions (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4060">#4060</a>) f1a14fe - feat(firefox): support elementHandle.uploadFile (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4058">#4058</a>) 1315dc8 - feat(firefox): support Page.emualteMedia (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4056">#4056</a>) 5c81836 - feat(firefox): implement page.exposeFunction (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4052">#4052</a>) 7d39aca - test: split out test for "text" option of ElementHandle.press (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4051">#4051</a>) ed984ac - chore(firefox): kill original puppeteer-firefox tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4047">#4047</a>) fbf91cc - test(firefox): move AX tests to Chrome-only (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4042">#4042</a>) a0fd2ce - fix(firefox): enable more tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4037">#4037</a>) 03c542a - feat(firefox): implement missing launcher options (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4036">#4036</a>) 719ee5a - feat(firefox): support page.setExtraHTTPHeaders (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4035">#4035</a>) c118b20 - feat(firefox): basic request interception support (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4034">#4034</a>) 3b18092 - refactor(firefox): migrate onto Juggler flatten protocol (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4033">#4033</a>) 4a4793a - feat(firefox): support Browser.target() (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4028">#4028</a>) ea482c4 - fix(firefox): properly cleanup networkmanager (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4024">#4024</a>)</p> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/puppeteer/puppeteer/commit/77a969419ec71f8834ec4b511b63bd77d2f5c816"><code>77a9694</code></a> chore: mark version v1.13.0 (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4114">#4114</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/ba5f94d2b00769c10051f78fdddb1b2c5657bb95"><code>ba5f94d</code></a> test: disable flaky cookies test (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4112">#4112</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/02b2451db5d8134bb860f7616e4b58185f15766b"><code>02b2451</code></a> fix: check if async error has a stack (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4017">#4017</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/9db09fe7e977e7871c24aa41fae0d7902dca3d79"><code>9db09fe</code></a> test: add test to validate redirecting in request.respond (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4106">#4106</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/c68df320f87ebdcc962c66084dcee7f83cab842f"><code>c68df32</code></a> test: add failing test for bad request interception (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4108">#4108</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/02859c3c6d408b871a463eec46fa6d03b4b5667d"><code>02859c3</code></a> feat(chromium): roll Chromium to r637110 (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4099">#4099</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/bc28f3b3dc42105e4214402fd16aaeea06e77f8b"><code>bc28f3b</code></a> fix(firefox): fix executablePath() on OSX (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4105">#4105</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/c9f6a3d064adf1e14bb736ea55c472df90ca4e02"><code>c9f6a3d</code></a> chore(firefox): bump version to v0.5.0 (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4089">#4089</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/a6d8ecce6fbf3582359f6e75feae6e8d637d40c3"><code>a6d8ecc</code></a> fix(firefox): keyboard tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4082">#4082</a>)</li> <li><a href="https://github.com/puppeteer/puppeteer/commit/e8a49633d971fab4da6fab32a5729aec390b2329"><code>e8a4963</code></a> test: cleanup tests (<a href="https://github-redirect.dependabot.com/puppeteer/puppeteer/issues/4078">#4078</a>)</li> <li>Additional commits viewable in <a href="https://github.com/puppeteer/puppeteer/compare/v1.7.0...v1.13.0">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps decompress from 4.2.0 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kevva/decompress/releases">decompress's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <ul> <li>Prevent directory traversal (<a href="https://github-redirect.dependabot.com/kevva/decompress/issues/73">#73</a>) 967146e</li> </ul> <p><a href="https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1">https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kevva/decompress/commit/84a8c1046946add1a6ae01c54dbebf312e4ffc85"><code>84a8c10</code></a> 4.2.1</li> <li><a href="https://github.com/kevva/decompress/commit/fafff47880cb5b47b022cd7be5542d576448603a"><code>fafff47</code></a> Meta tweaks</li> <li><a href="https://github.com/kevva/decompress/commit/967146e70f48be32ed1a69daa3941d681944d513"><code>967146e</code></a> Prevent directory traversal (<a href="https://github-redirect.dependabot.com/kevva/decompress/issues/73">#73</a>)</li> <li><a href="https://github.com/kevva/decompress/commit/74a462a139cc2561b6695e696266c8dc31562d3d"><code>74a462a</code></a> Meta tweaks</li> <li><a href="https://github.com/kevva/decompress/commit/7ddadd92139079e520cb822a03fe4260b7db7676"><code>7ddadd9</code></a> Add note about <code>filter</code> option</li> <li>See full diff in <a href="https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps decompress from 4.2.0 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kevva/decompress/releases">decompress's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <ul> <li>Prevent directory traversal (<a href="https://github-redirect.dependabot.com/kevva/decompress/issues/73">#73</a>) 967146e</li> </ul> <p><a href="https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1">https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kevva/decompress/commit/84a8c1046946add1a6ae01c54dbebf312e4ffc85"><code>84a8c10</code></a> 4.2.1</li> <li><a href="https://github.com/kevva/decompress/commit/fafff47880cb5b47b022cd7be5542d576448603a"><code>fafff47</code></a> Meta tweaks</li> <li><a href="https://github.com/kevva/decompress/commit/967146e70f48be32ed1a69daa3941d681944d513"><code>967146e</code></a> Prevent directory traversal (<a href="https://github-redirect.dependabot.com/kevva/decompress/issues/73">#73</a>)</li> <li><a href="https://github.com/kevva/decompress/commit/74a462a139cc2561b6695e696266c8dc31562d3d"><code>74a462a</code></a> Meta tweaks</li> <li><a href="https://github.com/kevva/decompress/commit/7ddadd92139079e520cb822a03fe4260b7db7676"><code>7ddadd9</code></a> Add note about <code>filter</code> option</li> <li>See full diff in <a href="https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

This URL no longer works: https://services5.arcgis.com/GfwWNkhOj9bNBqoJ/arcgis/rest/services/nybb/FeatureServer/0/query?where=1=1&outFields=*&outSR=4326&f=geojson

So I found it on https://archive.is/kGPGG and copied it into the repo. See commit 88cbbd9424a977d386682903a0de499f202b7a49 for where we first started using it.

This URL no longer works: https://services5.arcgis.com/GfwWNkhOj9bNBqoJ/arcgis/rest/services/nybb/FeatureServer/0/query?where=1=1&outFields=*&outSR=4326&f=geojson

So I found it on https://archive.is/kGPGG and copied it into the repo. See commit 88cbbd9424a977d386682903a0de499f202b7a49 for where we first started using it.

Just published v0.2.0, thanks again for the contribution! https://www.npmjs.com/package/editorconfig-to-prettier/v/0.2.0

Description

This PR proposes to read editorconfig's insert_final_newline when it is set to false.

Motivation

I know this PR might sound odd. Because Prettier follows unix guideline regarding the final newline (Prettier doc reference).

Yet, handlebars / glimmer does not follow this standard (see reference here) because it would insert empty nodes at the bottom of the component's file.

So for now Prettier respects this handlebars choice and remove the final newline. But this is somehow inconsistent with other languages and it creates discussion / lack of understanding etc. One possibility could be to respect instead the user choice made with .editorconfig's insert_final_newline option. Hence this PR.

In a follow-up, we'd use that insertFinalNewline option in handlebars printer to insert or remove the final newline.

Links

• a closed (unmerged) PR to add newlines at the end of handlebars files

Makes sense to me, I'll go ahead and merge this, and likely release a new version as well. Will keep you posted 👍

Oh, I see. I think that since this function expects an already-parsed editorconfig object, it's safe to assume that the values will be valid, so I don't want to worry about testing invalid values. Thanks for removing the extra tests.

Do you think we need this test at all? Not sure how realistic this scenario is...

@dependabot squash and merge

@dependabot squash and merge

@willmendesneto can you clarify how it has already been added? There haven't been any commits to this repository since this issue was opened.

This simply upgrades dependencies to avoid using:

1. os.tmpDir()
2. options.customFds in child_process

Note: The following tests failed for me locally (even before these changes), despite having ~/.zuulrc as well as SAUCE_USERNAME and SAUCE_ACCESS_KEY:

• mocha-qunit - phantom
• mocha-qunit - sauce
• mocha-bdd - phantom
• tape - phantom

After commenting them out, the remaining tests pass.

EDIT: After a little digging, I found the failure to be caused by this error:

You may not run more than 2 tunnels over a single ngrok session without an account.
You may increase this limit by signing up and upgrading.
The tunnels already running on this session are:

    - https://a8574938.ngrok.io
    - http://229b2f08.ngrok.io
    - http://a8574938.ngrok.io

Sign up at: https://ngrok.com/signup

If you have already signed up, make sure your authtoken is installed.
Your authtoken is available on your dashboard: https://dashboard.ngrok.com

ERR_NGROK_323

After signing up and following the authtoken instructions, I got a little further, until I hit this error:

Your account may not run more than 4 tunnels over a single ngrok client session.
The tunnels already running on this session are:

    - https://e3a7d2e7.ngrok.io
    - http://6f189147.ngrok.io
    - https://6f189147.ngrok.io
    - http://4e78fb86.ngrok.io
    - http://2332a103.ngrok.io
    - https://724ae5e0.ngrok.io
    - http://fbae9ae5.ngrok.io


ERR_NGROK_324

I don't really feel like paying for ngrok right now, so I tried to use localtunnel instead, by applying this patch:

<details>

diff --git a/test/integration/capabilities.js b/test/integration/capabilities.js
index 505caf6..d23247f 100644
--- a/test/integration/capabilities.js
+++ b/test/integration/capabilities.js
@@ -10,7 +10,6 @@ test('capabilities config', function(done) {
                 public: 'private'
             }
         },
-        tunnel: 'ngrok'
     };
 
     var zuul = Zuul(config);
diff --git a/test/integration/jamine-phantom.js b/test/integration/jamine-phantom.js
index c108b77..dfba19a 100644
--- a/test/integration/jamine-phantom.js
+++ b/test/integration/jamine-phantom.js
@@ -12,7 +12,6 @@ test('jasmine - phantom', function(done) {
         phantom: true,
         concurrency: 1,
         files: [__dirname + '/../fixtures/jasmine/test.js'],
-        tunnel: 'ngrok'
     };
 
     var zuul = Zuul(config);
diff --git a/test/integration/mocha-qunit-phantom.js b/test/integration/mocha-qunit-phantom.js
index 8ba2e30..043325b 100644
--- a/test/integration/mocha-qunit-phantom.js
+++ b/test/integration/mocha-qunit-phantom.js
@@ -12,7 +12,6 @@ test('mocha-qunit - phantom', function(done) {
         phantom: true,
         concurrency: 1,
         files: [__dirname + '/../fixtures/mocha-qunit/test.js'],
-        tunnel: 'ngrok'
     };
     var zuul = Zuul(config);
 
diff --git a/test/integration/mocha-qunit-sauce.js b/test/integration/mocha-qunit-sauce.js
index ef0092a..4c94576 100644
--- a/test/integration/mocha-qunit-sauce.js
+++ b/test/integration/mocha-qunit-sauce.js
@@ -14,7 +14,6 @@ test('mocha-qunit - sauce', function(done) {
         username: auth.username,
         concurrency: 5,
         key: auth.key,
-        tunnel: 'ngrok'
     };
 
     var zuul = Zuul(config);
diff --git a/test/integration/mochabdd-phantom.js b/test/integration/mochabdd-phantom.js
index 9435d02..31f8241 100644
--- a/test/integration/mochabdd-phantom.js
+++ b/test/integration/mochabdd-phantom.js
@@ -12,7 +12,6 @@ test('mocha-bdd - phantom', function(done) {
         phantom: true,
         concurrency: 1,
         files: [__dirname + '/../fixtures/mocha-bdd/test.js'],
-        tunnel: 'ngrok'
     };
 
     var zuul = Zuul(config);
diff --git a/test/integration/tape-phantom.js b/test/integration/tape-phantom.js
index 2e382b5..47b918a 100644
--- a/test/integration/tape-phantom.js
+++ b/test/integration/tape-phantom.js
@@ -13,7 +13,6 @@ test('tape - phantom', function(done) {
         phantom: true,
         concurrency: 1,
         files: [__dirname + '/../fixtures/tape/test.js'],
-        tunnel: 'ngrok'
     };
 
     var zuul = Zuul(config);

</details>

However, localtunnel seems to get caught in a loop of repeatedly printing:

  zuul:sauce:internet explorer:8 waiting for test results from https://wtyfrtgyzz.localtunnel.me/__zuul +2s
  zuul:sauce:internet explorer:8 res.length: 0 +288ms
  zuul:sauce:internet explorer:8 fetching more results +0ms

This should make it possible to simply push to Heroku and have it build/run the app, instead of needing to run yarn deploy manually.

Similarly, things like review apps and auto-deploy from master should also work.

https://devcenter.heroku.com/articles/nodejs-support#heroku-specific-build-steps https://devcenter.heroku.com/articles/nodejs-support#default-web-process-type https://devcenter.heroku.com/articles/github-integration

Bumps handlebars from 4.0.10 to 4.7.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md">handlebars's changelog</a>.</em></p> <blockquote> <h2>v4.7.6 - April 3rd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1672">#1672</a> - Switch cmd parser to latest minimist (<a href="https://api.github.com/users/dougwilson">@dougwilson</a></li> </ul> <p>Compatibility notes:</p> <ul> <li>Restored Node.js compatibility</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.5...v4.7.6">Commits</a></p> <h2>v4.7.5 - April 2nd, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><del>Node.js version support has been changed to v6+</del> Reverted in 4.7.6</li> </ul> <p>Compatibility notes:</p> <ul> <li><del>Node.js < v6 is no longer supported</del> Reverted in 4.7.6</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.4...v4.7.5">Commits</a></p> <h2>v4.7.4 - April 1st, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1666">#1666</a> - Replaced minimist with yargs for handlebars CLI (<a href="https://api.github.com/users/aorinevo">@aorinevo</a>, <a href="https://api.github.com/users/AviVahl">@AviVahl</a> & <a href="https://api.github.com/users/fabb">@fabb</a>)</li> </ul> <p>Compatibility notes:</p> <ul> <li>No incompatibilities are to be expected</li> </ul> <p><a href="https://github.com/wycats/handlebars.js/compare/v4.7.3...v4.7.4">Commits</a></p> <h2>v4.7.3 - February 5th, 2020</h2> <p>Chore/Housekeeping:</p> <ul> <li><a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1644">#1644</a> - Download links to aws broken on handlebarsjs.com - access denied (<a href="https://api.github.com/users/Tea56">@Tea56</a>)</li> <li>Fix spelling and punctuation in changelog - d78cc73</li> </ul> <p>Bugfixes:</p> <ul> <li>Add Type Definition for Handlebars.VERSION, Fixes <a href="https://github-redirect.dependabot.com/wycats/handlebars.js/issues/1647">#1647</a> - 4de51fe</li> <li>Include Type Definition for runtime.js in Package - a32d05f</li> </ul> <p>Compatibility notes:</p> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/e6ad93ea01bcde1f8ddaa4b4ebe572dd616abfaa"><code>e6ad93e</code></a> v4.7.6</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/2bf4fc6fd3ae3d8f076d628653f284d85faebeb4"><code>2bf4fc6</code></a> Update release notes</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/b64202bc9197307bd785a58693e3820eb9bb41a8"><code>b64202b</code></a> Update release-notes.md</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/c2f1e6203178918569f085e12afdb762cae17fb0"><code>c2f1e62</code></a> Switch cmd parser to latest minimist</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/08e9a11a34c3ad8387a0b85b1334f97cab85191a"><code>08e9a11</code></a> Revert "chore: set Node.js compatibility to v6+"</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/1fd2edee2a12fb228061fcde807905c6b14339c4"><code>1fd2ede</code></a> v4.7.5</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/3c9c2f5cf29cf10f54d5fe4daca6b24b65f0adcf"><code>3c9c2f5</code></a> Update release notes</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/16487a088e13f4d52c6fd6610b9ec71c4a51be8a"><code>16487a0</code></a> chore: downgrade yargs to v14</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/309d2b49a11628d2a8f052c5587e7459968cd705"><code>309d2b4</code></a> chore: set Node.js compatibility to v6+</li> <li><a href="https://github.com/handlebars-lang/handlebars.js/commit/645ac73844918668f9a2f41e49b7cb18ce5abf36"><code>645ac73</code></a> test: fix integration tests</li> <li>Additional commits viewable in <a href="https://github.com/wycats/handlebars.js/compare/v4.0.10...v4.7.6">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~erisds">erisds</a>, a new releaser for handlebars since your current version.</p> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps lodash.template from 4.4.0 to 4.5.0. <details> <summary>Commits</summary>

• ab73503 Bump to v4.5.0.
• a4f7d4c Rebuild lodash and docs.
• cca5ac6 Fix npm-test by removing the call to test-docs.
• 9f7f9fc Adjust heading order. [ci skip]
• 6e2fb92 Remove unused baseArity.
• 4f702e2 Specify utf8 encoding.
• b188f90 Add fp tests for iteratee shorthands.
• 7b93dc9 Ensure clone methods clone expando properties of boolean, number, & string ob...
• 664d66a Make string tests more consistent.
• d9dc0e6 Add _.invertBy tests.
• Additional commits viewable in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps react-dev-utils from 4.1.0 to 4.2.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/facebook/create-react-app/commits/HEAD/packages/react-dev-utils">compare view</a></li> </ul> </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

Bumps tar from 2.2.1 to 2.2.2. <details> <summary>Commits</summary>

• 523c5c7 2.2.2
• 7ecef07 Bump fstream to fix hardlink overwriting vulnerability
• 9fc84b9 Use {} for hardlink tracking instead of []
• 15e59f1 Only track previously seen hardlinks
• 4f85851 Ignore potentially unsafe files
• See full diff in compare view </details> <br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>