From 2aac24c637c8369acc38e17703c7068d17e9d697 Mon Sep 17 00:00:00 2001 From: jordigh Date: Wed, 21 Jun 2023 20:12:07 +0000 Subject: [PATCH 1/3] Setting version to v9.0.1. --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 66c86b7..25318e6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@newrelic/native-metrics", - "version": "9.0.0", + "version": "9.0.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@newrelic/native-metrics", - "version": "9.0.0", + "version": "9.0.1", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index dccd9e2..547565b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@newrelic/native-metrics", - "version": "9.0.0", + "version": "9.0.1", "description": "A module for generating metrics from V8.", "main": "index.js", "scripts": { From a1aec3a4d206ade97c71082d892c56816ef53406 Mon Sep 17 00:00:00 2001 From: jordigh Date: Wed, 21 Jun 2023 20:12:10 +0000 Subject: [PATCH 2/3] Adds auto-generated release notes. --- CHANGELOG.md | 249 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c1af926..df5ea34 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,252 @@ +### v9.0.1 (2023-06-21) + +--- NOTES NEEDS REVIEW --- +Updated the slack invite link +-------------------------- + +Updated semver to 7.5.2. + +* Updated README links to point to new forum link due to repolinter ruleset change + +--- NOTES NEEDS REVIEW --- +Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.19 to 0.5.0. +
+Commits +
    +
  • 9f730bb Update package.json with latest PR
    • +
  • 50a492a Merge pull request #603 from autopulated/master
    • +
  • 7bc3c5d Merge pull request #598 from fnimick/master
    • +
  • f412a12 Merge pull request #635 from wisesimpson/patch-1
    • +
  • d318ce0 Update README.md
    • +
  • 581b19a use Object.create(null) to create all parsed objects (prevent prototype repla...
    • +
  • a212950 Add documentation for explicitCharkey option
    • +
  • 1832e0b Merge pull request #512 from economia/master
    • +
  • 198063c Merge pull request #556 from Omega-Ariston/fix-issue544
    • +
  • 0d71785 Merge pull request #562 from Omega-Ariston/addDocExample
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xml2js&package-manager=npm_and_yarn&previous-version=0.4.19&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). + +
+-------------------------- + +* Update README header image to latest OSS office required images + +--- NOTES NEEDS REVIEW --- +# Proposed release notes + +* update nan to version 2.17.0 + +# Snyk has created this PR to upgrade nan from 2.16.0 to 2.17.0. + +:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. +-------------------------- + +--- NOTES NEEDS REVIEW --- +# Proposed release notes + +* Update https-proxy-agent to 5.0.1 + +# Snyk has created this PR to upgrade https-proxy-agent from 5.0.0 to 5.0.1. + +:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. +-------------------------- + +--- NOTES NEEDS REVIEW --- +Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2. +
+Release notes +

Sourced from json5's releases.

+
+

v2.2.2

+
    +
  • Fix: Properties with the name __proto__ are added to objects and arrays. +(#199) This also fixes a prototype pollution vulnerability reported by +Jonathan Gregson! (#295).
    • +
+
+
+
+Changelog +

Sourced from json5's changelog.

+
+

v2.2.2 [code, diff]

+
    +
  • Fix: Properties with the name __proto__ are added to objects and arrays. +(#199) This also fixes a prototype pollution vulnerability reported by +Jonathan Gregson! (#295).
    • +
+
+
+
+Commits +
    +
  • 14f8cb1 2.2.2
    • +
  • 10cc7ca docs: update CHANGELOG for v2.2.2
    • +
  • 7774c10 fix: add proto to objects and arrays
    • +
  • edde30a Readme: slight tweak to intro
    • +
  • 97286f8 Improve example in readme
    • +
  • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
    • +
  • 910ce25 docs: fix spelling of Aseem
    • +
  • 2aab4dd test: require tap as t in cli tests
    • +
  • 6d42686 test: remove mocha syntax from tests
    • +
  • 4798b9d docs: update installation and usage for modules
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language +- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language +- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language +- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language + +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). + +
+-------------------------- + +* Added lockfile checks to CI workflow to prevent malicious changes + +--- NOTES NEEDS REVIEW --- +Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. +
+Changelog +

Sourced from qs's changelog.

+
+

6.5.3

+
    +
  • [Fix] parse: ignore __proto__ keys (#428)
    • +
  • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • +
  • [Fix] correctly parse nested arrays
    • +
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • +
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • +
  • [Fix] when parseArrays is false, properly handle keys ending in []
    • +
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • +
  • [Fix] utils.merge: avoid a crash with a null target and an array source
    • +
  • [Refactor] utils: reduce observable [[Get]]s
    • +
  • [Refactor] use cached Array.isArray
    • +
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • +
  • [Refactor] parse: only need to reassign the var once
    • +
  • [Robustness] stringify: avoid relying on a global undefined (#427)
    • +
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • +
  • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • +
  • [Docs] Clarify the need for "arrayLimit" option
    • +
  • [meta] fix README.md (#399)
    • +
  • [meta] add FUNDING.yml
    • +
  • [actions] backport actions from main
    • +
  • [Tests] always use String(x) over x.toString()
    • +
  • [Tests] remove nonexistent tape option
    • +
  • [Dev Deps] backport from main
    • +
+
+
+
+Commits +
    +
  • 298bfa5 v6.5.3
    • +
  • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • +
  • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • +
  • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • +
  • 12ac1c4 [meta] fix README.md (#399)
    • +
  • 0338716 [actions] backport actions from main
    • +
  • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • +
  • 51b8a0b add FUNDING.yml
    • +
  • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • +
  • f814a7f [Dev Deps] backport from main
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language +- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language +- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language +- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language + +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). + +
+-------------------------- + ### v9.0.0 (2022-08-01) * **BREAKING** Removed support for Node 12. From 4485373e87b466d8201051f751fb50e7b79d80f0 Mon Sep 17 00:00:00 2001 From: jordigh Date: Wed, 21 Jun 2023 16:20:04 -0400 Subject: [PATCH 3/3] Update CHANGELOG.md --- CHANGELOG.md | 249 ++------------------------------------------------- 1 file changed, 5 insertions(+), 244 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df5ea34..85694e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,251 +1,12 @@ ### v9.0.1 (2023-06-21) ---- NOTES NEEDS REVIEW --- -Updated the slack invite link --------------------------- - -Updated semver to 7.5.2. - +* Updated the slack invite link +* Updated semver to 7.5.2. * Updated README links to point to new forum link due to repolinter ruleset change - ---- NOTES NEEDS REVIEW --- -Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.19 to 0.5.0. -
-Commits -
    -
  • 9f730bb Update package.json with latest PR
    • -
  • 50a492a Merge pull request #603 from autopulated/master
    • -
  • 7bc3c5d Merge pull request #598 from fnimick/master
    • -
  • f412a12 Merge pull request #635 from wisesimpson/patch-1
    • -
  • d318ce0 Update README.md
    • -
  • 581b19a use Object.create(null) to create all parsed objects (prevent prototype repla...
    • -
  • a212950 Add documentation for explicitCharkey option
    • -
  • 1832e0b Merge pull request #512 from economia/master
    • -
  • 198063c Merge pull request #556 from Omega-Ariston/fix-issue544
    • -
  • 0d71785 Merge pull request #562 from Omega-Ariston/addDocExample
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xml2js&package-manager=npm_and_yarn&previous-version=0.4.19&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). - -
--------------------------- - -* Update README header image to latest OSS office required images - ---- NOTES NEEDS REVIEW --- -# Proposed release notes - -* update nan to version 2.17.0 - -# Snyk has created this PR to upgrade nan from 2.16.0 to 2.17.0. - -:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. --------------------------- - ---- NOTES NEEDS REVIEW --- -# Proposed release notes - -* Update https-proxy-agent to 5.0.1 - -# Snyk has created this PR to upgrade https-proxy-agent from 5.0.0 to 5.0.1. - -:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. --------------------------- - ---- NOTES NEEDS REVIEW --- -Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2. -
-Release notes -

Sourced from json5's releases.

-
-

v2.2.2

-
    -
  • Fix: Properties with the name __proto__ are added to objects and arrays. -(#199) This also fixes a prototype pollution vulnerability reported by -Jonathan Gregson! (#295).
    • -
-
-
-
-Changelog -

Sourced from json5's changelog.

-
-

v2.2.2 [code, diff]

-
    -
  • Fix: Properties with the name __proto__ are added to objects and arrays. -(#199) This also fixes a prototype pollution vulnerability reported by -Jonathan Gregson! (#295).
    • -
-
-
-
-Commits -
    -
  • 14f8cb1 2.2.2
    • -
  • 10cc7ca docs: update CHANGELOG for v2.2.2
    • -
  • 7774c10 fix: add proto to objects and arrays
    • -
  • edde30a Readme: slight tweak to intro
    • -
  • 97286f8 Improve example in readme
    • -
  • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
    • -
  • 910ce25 docs: fix spelling of Aseem
    • -
  • 2aab4dd test: require tap as t in cli tests
    • -
  • 6d42686 test: remove mocha syntax from tests
    • -
  • 4798b9d docs: update installation and usage for modules
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language -- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language -- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language -- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). - -
--------------------------- - +* Updated [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) to 0.5.0. +* Updated [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2. * Added lockfile checks to CI workflow to prevent malicious changes - ---- NOTES NEEDS REVIEW --- -Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. -
-Changelog -

Sourced from qs's changelog.

-
-

6.5.3

-
    -
  • [Fix] parse: ignore __proto__ keys (#428)
    • -
  • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • -
  • [Fix] correctly parse nested arrays
    • -
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • -
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • -
  • [Fix] when parseArrays is false, properly handle keys ending in []
    • -
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • -
  • [Fix] utils.merge: avoid a crash with a null target and an array source
    • -
  • [Refactor] utils: reduce observable [[Get]]s
    • -
  • [Refactor] use cached Array.isArray
    • -
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • -
  • [Refactor] parse: only need to reassign the var once
    • -
  • [Robustness] stringify: avoid relying on a global undefined (#427)
    • -
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • -
  • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • -
  • [Docs] Clarify the need for "arrayLimit" option
    • -
  • [meta] fix README.md (#399)
    • -
  • [meta] add FUNDING.yml
    • -
  • [actions] backport actions from main
    • -
  • [Tests] always use String(x) over x.toString()
    • -
  • [Tests] remove nonexistent tape option
    • -
  • [Dev Deps] backport from main
    • -
-
-
-
-Commits -
    -
  • 298bfa5 v6.5.3
    • -
  • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • -
  • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • -
  • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • -
  • 12ac1c4 [meta] fix README.md (#399)
    • -
  • 0338716 [actions] backport actions from main
    • -
  • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • -
  • 51b8a0b add FUNDING.yml
    • -
  • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • -
  • f814a7f [Dev Deps] backport from main
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language -- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language -- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language -- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts). - -
--------------------------- +* Updated [qs](https://github.com/ljharb/qs) to 6.5.3. ### v9.0.0 (2022-08-01)