fix(deps): update dependency gh-pages to v5 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
gh-pages	1.2.0 -> 5.0.0

GitHub Vulnerability Alerts

CVE-2022-37611

Prototype pollution vulnerability in tschaub gh-pages via the partial variable in util.js.

---

Release Notes

tschaub/gh-pages (gh-pages)

v5.0.0

Compare Source

Potentially breaking change: the publish method now always returns a promise. Previously, it did not return a promise in some error cases. This should not impact most users.

Updates to the development dependencies required a minimum Node version of 14 for the tests. The library should still work on Node 12, but tests are no longer run in CI for version 12. A future major version of the library may drop support for version 12 altogether.

• #​438 - Remove quotation marks (@​Vicropht)
• #​459 - Bump async from 2.6.4 to 3.2.4 (@​tschaub)
• #​454 - Bump email-addresses from 3.0.1 to 5.0.0 (@​tschaub)
• #​455 - Bump actions/setup-node from 1 to 3 (@​tschaub)
• #​453 - Bump actions/checkout from 2 to 3 (@​tschaub)
• #​445 - Update README to clarify project site configuration requirements with tools like CRA, webpack, Vite, etc. (@​Nezteb)
• #​452 - Assorted updates (@​tschaub)

v4.0.0

Compare Source

This release doesn't include any breaking changes, but due to updated development dependencies, tests are no longer run on Node 10.

• #​432 - Updated dev dependencies and formatting (@​tschaub)
• #​430 - Bump ansi-regex from 3.0.0 to 3.0.1 (@​tschaub)
• #​431 - Bump path-parse from 1.0.6 to 1.0.7 (@​tschaub)
• #​427 - Bump async from 2.6.1 to 2.6.4 (@​tschaub)
• #​423 - Bump minimist from 1.2.5 to 1.2.6 (@​tschaub)

v3.2.3

Compare Source

• #​398 - Update glob-parent (@​tschaub)
• #​395 - Switch from filenamify-url to filenamify (@​tw0517tw)

v3.2.2

Compare Source

• #​396 - Revert "security(deps): bump filenamify-url to 2.1.1" (@​tschaub)

v3.2.1

Compare Source

• #​393 - security(deps): bump filenamify-url to 2.1.1 (@​AviVahl)

v3.2.0

Compare Source

This release updates a few development dependencies and adds a bit of documentation.

• #​391 - Update dev dependencies (@​tschaub)
• #​375 - Add note about domain problem (@​demee)
• #​390 - Fix little typo in the README (@​cizordj)
• #​388 - Bump hosted-git-info from 2.8.8 to 2.8.9 (@​tschaub)
• #​387 - Bump y18n from 4.0.0 to 4.0.3 (@​tschaub)
• #​378 - Add GitHub Actions tips to readme.md (@​mickelsonmichael)
• #​386 - Bump lodash from 4.17.14 to 4.17.21 (@​tschaub)

v3.1.0

Compare Source

The cache directory used by gh-pages is now node_modules/.cache/gh-pages. If you want to use a different location, set the CACHE_DIR environment variable.

• #​362 - Move the cache directory (@​tschaub)
• #​361 - Update dev dependencies (@​tschaub)

v3.0.0

Compare Source

Breaking changes:

None really. But tests are no longer run on Node < 10. Development dependencies were updated to address security warnings, and this meant tests could no longer be run on Node 6 or 8. If you still use these Node versions, you may still be able to use this library, but be warned that tests are no longer run on these versions.

All changes:

• #​357 - Dev dependency updates (@​tschaub)
• #​333 - Update readme with command line options (@​Victoire44)
• #​356 - Test as a GitHub action (@​tschaub)
• #​355 - feat(beforeAdd): allow custom script before git add (@​Xiphe)
• #​336 - Fix remove not working properly (@​sunghwan2789)
• #​328 - Update .travis.yml (@​XhmikosR)
• #​327 - Fix typo (@​d-tsuji)

v2.2.0

Compare Source

• #​318 - Allow an absolute path as dist directory (@​okuryu)
• #​319 - Added 'remove' documentation to the readme (@​Sag-Dev)
• #​323 - Update dependencies (@​tschaub)
• #​277 - Add --no-history flag not to preserve deploy history (@​dplusic)

v2.1.1

Compare Source

• #​312 - Add default for '--git' option (@​tschaub)

v2.1.0

Compare Source

• #​307 - Dev dependency updates (@​tschaub)
• #​303 - Support '--git' CLI option (@​JRJurman)

v2.0.1

Compare Source

• #​268 - Continue even if no git configured user.

v2.0.0

Compare Source

Breaking changes:

• Requires Node 6 and above. If you require support for Node 4, stick with v1.2.0.

• The git user for commits is determined by running git config user.name and git config user.email in the current working directory when gh-pages is run. Ideally, this is what you want. In v1, the git user was determined based on the gh-pages install directory. If the package was installed globally, the git user might not have been what you expected when running in a directory with a locally configured git user.

• #​264 - Better user handling (thanks @​holloway for getting this going and @​nuklearfiziks and @​paulirish for pushing it over the edge)

• #​263 - Infra: newer syntax and upgrade deps to latest stable versions (@​AviVahl)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

[02:18:54.532] INFO (54): Installing tool [email protected]...
[02:19:04.727] WARN (54): Npm error:
npm ERR! weird error 1
[02:19:04.732] FATAL (54): node-gyp update command failed
    err: {
      "type": "Error",
      "message": "node-gyp update command failed",
      "stack":
          Error: node-gyp update command failed
              at InstallNodeService.updateNodeGyp (/snapshot/dist/containerbase-cli.js:53540:13)
              at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
              at async InstallNodeService.install (/snapshot/dist/containerbase-cli.js:53797:7)
              at async InstallToolService.execute (/snapshot/dist/containerbase-cli.js:54326:11)
              at async InstallToolShortCommand.execute (/snapshot/dist/containerbase-cli.js:54543:14)
              at async InstallToolShortCommand.validateAndExecute (/snapshot/dist/containerbase-cli.js:2430:26)
              at async _Cli.run (/snapshot/dist/containerbase-cli.js:3543:22)
              at async _Cli.runExit (/snapshot/dist/containerbase-cli.js:3551:28)
              at async main (/snapshot/dist/containerbase-cli.js:54737:3)
    }
[02:19:05.697] INFO (54): Installed tool node with errors in 11.1s.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

[21:48:36.918] INFO (138): Installing tool [email protected]...
[21:48:41.528] WARN (138): Npm error:
npm ERR! weird error 1
[21:48:41.724] ERROR (138): node-gyp update command failed
[21:48:41.724] FATAL (138): Install tool node failed in 4.8s.