Bump debug, browser-sync and critical

[dependabot]

Bumps debug to 3.1.0 and updates ancestor dependencies debug, browser-sync and critical. These dependencies need to be updated together.

Updates debug from 2.2.0 to 3.1.0

Release notes

Sourced from debug's releases.

3.1.0

Minor Changes

• Ignore package-lock.json: e7e568a24736486721882282eb21beb31c741647
• Remove component.json: 47747f329fe159e94262318b52b87a48f6c0acd4
• Remove "component" from package.json: bdb7e0137f84dc8bcfc95daede7c694799d38dbf
• Add DEBUG_HIDE_DATE env var: #486

Patches

• Correct spelling mistake: daf1a7c8c0f62f5dbc8d48158d6748d0527cc551
• Examples: fix colors printout: 7cd9e539ce571fc3314d34d9d1dac3124839dbac
• Fix browser detection: fdfa0f5f6cc7e83fd60b6cf1e7b990cbf6388621
• Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​amejiarosario and @​zhuangya for their help!

3.0.0

Featuring pretty new colors!

Major Changes

• Remove DEBUG_FD: #406
• Make millisecond timer namespace specific and allow 'always enabled' output: #408
• Use Date#toISOString() instead to Date#toUTCString() when output is not a TTY: #418
• enabled() updates existing debug instances: #440

Minor Changes

• Add destroy() function: #440
• Document enabled flag: #465
• Support 256 colors: #481
• Update "browserify" to v14.4.0: 826fd94639efeaa3c5701b50d335caead084a5d6
• Separate Node.js and web browser examples: 87880f6ae1f48b12d9f3346bce564a66cba6b93e
• Example: use %o formatter: 31f3343de76cb8687041387a1b811745c6e84473
• More readme screenshots replaced: 25eb545324912dd2863658d0ba35426c0f617619
• Add Namespace Colors section to readme: 8b5c438a222167bd0cc66db046bac073f01b3c01
• Separate the Node and Browser tests in Travis: f178d861df18abacac6e9e4607c7306a1147bf3d

Patches

• Readme: fix typo: #473
• Component: update "ms" to v2.0.0: d2dd80aeaf1b037f0b3be21838c4594bbedc4a9c

Credits

... (truncated)

Changelog

Sourced from debug's changelog.

3.1.0 / 2017-09-26

• Add DEBUG_HIDE_DATE env var (#486)
• Remove ReDoS regexp in %o formatter (#504)
• Remove "component" from package.json
• Remove component.json
• Ignore package-lock.json
• Examples: fix colors printout
• Fix: browser detection
• Fix: spelling mistake (#496, @​EdwardBetts)

3.0.1 / 2017-08-24

• Fix: Disable colors in Edge and Internet Explorer (#489)

3.0.0 / 2017-08-08

• Breaking: Remove DEBUG_FD (#406)
• Breaking: Use Date#toISOString() instead to Date#toUTCString() when output is not a TTY (#418)
• Breaking: Make millisecond timer namespace specific and allow 'always enabled' output (#408)
• Addition: document enabled flag (#465)
• Addition: add 256 colors mode (#481)
• Addition: enabled() updates existing debug instances, add destroy() function (#440)
• Update: component: update "ms" to v2.0.0
• Update: separate the Node and Browser tests in Travis-CI
• Update: refactor Readme, fixed documentation, added "Namespace Colors" section, redid screenshots
• Update: separate Node.js and web browser examples for organization
• Update: update "browserify" to v14.4.0
• Fix: fix Readme typo (#473)

2.6.9 / 2017-09-22

• remove ReDoS regexp in %o formatter (#504)

2.6.8 / 2017-05-18

• Fix: Check for undefined on browser globals (#462, @​marbemac)

2.6.7 / 2017-05-16

• Fix: Update ms to 2.0.0 to fix regular expression denial of service vulnerability (#458, @​hubdotcom)
• Fix: Inline extend function in node implementation (#452, @​dougwilson)
• Docs: Fix typo (#455, @​msasad)

... (truncated)

Commits

• f073e05 Release 3.1.0
• 2c0df9b rename DEBUG_HIDE_TTY_DATE to DEBUG_HIDE_DATE
• dcb37b2 Merge branch '2.x'
• 56a3853 Add DEBUG_HIDE_TTY_DATE env var (#486)
• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (#504)
• bdb7e01 remove "component" from package.json
• c38a016 remove ReDoS regexp in %o formatter (#504)
• 47747f3 remove component.json
• a0601e5 fix
• Additional commits viewable in compare view

Updates browser-sync from 2.18.13 to 2.29.1

Release notes

Sourced from browser-sync's releases.

The one that restores IE11 support 💪

What's Changed

• fix ie11 by @​shakyShane in BrowserSync/browser-sync#2024

esbuild does not support down-level transpiling as far as IE11 - so when I switched to it, it accidentally broke IE11 support 😢

This is an important issue for me - many devs that support old browsers like IE11 are doing so because their projects are used in public services, or internal applications. Not every developer out there has the luxury of supporting evergreen-only browsers.

So, IE11 will work once again 🎉. Please use the issues thread to make me aware of any problem that's preventing you from using Browsersync in your day job 💪 (and be sure to thumbs-up the issues you want to see resolved)

# IE11 works, again
npm install browser-sync@latest

Full Changelog: BrowserSync/browser-sync@v2.28.3...v2.29.0

the one that finally removes document.write

What's Changed

• browser-sync-2017 use chalk everywhere by @​shakyShane in BrowserSync/browser-sync#2018
• fix: remove document.write by @​shakyShane in BrowserSync/browser-sync#2019

Full Changelog: BrowserSync/browser-sync@v2.27.12...v2.28.0

2.27.9

What's Changed

• fix(cli): Where's the command help? fixes #1929 by @​shakyShane in BrowserSync/browser-sync#1945

A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

Full Changelog: BrowserSync/browser-sync@v2.27.8...v2.27.9

2.27.8

This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

PR:

• BrowserSync/browser-sync@58ab4ab

Resolved Issues:

• BrowserSync/browser-sync#1850
• BrowserSync/browser-sync#1892
• BrowserSync/browser-sync#1925
• BrowserSync/browser-sync#1926
• BrowserSync/browser-sync#1933

... (truncated)

Changelog

Sourced from browser-sync's changelog.

2.23.1 (2018-01-01)

2.8.2 (2015-07-31)

Bug Fixes

• https: add newly generated ssl self-signed certs that will expire for 10 years - fixes (45104a7), closes #750

2.8.1 (2015-07-28)

Bug Fixes

• web-sockets: Use separate server for web sockets in proxy mode - fixes #625 (40017b4), closes #625

Features

• serve-static: Added option serveStatic to allow proxy/snippet mode to easily serve local fil (384ef67)

2.7.13 (2015-06-28)

Bug Fixes

• snippet: Allow async attribute to be removed from snippet with snippetOptions.async = fal (c32bec6), closes #670
• socket-options: allow socket.domain string|fn for setting domain only on socket path - fixes #69 (5157432), closes #690

Features

• api: expose sockets to public api (985682c)

2.7.12 (2015-06-17)

Bug Fixes

• client-script: allow proxy to also use client script middleware (c5fdbbf)
• client-script: serve cached/gzipped client JS file - fixes #657 (dbe9ffe), closes #657

... (truncated)

Commits

• 6ffc212 v2.29.1
• 7b07798 v2.29.1-alpha.0
• 497f216 remove client deps
• bed04d4 v2.29.0
• 87421b5 fix: ie11 support (#2024)
• 59eb01a v2.28.3
• 3fd2720 v2.28.2
• 8487a85 bump logger (#2026)
• a841795 chalk as main dep - fixes #2021 (#2025)
• 9ea395f v2.28.1
• Additional commits viewable in compare view

Updates critical from 1.0.0 to 1.3.10

Release notes

Sourced from critical's releases.

v1.3.10

• CI: switch to actions/checkout@v2 b9c17ef

addyosmani/critical@v1.3.9...v1.3.10

v1.3.9

• 1.x: use destructuring when importing lodash (#433) bd24282

addyosmani/critical@v1.3.8...v1.3.9

Thanks @​XhmikosR

v1.3.8

• Update dependencies. (#431) b5cd07d
• fix: backport #415 fix to 1.x (#430) 9ee2632
• [1.x] Update dependencies. (#419) bb601a9
• ES6-ify (#427) 4da2919

addyosmani/critical@v1.3.7...v1.3.8

Thanks @​XhmikosR

v1.3.7

• Update dependencies. (#410) 96bc0eb
• Switch to GitHub Actions CI. (#403) d46b599
• Update dependencies. 672e680

addyosmani/critical@v1.3.6...v1.3.7

v1.3.6

• Skip the PAGE_UNLOADED_DURING_EXECUTION` tests. (#393) 54a1cb7
• Skip the PAGE_UNLOADED_DURING_EXECUTION` tests. bf51c17

addyosmani/critical@v1.3.5...v1.3.6

v1.3.5

• README.md: Optimize and add the preview image to the repo (#388) 6959f4f
• Clean up .gitignore. (#384) 5e412de
• Update test files. 26e05c2
• Separate npm scripts. 8ced8fe
• Fix PostCSS warning. dab82a4
• Move get-port to devDependencies. 537256a
• Update AppVeyor config from master. 1fadc30
• Update Travis config from master. 440d613
• Fix tests on Windows. (#330) 25ee370
• Lint. 1c2e7ba
• Update all dependencies to their safe versions. 0825d31
• Remove yarn.lock. 4e4ce13

addyosmani/critical@v1.3.4...v1.3.5

... (truncated)

Changelog

Sourced from critical's changelog.

v2.0.0 / 2020-06-16

• Drop support for Node.js < 10
• Bump dependencies
• Use Jest for testing
• Drop include and timeout options as they can be specified in the penthouse options.
• Drop options styleTarget & dest in favour of target You can specify either a css file, an html file or an object {css: dest.css, html: dest.html} if you want to store both. We may also add an extract target here in a future release.
• Drop options destFolder, folder and pathPrefix. We tried our best to improve the way critical auto-detects the paths to used assets in the critical css which should suit for most cases. If this doesn't work out you can use the new rebase option to either specify the location of the css & the html file like this: {from: '/styles/main.css', to: '/en/test.html'}. You can also pass a callback function to dynamically compute the path or specify a cdn for example. We utilize postcss-url for this task.
• Due to some limitations with modern css features we replaced filter-css as the library of choice for handling ignores with postcss-discard. We tried to keep things backwards compatible but you may have to change your ignore configuration.
• Add concurrency option to specify how many operations can run in parallel.
• Add the ability to specify used css files using file globs. See supported minimatch patterns.

v1.3.4 / 2018-07-19

• fix: return Promise.reject instead of re-throw
• fix: handle PAGE_UNLOADED_DURING_EXECUTION error (#314)
• output warning on invalid extract setting
• Add user agent option (#316)
• Bump dependencies
• npm audit fix

v1.3.3 / 2018-06-06

• Bump dependencies
• Docs: fix typo (#310)
• Reduced vulnerabilities (#308)

v1.3.2 / 2018-05-15

• Switched to async-exit-hook

v1.3.1 / 2018-05-14

• Bump dependencies
• Removed process.exit on cleanup
• Adding html-webpack-critical-plugin to README (#306)

v1.3.0 / 2018-05-02

• Add basic auth option (#295)

v1.2.2 / 2018-04-02

• Improved handling of protocol-relative asset URLs (#288)
• Adjust test files according to (#293)
• Improve error reporting (#258)
• Replace gutil with fancy-log (#297)
• Update README.md (#296)

... (truncated)

Commits

• 8913aab 1.3.10
• b9c17ef CI: switch to actions/checkout@v2
• 08d3db2 1.3.9
• bd24282 1.x: use destructuring when importing lodash (#433)
• 6512fd2 1.3.8
• b5cd07d Update dependencies. (#431)
• 9ee2632 fix: backport #415 fix to 1.x (#430)
• bb601a9 [1.x] Update dependencies. (#419)
• 4da2919 ES6-ify (#427)
• 81bd877 1.3.7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.