build(deps-dev): bump gh-pages from 4.0.0 to 6.2.0

[dependabot]

Bumps gh-pages from 4.0.0 to 6.2.0.

Release notes

Sourced from gh-pages's releases.

v6.2.0

What's Changed

• fix: update instruction for next.js by @​multivoltage in tschaub/gh-pages#541
• Bump mocha from 10.2.0 to 10.3.0 by @​dependabot in tschaub/gh-pages#545
• Bump eslint from 8.56.0 to 8.57.0 by @​dependabot in tschaub/gh-pages#548
• Bump tmp from 0.2.1 to 0.2.3 by @​dependabot in tschaub/gh-pages#549
• Bump mocha from 10.3.0 to 10.4.0 by @​dependabot in tschaub/gh-pages#550
• Bump dir-compare from 4.2.0 to 5.0.0 by @​dependabot in tschaub/gh-pages#555
• Bump sinon from 17.0.1 to 17.0.2 by @​dependabot in tschaub/gh-pages#557
• Bump sinon from 17.0.2 to 18.0.0 by @​dependabot in tschaub/gh-pages#561
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in tschaub/gh-pages#563
• Bump mocha from 10.4.0 to 10.6.0 by @​dependabot in tschaub/gh-pages#569
• Bump mocha from 10.6.0 to 10.7.0 by @​dependabot in tschaub/gh-pages#571
• Bump mocha from 10.7.0 to 10.7.3 by @​dependabot in tschaub/gh-pages#573
• Bump async from 3.2.5 to 3.2.6 by @​dependabot in tschaub/gh-pages#576
• Bump eslint from 8.57.0 to 8.57.1 by @​dependabot in tschaub/gh-pages#579
• Bump sinon from 18.0.0 to 19.0.2 by @​dependabot in tschaub/gh-pages#578
• Update globby by @​tschaub in tschaub/gh-pages#581

New Contributors

• @​multivoltage made their first contribution in tschaub/gh-pages#541

Full Changelog: tschaub/gh-pages@v6.1.1...v6.2.0

v6.1.1

Fixes

• fix: Add missing cname option not passed to the config by @​WillBAnders in tschaub/gh-pages#535

Dependency Updates

• Bump eslint from 8.53.0 to 8.55.0 by @​dependabot in tschaub/gh-pages#538
• Bump fs-extra from 11.1.1 to 11.2.0 by @​dependabot in tschaub/gh-pages#537
• Bump eslint from 8.55.0 to 8.56.0 by @​dependabot in tschaub/gh-pages#539

New Contributors

• @​WillBAnders made their first contribution in tschaub/gh-pages#535

Full Changelog: tschaub/gh-pages@v6.1.0...v6.1.1

v6.1.0

What's Changed

• Bump eslint from 8.46.0 to 8.49.0 by @​dependabot in tschaub/gh-pages#516
• Bump actions/checkout from 3 to 4 by @​dependabot in tschaub/gh-pages#515
• Bump chai from 4.3.7 to 4.3.8 by @​dependabot in tschaub/gh-pages#513
• Bump dir-compare from 4.0.0 to 4.2.0 by @​dependabot in tschaub/gh-pages#512
• Add --nojekyll and --cname options by @​tschaub in tschaub/gh-pages#533
• Bump actions/setup-node from 3 to 4 by @​dependabot in tschaub/gh-pages#527
• Bump chai from 4.3.8 to 4.3.10 by @​dependabot in tschaub/gh-pages#520
• Bump eslint from 8.49.0 to 8.53.0 by @​dependabot in tschaub/gh-pages#530
• Bump commander from 11.0.0 to 11.1.0 by @​dependabot in tschaub/gh-pages#524

... (truncated)

Changelog

Sourced from gh-pages's changelog.

v6.2.0

Assorted dependency updates and a documentation change.

• #581 - Update globby (@​tschaub)
• #578 - Bump sinon from 18.0.0 to 19.0.2 (@​tschaub)
• #579 - Bump eslint from 8.57.0 to 8.57.1 (@​tschaub)
• #576 - Bump async from 3.2.5 to 3.2.6 (@​tschaub)
• #573 - Bump mocha from 10.7.0 to 10.7.3 (@​tschaub)
• #571 - Bump mocha from 10.6.0 to 10.7.0 (@​tschaub)
• #569 - Bump mocha from 10.4.0 to 10.6.0 (@​tschaub)
• #563 - Bump braces from 3.0.2 to 3.0.3 (@​tschaub)
• #561 - Bump sinon from 17.0.2 to 18.0.0 (@​tschaub)
• #557 - Bump sinon from 17.0.1 to 17.0.2 (@​tschaub)
• #555 - Bump dir-compare from 4.2.0 to 5.0.0 (@​tschaub)
• #550 - Bump mocha from 10.3.0 to 10.4.0 (@​tschaub)
• #549 - Bump tmp from 0.2.1 to 0.2.3 (@​tschaub)
• #548 - Bump eslint from 8.56.0 to 8.57.0 (@​tschaub)
• #545 - Bump mocha from 10.2.0 to 10.3.0 (@​tschaub)
• #541 - fix: update instruction for next.js (@​multivoltage)

v6.1.1

This release fixes an issue with the --cname option.

• #535 - fix: Add missing cname option not passed to the config (@​WillBAnders)
• #539 - Bump eslint from 8.55.0 to 8.56.0 (@​tschaub)

v6.1.0

This release adds support for --nojekyll and --cname options.

• #531 - Bump sinon from 15.2.0 to 17.0.1 (@​tschaub)
• #529 - Bump async from 3.2.4 to 3.2.5 (@​tschaub)
• #524 - Bump commander from 11.0.0 to 11.1.0 (@​tschaub)
• #530 - Bump eslint from 8.49.0 to 8.53.0 (@​tschaub)
• #520 - Bump chai from 4.3.8 to 4.3.10 (@​tschaub)
• #527 - Bump actions/setup-node from 3 to 4 (@​tschaub)
• #533 - Add --nojekyll and --cname options (@​tschaub)
• #512 - Bump dir-compare from 4.0.0 to 4.2.0 (@​tschaub)
• #513 - Bump chai from 4.3.7 to 4.3.8 (@​tschaub)
• #515 - Bump actions/checkout from 3 to 4 (@​tschaub)
• #516 - Bump eslint from 8.46.0 to 8.49.0 (@​tschaub)

v6.0.0

This release drops support for Node 14. Otherwise, there are no special upgrade considerations.

• #507 - Dependency updates and drop Node 14 (@​tschaub)
• #495 - Bump sinon from 15.0.3 to 15.2.0 (@​tschaub)

... (truncated)

Commits

• 4b29930 6.2.0
• a3df19c Log changes
• 0b721f3 Merge pull request #581 from tschaub/updates
• 13b6efc Update globby
• 5a8c819 Merge pull request #578 from tschaub/dependabot/npm_and_yarn/sinon-19.0.2
• bf7ed42 Merge pull request #579 from tschaub/dependabot/npm_and_yarn/eslint-8.57.1
• e55b0dd Bump eslint from 8.57.0 to 8.57.1
• b525485 Bump sinon from 18.0.0 to 19.0.2
• fc668f2 Merge pull request #576 from tschaub/dependabot/npm_and_yarn/async-3.2.6
• d55ea9f Bump async from 3.2.5 to 3.2.6
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	internal-slot@​1.0.3 ⏵ 1.0.5			+3
	is-core-module@​2.9.0 ⏵ 2.11.0			+1
	jest-environment-jsdom@​27.5.1
	jest@​27.5.1
	eslint-module-utils@​2.7.3 ⏵ 2.7.4	+1		+1
	eslint-config-prettier@​8.8.0
	esbuild@​0.17.12
	jasmine-expect@​5.0.0
	eslint-watch@​8.0.0
	is-callable@​1.2.4 ⏵ 1.2.7			+6
	eslint-plugin-flowtype@​8.0.3
	husky@​8.0.3
	eslint-import-resolver-node@​0.3.6 ⏵ 0.3.7			+1
	esquery@​1.4.0 ⏵ 1.5.0
	glob@​7.1.7 ⏵ 8.1.0	+1		+1		+31
	gh-pages@​6.2.0
	get-intrinsic@​1.1.1 ⏵ 1.2.0			+2
	espree@​9.3.2 ⏵ 9.5.0	+1
	fill-range@​7.1.1 ⏵ 7.0.1	+1
	eslint-plugin-import@​2.26.0 ⏵ 2.27.5
	eslint-config-airbnb@​19.0.4
	eslint-plugin-react@​7.30.0 ⏵ 7.32.2
	eslint-plugin-jsx-a11y@​6.5.1 ⏵ 6.7.1			+1
	eslint-scope@​5.1.1
	find-up@​2.1.0 ⏵ 4.1.0			+7
	eslint-plugin-jest@​26.9.0
	eslint-plugin-prettier@​4.2.1
	eslint-plugin-react-hooks@​4.5.0 ⏵ 4.6.0
	eslint@​8.16.0 ⏵ 8.36.0

View full report

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[dependabot]

A newer version of gh-pages exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		form-data@3.0.1 has a Critical CVE. CVE: GHSA-fjxv-7rqg-78g4 form-data uses unsafe random function in form-data for choosing boundary (CRITICAL) Affected versions: < 2.5.4; >= 3.0.0 < 3.0.4; >= 4.0.0 < 4.0.4 Patched version: 3.0.4 From: package-lock.json → npm/form-data@3.0.1 ℹ Read more on: This package | This alert | What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/form-data@3.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud