build(deps): bump the npm_and_yarn group across 3 directories with 14 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the /tools/clang-format directory: minimatch and path-parse.
Bumps the npm_and_yarn group with 3 updates in the /tools/doc directory: remark-html, nth-check and unist-util-select.
Bumps the npm_and_yarn group with 11 updates in the /tools/node-lint-md-cli-rollup directory:

Package	From	To
minimatch	3.0.4	3.1.2
path-parse	1.0.6	1.0.7
debug	4.1.1	4.3.7
rollup	1.30.1	3.29.5
ansi-regex	5.0.0	5.0.1
braces	3.0.2	3.0.3
glob-parent	5.1.0	5.1.2
ini	1.3.5	1.3.8
json5	2.1.1	2.2.3
minimist	1.2.0	1.2.8
shelljs	0.8.3	0.8.5

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates path-parse from 1.0.6 to 1.0.7

Commits

• See full diff in compare view

Updates remark-html from 7.0.0 to 13.0.2

Release notes

Sourced from remark-html's releases.

13.0.2

• b0b1ba5 Fix to sanitize by default The docs have always said remark-html is safe by default. It wasn’t and this patches that.

  If you do want to be unsafe, use remark-html with sanitize: false:

  -  .use(remarkHtml)
  +  .use(remarkHtml, {sanitize: false})

Full Changelog: remarkjs/remark-html@13.0.1...13.0.2

13.0.1

• 7a8cb0e Update mdast-util-to-hast

13.0.0

• 0b1cd0a Change to comply to CommonMark (breaking, potentially, if you have duplicate definitions)

12.0.0

• 87d88f7 Add types (breaking, potentially, if you or your dependents use typescript)

11.0.2

• faf7d1f Rename internal method

11.0.1

• e370aa5 Fix deprecation warning

11.0.0

• 7781ead Update mdast-util-to-hast (breaking, potentially, if you or your dependents use typescript)
• 558d4ad Update hast-util-to-html (breaking, potentially, if you or your dependents use typescript)
• a58bda6 Refactor prose
• 3d726a4 Add notes on security

10.0.0

• 06628d8 Update hast-util-sanitize (see hast-util-sanitize@2.0.0)
• 04641d0 Update hast-util-to-html (see hast-util-to-html@6.0.0)
• 995b271 Update mdast-util-to-hast (see mdast-util-to-hast@6.0.0)

9.0.1

• b7a9bcd Refactor prose

9.0.0

• b350587 Update mdast-util-to-hast, hast-util-to-html
• fee6e64 Add more badges
• 2d15556 Move URLs to HTTPS

... (truncated)

Commits

• 2133d20 13.0.2
• b0b1ba5 Fix to sanitize by default
• c0b2f69 13.0.1
• 7a8cb0e Update mdast-util-to-hast
• bdeeee5 13.0.0
• efa1a5a Update docs
• 0b1cd0a Change to comply to CommonMark
• 5fec432 Update dev-dependencies
• db1a1d0 Add Discussions
• 60841bf 12.0.0
• Additional commits viewable in compare view

Updates nth-check from 1.0.1 to 2.1.1

Release notes

Sourced from nth-check's releases.

v2.1.1

• The ESM code had some issues that are now fixed aeeb067

fb55/nth-check@v2.1.0...v2.1.1

v2.1.0

What's Changed

• nth-check is now a dual CommonJS and ESM module fb55/nth-check#206
• With the new sequence and generate methods, it is now possible to generate a sequence of indices for a given formula fb55/nth-check#207

Full Changelog: fb55/nth-check@v2.0.1...v2.1.0

v2.0.1

Fixes:

• Replace regex with hand-rolled parser for nth-expressions (#9) 9894c1d
  • Ensures parsing will always have linear time complexity.

Internal:

• chore(ci): Use GitHub Actions, Dependabot (#10) e02b4dd
• Bump dependencies

fb55/nth-check@v2.0.0...v2.0.1

v2.0.0

• Port module to TS, Jest, ESLint

Breaking:

• The main export is now a default export.
• The module now throws regular Errors on invalid selectors instead of SyntaxErrors.

Commits

• See full diff in compare view

Updates unist-util-select from 1.5.0 to 5.1.0

Release notes

Sourced from unist-util-select's releases.

5.1.0

Add

• ad8a91d Add support for case-sensitivity modifiers

Misc

• 6f16614 Update css-selector-parser
• 5c37078 Refactor error for unsupported feature

Full Changelog: syntax-tree/unist-util-select@5.0.0...5.1.0

5.0.0

Change

• 90f8b3e Update @types/unist migrate: update too
• 8a9e59c Change to require Node.js 16 migrate: update too
• 6e4dc3c Change to use export map migrate: don’t use private APIs
• 414d1f7 Change to yield undefined instead of null migrate: expect undefined
• 09e81a2 Update to match CSS selectors 4 migrate: should be fine but there are internal changes to the parse that is now more like actual CSS

Add

• 3a5f97a Add support for a:has(> b)

Full Changelog: syntax-tree/unist-util-select@4.0.3...5.0.0

4.0.3

• a6f0631 Fix :matches, :not after something matched

Full Changelog: syntax-tree/unist-util-select@4.0.2...4.0.3

4.0.2

• 258beff Fix to return results in tree order
• beca7d5 Fix support for parent-sensitive pseudos
• 1da3f61 Fix types to allow literal nodes
• 5e05a61 Add support for null as input in types
• d68e907 Add improved docs
• 230f8df Add docs to types

Full Changelog: syntax-tree/unist-util-select@4.0.1...4.0.2

4.0.1

• bdddcb5 Add missing dependency by @​Ayc0 in syntax-tree/unist-util-select#13

... (truncated)

Commits

• 5d77ec4 5.1.0
• 6f16614 Update css-selector-parser
• ad8a91d Add support for case-sensitivity modifiers
• 5c37078 Refactor error for unsupported feature
• 1075824 Update dev-dependencies
• f889b45 5.0.0
• 90f8b3e Update @types/unist
• 6e4dc3c Change to use export map
• 8a9e59c Change to require Node.js 16
• 3a5f97a Add support for a:has(> b)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wooorm, a new releaser for unist-util-select since your current version.

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates path-parse from 1.0.6 to 1.0.7

Commits

• See full diff in compare view

Updates debug from 4.1.1 to 4.3.7

Release notes

Sourced from debug's releases.

4.3.7

What's Changed

• Upgrade ms to version 2.1.3 by @​realityking in debug-js/debug#819

Full Changelog: debug-js/debug@4.3.6...4.3.7

4.3.6

What's Changed

• Avoid using deprecated RegExp.$1 by @​bluwy in debug-js/debug#969

New Contributors

• @​bluwy made their first contribution in debug-js/debug#969

Full Changelog: debug-js/debug@4.3.5...4.3.6

4.3.5

Patch

• cac39b1c5b018b0fe93a53a05f084eee543d17f5 Fix/debug depth (#926)

Thank you @​calvintwr for the fix.

4.3.4

What's Changed

• Add section about configuring JS console to show debug messages by @​gitname in debug-js/debug#866
• Replace deprecated String.prototype.substr() by @​CommanderRoot in debug-js/debug#876

New Contributors

• @​gitname made their first contribution in debug-js/debug#866
• @​CommanderRoot made their first contribution in debug-js/debug#876

Full Changelog: debug-js/debug@4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

• Migrates repository from https://github.com/visionmedia/debug to https://github.com/debug-js/debug. Please see notes below as to why this change was made.
• Updates repository maintainership information
• Updates the copyright (no license terms change has been made)
• Removes accidental epizeuxis (#828)
• Adds README section regarding usage in child procs (#850)

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

---

Repository Migration Information

... (truncated)

Commits

• bc60914 4.3.7
• c63e96e Upgrade ms to version 2.1.3 (#819)
• 382864a remove archaic badges from readme
• c33b464 4.3.6
• 7956a45 Avoid using deprecated RegExp.$1
• 5464bdd 4.3.5
• f244ada update authorship contact info
• cac39b1 Fix/debug depth (#926)
• f66cb2d remove .github folder (and the outdated issue templates)
• d161662 Update ISSUE_TEMPLATE.md
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.

Updates rollup from 1.30.1 to 3.29.5

Release notes

Sourced from rollup's releases.

v3.29.4

3.29.4

2023-09-28

Bug Fixes

• Fix static analysis when an exported function uses callbacks (#5158)

Pull Requests

• #5158: Deoptimize all parameters when losing track of a function (@​lukastaegert)

v3.29.3

3.29.3

2023-09-24

Bug Fixes

• Fix a bug where code was wrongly tree-shaken after mutating function parameters (#5153)

Pull Requests

• #5145: docs: improve the docs repl appearance in the light mode (@​TrickyPi)
• #5148: chore(deps): update dependency @​vue/eslint-config-typescript to v12 (@​renovate[bot])
• #5149: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5153: Fully deoptimize first level path when deoptimizing nested parameter paths (@​lukastaegert)

v3.29.2

3.29.2

2023-09-15

Bug Fixes

• Export TreeshakingPreset type (#5131)

Pull Requests

• #5131: fix: exports TreeshakingPreset (@​moltar)
• #5134: docs: steps to enable symlinks on windows (@​thebanjomatic)
• #5137: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v3.29.1

3.29.1

2023-09-10

Bug Fixes

... (truncated)

Changelog

Sourced from rollup's changelog.

rollup changelog

4.22.4

2024-09-21

Bug Fixes

• Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

• #5670: refactor: Use object.prototype to check for reserved properties (@​YuHyeonWook)
• #5671: Fix DOM Clobbering CVE (@​lukastaegert)

4.22.3

2024-09-21

Bug Fixes

• Ensure that mutations in modules without side effects are observed while properly handling transitive dependencies (#5669)

Pull Requests

• #5669: Ensure impure dependencies of pure modules are added (@​lukastaegert)

4.22.2

2024-09-20

Bug Fixes

• Revert fix for side effect free modules until other issues are investigated (#5667)

Pull Requests

• #5667: Partially revert #5658 and re-apply #5644 (@​lukastaegert)

4.22.1

2024-09-20

Bug Fixes

• Revert #5644 "stable chunk hashes" while issues are being investigated

Pull Requests

• #5663: chore(deps): update dependency inquirer to v11 (@​renovate[bot], @​lukastaegert)

... (truncated)

Commits

• dfd233d 3.29.5
• 2ef77c0 Fix DOM Clobbering CVE
• a6448b9 3.29.4
• 4e92d60 Deoptimize all parameters when losing track of a function (#5158)
• 801ffd1 3.29.3
• 353e462 Fully deoptimize first level path when deoptimizing nested parameter paths (#...
• a1a89e7 chore(deps): update dependency @​vue/eslint-config-typescript to v12 (#5148)
• cc14f70 chore(deps): lock file maintenance minor/patch updates (#5149)
• 1e8355b docs: improve the docs repl appearance in the light mode (#5145)
• 5950fc8 Adapt branches in REPL workflow
• Additional commits viewable in compare view

Updates ansi-regex from 5.0.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

• Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

Commits

• a9babce 5.0.1
• 4657833 fix incorrect format
• c3c0b3f Fix potential ReDoS (#37)
• 178363b Move to GitHub Actions (#35)
• 0755e66 Add @​Qix- to funding.yml
• See full diff in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates glob-parent from 5.1.0 to 5.1.2

Release notes

Sourced from glob-parent's releases.

v5.1.2

Bug Fixes

• eliminate ReDoS (#36) (f923116)

v5.1.1

Bug Fixes

• unescape exclamation mark (#26) (a98874f)

Changelog

Sourced from glob-parent's changelog.

5.1.2 (2021-03-06)

Bug Fixes

• eliminate ReDoS (#36) (f923116)

6.0.2 (2021-09-29)

Bug Fixes

• Improve performance (#53) (843f8de)

6.0.1 (2021-07-20)

Bug Fixes

• Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

• Correct mishandled escaped path separators (#34)
• upgrade scaffold, dropping node <10 support

Bug Fixes

• Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

• upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

• unescape exclamation mark (#26) (a98874f)

Commits

• eb2c439 chore: update changelog
• 12bcb6c chore: release 5.1.2
• f923116 fix: eliminate ReDoS (#36)
• 0b014a7 chore: add JSDoc returns information (#33)
• 2b24ebd chore: generate initial changelog
• 9b6e874 chore: release 5.1.1
• 749c35e ci: try wrapping the JOB_ID in a string
• 5d39def ci: attempt to switch to published coveralls
• 0b5b37f ci: put the npm step back in for only Windows
• 473f5d8 ci: update azure build images
• Additional commits viewable in compare view

Updates ini from 1.3.5 to 1.3.8

Commits

• a2c5da8 1.3.8
• af5c6bb Do not use Object.create(null)
• 8b648a1 don't test where our devdeps don't even work
• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Updates json5 from 2.1.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates shelljs from 0.8.3 to 0.8.5

Release notes

Sourced from shelljs's releases.

v0.8.5

This was a small security fix for #1058.

v0.8.4

Small patch release to fix a circular dependency warning in node v14. See #973.

Changelog

Sourced from shelljs's changelog.

Change Log

Unreleased

Full Changelog

Closed issues:

• find returns empty array even though directory has files #922
• exec() should support node v10 (maxbuffer change) #915
• grep exit status and extra newlines #900
• Travis CI currently broken #893
• Drop node v4 support #873
• cp -Ru respects the -R but not the -u #808

Merged pull requests:

• feat(options): initial support for long options #926 (nfischer)
• test(touch): add coverage for -d option #925 (nfischer)
• chore(node): add v10 and v11 to CI #921 (nfischer)
• chore(test): no coverage by default #920 (nfischer)
• fix(exec): consistent error message for maxBuffer #919 (nfischer)
• chore(node): drop node v4 and v5 #917 (nfischer)
• chore: script to bump supported node versions #913 (nfischer)
• chore(npm): remove lockfile #911 (nfischer)
• ci: change language to node_js and remove obsolete scripts #910 (DanielRuf)
• chore: remove gitter integration #907 (nfischer)
• fix: Exit 1 with empty string if no match #901 (wyardley)
• feat(cp): support update flag when recursing #889 (joshi-sh)

Commits

• 70668a4 0.8.5
• d919d22 fix(exec): lockdown file permissions (#1060)
• fcf1651 0.8.4
• a1111ee Silence potentially upcoming circular dependency warning (#973)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.