Bump the npm_and_yarn group across 1 directory with 28 updates#2
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 28 updates#2dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.16.3` | `4.22.0` | | [mongoose](https://github.com/Automattic/mongoose) | `5.2.8` | `6.13.9` | | [socket.io](https://github.com/socketio/socket.io) | `2.1.1` | `2.5.0` | | [codecov](https://github.com/codecov/codecov-node) | `3.0.4` | `3.6.2` | | [flatted](https://github.com/WebReflection/flatted) | `0.2.3` | `3.4.2` | | [chownr](https://github.com/isaacs/chownr) | `1.0.1` | `1.1.4` | | [cookiejar](https://github.com/bmeck/node-cookiejar) | `2.1.2` | `2.1.4` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` | | [jws](https://github.com/brianloveswords/node-jws) | `3.1.5` | `3.2.3` | | [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.18.1` | | [moment-timezone](https://github.com/moment/moment-timezone) | `0.5.21` | `0.5.48` | | [pathval](https://github.com/chaijs/pathval) | `1.1.0` | `1.1.1` | | [semver](https://github.com/npm/node-semver) | `5.5.0` | `5.7.2` | Updates `express` from 4.16.3 to 4.22.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.22.0/History.md) - [Commits](expressjs/express@4.16.3...4.22.0) Updates `mongoose` from 5.2.8 to 6.13.9 - [Release notes](https://github.com/Automattic/mongoose/releases) - [Changelog](https://github.com/Automattic/mongoose/blob/6.13.9/CHANGELOG.md) - [Commits](Automattic/mongoose@5.2.8...6.13.9) Updates `socket.io` from 2.1.1 to 2.5.0 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/2.5.0/CHANGELOG.md) - [Commits](socketio/socket.io@2.1.1...2.5.0) Updates `codecov` from 3.0.4 to 3.6.2 - [Release notes](https://github.com/codecov/codecov-node/releases) - [Changelog](https://github.com/codecov/codecov-node/blob/master/CHANGELOG.md) - [Commits](codecov/codecov-node@v3.0.4...v3.6.2) Updates `flatted` from 0.2.3 to 3.4.2 - [Commits](WebReflection/flatted@v0.2.3...v3.4.2) Updates `body-parser` from 1.18.2 to 1.20.5 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md) - [Commits](expressjs/body-parser@1.18.2...1.20.5) Updates `bson` from 1.0.9 to 4.7.2 - [Release notes](https://github.com/mongodb/js-bson/releases) - [Changelog](https://github.com/mongodb/js-bson/blob/v4.7.2/HISTORY.md) - [Commits](mongodb/js-bson@v1.0.9...v4.7.2) Updates `chownr` from 1.0.1 to 1.1.4 - [Commits](isaacs/chownr@v1.0.1...v1.1.4) Updates `cookie` from 0.3.1 to 0.4.2 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.4.2/HISTORY.md) - [Commits](jshttp/cookie@v0.3.1...v0.4.2) Updates `cookiejar` from 2.1.2 to 2.1.4 - [Commits](https://github.com/bmeck/node-cookiejar/commits) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `engine.io` from 3.2.0 to 3.6.2 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/commits) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.2.4...v1.2.13) Updates `get-func-name` from 2.0.0 to 2.0.2 - [Release notes](https://github.com/chaijs/get-func-name/releases) - [Commits](https://github.com/chaijs/get-func-name/commits/v2.0.2) Updates `js-yaml` from 3.12.0 to 3.15.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.12.0...3.15.0) Updates `jws` from 3.1.5 to 3.2.3 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.1.5...v3.2.3) Updates `lodash` from 4.17.10 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.10...4.18.1) Updates `moment-timezone` from 0.5.21 to 0.5.48 - [Release notes](https://github.com/moment/moment-timezone/releases) - [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md) - [Commits](moment/moment-timezone@0.5.21...0.5.48) Updates `moment` from 2.22.2 to 2.30.1 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.22.2...2.30.1) Updates `parseuri` from 0.0.5 to 0.0.6 - [Release notes](https://github.com/slevithan/parseuri/releases) - [Commits](https://github.com/slevithan/parseuri/commits) Updates `path-to-regexp` from 0.1.7 to 0.1.13 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v.0.1.13) Updates `pathval` from 1.1.0 to 1.1.1 - [Release notes](https://github.com/chaijs/pathval/releases) - [Changelog](https://github.com/chaijs/pathval/blob/master/CHANGELOG.md) - [Commits](chaijs/pathval@v1.1.0...v1.1.1) Updates `qs` from 6.5.1 to 6.5.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.1...v6.5.2) Updates `semver` from 5.5.0 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.5.0...v5.7.2) Updates `send` from 0.16.2 to 0.19.2 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.16.2...0.19.2) Updates `serve-static` from 1.13.2 to 1.16.3 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md) - [Commits](expressjs/serve-static@v1.13.2...v1.16.3) Updates `socket.io-parser` from 3.2.0 to 3.3.5 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/socket.io-parser@3.3.5/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/commits/socket.io-parser@3.3.5) Updates `ws` from 3.3.3 to 7.5.11 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@3.3.3...7.5.11) --- updated-dependencies: - dependency-name: express dependency-version: 4.22.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mongoose dependency-version: 6.13.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: socket.io dependency-version: 2.5.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: codecov dependency-version: 3.6.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: flatted dependency-version: 3.4.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 1.20.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: bson dependency-version: 4.7.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: chownr dependency-version: 1.1.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-version: 0.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookiejar dependency-version: 2.1.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-version: 0.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: engine.io dependency-version: 3.6.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-version: 1.2.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: get-func-name dependency-version: 2.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 3.15.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 3.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment-timezone dependency-version: 0.5.48 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-version: 2.30.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: parseuri dependency-version: 0.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pathval dependency-version: 1.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.5.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 5.7.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-version: 0.19.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-version: 1.16.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-version: 3.3.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 7.5.11 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 15 updates in the / directory:
4.16.34.22.05.2.86.13.92.1.12.5.03.0.43.6.20.2.33.4.21.0.11.1.42.1.22.1.40.2.00.2.21.2.41.2.132.0.02.0.23.1.53.2.34.17.104.18.10.5.210.5.481.1.01.1.15.5.05.7.2Updates
expressfrom 4.16.3 to 4.22.0Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
49744ab4.22.0 (#6921)6e97452sec: security patch for CVE-2024-519996a23d34deps: use tilde notation forqs(#6919)8c12cdfdeps: qs@6.14.0 (#6909)7fea74fdeps: use tilde notation for certain dependencies (#6905)dac7a04chore: wider range for query test skip (#6513)997919bci: add node.js 24 to test matrix (#6506)36fb59cfix(ci): reordernpm isteps to fix ci for older node versions (#6336)3a5edfafix(ci): updated github actions ci workflow (#6323)52d9781fix(test): add test for method routes without paths #5955Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.
Updates
mongoosefrom 5.2.8 to 6.13.9Release notes
Sourced from mongoose's releases.
Changelog
Sourced from mongoose's changelog.
... (truncated)
Commits
473a92estyle: fix lint40e1af0quick fix for no elvis operator in node 12068ee25chore: release 6.13.93b0c5c0fix: handle other top-level query operators in sanitizeFilterb331eacMerge pull request #15434 from Automattic/vkarpov15/gh-154272097837chore: remove upload-artifact8045783chore: bump ubuntu versions in GitHub actions5235028docs(compatibility): add note that Mongoose ^6.5 works with MongoDB server 7.x1448c67Merge pull request #15303 from Automattic/vkarpov15/gh-1529917d1bd6fix ts benchmark by bumping max instantiationsUpdates
socket.iofrom 2.1.1 to 2.5.0Changelog
Sourced from socket.io's changelog.
Commits
baa6804chore(release): 2.5.0f223178fix: prevent the socket from joining a room after disconnection226cc16fix: only set 'connected' to true after middleware execution05e1278fix: fix race condition in dynamic namespaces22d4bdffix: ignore packet received after disconnectiondfded53chore: update engine.io version to 3.6.0e6b8697chore(release): 2.4.1a169050revert: fix(security): do not allow all origins by default873fdc5chore(release): 2.4.0f78a575fix(security): do not allow all origins by defaultUpdates
codecovfrom 3.0.4 to 3.6.2Release notes
Sourced from codecov's releases.
Changelog
Sourced from codecov's changelog.
Commits
fa631c3v3.6.2f429409Merge pull request #164 from codecov/sanitize-gcov-options2f4eff9Sanitize gcov-args9bde072Merge pull request #151 from codecov/github-ci-1b86eb31Add workflowa7014d2Update README.md597322cv3.6.14fc78f5Merge pull request #146 from codecov/hotfix/semaphore11347a9Fix tests4556aabSet semaphore service to just semaphoreUpdates
flattedfrom 0.2.3 to 3.4.2Commits
3bf09093.4.2885ddccfix CWE-13210bdba70added flatted-view to the benchmark2a02dce3.4.1fba4e8fMerge pull request #89 from WebReflection/python-fix5fe8648added "when in Rome" also a test for PHP53517adsome minor improvementb3e2a0cFixing recursion issue in Python tooc4b46dbAdd SECURITY.md for security policy and reportingf86d071Create dependabot.yml for version updatesUpdates
body-parserfrom 1.18.2 to 1.20.5Release notes
Sourced from body-parser's releases.
... (truncated)
Changelog
Sourced from body-parser's changelog.
... (truncated)
Commits
0defdberelease(patch): 1.20.5cd0e7a0deps(qs): bump qs to 6.15.16f24d7efix: correct off-by-one error in parameterCount (#716)b849bd5deps: qs@~6.14.1 (#690)2c55e2frefactor(json): simplify strict mode error string construction (#692)7db202c1.20.4 (#672)d8f8adbci: add CodeQL (SAST) (#670)6d133c1chore: remove SECURITY.md (#669)fcd1535deps: use tilde notation and update certain dependencies (#668)ec5fa29deps: qs@~6.14.0 (#664)Maintainer changes
This version was pushed to npm by jonchurch, a new releaser for body-parser since your current version.
Updates
bsonfrom 1.0.9 to 4.7.2Release notes
Sourced from bson's releases.
... (truncated)
Changelog
Sourced from bson's changelog.
... (truncated)
Commits
c3fc5dfchore(release): 4.7.2a298d22fix(NODE-4932): remove .0 suffix from double extended json values (#553)5465c33chore(release): 4.7.1d86bd52fix(NODE-4905): double precision accuracy in canonical EJSON (#549)853bbb0chore(release): 4.7.01dc7eaefeat(NODE-4535): automatically promote UUIDs when deserializing and parsing U...e9afa9dfeat(NODE-4506): Make UUID a subclass of binary (#512)ff2b975feat(NODE-4419): UUID class deserialization (#509)f5dc9edfeat(NODE-4405): support serializing UUID class (#508)4d75481test(NODE-4357): delete windows tests (#510)Maintainer changes
This version was pushed to npm by nbbeeken, a new releaser for bson since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
chownrfrom 1.0.1 to 1.1.4Commits
814f6421.1.4a0d7ae0push to github before npm1a3667aignore stuff147eac4Full tests, handle errors properly in many cases578fb9fupdate tap, fix rimraf version5bbda8cfeat: ignore ENOENT errors during chowndeaa0581.1.3190e311Don't early-capture the fs.lchownSync methoddf2826apush to git with 1 command, not 2cf3b27b1.1.2Updates
cookiefrom 0.3.1 to 0.4.2Release notes
Sourced from cookie's releases.
Changelog
Sourced from cookie's changelog.
Commits
55bac400.4.2519feb5build: mocha@9.2.0fadc4bcbuild: Node.js@14.19009b3cbpref: read value only when assigning in parse04be428lint: remove deprecated String.prototype.substr2dc6662bench: preserve decode behavior for top cookiesaa1a335pref: remove unnecessary regexp in parse2bcee5abench: add cookies from top 20 sites4f08c95docs: update benchmarkf056356build: mocha@9.1.4Updates
cookiejarfrom 2.1.2 to 2.1.4Commits
Updates
decode-uri-componentfrom 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea460.2.2980e0bfPrevent overwriting previously decoded tokens3c8a3730.2.176abc93Switch to GitHub workflows746ca5dFix issue where decode throws - fixes #6486d7e2Update license (#1)a650457Tidelift tasks66e1c28Meta tweaksUpdates
engine.iofrom 3.2.0 to 3.6.2Commits
Updates
fseventsfrom 1.2.4 to 1.2.13Release notes
Sourced from fsevents's releases.
Commits
844a05dVersion Bumpf393f2aOnly build fsevents on macOS (#322)6a281a7[publish binary]acc2bce[publish binary]f532b6e[publish binary]4c6a1c0Add node 13 to travis matrix.92e40aaRelease 1.2.12.909af26Release v1.2.117074adbRelease v1.2.100a052f6Node.js v12 support for v1.x (#274)Updates
get-func-namefrom 2.0.0 to 2.0.2Release notes
Sourced from get-func-name's releases.
Commits
Maintainer changes
This version was pushed to npm by keithamus, a new releaser for get-func-name since your current version.
Updates
js-yamlfrom 3.12.0 to 3.15.0Changelog
Sourced from js-yaml's changelog.
... (truncated)
Commits
c34b6c43.15.0 released21e13d3dist rebuild