ECMAScript code beautifier/formatter

Miller Medeiros

Last update: Nov 1, 2022

Related tags

Command Line esformatter

Overview

esformatter

ECMAScript code beautifier/formatter.

Important

This tool is still missing support for many important features. Please report any bugs you find, the code is only as good as the test cases. Feature requests are very welcome.

We are looking for contributors!!

Why?

jsbeautifier.org doesn't have enough options and not all IDEs/Editors have a good JavaScript code formatter. I would like to have a command line tool (and standalone lib) at least as powerful/flexible as the WebStorm and FDT code formatters so that it can be plugged into any editor and reused by other tools like escodegen.

For more reasoning behind it and history of the project see: esformatter & rocambole

How?

This tool uses rocambole and babylon to recursively parse the tokens and transform it in place.

Goals

granular control about white spaces, indent and line breaks.
command line interface (cli).
be non-destructive.
support for local/global config file so settings can be shared between team members.
be extensive (plugins and other cli tools).
support most popular style guides through plugins (Google, jQuery, Idiomatic.js).
be the best JavaScript code formatter!

API

var esformatter = require('esformatter');
var fs = require('fs');
var codeStr = fs.readFileSync('path/to/js/file.js').toString();

// for a list of available options check "lib/preset/default.js"
var options = {
  indent : {
    value : '  '
  },
  lineBreak : {
    before : {
      // at least one line break before BlockStatement
      BlockStatement : '>=1',
      // only one line break before DoWhileStatementOpeningBrace
      DoWhileStatementOpeningBrace : 1,
      // ...
    }
  },
  whiteSpace : {
    // ...
  }
};

// return a string with the formatted code
var formattedCode = esformatter.format(codeStr, options);

See the doc/api.md file for a list of all the public methods and detailed documentation about each one.

See doc/config.md for more info about the configuration options.

CLI

You can also use the simple command line interface to process the stdin or read from a file.

npm install [-g] esformatter

Usage:

Pass the --help flag to see the available options or see doc/cli.txt.

esformatter --help

Examples:

# Format
# ======

# format "test.js" and output result to stdout
esformatter test.js
# you can also pipe other shell commands (read file from stdin)
cat test.js | esformatter
# format "test.js" using options in "options.json" and output result to stdout
esformatter --config options.json test.js
# process "test.js" and writes to "test.out.js"
esformatter test.js > test.out.js
# you can override the default settings, see lib/preset/default.js for
# a list of available options
esformatter test.js --indent.value="\t" --lineBreak.before.IfStatementOpeningBrace=0
# format "test.js" and output result to "test.js"
esformatter -i test.js
# format and overwrite all the ".js" files inside the "lib/" folder
esformatter -i 'lib/*.js'
# format and overwrite all the ".js" files inside "lib/" and it's subfolders
esformatter -i 'lib/**/*.js'

# **important:** surround the glob with single quotes to avoid expansion; [glob
# syntax reference](https://github.com/isaacs/node-glob/#glob-primer)

# Diff
# ======

# check if "test.js" matches style and output diff to stdout
esformatter --diff test.js
# check if "test.js" matches style and output unified diff to stdout
esformatter --diff-unified test.js
# check if "test.js" matches "options.json" style and output diff to stdout
esformatter --diff --config options.json test.js
# check all files inside "lib/" and it's subfolders
esformatter --diff 'lib/**/*.js'

Local version

If a locally installed esformatter is found, the CLI uses that instead of the global executable (this means you can have multiple projects depending on different versions of esformatter).

protip: add esformatter and all the plugins that you need on your project to the package.json devDependencies that way you can use locally installed plugins and also make sure everyone on your team is using the same version/settings.

{
  "devDependencies": {
    "esformatter": "~0.6.0",
    "esformatter-quotes": "^1.0.1"
  },
  "esformatter": {
    "plugins": ["esformatter-quotes"],
    "quotes": {
      "type": "single"
    }
  }
}

IDE / Editor integration

Since esformatter is available as a command-line tool, it can be used in any editor that supports external shell commands.

Vim - vim-esformatter
Sublime Text - sublime-esformatter
Atom - atom-esformatter
Visual Studio Code - vscode-esformatter

Configuration

See doc/config.md.

Presets

Presets are reusable config files that can require other presets/plugins and override configs.

{
  // presets are used as "base settings"
  "extends": [
    "preset:foobar", // load "esformatter-preset-foobar" from "./node_modules"
    "./lorem_ipsum.json" // load relative config file
  ],

  // you can still override any setting from the preset if needed
  "indent": {
    "value": "  "
  }
}

For more info see presets.md

Pipe other CLI tools

Since we don't expect everyone to write plugins that only works with esformatter we decided to encourage the usage of standalone CLI tools.

{
  // pipe is a simple way to "pipe" multiple binaries input/output
  "pipe": {
    // scripts listed as "before" will be executed before esformatter
    // and will forward output to next command in the queue
    "before": [
      "strip-debug",
      "./bin/my-custom-script.sh --foo true -zx"
    ],
    // scripts listed as "after" will be executed after esformatter
    "after": [
      "baz --keepLineBreaks"
    ]
  }
}

Plugins

Plugins are automatically loaded from node_modules if you pass the module id in the config file:

{
  "plugins": [ "esformatter-sample-plugin", "foobar" ]
}

List of plugins and plugins wish list: https://github.com/millermedeiros/esformatter/wiki/Plugins

List of plugins with easy filterable search: http://pgilad.github.io/esformatter-plugins/

For detailed information about plugins structure and API see doc/plugins.md

IRC

We have an IRC channel #esformatter on irc.freenode.net for quick discussions about the project development/structure.

Wiki

See project Wiki for more info: https://github.com/millermedeiros/esformatter/wiki

Project structure / Contributing

See CONTRIBUTING.md

Popular Alternatives

License

Released under the MIT license

Comments

Keep line breaks and allow ranges on config files

I won't have time to finish this task today so pushing it here in case anyone have comments or want to contribute..

I tried to do it in small steps but failed a couple times. no way to avoid the large refactor since white space and line breaks logic are really tightly coupled.

so far there are many tests failing but some of them should not be that hard to fix (even tho that doesn't mean all settings are working as expected).

see #1 see #84
enhancement feature high priority

opened by millermedeiros 35
adds support for plugins. for plugin examples, see https://gist.github.com/shellscape/8443537

Adds rather effective support for simple formatting and transformation plugins.

A few example plugins being evaluated internally can be found here: https://gist.github.com/shellscape/8443537

For consideration for Issue #89
feature

opened by shellscape 19
Allow objects expressions on one line (if short enough)
From the jQuery Style Guide:

Object declarations can be made on a single line if they are short (remember the line length limits). When an object delcration is too long to fit on one line, there must be one property per line.

It provides these two examples:

// Good var map = { ready: 9, when: 4, "you are": 15 }; // Good as well var map = { ready: 9, when: 4, "you are": 15 };

Currently its either multi-line everything or single-line everything. It also questionable whether this project should deal with line length.

Elsewhere we keep line breaks as they are and just make sure whitespace and indent are correct. Could we apply that to ObjectExpression as well? Enforcing line lengths can be done with other tools, e.g. jshint has options for that.
plugins-wishlist
opened by jzaefferer 18
Indent multi-line var differently
I would like to reformat

var foo = 23, bar = 17;

so that it becomes:

var foo = 23, bar = 17;

At the moment, esformatter creates

var foo = 23, bar = 17;

Is this possible? If so, how?
feature
opened by goloroden 14

Format order for plugins

I am having an issue where esformatter makes a change to the line breaks before using the esformatter-semicolon plugin to add a semicolon.

Original Code:

var _originalEndWindow = BenchmarkWindows.findOne({benchmarkPeriodId: _targetBenchmarkPeriod._id})

                    var x1 = _aimLineData[0][0], y1 = _aimLineData[0][1]
                        , x2 = _originalEndWindow.endDate.valueOf(), y2 = _aimEnd[1]
                        , m = (y2 - y1) / (x2 - x1);
                    var x3 = _aimEnd[0], y3 = (m * (x3 - x1)) + y1;

Formatted Code

var _originalEndWindow = BenchmarkWindows.findOne({
                        benchmarkPeriodId: _targetBenchmarkPeriod._id
                    })                    var x1 = _aimLineData[0][0];
                    var y1 = _aimLineData[0][1];
                    var x2 = _originalEndWindow.endDate.valueOf();
                    var y2 = _aimEnd[1];
                    var m = (y2 - y1) / (x2 - x1);
                    var x3 = _aimEnd[0];
                    var y3 = (m * (x3 - x1)) + y1;

Because there is a missing semicolon the line breaks get removed first and it causes the app to crash. however, if I manually add in the semicolon first before reformatting, it works just fine.

So, it would be great if there was a way to add all the semicolons first.

What do you think?

opened by sircharleswatson 13

replace indent logic with esindent

I did some quick and dirty find and replace on all the "lib" files for code blocks and lines that contained the word "indent" so that means I might have introduced some bugs and removed some logic that should not be removed..

sending the PR just to show how much it simplifies the logic and how it removes some of ugliest parts of the code base.

closes #96
enhancement high priority

opened by millermedeiros 13

support React JSX syntax

Not sure where to report this issue. I could report it on rocambole, but I would also like esformatter to use a version of rocambole that uses esprima-fb instead of esprima in order to support the jsx syntax

This is what I ended doing in order to make esformatter to tolerate the jsx syntax

   // needed for grunt.file.expand
    var grunt = require('grunt');

    // use it with care, I haven't check if there
    // isn't any side effect from using proxyquire to 
    // inject esprima-fb into the esformatter
    // but this type of dependency replacement
    // seems to be very fragile... if rocambole deps change 
    // this will certainly break, same is true for esprima-fb
    // use it with care
    var proxyquire = require('proxyquire');
    var rocambole = proxyquire('rocambole', {
      'esprima': require('esprima-fb')
    });

    var esformatter = proxyquire('esformatter', {
      rocambole: rocambole
    });

    // path to your esformatter configuration
    var cfg = grunt.file.readJSON('./esformatter.json');

    // expand the files from the glob
    var files = grunt.file.expand('./frontend-app/reader/js/**/*.jsx');

    // do the actual formatting
    files.forEach(function (fIn) {
      console.log('formatting', fIn);
      var output = esformatter.format(grunt.file.read(fIn), cfg);
      grunt.file.write(fIn, output);
    });

As you can see it might be simple a change from esprima to esprima-fb. Maybe make the parser module a property of esformatter that way it can be injected in a cleaner way

something like

var esformatter = require('esformatter');
esformatter.setParser(require('esprima-fb')); // if not call use regular esprima.

Regards

enhancement feature

opened by royriojas 12

hard wrap lines + plugins

we don't have an option to force line wrap after a certain amount of chars, this can be really useful depending on the code style but it's impossible to implement without loc and range info.

since we do a lot of transformations to the tokens we basically lose the range and loc info - or would need to update it for all nodes/tokens after each manipulation, which is very expensive.

I'm thinking in maybe 2 separate libs, one that can read the AST generated by esformatter.transform and can rebuild the loc and range info and another one that forces the line wraps at the optimal position based on that... We would import these external dependencies and use them (to simplify the process since this is a common need).

Maybe we should even add some way to import "plugins" on the config file and/or as cli argument, that way we don't hardcode anything that is developed as a separate project.

see #73 and #84

/cc @jzaefferer
feature high priority

opened by millermedeiros 11

change settings to use integers instead of booleans

integers are more flexible since in some cases I think we should have 3+ states. I'm thinking about a setting that keeps the original white spaces (for cases where the user added the spaces to manually align some tokens - think about tabular data) so we should have a way to set if it should remove the existing white space, keep it or add if it doesn't exist, example:

// remove if it exists (consecutive tokens) and don't add if it's missing
var REMOVE = 0;
// add if missing or keep a single one 
var ADD_IF_MISSING = 1;
// add if missing or keep if it already exists (no matter how many)
var ADD_OR_KEEP = 2;
// keep exact amount (remove if more, add if less)
var EXACT = { count : n };
// don't change
var NOOP = 4;

var DEFAULT_OPTS = {
  lineBreak : {
    before : {
      // pass an object for advanced settings
      // this will keep 3 line breaks (add if missing)
      FunctionDeclaration : {
        count : 3
      }
    },
    after : {
      FunctionDeclarationOpeningBrace : ADD_OR_KEEP
    }
  }
}

Of course this will increase the complexity a lot and will take considerably more time. This is definitely not a priority for now.

enhancement feature high priority

opened by millermedeiros 11

support for trailing commas
One thing I like to do is have trailing commas in object literals.

var a = { b: 42, };

That way, if someone later adds a new member to a, they don't modify the git blame of the line b: 42.

Maybe this would be a good plugin?
plugins-wishlist
opened by nickdesaulniers 10
plugins should be able to list other plugins as dependencies

in some cases a plugin might depend on another plugin to do some special work (eg. https://github.com/millermedeiros/esformatter/issues/230#issuecomment-90803239) so we need a way to list sub-dependencies and execute these sub-dependencies somehow.

this is specially important for presets like jquery (#249) and standard-format.
feature

opened by millermedeiros 9
Bump flat and mocha
Bumps flat to 5.0.2 and updates ancestor dependency mocha. These dependencies need to be updated together.

Updates flat from 4.1.0 to 5.0.2

Commits

e5ffd66 Release 5.0.2

fdb79d5 Update dependencies, refresh lockfile, format with standard.

e52185d Test against node 14 in CI.

0189cb1 Avoid arrow function syntax.

f25d3a1 Release 5.0.1

54cc7ad use standard formatting

779816e drop dependencies

2eea6d3 Bump lodash from 4.17.15 to 4.17.19

a61a554 Bump acorn from 7.1.0 to 7.4.0

20ef0ef Fix prototype pollution on unflatten

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by timoxley, a new releaser for flat since your current version.

Updates mocha from 7.1.0 to 10.2.0

Release notes

Sourced from mocha's releases.

v10.2.0

10.2.0 / 2022-12-11

:tada: Enhancements

#4945: API: add possibility to decorate ESM name before import (@j0tunn)

:bug: Fixes

#4946: Browser: color of failed test icon (@kleisauke)

:book: Documentation

#4944: Remove duplicated header (@PauloGoncalvesBH)

v10.1.0

10.1.0 / 2022-10-16

:tada: Enhancements

#4896: Browser: add support for prefers-color-scheme: dark (@greggman)

:nut_and_bolt: Other

#4912: Browser: increase contrast for replay buttons (@JoshuaKGoldberg)

#4905: Use standard Promise.allSettled instead of polyfill (@outsideris)

#4899: Upgrade official GitHub actions to latest (@ddzz)

#4770: Fix regex in function clean(@yetingli)

v10.0.0

10.0.0 / 2022-05-01

:boom: Breaking Changes

#4845: Drop Node.js v12.x support (@juergba)

#4848: Drop Internet-Explorer-11 support (@juergba)

#4857: Drop AMD/RequireJS support (@juergba)

#4866: Drop Growl notification support (@juergba)

#4863: Rename executable bin/mocha to bin/mocha.js (@juergba)

#4865: --ignore option in Windows: upgrade Minimatch (@juergba)

#4861: Remove deprecated Runner signature (@juergba)

:nut_and_bolt: Other

... (truncated)

Changelog

Sourced from mocha's changelog.

10.2.0 / 2022-12-11

:tada: Enhancements

#4945: API: add possibility to decorate ESM name before import (@j0tunn)

:bug: Fixes

#4946: Browser: color of failed test icon (@kleisauke)

:book: Documentation

#4944: Remove duplicated header (@PauloGoncalvesBH)

10.1.0 / 2022-10-16

:tada: Enhancements

#4896: Browser: add support for prefers-color-scheme: dark (@greggman)

:nut_and_bolt: Other

#4912: Browser: increase contrast for replay buttons (@JoshuaKGoldberg)

#4905: Use standard Promise.allSettled instead of polyfill (@outsideris)

#4899: Upgrade official GitHub actions to latest (@ddzz)

#4770: Fix regex in function clean(@yetingli)

10.0.0 / 2022-05-01

:boom: Breaking Changes

#4845: Drop Node.js v12.x support (@juergba)

#4848: Drop Internet-Explorer-11 support (@juergba)

#4857: Drop AMD/RequireJS support (@juergba)

#4866: Drop Growl notification support (@juergba)

#4863: Rename executable bin/mocha to bin/mocha.js (@juergba)

#4865: --ignore option in Windows: upgrade Minimatch (@juergba)

#4861: Remove deprecated Runner signature (@juergba)

:nut_and_bolt: Other

#4878: Update production dependencies (@juergba)

#4876: Add Node.js v18 to CI test matrix (@outsideris)

... (truncated)

Commits

202e9b8 build(v10.2.0): release

6782d6d build(v10.2.0): update CHANGELOG

73bb819 feat(esm): ability to decorate ESM module name before importing it (#4945)

fc4ac58 chore(devDeps): remove unused depedencies (#4949)

0a10ddc docs: remove duplicated header (#4944)

b0a0fb8 fix(browser): failed test icon color (#4946)

3cc9cac ci: update stale action (#4931)

8f3c37b chore(ci): workaround for firefox error (#4933)

5f96d51 build(v10.1.0): release

ed74f16 build(v10.1.0): update CHANGELOG

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump minimist from 1.2.5 to 1.2.6
Bumps minimist from 1.2.5 to 1.2.6.

Commits

7efb22a 1.2.6

ef88b93 security notice for additional prototype pollution issue

c2b9819 isConstructorOrProto adapted from PR

bc8ecee test from prototype pollution PR

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump pathval from 1.1.0 to 1.1.1
Bumps pathval from 1.1.0 to 1.1.1.

Release notes

Sourced from pathval's releases.

v1.1.1

Fixes a security issue around prototype pollution.

Commits

db6c3e3 chore: v1.1.1

7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution

49ce1f4 style: correct rule in package.json

c77b9d2 fix: prototype pollution vulnerability + working tests

49031e4 chore: remove very old nodejs

57730a9 chore: update deps and tool configuration

a123018 Merge pull request #55 from chaijs/remove-lgtm

07eb4a8 Delete MAINTAINERS

a0147cd Merge pull request #54 from astorije/patch-1

aebb278 Center repo name on README

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by chai, a new releaser for pathval since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump mout from 1.2.2 to 1.2.3
Bumps mout from 1.2.2 to 1.2.3.

Commits

eae5ccc v1.2.3

3fecf13 Merge pull request #270 from 418sec/1-npm-mout

397fa13 Merge pull request #1 from Asjidkalam/master

bd18212 fixed prototype pollution

2189378 Merge pull request #265 from timgates42/bugfix_typo_delimiter

fc281b2 docs: Fix simple typo, delimeter -> delimiter

See full diff in compare view

Maintainer changes

This version was pushed to npm by roboshoes, a new releaser for mout since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump path-parse from 1.0.6 to 1.0.7
Bumps path-parse from 1.0.6 to 1.0.7.

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump glob-parent from 5.1.0 to 5.1.2
Bumps glob-parent from 5.1.0 to 5.1.2.

Release notes

Sourced from glob-parent's releases.

v5.1.2

Bug Fixes

eliminate ReDoS (#36) (f923116)

v5.1.1

Bug Fixes

unescape exclamation mark (#26) (a98874f)

Changelog

Sourced from glob-parent's changelog.

5.1.2 (2021-03-06)

Bug Fixes

eliminate ReDoS (#36) (f923116)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

Correct mishandled escaped path separators (#34)

upgrade scaffold, dropping node <10 support

Bug Fixes

Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

unescape exclamation mark (#26) (a98874f)

Commits

eb2c439 chore: update changelog

12bcb6c chore: release 5.1.2

f923116 fix: eliminate ReDoS (#36)

0b014a7 chore: add JSDoc returns information (#33)

2b24ebd chore: generate initial changelog

9b6e874 chore: release 5.1.1

749c35e ci: try wrapping the JOB_ID in a string

5d39def ci: attempt to switch to published coveralls

0b5b37f ci: put the npm step back in for only Windows

473f5d8 ci: update azure build images

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0

Releases(v0.11.3)

v0.11.3(Mar 17, 2020)
Updated dependencies

Source code(tar.gz)
Source code(zip)
v0.11.2(Nov 6, 2019)
Updated dependencies

Fixes vulnerability issues with transitive dependencies

Source code(tar.gz)
Source code(zip)
v0.11.0(Oct 1, 2019)
BREAKING CHANGE: Only supports latest node LTS

Updated dependencies

Source code(tar.gz)
Source code(zip)