Bump the npm_and_yarn group across 1 directory with 19 updates#7
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 19 updates#7dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.14.6` | `7.29.7` | | [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.14.5` | `7.29.7` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` | | [express](https://github.com/expressjs/express) | `4.18.1` | `4.22.2` | | [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.16.0` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.10` | | [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` | | [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.18.1` | | [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.15` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` | | [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` | | [rollup](https://github.com/rollup/rollup) | `2.73.0` | `2.80.0` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.3` | `1.9.0` | | [webpack](https://github.com/webpack/webpack) | `5.72.1` | `5.108.4` | | [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` | Updates `@babel/core` from 7.14.6 to 7.29.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-core) Updates `@babel/helpers` from 7.14.6 to 7.29.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers) Updates `@babel/plugin-transform-modules-systemjs` from 7.14.5 to 7.29.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `express` from 4.18.1 to 4.22.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/v4.22.2/History.md) - [Commits](expressjs/express@4.18.1...v4.22.2) Updates `flatted` from 3.1.1 to 3.4.2 - [Commits](WebReflection/flatted@v3.1.1...v3.4.2) Updates `follow-redirects` from 1.14.1 to 1.16.0 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.1...v1.16.0) Updates `http-proxy-middleware` from 2.0.6 to 2.0.10 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.10/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.10) Updates `jws` from 3.2.2 to 3.2.3 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.2.2...v3.2.3) Updates `lodash` from 4.17.15 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.18.1) Updates `nanoid` from 3.3.4 to 3.3.15 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/3.3.15/CHANGELOG.md) - [Commits](ai/nanoid@3.3.4...3.3.15) Updates `node-forge` from 1.3.1 to 1.4.0 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.4.0) Updates `path-to-regexp` from 0.1.7 to 0.1.13 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v.0.1.13) Updates `picomatch` from 2.3.0 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](micromatch/picomatch@2.3.0...2.3.2) Updates `qs` from 6.10.3 to 6.15.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.10.3...v6.15.3) Updates `rollup` from 2.73.0 to 2.80.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md) - [Commits](rollup/rollup@v2.73.0...v2.80.0) Updates `shell-quote` from 1.7.3 to 1.9.0 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.3...v1.9.0) Updates `webpack` from 5.72.1 to 5.108.4 - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.72.1...v5.108.4) Updates `yaml` from 1.10.2 to 1.10.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v1.10.2...v1.10.3) --- updated-dependencies: - dependency-name: "@babel/core" dependency-version: 7.29.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-version: 7.29.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/plugin-transform-modules-systemjs" dependency-version: 7.29.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 7.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.22.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.16.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 3.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.15 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.4.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.15.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 2.80.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-version: 1.9.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-version: 5.108.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yaml dependency-version: 1.10.3 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
❌ Deploy Preview for chat-gen failed.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 16 updates in the / directory:
7.14.67.29.77.14.57.29.77.0.37.0.64.18.14.22.23.1.13.4.21.14.11.16.02.0.62.0.103.2.23.2.34.17.154.18.13.3.43.3.151.3.11.4.02.3.02.3.22.73.02.80.01.7.31.9.05.72.15.108.41.10.21.10.3Updates
@babel/corefrom 7.14.6 to 7.29.7Release notes
Sourced from @babel/core's releases.
... (truncated)
Commits
4fba754v7.29.704ea6b2v7.29.699f498a[7.x packport]Improve input source map handling (#18001)feba0a3Preserve original identifier names from input sourcemaps (#17992) (#17998)aa8394ev7.29.0ad0d03f[7.x backport] feat: Allow specifying startLine in code frame (#17739)d7f4008v7.28.6e130225Polish(standalone): improve message on invalid preset/plugin (#17606)99dcba5chore: enable some ts-eslint rules (#17592)c92c491Improve Unicode handling in code-frame tokenizer (#17589)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@babel/coresince your current version.Updates
@babel/helpersfrom 7.14.6 to 7.29.7Release notes
Sourced from @babel/helpers's releases.
... (truncated)
Commits
4fba754v7.29.737d5595v7.29.21c0a08d[7.x backport] fix: Properly handle await in finally (#17805)d7f4008v7.28.699dcba5chore: enable some ts-eslint rules (#17592)c1b55f6Useeslint.config.mts(#17573)35055e3v7.28.418d88b8Improve@babel/coretypings (#17471)ef155f5v7.28.3741cbd2chore: fix various typos across codebase (#17476)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@babel/helperssince your current version.Updates
@babel/plugin-transform-modules-systemjsfrom 7.14.5 to 7.29.7Release notes
Sourced from @babel/plugin-transform-modules-systemjs's releases.
... (truncated)
Commits
4fba754v7.29.7a458f66v7.29.432ebd5a[7.x backport]fix(systemjs): improve module string name support (#17974)aa8394ev7.29.00053db6Update polyfill packages (#17727)61647aev7.28.5a177d55[Babel 8] Uset.traverseFastto replace somepath.traverse(#17518)eebd3a0v7.27.1317e332Enforce node protocol import (#17207)fdc0fb5[Babel 8] Bump nodejs requirements to^20.19.0 || >= 22.12.0(#17204)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@babel/plugin-transform-modules-systemjssince your current version.Updates
cross-spawnfrom 7.0.3 to 7.0.6Changelog
Sourced from cross-spawn's changelog.
Commits
77cd97fchore(release): 7.0.66717de4chore: upgrade standard-versionf700743fix: update cross-spawn version to 7.0.5 in package-lock.json9a7e3b2chore: fix build status badge0852683chore(release): 7.0.5640d391fix: fix escaping bug introduced by backtrackingbff0c87chore: remove codecova7c6abcchore: replace travis with github workflows9b9246echore(release): 7.0.45ff3a07fix: disable regexp backtracking (#160)Updates
expressfrom 4.18.1 to 4.22.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
df0abc94.22.2836d3664.xupdate qs to 6.15.1, body-parser 1.20.5 (#7224)8d09bfefix: restore array parsing for req.query repeated keys (#7181)d39e8addeps: body-parser@~1.20.4 (#7021)efe85d9deps: qs@^6.14.1 (#6972)f62378e📝 add note to history12fae144.22.15ddf311Revert "sec: security patch for CVE-2024-51999"49744ab4.22.0 (#6921)6e97452sec: security patch for CVE-2024-51999Maintainer changes
This version was pushed to npm by jonchurch, a new releaser for express since your current version.
Updates
flattedfrom 3.1.1 to 3.4.2Commits
3bf09093.4.2885ddccfix CWE-13210bdba70added flatted-view to the benchmark2a02dce3.4.1fba4e8fMerge pull request #89 from WebReflection/python-fix5fe8648added "when in Rome" also a test for PHP53517adsome minor improvementb3e2a0cFixing recursion issue in Python tooc4b46dbAdd SECURITY.md for security policy and reportingf86d071Create dependabot.yml for version updatesUpdates
follow-redirectsfrom 1.14.1 to 1.16.0Commits
0c23a22Release version 1.16.0 of the npm package.844c4d3Add sensitiveHeaders option.5e8b8d0ci: add Node.js 24.x to the CI matrix7953e22ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v686dc1f8Sanitizing input.21ef28aRelease version 1.15.11 of the npm package.7c88135Roll back tree shaking.6e389baRelease version 1.15.10 of the npm package.5bc496eShake me up before you go-go.694d6b4Bump minimist from 1.2.5 to 1.2.8Updates
http-proxy-middlewarefrom 2.0.6 to 2.0.10Release notes
Sourced from http-proxy-middleware's releases.
Changelog
Sourced from http-proxy-middleware's changelog.
Commits
f0be839chore(package.json): v2.0.10 (#1271)19c860dci(github-actions): update publish.yml (#1270)d0f7d63fix: harden proxy-table matching to prevent routing bypass (#1268)617a7c9chore(package): v2.0.9 (#1099)d22d587fix(fixRequestBody): check readableLength (#1097)d03d51bchore(package): v2.0.8 (#1094)c50dd06fix(fixRequestBody): handle invalid request (#1091)76a9d8dfix(fixRequestBody): prevent multiple .write() calls (#1090)1e92339ci(github-actions): fix npm tag90afb7cchore(package): v2.0.7Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for http-proxy-middleware since your current version.
Updates
jwsfrom 3.2.2 to 3.2.3Release notes
Sourced from jws's releases.
Changelog
Sourced from jws's changelog.
Commits
4f6e73fMerge commit from forkbd0fea5version 3.2.37c3b4b4Enhance tests for HMAC streaming sign and verifya9b8ed9Improve secretOrKey initialization in VerifyStream6707fdeImprove secret handling in SignStreamMaintainer changes
This version was pushed to npm by julien.wollscheid, a new releaser for jws since your current version.
Updates
lodashfrom 4.17.15 to 4.18.1Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)Updates
nanoidfrom 3.3.4 to 3.3.15Release notes
Sourced from nanoid's releases.
Changelog
Sourced from nanoid's changelog.
Commits
6819724Release 3.3.15 versionfb0b137Fix tag for v3e084bc9Back-port new release system and fix pre-commit hook7e32945Release 3.3.14 version6bd27b8Another way to deal with pool damage41ad2acReduce ID size87591adFix pnpm 11 support2e83043Release 3.3.13 versione4eeaf7Ignore .claude in npmaa9c399Release 3.3.12 versionMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for nanoid since your current version.
Updates
node-forgefrom 1.3.1 to 1.4.0Changelog
Sourced from node-forge's changelog.