A flexible, React-friendly, Grammar of Graphics for data visualization

Sourced from gatsby-remark-prismjs's changelog.

3.3.24 (2019-11-20)

Note: Version bump only for package gatsby-remark-prismjs

• 138afb4 chore(release): Publish
• 06f6688 Fix e.g. typos (#19633)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from @storybook/addons's releases.

v6.0.22

Bug Fixes

• Addon-docs: Change 2nd argument of transformSource to the storyContext (#12265)
• Angular: Unsubscribe prop subscriptions (#12514)
• React: Fix reactDocgen option when false (#12492)
• CLI: Fix storiesof-to-csf codemod for TypeScript (#12453)
• Addon-docs: Fix missing line-height on TypeSet block (#12134)
• Core: Use the denormed params on the first story for initial options (#11938)

Maintenance

• Build: Disable problematic story in Chromatic (#12457)

Dependency Upgrades

• [Security] Bump node-fetch from 2.6.0 to 2.6.1 (#12448)

Sourced from @storybook/addons's changelog.

6.0.22 (September 26, 2020)

Bug Fixes

• Addon-docs: Change 2nd argument of transformSource to the storyContext (#12265)
• Angular: Unsubscribe prop subscriptions (#12514)
• React: Fix reactDocgen option when false (#12492)
• CLI: Fix storiesof-to-csf codemod for TypeScript (#12453)
• Addon-docs: Fix missing line-height on TypeSet block (#12134)
• Core: Use the denormed params on the first story for initial options (#11938)

Maintenance

• Build: Disable problematic story in Chromatic (#12457)

Dependency Upgrades

• [Security] Bump node-fetch from 2.6.0 to 2.6.1 (#12448)

6.1.0-alpha.16 (September 25, 2020)

Bug Fixes

• Addon-backgrounds: Add docs support and extend grid configuration (#12368)
• Addon-docs: Fix story description to only show when expanded (#12563)

Dependency Upgrades

• Upgrade react-docgen-typescript-plugin to 0.6.0 (#12577)

6.1.0-alpha.15 (September 24, 2020)

Features

• Core: Add viewMode to StoryContext (#12566)
• Addon-docs: Add converters between Flow types and storybook types (#12550)

Bug Fixes

• Addon-actions: Fix log flushing when story re-renders (#12500)
• Angular: Unsubscribe prop subscriptions (#12514)
• Addon-docs: Remove leading pipe if using raw value for Flow union (#12549)

6.1.0-alpha.14 (September 22, 2020)

Features

• Web Components: Add script tag support (#12509)

Bug Fixes

• f5fadd7 v6.0.22
• 820b064 Update git head to 6.0.21
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from bl's releases.

v4.0.3

Fix unintialized memory access

• f659836 Bumped v4.0.3
• 7a4ae7f Node v14
• d3e240e Fix unintialized memory access
• 1c590ad add license MIT tag to package.json (#83)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from prismjs's releases.

v1.27.0

Release 1.27.0

v1.26.0

Release 1.26.0

Sourced from prismjs's changelog.

1.27.0 (2022-02-17)

New components

• UO Razor Script (#3309) 3f8cc5a0

Updated components

• AutoIt
  • Allow hyphen in directive (#3308) bcb2e2c8
• EditorConfig
  • Change alias of section from keyword to selector (#3305) e46501b9
• Ini
  • Swap out header for section (#3304) deb3a97f
• MongoDB
  • Added v5 support (#3297) 8458c41f
• PureBasic
  • Added missing keyword and fixed constants ending with $ (#3320) d6c53726
• Scala
  • Added support for interpolated strings (#3293) 441a1422
• Systemd configuration file
  • Swap out operator for punctuation (#3306) 2eb89e15

Updated plugins

• Command Line
  • Escape markup in command line output (#3341) e002e78c
  • Add support for line continuation and improved colors (#3326) 1784b175
  • Added span around command and output (#3312) 82d0ca15

Other

• Core
  • Added better error message for missing grammars (#3311) 2cc4660b

1.26.0 (2022-01-06)

New components

• Atmel AVR Assembly (#2078) b5a70e4c
• Go module (#3209) 8476a9ab
• Keepalived Configure (#2417) d908e457
• Tremor & Trickle & Troy (#3087) ec25ba65
• Web IDL (#3107) ef53f021

Updated components

• Use \d for [0-9] (#3097) 9fe2f93e
• 6502 Assembly
  • Use standard tokens and minor improvements (#3184) 929c33e0

... (truncated)

• 703881e 1.27.0
• 7ac1373 Updated changelog for v1.27.0 (#3342)
• e002e78 Command Line: Escape markup in command line output (#3341)
• 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (#3338)
• f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (#3334)
• 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (#3333)
• 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (#3331)
• 1784b17 Command Line: Add support for line continuation and improved colors (#3326)
• f545843 ESLint: Allow Map and Set in ES5 code (#3328)
• d6c5372 PureBasic: Added missing keyword and fixed constants ending with $ (#3320)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from gatsby's releases.

v3.10 (July 2021 #2)

Welcome to [email protected] release (July 2021 #2)

Key highlights of this release:

• Experimental: Parallel Query Running - Improves time it takes to run queries during gatsby build
• Experimental: webpack persistent caching for gatsby develop - significantly speed up start of webpack server

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install [email protected] and let us know if you have any issues.

Previous release notes

Full changelog

v3.9 (July 2021 #1)

Welcome to [email protected] release (July 2021 #1)

Key highlights of this release:

• React 18 - New Suspense SSR Architecture - Enables SSR support for Suspense when using React 18 (Alpha)
• Shopify App for Gatsby Cloud
• gatsby-source-contentful - quality of life improvements

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install [email protected] and let us know if you have any issues.

Previous release notes

Full changelog

v3.8 (June 2021 #2)

Welcome to [email protected] release (June 2021 #2)

Key highlights of this release:

• React 18 - Alpha - React 18 Alpha is available in Gatsby
• gatsby-source-shopify v5
• Web Vitals Tracking - Analytics Plugins now support tracking Web Vitals
• webpack caching - built-in persistent caching activated for everyone
• Improvements to Drupal integration — Sourcing is up to 30%+ faster and much more reliable

Also, check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install [email protected] and let us know if you have any issues.

... (truncated)

• 7404fc3 chore(release): Publish
• c6d370d fix(gatsby): correct pagination logic (#32496) (#32507)
• 4519a7c fix(gatsby-plugin-mdx): generate mdx once when multiple mdx fields requested ...
• 609bef1 chore(release): Publish
• c01551e fix: expose ".del" function on lmdb cache (#32459) (#32464)
• 7b464be chore(release): Publish
• a6fa7c7 fix(gatsby-plugin-image): Switch react-dom import to remove createRoot warnin...
• e77af12 chore(release): Publish
• 5982a17 feat(gatsby): PQR: merge data dependencies from workers to the main process (...
• 7499b22 feat(gatsby): display message about unfit flags found in config (#32394) (#32...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from The GitHub Security Advisory Database.

Regular expression denial of service in react-native A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.

Affected versions: >= 0.63.0 < 0.64.1

Sourced from react-native's releases.

v0.64.1

This patch release is specifically targetted towards fixing iOS build problems in Xcode 12.5. If it doesn't help, please refer to this issue.

Aside from bumping your version from 0.64.0 to 0.64.1, please check your podfile.lock and make sure that Flipper is on 0.75 or higher, and Flipper-Folly is 2.5.3 or higher; if not, add this line to your podfile (or modify it if you already had it):

use_flipper!('Flipper' => '0.75.1', 'Flipper-Folly' => '2.5.3', 'Flipper-RSocket' => '1.3.1')

After which, do all the classic necessary cleans (node_modules, caches, pod folders, etc)(react-native-clean-project is your ally) then do yarn install and a pod install --repo-update (if pod install fails on an error about a Flipper package, just remove the relevant lines from the podfile.lock and run the pod install again).

The only other commit picked & released along the Xcode 12.5 fixes is:

• Update validateBaseUrl to use latest regex (commit) which fixes CVE-2020-1920, GHSL-2020-293.

---

You can participate in the conversation on the status of this release at this issue.

---

To help you upgrade to this version, you can use the upgrade helper ⚛️

---

You can find the whole changelog history over at react-native-releases.

v0.64.0

0.64 stable is here 🎉

Thanks to everyone who contributed and helped to get this together, everyone worked really hard and we hope you are as excited as we are 🤗

Some of the most important highlights of this version:

• Hermes opt-in on iOS
• Inline Requires enabled by default
• React 17

Among many others - please refer to the blog post for more details.

---

You can participate in the conversation on the status of this release at this issue.

---

You can upgrade to this version using the upgrade helper webtool ⚛️ And if you are having trouble, please refer to the new Upgrade Support repository by our awesome community.

---

... (truncated)

• 787567a [0.64.1] Bump version numbers
• cf8a364 [local] change post-install to patch RTC-Folly
• 1c4ac48 [local] yarn lock update (?)
• 76f45d3 [local] update RNTester files for 0.64
• 3912fef Update validateBaseUrl to use latest regex
• ace025d [0.64.0] Bump version numbers
• 728d55a Fixing the git attrs for all the people and all the files and all future 🙌
• 8a6ac1f chore: Update React.podspec to require cocoapods >= 1.10.1
• 138fdbc fix: restore refresh control fix
• 7f3f80f Fix RefreshControl layout when removed from window (#31024)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from @storybook/react's releases.

v6.1.10

Bug Fixes

• CLI: Fix stories path in Introduction.stories.mdx (#13368)
• UI: Fix display of custom brand image (#13355)
• Storyshots: Fix missing done attribute on type definition (#13341)
• Addon-docs: ArgTypes optional on Meta (#13352)

Dependency Upgrades

• Addon-storyshots: Add React as peer dependency (#13343)

v6.1.9

Bug Fixes

• Addon-backgrounds: Fix grid offset always using default value (#13260)
• UI: Fix keybindings on non-US keyboard layouts (#13319)
• Addon-Docs: Handle class attributes in Dynamic Source Rendering for Vue.js (#13327)

v6.1.8

Bug Fixes

• Core: Fix preview URL dropped hashes (#13308)
• Core: Fix template script tag support (#13271)
• Addon-docs: Fix Vue source snippets for function attributes (#13288)
• Components: Fix Zoom for IE11 (#13302)
• React: Don't add FastRefresh if already enabled (#13303)
• CLI: Fix storybook-deployer upgrade warning (#13306)

Maintenance

• React: Expose StorybookConfig types (#13309)
• React: Fix unit tests for react preset (#13315)

v6.1.7

Bug Fixes

• CLI: Fix not printing managerTotalTime when using cached manager (#13294)
• Core: Only apply express.json() middleware to /runtime-error route (#13295)
• Core: Don't use prebuilt or cached manager when running smoke test (#13266)
• Core: Detect arg inference for cyclic args and warn (#13263)

Dependency Upgrades

• Remove unused dependency @svgr/webpack (#13281)

v6.1.6

Bug Fixes

• Addon-controls: Fix ensureDocsBeforeControls support for paths (#13204)

Sourced from @storybook/react's changelog.

6.1.10 (December 4, 2020)

Bug Fixes

• CLI: Fix stories path in Introduction.stories.mdx (#13368)
• UI: Fix display of custom brand image (#13355)
• Storyshots: Fix missing done attribute on type definition (#13341)
• Addon-docs: ArgTypes optional on Meta (#13352)

Dependency Upgrades

• Addon-storyshots: Add React as peer dependency (#13343)

6.2.0-alpha.2 (December 3, 2020)

Bug Fixes

• Storyshots: Fix missing done attribute on type definition (#13341)
• Core: Fix IE11 compatibility by using XHR and plain ES5 (#13348)

Maintenance

• Angular: Overhaul preview renderer (#13215)

6.2.0-alpha.1 (December 1, 2020)

Bug Fixes

• Addon-docs: ArgTypes optional on Meta (#13352)
• Composition: Filter out disabled refs in getAutoRefs (#12863)
• UI: Add support for expand/collapse keyboard shortcuts (#12980)

Maintenance

• Dependencies: Rebuild yarn.lock (#13289)
• Core: Add typescript as optional peer dependency (#13330)

Dependency Upgrades

• Bump wait-on from 4.0.2 to 5.2.0 (#12835)
• Bump commander from 5.1.0 to 6.2.0 (#13148)

6.2.0-alpha.0 (December 1, 2020)

Bug Fixes

• Addon-docs: Fix type aliases and enum types from Angular Compodoc JSON (#12665)
• Core: Ensure node name does not contain leading/trailing whitespace (#13275)
• Angular: Run setProps in the NgZone (#12382)

• 94ffc5d v6.1.10
• 606426b Update git head to 6.1.9
• 495a468 v6.1.9
• 082278b Update git head to 6.1.8
• 6c4d0ed v6.1.8
• f336ea8 Merge pull request #13309 from storybookjs/fix/reactTypings
• f7bf8ee fix: unit tests for react preset
• 8f0c210 React: expose StorybookConfig types
• 7cafe2e Update framework-preset-react.ts
• 3b39cd7 React: Remove FastRefresh if already enabled
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)