Bump the npm_and_yarn group across 3 directories with 17 updates#8
Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
Open
Bump the npm_and_yarn group across 3 directories with 17 updates#8dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot[bot] wants to merge 1 commit intodevelopfrom
Conversation
Bumps the npm_and_yarn group with 3 updates in the /common directory: [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse), [tar](https://github.com/isaacs/node-tar) and [tough-cookie](https://github.com/salesforce/tough-cookie). Bumps the npm_and_yarn group with 12 updates in the /docs directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.19.2` | | [postcss](https://github.com/postcss/postcss) | `8.3.5` | `8.4.38` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [webpack](https://github.com/webpack/webpack) | `5.40.0` | `5.91.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.5` | `7.24.6` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [eventsource](https://github.com/EventSource/eventsource) | `1.1.0` | `1.1.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.15.6` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.28` | `0.7.38` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | Bumps the npm_and_yarn group with 1 update in the /utilities/externalModPhase directory: [express](https://github.com/expressjs/express). Updates `@babel/traverse` from 7.22.8 to 7.24.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse) Updates `fsevents` from 2.3.2 to 2.3.3 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v2.3.2...v2.3.3) Updates `tar` from 6.1.15 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.15...v6.2.1) Updates `tough-cookie` from 4.1.3 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.3...v4.1.4) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `postcss` from 8.3.5 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.3.5...8.4.38) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `webpack` from 5.40.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.40.0...v5.91.0) Updates `@babel/traverse` from 7.14.5 to 7.24.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `eventsource` from 1.1.0 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.2) Updates `follow-redirects` from 1.14.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.1...v1.15.6) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `qs` from 6.7.0 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.11.0) Updates `ua-parser-js` from 0.7.28 to 0.7.38 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/0.7.38/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.28...0.7.38) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 3 updates in the /common directory: @babel/traverse, tar and tough-cookie.
Bumps the npm_and_yarn group with 12 updates in the /docs directory:
4.17.14.19.28.3.58.4.381.4.01.4.25.40.05.91.07.14.57.24.60.2.00.2.21.1.01.1.21.14.11.15.64.1.04.1.11.0.11.0.20.7.280.7.383.0.03.0.1Bumps the npm_and_yarn group with 1 update in the /utilities/externalModPhase directory: express.
Updates
@babel/traversefrom 7.22.8 to 7.24.6Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.... (truncated)
Commits
9630250v7.24.61f010dfExplicitly defineNodePath.prototype.*(#16488)6e3539b[babel 8] Publish.d.tsfiles for every package (#16416)e37e64dUse eslint v9 (#16479)3ff20b9Statically generate boilerplate for bitfield accessors (#16482)97c3eb1RemovesyntaxTypeoption for record-and-tuple (parser&plugin) (#16458)71c247a[babel 8] Require Node.js^18.20.0 || ^20.10.0 || >=21.0.0(#16457)ddbea7dv7.24.5e779cadfix: TypeScript annotation affects output (#16377)ee48754Use multiple TypeScript projects (#16430)Updates
fseventsfrom 2.3.2 to 2.3.3Release notes
Sourced from fsevents's releases.
Commits
2db891eRelease v2.3.38ec87bfUpdate nodejs.yml (#392)c20c3afreadme63709dfMerge pull request #384 from aleksanb/subdirsa77340fHandle MustScanSubDirs for large projects66be519Update README.md (#371)2f2a858Update README.md (#364)Updates
tarfrom 6.1.15 to 6.2.1Changelog
Sourced from tar's changelog.
... (truncated)
Commits
bef7b1e6.2.1fe8cd57prevent extraction in excessively deep subfoldersfe7ebfdremove security.md5bc9d406.2.0fe1ef5echangelog 6.2e483220get rid of npm lint stuff689928aci that works outside of npm orgdb6f539file inference improvements for .tbr and .tgz336fa8frefactor: dry and other pr commentseeba222chore: lint fixesUpdates
tough-cookiefrom 4.1.3 to 4.1.4Release notes
Sourced from tough-cookie's releases.
Commits
cacbc37Bump version to 4.1.4a48fb3aAdd tests for url validation50e69bfMerge pull request #261 from postmanlabs/fix/url-string-validation1253d58Merge pull request #409 from corvidism/validators-to-string238367eAdd local alias fortoStringcf6debdFix incorrect string validation for URLMaintainer changes
This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.
Updates
expressfrom 4.17.1 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc6274.19.2da4d763Improved fix for open redirect allow list bypass4f0f6cc4.19.1a003cfaAllow passing non-strings to res.location with new encoding handling checks f...a1fa90ffixed un-edited version in history.md for 4.19.011f2b1dbuild: fix build due to inconsistent supertest behavior in older versions084e3654.19.00867302Prevent open redirect allow list bypass due to encodeurl567c9c6Add note on how to update docs for new release (#5541)69a4cf2deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
postcssfrom 8.3.5 to 8.4.38Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
a69d45eRelease 8.4.38 version64e35d9Update dependenciesc1ad8fbMerge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...b45e7e9fix endIndex1bea246failing test: for endIndex 0 in rangeBy0fd1d86Add changelog auto release on Github49c906eRelease 8.4.37 versionb5bd92cFix another broken prev source map issue2882039Update dependenciese5ad939Release 8.4.36 versionUpdates
loader-utilsfrom 1.4.0 to 1.4.2Release notes
Sourced from loader-utils's releases.
Changelog
Sourced from loader-utils's changelog.
Commits
331ad50chore(release): 1.4.217cbf8ffix: ReDoS problem (#226)8f082b3chore(release): 1.4.14504e34fix: security problem (#220)Updates
webpackfrom 5.40.0 to 5.91.0Release notes
Sourced from webpack's releases.
... (truncated)
Commits
60daca5chore(release): 5.91.08dad9cechore(deps-dev): bump@babel/preset-reactfrom 7.23.3 to 7.24.1a3229f9chore(deps-dev): bump@babel/corefrom 7.24.0 to 7.24.140c2e44chore(deps-dev): bump@types/nodefrom 20.11.29 to 20.11.30a04fabachore(deps-dev): bump memfs from 4.7.7 to 4.8.08f22221chore(deps): bump es-module-lexer from 1.4.1 to 1.4.28df6912chore(deps): bump es-module-lexer from 1.4.1 to 1.4.2711c618chore(deps-dev): bump memfs from 4.7.7 to 4.8.0c462bb3chore(deps-dev): bump@types/nodefrom 20.11.29 to 20.11.30f0d3e3echore(deps-dev): bump@babel/preset-reactfrom 7.23.3 to 7.24.1Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.
Updates
@babel/traversefrom 7.14.5 to 7.24.6Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.