chore(deps): bump the npm_and_yarn group across 1 directory with 24 updates #1

dependabot · 2024-12-11T10:18:15Z

Bumps the npm_and_yarn group with 20 updates in the / directory:

Package	From	To
cookie	`0.4.1`	`0.7.0`
cross-spawn	`6.0.5`	`6.0.6`
es5-ext	`0.10.53`	`0.10.63`
express	`4.17.0`	`4.20.0`
firebase	`7.14.5`	`10.9.0`
minimatch	`3.0.4`	`3.0.5`
moment	`2.24.0`	`2.29.4`
nanoid	`3.1.30`	`3.3.8`
node-fetch	`2.6.7`	`2.6.8`
octokit	`3.1.0`	`4.0.2`
postcss	`8.4.31`	`8.4.32`
semver	`7.3.2`	`7.5.2`
ws	`8.2.3`	`8.17.1`
tar	`6.1.15`	`6.2.0`
@babel/traverse	`7.22.5`	`7.23.2`
debug	`4.1.1`	`4.3.1`
path-to-regexp	`6.1.0`	`6.3.0`
send	`0.17.1`	`0.19.0`
terser	`5.27.0`	`5.27.1`
ua-parser-js	`1.0.35`	`1.0.36`

Updates cookie from 0.4.1 to 0.7.0

Release notes

Sourced from cookie's releases.

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

Add partitioned option

0.5.0

Add priority option

Fix expires option to reject invalid dates

pref: improve default decode speed

pref: remove slow string split in parse

0.4.2

pref: read value only when assigning in parse

pref: remove unnecessary regexp in parse

Commits

ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
d6f39b0 Fix tests for old node
6bb701f Remove failing scorecard
ca70da4 test(serialize): additional tests for name, domain and path RFC validations (...
47917c9 Iterate whitespace for perf (#170)
927d48a Add main to package.json (#166)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates cross-spawn from 6.0.5 to 6.0.6

Changelog

Sourced from cross-spawn's changelog.

6.0.6 (2024-11-18)

Bug Fixes

disable regexp backtracking (#160) (ba5aaef)

core: support worker threads (#127) (f4af31c)

Commits

d35c865 chore(release): 6.0.6
5a37e19 chore: update package.json and package.lock
ba5aaef fix: disable regexp backtracking (#160)
f4af31c fix(core): support worker threads (#127)
See full diff in compare view

Updates es5-ext from 0.10.53 to 0.10.63

Release notes

Sourced from es5-ext's releases.

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

Manifest improvements:

(#190) (b8dc53f)

(c51d552)

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Bump dependencies (d7e0a61)

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

Improve postinstall script configuration (ab6b121)

Comparison since last release

0.10.59 (2022-03-17)

Maintenance Improvements

Improve manifest wording (#122) (eb7ae59)

Update data in manifest (3d2935a)

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

Manifest improvements:

(#190) (b8dc53f)

(c51d552)

0.10.61 (2022-04-20)

Bug Fixes

Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Bump dependencies (d7e0a61)

0.10.60 (2022-04-07)

Maintenance Improvements

Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

Improve manifest wording (#122) (eb7ae59)

Update data in manifest (3d2935a)

0.10.58 (2022-03-11)

Maintenance Improvements

Improve "call for peace" manifest (3beace4)

0.10.57 (2022-03-08)

... (truncated)

Commits

de4e03c chore: Release v0.10.63
3fd53b7 chore: Upgrade lint-staged to v13
bf8ed79 chore: Ensure postinstall script does not crash on Windows
2cbbb07 chore: Bump dependencies
22d0416 chore: Bump LICENSE year
a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
3551cdd fix: Do not rely on problematic regex
7855319 chore: Simplify the manifest message
78e041f chore: Release v0.10.62
c51d552 chore: Improve manifest
Additional commits viewable in compare view

Updates express from 4.17.0 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

... (truncated)

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates firebase from 7.14.5 to 10.9.0

Commits

1eb302f Version Packages (#8063)
b498867 Merge master into release
ce88e71 snapshot listeners source from cache (#7982)
6d487d7 Prevent using authTokenSyncURL if the string begins with a double slash (#8060)
b4d59d6 Merge master into release
2b22838 Fix glob pattern to work with Node 20 and its NPM version (#8059)
feb5038 Update CI node.js versions to 20.x (#8055)
245dd26 Enforce authTokenSyncURL being a path and not a url. (#8056)
e60188d Version Packages (#8046)
7e2efbf Merge master into release
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.0.5

Commits

707e1b2 3.0.5
a8763f4 Improve redos protection, add many tests
bafa295 Use master branch for travis badge
013d64d update travis
See full diff in compare view

Updates moment from 2.24.0 to 2.29.4

Changelog

Sourced from moment's changelog.

2.29.4

Release Jul 6, 2022

#6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

Release Apr 17, 2022

#5995 [bugfix] Remove const usage

#5990 misc: fix advisory link

2.29.2 See full changelog

Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

2.29.1 See full changelog

Release Oct 6, 2020

Updated deprecation message, bugfix in hi locale

2.29.0 See full changelog

Release Sept 22, 2020

New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

2.28.0 See full changelog

Release Sept 13, 2020

Fix bug where .format() modifies original instance, and locale updates

2.27.0 See full changelog

Release June 18, 2020

Added Turkmen locale, other locale improvements, slight TypeScript fixes

2.26.0 See full changelog

Release May 19, 2020

... (truncated)

Commits

000ac18 Build 2.24.4
f2006b6 Bump version to 2.24.4
536ad0c Update changelog for 2.29.4
9a3b589 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
6374fd8 Merge branch 'master' into develop
b4e6153 Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"
7aebb16 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
57c9062 Build 2.29.3
aaf50b6 Fixup release complaints
26f4aef Bump version to 2.29.3
Additional commits viewable in compare view

Updates nanoid from 3.1.30 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

Fixed a way to break Nano ID by passing non-integer size (by @myndzi).

3.3.7

Fixed node16 TypeScript support (by Saadi Myftija).

3.3.6

Fixed package.

3.3.5

Backport funding information.

3.3.4

Fixed --help in CLI (by @Lete114).

3.3.3

Reduced size (by Anton Khlynovskiy).

3.3.2

Fixed enhanced-resolve support.

3.3.1

Reduced package size.

3.3

Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

Reduced async exports size (by Artyom Arutyunyan).

Moved from Jest to uvu (by Vitaly Baev).

3.1.31

Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

Commits

3044cd5 Release 3.3.8 version
4fe3495 Update size limit
d643045 Fix pool pollution, infinite loop (#510)
89d82d2 Release 3.3.7 version
5022c35 Update dual-publish
3e7a8e5 Remove benchmark from CI for v3
d356144 Fix CI for v3
37b25df Move to pnpm 8
d96f392 Release 3.3.6 version
8210dfb Release 3.3.5 version
Additional commits viewable in compare view

Updates node-fetch from 2.6.7 to 2.6.8

Release notes

Sourced from node-fetch's releases.

v2.6.8

2.6.8 (2023-01-13)

Bug Fixes

headers: don't forward secure headers on protocol change (#1605) (fddad0e), closes #1599

premature close with chunked transfer encoding and for async iterators in Node 12 (#1172) (50536d1), closes #1064 node-fetch/node-fetch#1064

prevent hoisting of the undefined global variable in browser.js (#1534) (8bb6e31)

Commits

6e9464d ci(release): install dependencies
dd2a0ba ci(release): install dependencies
49bef02 ci(release): use latest Node LTS
ce37bcd ci(semantic-release): config
1768eaa ci(release): initial version
8bb6e31 fix: prevent hoisting of the undefined global variable in browser.js (#1534)
e218f8d Add missing changelog entries. (#1613)
fddad0e fix(headers): don't forward secure headers on protocol change (#1605)
50536d1 fix: premature close with chunked transfer encoding and for async iterators i...
838d971 Handle zero-length OK deflate responses (#903)
See full diff in compare view

Maintainer changes

This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.

Updates octokit from 3.1.0 to 4.0.2

Release notes

Sourced from octokit's releases.

v4.0.2

4.0.2 (2024-05-08)

Bug Fixes

build: actually output ESM (#2678) (9604674)

v4.0.1

4.0.1 (2024-05-07)

Bug Fixes

docs: remove NodeJS 10 and add callout for conditional exports (#2675) (c99ff62)

v4.0.0

BREAKING CHANGES

package is now ESM

remove authentication type "oauth" that was previously deprecated

Switch from @octokit/webhooks-types to @octokit/openapi-webhooks-types due to the transition to using GitHub's OpenAPI schema

v3.2.1

3.2.1 (2024-05-03)

Bug Fixes

update rest endpoints (#2667) (98785f4)

v3.2.1-beta.1

3.2.1-beta.1 (2024-05-06)

Bug Fixes

adapt code for ESM/new deps (314b46e)

deps: update octokit monorepo (b318e23)

v3.2.0

3.2.0 (2024-04-03)

Features

security: Add provenance (#2653) (a90799a)

... (truncated)

Commits

9604674 fix(build): actually output ESM (#2678)
c99ff62 fix(docs): remove NodeJS 10 and add callout for conditional exports (#2675)
13a86ad feat: v4 (#2674)
d0b9a6e build(deps): lock file maintenance (#2670)
b4860da chore(deps): update dependency esbuild to ^0.21.0 (#2672)
98785f4 fix: update rest endpoints (#2667)
c520dc9 build(deps): lock file maintenance (#2664)
844baf9 build(deps): lock file maintenance (#2661)
0322377 build(deps): lock file maintenance (#2658)
ba7d859 ci(action): update actions/add-to-project action to v1.0.1 (#2657)
Additional commits viewable in compare view

Updates postcss from 8.4.31 to 8.4.32

Release notes

Sourced from postcss's releases.

8.4.32

Fixed postcss().process() types (by @ferreira-tb).

Changelog

Sourced from postcss's changelog.

8.4.32

Fixed postcss().process() types (by Andrew Ferreira).

Commits

a0d9f10 Release 8.4.32 version
0146b3e Add Node.js 21 to CI
2398534 Update dependencies
1918533 Merge pull request #1902 from ferreira-tb/main
395e6dc Fix ProcessOptions interface
fa8cd15 Update dependencies
199a7c4 Typo
2528047 Update EM link
See full diff in compare view

Updates semver from 7.3.2 to 7.5.2

Release notes

Sourced from semver's releases.

v7.5.2

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

v7.5.1

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

v7.5.0

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

v7.4.0

7.4.0 (2023-04-10)

Features

113f513 #532 identifierBase parameter for .inc (#532) (@wraithgar, @b-bly)

48d8f8f #530 export new RELEASE_TYPES constant (@hcharley)

Bug Fixes

940723d #538 intersects with v0.0.0 and v0.0.0-0 (#538) (@wraithgar)

aa516b5 #535 faster parse options (#535) (@H4ad)

61e6ea1 #536 faster cache key factory for range (#536) (@H4ad)

f8b8b61 #541 optimistic parse (#541) (@H4ad)

796cbe2 #533 semver.diff prerelease to release recognition (#533) (@wraithgar, @dominique-blockchain)

3f222b1 #537 reuse comparators on subset (#537) (@H4ad)

f66cc45 #539 faster diff (#539) (@H4ad)

Documentation

c5d29df #530 Add "Constants" section to README (@hcharley)

... (truncated)

Changelog

Sourced from semver's changelog.

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

7.4.0 (2023-04-10)

Features

113f513 #532 identifierBase parameter for .inc (#532) (@wraithgar, @b-bly)

48d8f8f #530 export new RELEASE_TYPES constant (@hcharley)

Bug Fixes

940723d #538 intersects with v0.0.0 and v0.0.0-0 (#538) (@wraithgar)

aa516b5

…pdates Bumps the npm_and_yarn group with 20 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.0` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `6.0.6` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.63` | | [express](https://github.com/expressjs/express) | `4.17.0` | `4.20.0` | | [firebase](https://github.com/firebase/firebase-js-sdk) | `7.14.5` | `10.9.0` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.0.5` | | [moment](https://github.com/moment/moment) | `2.24.0` | `2.29.4` | | [nanoid](https://github.com/ai/nanoid) | `3.1.30` | `3.3.8` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `2.6.8` | | [octokit](https://github.com/octokit/octokit.js) | `3.1.0` | `4.0.2` | | [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.32` | | [semver](https://github.com/npm/node-semver) | `7.3.2` | `7.5.2` | | [ws](https://github.com/websockets/ws) | `8.2.3` | `8.17.1` | | [tar](https://github.com/isaacs/node-tar) | `6.1.15` | `6.2.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.22.5` | `7.23.2` | | [debug](https://github.com/debug-js/debug) | `4.1.1` | `4.3.1` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.1.0` | `6.3.0` | | [send](https://github.com/pillarjs/send) | `0.17.1` | `0.19.0` | | [terser](https://github.com/terser/terser) | `5.27.0` | `5.27.1` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `1.0.35` | `1.0.36` | Updates `cookie` from 0.4.1 to 0.7.0 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.1...v0.7.0) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) Updates `es5-ext` from 0.10.53 to 0.10.63 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.63) Updates `express` from 4.17.0 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.0...4.20.0) Updates `firebase` from 7.14.5 to 10.9.0 - [Release notes](https://github.com/firebase/firebase-js-sdk/releases) - [Changelog](https://github.com/firebase/firebase-js-sdk/blob/main/CHANGELOG.md) - [Commits](https://github.com/firebase/firebase-js-sdk/compare/[email protected]@10.9.0) Updates `minimatch` from 3.0.4 to 3.0.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.0.5) Updates `moment` from 2.24.0 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.24.0...2.29.4) Updates `nanoid` from 3.1.30 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.30...3.3.8) Updates `node-fetch` from 2.6.7 to 2.6.8 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v2.6.8) Updates `octokit` from 3.1.0 to 4.0.2 - [Release notes](https://github.com/octokit/octokit.js/releases) - [Commits](octokit/octokit.js@v3.1.0...v4.0.2) Updates `postcss` from 8.4.31 to 8.4.32 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.31...8.4.32) Updates `semver` from 7.3.2 to 7.5.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.2...v7.5.2) Updates `ws` from 8.2.3 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.2.3...8.17.1) Updates `tar` from 6.1.15 to 6.2.0 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.15...v6.2.0) Updates `@babel/traverse` from 7.22.5 to 7.23.2 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) Updates `debug` from 4.1.1 to 4.3.1 - [Release notes](https://github.com/debug-js/debug/releases) - [Commits](debug-js/debug@4.1.1...4.3.1) Updates `path-to-regexp` from 6.1.0 to 6.3.0 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v6.1.0...v6.3.0) Updates `send` from 0.17.1 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.17.1...0.19.0) Updates `terser` from 5.27.0 to 5.27.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.27.0...v5.27.1) Updates `ua-parser-js` from 1.0.35 to 1.0.36 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@1.0.35...1.0.36) Updates `@grpc/grpc-js` from 0.8.1 to 1.9.15 - [Release notes](https://github.com/grpc/grpc-node/releases) - [Commits](https://github.com/grpc/grpc-node/compare/@grpc/[email protected]...@grpc/[email protected]) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `protobufjs` from 6.11.2 to 7.2.4 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@v6.11.2...protobufjs-v7.2.4) Updates `serve-static` from 1.14.1 to 1.16.0 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md) - [Commits](expressjs/serve-static@v1.14.1...1.16.0) --- updated-dependencies: - dependency-name: cookie dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: firebase dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: moment dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: octokit dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ws dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: tar dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: debug dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: send dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: terser dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@grpc/grpc-js" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 11, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm_and_yarn group across 1 directory with 24 updates #1

chore(deps): bump the npm_and_yarn group across 1 directory with 24 updates #1

dependabot bot commented on behalf of github Dec 11, 2024

chore(deps): bump the npm_and_yarn group across 1 directory with 24 updates #1

Are you sure you want to change the base?

chore(deps): bump the npm_and_yarn group across 1 directory with 24 updates #1

Conversation

dependabot bot commented on behalf of github Dec 11, 2024

0.7.0

0.6.0

0.5.0

0.4.2

6.0.6 (2024-11-18)

Bug Fixes

0.10.63 (2024-02-23)

Bug Fixes

Maintenance Improvements

0.10.62 (2022-08-02)

Maintenance Improvements

0.10.61 (2022-04-20)

Bug Fixes

Maintenance Improvements

0.10.60 (2022-04-07)

Maintenance Improvements

0.10.59 (2022-03-17)

Maintenance Improvements

0.10.63 (2024-02-23)

Bug Fixes

Maintenance Improvements

0.10.62 (2022-08-02)

Maintenance Improvements

0.10.61 (2022-04-20)

Bug Fixes

Maintenance Improvements

0.10.60 (2022-04-07)

Maintenance Improvements

0.10.59 (2022-03-17)

Maintenance Improvements

0.10.58 (2022-03-11)

Maintenance Improvements

0.10.57 (2022-03-08)

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

2.29.4

2.29.3 Full changelog

2.29.2 See full changelog

2.29.1 See full changelog

2.29.0 See full changelog

2.28.0 See full changelog

2.27.0 See full changelog

2.26.0 See full changelog

3.3.8

3.3.7

3.3.6

3.3.5

3.3.4

3.3.3

3.3.2

3.3.1

3.3

3.2

3.1.32

3.1.31

v2.6.8

2.6.8 (2023-01-13)

Bug Fixes

v4.0.2

4.0.2 (2024-05-08)

Bug Fixes

v4.0.1

4.0.1 (2024-05-07)

Bug Fixes

v4.0.0

BREAKING CHANGES