📄 An elegant css theme for resume generated by Markdown

By Markdone
Last update: Dec 12, 2022
Comments: 12

cssume

An elegant css theme for resume generated by Markdown

Write your resume with markdown and turn it into an HTML page, and then let cssume to beautify it!

The design is inspired by standardresume, and you can learn how to write a good resume from this article.

Install

<!-- CDN Development (always latest) -->
<link rel="stylesheet" href="https://unpkg.com/cssume">
<!-- CDN Production (specific release) -->
<link rel="stylesheet" href="https://unpkg.com/[email protected]">

# npm package
$ npm install cssume

/* CSS file */
@import url('https://unpkg.com/cssume/dist/cssume-scope.css');

Usage

<!doctype html>
<html lang="en">
  <head>
     <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <link rel="stylesheet" href="https://unpkg.com/cssume">
    <title>cssume</title>
  </head>
  <body>
    <h1>Your resume</h1>
  </body>
</html>

This is a demo markdown

# Your Name

> Career

Location

A few words to introduce yourself...

* [your email](email-address 'email')
* [your website](website-url 'website')
* [your linkedin](linkedin-url 'linkedin')
* [your github](github-url 'github')

<!-- If used orderly it will be horizontally aligned -->

1. [your email](email-address 'email')
2. [your website](website-url 'website')
3. [your linkedin](linkedin-url 'linkedin')

<!-- This is the required split style -->

---

## Work Experience | Education | Projects

### Company | School | Project name

**Title**
_date_

Simple introduction...

* If necessary
* You can list it

## Skills

* Javascript
* TypeScript
* Whatever

FAQ

What's the difference between cssume-scope.css and cssume.css?

cssume-scope.css is that you need to add .cssume class for element.

License

MIT

Github

https://github.com/markdone/cssume

Comments(12)

1

chore(deps): bump lodash from 4.17.5 to 4.17.19
Bumps lodash from 4.17.5 to 4.17.19.

Release notes

Sourced from lodash's releases.

4.17.16
Commits
- d7fbc52 Bump to v4.17.19
- 2e1c0f2 Add npm-package
- 1b6c282 Bump to v4.17.18
- a370ac8 Bump to v4.17.17
- 1144918 Rebuild lodash and docs
- 3a3b0fd Bump to v4.17.16
- c84fe82 fix(zipObjectDeep): prototype pollution (#4759)
- e7b28ea Sanitize sourceURL so it cannot affect evaled code (#4518)
- 0cec225 Fix lodash.isEqual for circular references (#4320) (#4515)
- 94c3a81 Document matches* shorthands for over* methods (#4510) (#4514)
- Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by mathias, a new releaser for lodash since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
2

chore(deps): bump lodash from 4.17.5 to 4.17.15
Bumps lodash from 4.17.5 to 4.17.15.
Commits
- ddfd9b1 Bump to v4.17.15.
- b185fce Rebuild lodash and docs.
- be87d30 Bump to v4.17.14.
- a6fe6b1 Rebuild lodash and docs.
- e371828 Bump to v4.17.13.
- 357e899 Rebuild lodash and docs.
- fd9a062 Bump to v4.17.12.
- e77d681 Rebuild lodash and docs.
- 629d186 Update OpenJS references.
- 2406eac Fix minified build.
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
3

chore(deps): bump hosted-git-info from 2.5.0 to 2.8.9
Bumps hosted-git-info from 2.5.0 to 2.8.9.
Changelog

Sourced from hosted-git-info's changelog.
2.8.9 (2021-04-07)

Bug Fixes
- backport regex fix from #76 (29adfe5), closes #84
2.8.8 (2020-02-29)

Bug Fixes
- #61 & #65 addressing issues w/ url.URL implmentation which regressed node 6 support (5038b18), closes #66
2.8.7 (2020-02-26)

Bug Fixes
- Do not attempt to use url.URL when unavailable (2d0bb66), closes #61 #62
- Do not pass scp-style URLs to the WhatWG url.URL (f2cdfcf), closes #60
2.8.6 (2020-02-25)

2.8.5 (2019-10-07)

Bug Fixes
- updated pathmatch for gitlab (e8325b5), closes #51
- updated pathmatch for gitlab (ffe056f)
2.8.4 (2019-08-12)
... (truncated)
Commits
- 8d4b369 chore(release): 2.8.9
- 29adfe5 fix: backport regex fix from #76
- afeaefd chore(release): 2.8.8
- 5038b18 fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...
- 7440afa chore(release): 2.8.7
- 2d0bb66 fix: Do not attempt to use url.URL when unavailable
- f2cdfcf fix: Do not pass scp-style URLs to the WhatWG url.URL
- e1b83df chore(release): 2.8.6
- ff259a6 Ensure passwords in hosted Git URLs are correctly escaped
- 624fd6f chore(release): 2.8.5
- Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
4

chore(deps): bump lodash from 4.17.5 to 4.17.21
Bumps lodash from 4.17.5 to 4.17.21.
Commits
- f299b52 Bump to v4.17.21
- c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
- 3469357 Prevent command injection through _.template's variable option
- ded9bc6 Bump to v4.17.20.
- 63150ef Documentation fixes.
- 00f0f62 test.js: Remove trailing comma.
- 846e434 Temporarily use a custom fork of lodash-cli.
- 5d046f3 Re-enable Travis tests on 4.17 branch.
- aa816b3 Remove /npm-package.
- d7fbc52 Bump to v4.17.19
- Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
5

chore(deps): bump highlight.js from 9.12.0 to 9.18.5
Bumps highlight.js from 9.12.0 to 9.18.5.

Release notes

Sourced from highlight.js's releases.

10.3.2 - Oops, "Javascript".

Tiny tiny release, just to fix the website incorrectly not listing Javascript in the list of languages you could choose for a custom build. NPM and CDN build should not have been affected so 10.3.1 is effectively the same as 10.3.2 for those builds.

If you made a custom build from the website with 10.3 or 10.3.1 you may want to check and make sure it includes Javascript, and if not, build it again.

9.18.1 - Brrrrr, it’s freezing.

Quick release to resolve #2375
Changelog

Sourced from highlight.js's changelog.
Release v9.18.5

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.
- enh: Post-install script can be disabled with HLJS_HIDE_UPGRADE_WARNING=yes
- fix: Deprecation notice logged at library startup a console.log vs console.warn.
  
  Notice only shown if actually highlighting code, not just requiring the library.
  
  Node.js treats warn the same as error and that was problematic.
  
  You (or perhaps your indirect dependency) may disable the notice with the hideUpgradeWarningAcceptNoSupportOrSecurityUpdates option
  
  You can also set HLJS_HIDE_UPGRADE_WARNING=yes in your envionment to disable the warning
Example:
```
hljs.configure({
  hideUpgradeWarningAcceptNoSupportOrSecurityUpdates: true
})
```
Reference: highlightjs/highlight.js#2877

Release v9.18.4

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.
- fix(livescript) fix potential catastrophic backtracking (#2852) [commit]
Version 9.18.3
- fix(parser) Freezing issue with illegal 0 width illegals (#2524)
  
  backported from v10.x
Version 9.18.2

Fixes:
- fix(night) Prevent object prototype values from being returned by getLanguage (#2636) night
... (truncated)
Commits
- f54e96c 9.18.5
- c34318b fix the link since i saw it
- d2e9bdd include date of last release
- f5e0645 typos and tweaks
- 2e0e8ee changelog
- dc45f7c fix(livescript) fix potential catastrophic backtracking
- 0a2624a update readme
- d571b23 add warning
- ec0bfd5 9.18.4
- 2a04835 bump v9.18.3
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
6

chore(deps): bump websocket-extensions from 0.1.3 to 0.1.4
Bumps websocket-extensions from 0.1.3 to 0.1.4.
Changelog

Sourced from websocket-extensions's changelog.
0.1.4 / 2020-06-02
- Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)
- Change license from MIT to Apache 2.0
Commits
- 8efd0cd Bump version to 0.1.4
- 3dad4ad Remove ReDoS vulnerability in the Sec-WebSocket-Extensions header parser
- 4a76c75 Add Node versions 13 and 14 on Travis
- 44a677a Formatting change: {...} should have spaces inside the braces
- f6c50ab Let npm reformat package.json
- 2d211f3 Change markdown formatting of docs.
- 0b62083 Update Travis target versions.
- 729a465 Switch license to Apache 2.0.
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
7

chore(deps): bump morgan from 1.9.0 to 1.9.1
Bumps morgan from 1.9.0 to 1.9.1.
Release notes

Sourced from morgan's releases.
1.9.1
- Fix using special characters in format
- deps: depd@~1.1.2
  
  perf: remove argument reassignment
Changelog

Sourced from morgan's changelog.
1.9.1 / 2018-09-10
- Fix using special characters in format
- deps: depd@~1.1.2
  
  perf: remove argument reassignment
Commits
- 572dd93 1.9.1
- e02de38 lint: apply standard 12 style
- e329663 Fix using special characters in format
- eb1968a tests: use strict equality checks
- 310b206 build: use yaml eslint configuration
- 5810937 build: [email protected]
- f60afd5 build: [email protected]
- 5295b0c build: [email protected]
- 178daaf build: [email protected]
- 7b08641 build: [email protected]
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
8

chore(deps): bump lodash.merge from 4.6.1 to 4.6.2
Bumps lodash.merge from 4.6.1 to 4.6.2.
Commits
- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
9

chore(deps): bump marked from 0.3.12 to 0.3.19
Bumps marked from 0.3.12 to 0.3.19.
Release notes

Sourced from marked's releases.
0.3.18 minified required new release

0.3.18 did not have changes to min.

Minor fixes and updated docs
- Supported Markdown flavors: CommonMark 0.28 and GitHub Flavored Markdown 0.28
- Updates to our CI pipeline; we're all green! #1098 with the caveat that there is a test that needs to get sorted (help us out #1092)
- Start ordered lists using the initial numbers from markdown lists (#1144)
- Added GitHub Pages site for documentation https://marked.js.org/ (#1138)
Processes and tools
- The elephant in the room: A security vulnerability was discovered and fixed. Please note, if something breaks due to these changes, it was not our intent, and please let us know by submitting a PR or issue to course correct (the nature of the zero-major release and having security as a number one priority) #1083
- The other elephant in the room: We missed publishing a 0.3.16 release to GitHub; so, trying to make up for that a bit.
- Updates to the project documentation and operations, you should check it out, just start with the README and you should be good.
- New release PR template available #1076
- Updates to default PR and Issue templates #1076
- Lint checks + tests + continuous integration using Travis #1020
- Updated testing output #1085 & #1087
Fix capturing parens

Fixes unintended breaking change from v0.3.14

New year, new home
- Marked has a new home under the MarkedJS org! Other advances soon to come.
- Updated minifier.
- Various parser fixes
Commits
- 5d1baa4 Merge pull request #1157 from markedjs/release-0.3.19
- a089991 Merge pull request #64 from fidian/master
- ad6c7f9 Merge pull request #1156 from UziTech/docs-navigation
- 03e015c 0.3.19
- cf2def0 minify
- 29f4190 Ignore DS_Store on macos
- f29bceb Update publishing template (#1154)
- 210eed7 Update badge template (#1155)
- 9c01b83 link to README.md
- fd9f444 add github ribbon
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
10

chore(deps): bump macaddress from 0.2.8 to 0.2.9
Bumps macaddress from 0.2.8 to 0.2.9.
Release notes

Sourced from macaddress's releases.
v0.2.9
- Fixes an arbitrary command execution vulnerability (https://github-redirect.dependabot.com/scravy/node-macaddress/pull/16/files)
- Adds support for freebsd
- Fixes a few typos
Commits
- 3379146 Added note about vulnerability
- 4d311a5 Set version 0.2.9
- b83e3f8 Merge pull request #11 from TheBeastOfCaerbannog/master
- 68ecfae Added explicit LICENSE file recognizable by github
- e3e76d5 Support for freebsd as per pull #16
- 6ab7a11 Merge pull request #13 from roebuk/master
- 4d10ca6 Merge pull request #17 from dekoding/patch-1
- 358fd59 Merge pull request #20 from flypapertech/fixCommandInjection
- 214ad00 Run travis against osx and linux, travis doesn't do windows
- 7b0a488 Fix for Node 0.8 thru 0.10
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
11

chore(deps): bump css-what from 2.1.0 to 2.1.3
Bumps css-what from 2.1.0 to 2.1.3.
Commits
- 2db00ca 2.1.3
- dc51092 fix(css-selectors): extend regex to include superscript in range, fix #27 (#28)
- a5f1991 Test on node LTS
- b2a2117 2.1.2
- e9ef3f1 Run prettier
- 070b2f8 Add remaining parsed outputs (#25)
- af801e4 update license references to match license file (#23)
- 2d495d0 Update to node 10 in .travis.yml (#22)
- c636f0d Allow escaped parentheses in pseudo selectors (#20)
- 4e255c9 Update .travis.yml
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
12

chore(deps): bump shell-quote from 1.6.1 to 1.7.3
Bumps shell-quote from 1.6.1 to 1.7.3.
Release notes

Sourced from shell-quote's releases.
v1.7.2
- Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)
v1.7.1
- Fix $ being removed when not part of an environment variable name. (@Adman in #32)
v1.7.0
- Add support for parsing >> and >& redirection operators. (@forivall in #16)
- Add support for parsing <( process substitution operator. (@cuonglm in #15)
v1.6.3
- Fix Windows path quoting problems. (@dy in #34)
v1.6.2
- Remove dependencies in favour of native methods. (@zertosh in #21)
Changelog

Sourced from shell-quote's changelog.
1.7.3
- Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)
1.7.2
- Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)
1.7.1
- Fix $ being removed when not part of an environment variable name. (@Adman in #32)
1.7.0
- Add support for parsing >> and >& redirection operators. (@forivall in #16)
- Add support for parsing <( process substitution operator. (@cuonglm in #15)
1.6.3
- Fix Windows path quoting problems. (@dy in #34)
1.6.2
- Remove dependencies in favour of native methods. (@zertosh in #21)
Commits
- 6a8a899 1.7.3
- 5799416 fix for security issue with windows drive letter regex
- c7de931 Add security.md
- 414853f Update readme.markdown (#43)
- 0fc4a97 use Github Actions (#42)
- 89a1993 1.7.2
- df7e4c7 add test for #37
- 144e1c2 revert windows path unescaping, fixes #37
- c24f3aa ci: nvs does not have iojs
- c2950fb 1.7.1
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:
- @dependabot rebase will rebase this PR
- @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
- @dependabot merge will merge this PR after your CI passes on it
- @dependabot squash and merge will squash and merge this PR after your CI passes on it
- @dependabot cancel merge will cancel a previously requested merge and block automerging
- @dependabot reopen will reopen this PR if it is closed
- @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
- @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
- @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
- @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.