Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 21 updates#1

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-f803b1553b
Open

build(deps): bump the npm_and_yarn group across 1 directory with 21 updates#1
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-f803b1553b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Aug 27, 2025

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 18 updates in the / directory:

Package From To
angular 1.8.2 1.8.3
@types/angular 1.8.1 1.8.9
angular-sanitize 1.8.2 1.8.3
minimist 1.2.5 1.2.6
moment 2.29.1 2.29.4
postcss 8.3.0 8.5.6
async 3.2.0 3.2.6
body-parser 1.19.0 1.20.3
braces 3.0.2 3.0.3
cookie 0.4.2 0.7.2
socket.io 4.4.1 4.8.1
decode-uri-component 0.2.0 0.2.2
ws 7.4.6 7.5.10
follow-redirects 1.14.9 1.15.11
nunjucks 3.2.3 3.2.4
serve-static 1.13.2 1.16.2
tar-fs 2.1.1 2.1.3
tmp 0.2.1 0.2.5

Updates angular from 1.8.2 to 1.8.3

Changelog

Sourced from angular's changelog.

1.8.3 ultimate-farewell (2022-04-07)

One final release of AngularJS in order to update package README files on npm.

Commits
  • cf16b24 docs(changelog): add release notes for 1.8.3
  • 757d56e docs(*): update end-of-life messages (#17177)
  • f362437 docs(eol): add EOL options text and link to template header used in every page
  • fb04e42 test(Angular): fix angularInit() tests on Safari v15+
  • 6a52c4f test(input): fix tests on Firefox v93+
  • ed30c4d docs(README.md): add wiki link to MVC
  • 4032655 chore(deps): bump js-yaml from 3.5.5 to 3.14.1
  • 47f8c65 chore(deps): bump normalize-url from 4.5.0 to 4.5.1
  • 56b0ee3 chore(e2e): run tests against Chrome 91 on macOS Catalina
  • 58cd897 chore(e2e): run tests against Firefox 85 on macOS Catalina
  • Additional commits viewable in compare view

Updates @types/angular from 1.8.1 to 1.8.9

Commits

Updates angular-sanitize from 1.8.2 to 1.8.3

Changelog

Sourced from angular-sanitize's changelog.

1.8.3 ultimate-farewell (2022-04-07)

One final release of AngularJS in order to update package README files on npm.

Commits
  • cf16b24 docs(changelog): add release notes for 1.8.3
  • 757d56e docs(*): update end-of-life messages (#17177)
  • f362437 docs(eol): add EOL options text and link to template header used in every page
  • fb04e42 test(Angular): fix angularInit() tests on Safari v15+
  • 6a52c4f test(input): fix tests on Firefox v93+
  • ed30c4d docs(README.md): add wiki link to MVC
  • 4032655 chore(deps): bump js-yaml from 3.5.5 to 3.14.1
  • 47f8c65 chore(deps): bump normalize-url from 4.5.0 to 4.5.1
  • 56b0ee3 chore(e2e): run tests against Chrome 91 on macOS Catalina
  • 58cd897 chore(e2e): run tests against Firefox 85 on macOS Catalina
  • Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

  • test from prototype pollution PR bc8ecee
  • isConstructorOrProto adapted from PR c2b9819
  • security notice for additional prototype pollution issue ef88b93
Commits

Updates moment from 2.29.1 to 2.29.4

Changelog

Sourced from moment's changelog.

2.29.4

  • Release Jul 6, 2022
    • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

  • Release Apr 17, 2022
    • #5995 [bugfix] Remove const usage
    • #5990 misc: fix advisory link

2.29.2 See full changelog

  • Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

Commits

Updates postcss from 8.3.0 to 8.5.6

Release notes

Sourced from postcss's releases.

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

  • Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

8.4.49

8.4.48

  • Fixed position calculation in error/warnings methods (by @​romainmenke).

8.4.47

  • Removed debug code.

8.4.46

  • Fixed Cannot read properties of undefined (reading 'before').

8.4.45

  • Removed unnecessary fix which could lead to infinite loop.

8.4.44

  • Another way to fix markClean is not a function error.

8.4.43

  • Fixed markClean is not a function error.

8.4.42

  • Fixed CSS syntax error on long minified files (by @​varpstar).

8.4.41

... (truncated)

Commits

Updates async from 3.2.0 to 3.2.6

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

  • Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
  • Fix a bug where unshiftAsync was included in priorityQueue. (#1790)

v3.2.3

  • Fix bugs in comment parsing in autoInject. (#1767, #1780)

v3.2.2

  • Fix potential prototype pollution exploit

v3.2.1

Commits
  • 85fb18f Version 3.2.6
  • 8c0c941 Update built files
  • 5f756b4 Fix ReDoS (#1980)
  • 39cdc9b build(deps-dev): bump karma from 6.4.3 to 6.4.4 (#1985)
  • 7b8ddeb build(deps-dev): bump @​babel/core from 7.24.7 to 7.25.2 (#1981)
  • 4634a9d build(deps-dev): bump rollup from 4.18.0 to 4.19.2 (#1982)
  • afb176c build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#1983)
  • 3568a74 build(deps-dev): bump @​babel/eslint-parser from 7.24.7 to 7.25.1 (#1984)
  • 9e885fd build(deps-dev): bump babel-plugin-istanbul from 6.1.1 to 7.0.0 (#1986)
  • f9c7f2a build(deps-dev): bump semver from 7.6.2 to 7.6.3 (#1987)
  • Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2

1.20.1

  • deps: qs@6.11.0
  • perf: remove unnecessary object clone

1.20.0

  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2

1.20.1 / 2022-10-06

  • deps: qs@6.11.0
  • perf: remove unnecessary object clone

1.20.0 / 2022-04-02

  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0

1.19.2 / 2022-02-15

  • deps: bytes@3.1.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • deps: raw-body@2.4.3
    • deps: bytes@3.1.2

1.19.1 / 2021-12-10

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates qs from 6.6.0 to 6.13.0

Changelog

Sourced from qs's changelog.

6.13.0

  • [New] parse: add strictDepth option (#511)
  • [Tests] use npm audit instead of aud

6.12.3

  • [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
  • [meta] fix changelog indentation

6.12.2

  • [Fix] parse: parse encoded square brackets (#506)
  • [readme] add CII best practices badge

6.12.1

  • [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
  • [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
  • [Refactor] utils: use +=
  • [Tests] increase coverage

6.12.0

  • [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)
  • [New] parse: add duplicates option
  • [New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)
  • [Refactor] parse/stringify: move allowDots config logic to its own variable
  • [Refactor] stringify: move option-handling code into normalizeStringifyOptions
  • [readme] update readme, add logos (#484)
  • [readme] stringify: clarify default arrayFormat behavior
  • [readme] fix line wrapping
  • [readme] remove dead badges
  • [Deps] update side-channel
  • [meta] make the dist build 50% smaller
  • [meta] add sideEffects flag
  • [meta] run build in prepack, not prepublish
  • [Tests] parse: remove useless tests; add coverage
  • [Tests] stringify: increase coverage
  • [Tests] use mock-property
  • [Tests] stringify: improve coverage
  • [Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape
  • [Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak
  • [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

6.11.2

  • [Fix] parse: Fix parsing when the global Object prototype is frozen (#473)
  • [Tests] add passing test cases with empty keys (#473)

6.11.1

  • [Fix] stringify: encode comma values more consistently (#463)
  • [readme] add usage of filter option for injecting custom serialization, i.e. of custom types (#447)
  • [meta] remove extraneous code backticks (#457)
  • [meta] fix changelog markdown

... (truncated)

Commits
  • 5cf516c v6.13.0
  • 8d56df2 [New] parse: add strictDepth option
  • c9a6694 [Tests] use npm audit instead of aud
  • f90cc35 v6.12.3
  • 1bf9f7a [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
  • 7ebf48b [meta] fix changelog indentation
  • d0dff11 v6.12.2
  • f0b8d03 [Dev Deps] update @ljharb/eslint-config, object-inspect, tape
  • 81835ff [Fix]: parse: parse encoded square brackets
  • db47dcc [readme] add CII best practices badge
  • Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

Updates cookie from 0.4.2 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

  • Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

  • Add partitioned option

0.5.0

  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates socket.io from 4.4.1 to 4.8.1

Release notes

Sourced from socket.io's releases.

socket.io@4.8.1

Due to a change in the bundler configuration, the production bundle (socket.io.min.js) did not support sending and receiving binary data in version 4.8.0. This is now fixed.

Dependencies

socket.io-client@4.8.1

Bug Fixes

  • bundle: do not mangle the "_placeholder" attribute (ca9e994)

Dependencies

socket.io-client@4.8.0

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";
const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun

... (truncated)

Commits
  • 91e1c8b chore(release): socket.io@4.8.1
  • 8d5528a chore(release): socket.io-client@4.8.1
  • 71387e5 refactor(sio-client): reexport transports from the engine
  • aead835 refactor(sio): make Namespace._fns private (#5196)
  • 029e010 chore(release): engine.io-client@6.6.2
  • 4ca6ddb docs(nuxt): update example with latest version
  • ca9e994 fix(sio-client): do not mangle the "_placeholder" attribute
  • 4865f2e fix(eio-client): prevent infinite loop with Node.js built-in WebSocket
  • d4b3dde ci: use Node.js 22
  • 3b68658 chore: bump @​fails-components/webtransport to version 1.1.4 (dev)
  • Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates marked from 0.3.6 to 0.7.0

Commits
Maintainer changes

This version was pushed to npm by tonybrix, a new releaser for marked since your current version.


Updates ws from 7.4.6 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

  • Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

  • Backported 0fdcc0af to the 7.x release line (2758ed35).
  • Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

  • Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

  • Backported b8186dd1 to the 7.x release line (73dec34b).
  • Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

  • Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

  • Backported 6a72da3e to the 7.x release line (76087fbf).
  • Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

  • The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).
  • Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).
  • Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).

7.5.2

Bug fixes

... (truncated)

Commits
  • d962d70 [dist] 7.5.10
  • 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
  • 8a78f87 [dist] 7.5.9
  • 0435e6e [security] Fix same host check for ws+unix: redirects
  • 4271f07 [dist] 7.5.8
  • dc1781b [security] Drop sensitive headers when following insecure redirects
  • 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
  • a370613 [dist] 7.5.7
  • 1f72e2e [security] Drop sensitive headers when following redirects (#2013)
  • 8ecd890 [dist] 7.5.6
  • Additional commits viewable in compare view

Updates follow-redirects from 1.14.9 to 1.15.11

Commits
  • 21ef28a Release version 1.15.11 of the npm package.
  • 7c88135 Roll back tree shaking.
  • 6e389ba Release version 1.15.10 of the npm package.
  • 5bc496e Shake me up before you go-go.
  • 694d6b4 Bump minimist from 1.2.5 to 1.2.8
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • Additional commits viewable in compare view

Updates nunjucks from 3.2.3 to 3.2.4

Release notes

Sourced from nunjucks's releases.

v3.2.4

What's Changed

Full Changelog: mozilla/nunjucks@v3.2.3...v3.2.4

Changelog

Sourced from nunjucks's changelog.

3.2.4 (Apr 13 2023)

  • HTML encode backslashes when expressions are passed through the escape filter (including when this is done automatically with autoescape). Merge of #1437.
Commits

Updates serve-static from 1.13.2 to 1.16.2

Release notes

Sourced from serve-static's releases.

v1.16.2

What's Changed

Full Changelog: expressjs/serve-static@v1.16.1...v1.16.2

v1.16.1

What's Changed

New Contributors

Full Changelog: expressjs/serve-static@1.16.0...v1.16.1

1.16.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/serve-static/compare/v...

Description has been truncated

…pdates

Bumps the npm_and_yarn group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [angular](https://github.com/angular/angular.js) | `1.8.2` | `1.8.3` |
| [@types/angular](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/angular) | `1.8.1` | `1.8.9` |
| [angular-sanitize](https://github.com/angular/angular.js) | `1.8.2` | `1.8.3` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.6` |
| [moment](https://github.com/moment/moment) | `2.29.1` | `2.29.4` |
| [postcss](https://github.com/postcss/postcss) | `8.3.0` | `8.5.6` |
| [async](https://github.com/caolan/async) | `3.2.0` | `3.2.6` |
| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `0.7.2` |
| [socket.io](https://github.com/socketio/socket.io) | `4.4.1` | `4.8.1` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [ws](https://github.com/websockets/ws) | `7.4.6` | `7.5.10` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.11` |
| [nunjucks](https://github.com/mozilla/nunjucks) | `3.2.3` | `3.2.4` |
| [serve-static](https://github.com/expressjs/serve-static) | `1.13.2` | `1.16.2` |
| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.3` |
| [tmp](https://github.com/raszi/node-tmp) | `0.2.1` | `0.2.5` |



Updates `angular` from 1.8.2 to 1.8.3
- [Changelog](https://github.com/angular/angular.js/blob/master/CHANGELOG.md)
- [Commits](angular/angular.js@v1.8.2...v1.8.3)

Updates `@types/angular` from 1.8.1 to 1.8.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/angular)

Updates `angular-sanitize` from 1.8.2 to 1.8.3
- [Changelog](https://github.com/angular/angular.js/blob/master/CHANGELOG.md)
- [Commits](angular/angular.js@v1.8.2...v1.8.3)

Updates `minimist` from 1.2.5 to 1.2.6
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.6)

Updates `moment` from 2.29.1 to 2.29.4
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.29.1...2.29.4)

Updates `postcss` from 8.3.0 to 8.5.6
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.3.0...8.5.6)

Updates `async` from 3.2.0 to 3.2.6
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.0...v3.2.6)

Updates `body-parser` from 1.19.0 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.19.0...1.20.3)

Updates `qs` from 6.6.0 to 6.13.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.6.0...v6.13.0)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `cookie` from 0.4.2 to 0.7.2
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v0.7.2)

Updates `socket.io` from 4.4.1 to 4.8.1
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.4.1...socket.io@4.8.1)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `marked` from 0.3.6 to 0.7.0
- [Release notes](https://github.com/markedjs/marked/releases)
- [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json)
- [Commits](markedjs/marked@v0.3.6...v0.7.0)

Updates `ws` from 7.4.6 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.4.6...7.5.10)

Updates `follow-redirects` from 1.14.9 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.11)

Updates `nunjucks` from 3.2.3 to 3.2.4
- [Release notes](https://github.com/mozilla/nunjucks/releases)
- [Changelog](https://github.com/mozilla/nunjucks/blob/master/CHANGELOG.md)
- [Commits](mozilla/nunjucks@v3.2.3...v3.2.4)

Updates `serve-static` from 1.13.2 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.13.2...v1.16.2)

Updates `socket.io` from 4.4.1 to 4.8.1
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.4.1...socket.io@4.8.1)

Updates `socket.io-parser` from 4.0.4 to 4.2.4
- [Release notes](https://github.com/Automattic/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md)
- [Commits](socketio/socket.io-parser@4.0.4...4.2.4)

Updates `tar-fs` from 2.1.1 to 2.1.3
- [Commits](mafintosh/tar-fs@v2.1.1...v2.1.3)

Updates `tmp` from 0.2.1 to 0.2.5
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](raszi/node-tmp@v0.2.1...v0.2.5)

---
updated-dependencies:
- dependency-name: angular
  dependency-version: 1.8.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@types/angular"
  dependency-version: 1.8.9
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: angular-sanitize
  dependency-version: 1.8.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: moment
  dependency-version: 2.29.4
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.5.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-version: 3.2.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.13.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io
  dependency-version: 4.8.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-version: 0.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: marked
  dependency-version: 0.7.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 7.5.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nunjucks
  dependency-version: 3.2.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io
  dependency-version: 4.8.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io-parser
  dependency-version: 4.2.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar-fs
  dependency-version: 2.1.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tmp
  dependency-version: 0.2.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Aug 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants