Skip to content

Bump the npm_and_yarn group across 1 directory with 10 updates#6

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-f506c155f9
Open

Bump the npm_and_yarn group across 1 directory with 10 updates#6
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-f506c155f9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 4 updates in the / directory: mongoose, debug, fresh and moment.

Updates mongoose from 4.11.8 to 6.13.9

Release notes

Sourced from mongoose's releases.

6.13.9 / 2026-02-04

  • fix: handle other top-level query operators in sanitizeFilter
  • types(aggregate): add $firstN, $lastN, $bottom, $bottomN, $minN and $maxN operators #15303 #15299
  • docs(compatibility): add note that Mongoose ^6.5 works with MongoDB server 7.x #15427

6.13.8 / 2025-01-20

  • chore: remove coverage output from bundle

6.13.7 / 2025-01-20

  • chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.6 / 2025-01-13

  • fix: disallow nested $where in populate match
Changelog

Sourced from mongoose's changelog.

6.13.9 / 2026-02-04

  • fix: handle other top-level query operators in sanitizeFilter
  • types(aggregate): add $firstN, $lastN, $bottom, $bottomN, $minN and $maxN operators #15303 #15299
  • docs(compatibility): add note that Mongoose ^6.5 works with MongoDB server 7.x #15427

6.13.8 / 2025-01-20

  • chore: remove coverage output from bundle

6.13.7 / 2025-01-20

  • chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.6 / 2025-01-13

6.13.5 / 2024-11-26

  • fix: disallow using $where in match

6.13.4 / 2024-11-15

  • fix: save execution stack in query as string #15043 #15039
  • docs: clarify strictQuery default will flip-flop in "Migrating to 6.x" #14998 markstos

6.13.3 / 2024-09-23

  • docs(migrating_to_6): document that Lodash _.isEmpty() with ObjectId() as a parameter returns true in Mongoose 6 #11152

6.13.2 / 2024-09-12

  • fix(document): make set() respect merge option on deeply nested objects #14870 #14878

6.13.1 / 2024-09-06

  • fix: remove empty $and, $or, $not that were made empty by scrict mode #14749 #13086 0x0a0d

6.13.0 / 2024-06-06

  • feat(model): add throwOnValidationError option for opting into getting MongooseBulkWriteError if all valid operations succeed in bulkWrite() and insertMany() #14599 #14587 #14572 #13410

6.12.9 / 2024-05-24

  • fix(cast): cast $comment to string in query filters #14590 #14576
  • types(model): allow passing strict type checking override to create() #14571 #14548

6.12.8 / 2024-04-10

... (truncated)

Commits
  • 473a92e style: fix lint
  • 40e1af0 quick fix for no elvis operator in node 12
  • 068ee25 chore: release 6.13.9
  • 3b0c5c0 fix: handle other top-level query operators in sanitizeFilter
  • b331eac Merge pull request #15434 from Automattic/vkarpov15/gh-15427
  • 2097837 chore: remove upload-artifact
  • 8045783 chore: bump ubuntu versions in GitHub actions
  • 5235028 docs(compatibility): add note that Mongoose ^6.5 works with MongoDB server 7.x
  • 1448c67 Merge pull request #15303 from Automattic/vkarpov15/gh-15299
  • 17d1bd6 fix ts benchmark by bumping max instantiations
  • Additional commits viewable in compare view

Updates debug from 2.6.8 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

  • Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​zhuangya for their help!

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

  • remove ReDoS regexp in %o formatter (#504)
Commits

Updates bson from 1.0.4 to 4.7.2

Release notes

Sourced from bson's releases.

v4.7.2

The MongoDB Node.js team is pleased to announce version v4.7.2 of the bson package!

Bug Fixes

  • NODE-4932: remove .0 suffix from double extended json values (#553) (a298d22)

Documentation

We invite you to try the bson library immediately, and report any issues to the NODE project.

v4.7.1

The MongoDB Node.js team is pleased to announce version v4.7.1 of the bson package!

Bug Fixes

  • NODE-4905: double precision accuracy in canonical EJSON (#549) (d86bd52)

Documentation

We invite you to try the bson library immediately, and report any issues to the NODE project.

v4.7.0

The MongoDB Node.js team is pleased to announce version 4.7.0 of the bson package!

Release Highlights

This release adds automatic UUID support. Now when serializing or deserializing BSON you can work directly with the UUID type without explicit conversion methods. The UUID class is now a subclass of binary so all existing code will continue to work (including the explicit conversion methods .toUUID/.toBinary). The same automatic support for UUID is also present in EJSON .parse/.stringify.

Take a look at the following for the expected behavior:

const document = BSON.deserialize(bytes)
// { uuid: UUID('xxx') }
BSON.serialize(document)
// Buffer < document with uuid (binary subtype 4) >

Special thanks to @​aditi-khare-mongoDB for all her hard work on this feature!! 🎉

Features

  • NODE-4405: support serializing UUID class (#508) (f5dc9ed)
  • NODE-4419: UUID class deserialization (#509) (ff2b975)
  • NODE-4506: Make UUID a subclass of binary (#512) (e9afa9d)

... (truncated)

Changelog

Sourced from bson's changelog.

4.7.2 (2023-01-10)

Bug Fixes

  • NODE-4932: remove .0 suffix from double extended json values (#553) (a298d22)

4.7.1 (2023-01-05)

Bug Fixes

  • NODE-4905: double precision accuracy in canonical EJSON (#549) (d86bd52)

4.7.0 (2022-08-18)

Features

  • NODE-4405: support serializing UUID class (#508) (f5dc9ed)
  • NODE-4419: UUID class deserialization (#509) (ff2b975)
  • NODE-4506: Make UUID a subclass of binary (#512) (e9afa9d)
  • NODE-4535: automatically promote UUIDs when deserializing and parsing UUIDs (#513) (1dc7eae)

4.6.5 (2022-07-07)

Bug Fixes

  • NODE-3630: remove float parser and test edge cases for Double (#502) (54ca603)
  • NODE-4211: Do not require crypto in browser builds (#500) (b32ab40)
  • NODE-4302: remove downlevel ts and typesVersions (#501) (651b60e)
  • NODE-4381: handle __proto__ well in EJSON (#506) (4bda57d)

4.6.4 (2022-05-19)

4.6.3 (2022-04-20)

4.6.2 (2022-03-22)

Bug Fixes

  • MONGOSH-1155: update error message in ObjectId class (#493) (67fbc7c)
  • NODE-3015: ObjectId.equals should use Buffer.equals for better performance (#478) (8305bdf)
  • NODE-3962: correct type for ObjectiId._bsontype (#480) (9671773)

4.6.1 (2022-01-06)

... (truncated)

Commits
  • c3fc5df chore(release): 4.7.2
  • a298d22 fix(NODE-4932): remove .0 suffix from double extended json values (#553)
  • 5465c33 chore(release): 4.7.1
  • d86bd52 fix(NODE-4905): double precision accuracy in canonical EJSON (#549)
  • 853bbb0 chore(release): 4.7.0
  • 1dc7eae feat(NODE-4535): automatically promote UUIDs when deserializing and parsing U...
  • e9afa9d feat(NODE-4506): Make UUID a subclass of binary (#512)
  • ff2b975 feat(NODE-4419): UUID class deserialization (#509)
  • f5dc9ed feat(NODE-4405): support serializing UUID class (#508)
  • 4d75481 test(NODE-4357): delete windows tests (#510)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by nbbeeken, a new releaser for bson since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates fresh from 0.5.0 to 0.5.2

Changelog

Sourced from fresh's changelog.

0.5.2 / 2017-09-13

  • Fix regression matching multiple ETags in If-None-Match
  • perf: improve If-None-Match token parsing

0.5.1 / 2017-09-11

  • Fix handling of modified headers with invalid dates
  • perf: improve ETag match loop
Commits
  • 02df630 0.5.2
  • 37cd4a2 build: Node.js@8.5
  • 731c0eb build: Node.js@6.11
  • 21a0f0c perf: improve If-None-Match token parsing
  • ff5f257 Fix regression matching multiple ETags in If-None-Match
  • e8a4aaf 0.5.1
  • 7015bce perf: improve ETag match loop
  • 7a2b460 Fix handling of modified headers with invalid dates
  • 1599530 bench: add simple benchmarks
  • 74793d9 build: eslint-plugin-node@5.1.1
  • Additional commits viewable in compare view

Updates mime from 1.3.6 to 1.6.0

Changelog

Sourced from mime's changelog.

v1.6.0 (24/11/2017)

No changelog for this release.


v2.0.4 (24/11/2017)

  • [closed] Switch to mime-score module for resolving extension contention issues. #182
  • [closed] Update mime-db to 1.31.0 in v1.x branch #181

v1.5.0 (22/11/2017)

  • [closed] need ES5 version ready in npm package #179
  • [closed] mime-db no trace of iWork - pages / numbers / etc. #178
  • [closed] How it works in brownser ? #176
  • [closed] Missing ./Mime #175
  • [closed] Vulnerable Regular Expression #167

v2.0.3 (25/09/2017)

No changelog for this release.


v1.4.1 (25/09/2017)

  • [closed] Issue when bundling with webpack #172

v2.0.2 (15/09/2017)

  • [V2] fs.readFileSync is not a function #165
  • [closed] The extension for video/quicktime should map to .mov, not .qt #164
  • [V2] [v2 Feedback request] Mime class API #163
  • [V2] [v2 Feedback request] Resolving conflicts over extensions #162
  • [V2] Allow callers to load module with official, full, or no defined types. #161
  • [V2] Use "facets" to resolve extension conflicts #160
  • [V2] Remove fs and path dependencies #152
  • [V2] Default content-type should not be application/octet-stream #139
  • [V2] reset mime-types #124
  • [V2] Extensionless paths should return null or false #113

v2.0.1 (14/09/2017)

  • [closed] Changelog for v2.0 does not mention breaking changes #171
  • [closed] MIME breaking with 'class' declaration as it is without 'use strict mode' #170

... (truncated)

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates moment from 2.18.1 to 2.30.1

Changelog

Sourced from moment's changelog.

2.30.1

2.30.0 Full changelog

  • Release Dec 26, 2023

2.29.4

  • Release Jul 6, 2022
    • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

  • Release Apr 17, 2022
    • #5995 [bugfix] Remove const usage
    • #5990 misc: fix advisory link

2.29.2 See full changelog

  • Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

2.29.1 See full changelog

  • Release Oct 6, 2020

Updated deprecation message, bugfix in hi locale

2.29.0 See full changelog

  • Release Sept 22, 2020

New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

2.28.0 See full changelog

  • Release Sept 13, 2020

Fix bug where .format() modifies original instance, and locale updates

2.27.0 See full changelog

... (truncated)

Commits

Updates mongodb from 2.2.31 to 4.17.2

Release notes

Sourced from mongodb's releases.

v4.17.2

4.17.2 (2023-11-16)

The MongoDB Node.js team is pleased to announce version 4.17.2 of the mongodb package!

Release Notes

Fix connection leak when serverApi is enabled

When enabling serverApi the driver's RTT mesurment logic (used to determine the closest node) still sent the legacy hello command "isMaster" causing the server to return an error. Unfortunately, the error handling logic did not correctly destroy the socket which would cause a leak.

Both sending the correct hello command and the error handling connection clean up logic are fixed in this change.

Bug Fixes

  • NODE-5751: RTTPinger always sends legacy hello (#3923) (bc3d020)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.1

4.17.1 (2023-08-23)

The MongoDB Node.js team is pleased to announce version 4.17.1 of the mongodb package!

Release Notes

Import of saslprep updated to correct library.

Fixes the import of saslprep to be the correct @mongodb-js/saslprep library.

Bug Fixes

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v4.17.0

4.17.0 (2023-08-17)

... (truncated)

Changelog

Sourced from mongodb's changelog.

4.17.2 (2023-11-16)

Bug Fixes

  • NODE-5751: RTTPinger always sends legacy hello (#3923) (bc3d020)

4.17.1 (2023-08-23)

Bug Fixes

4.17.0 (2023-08-17)

Features

  • NODE-5272: do not create or drop ecc collections (#3678) (d26ad61)
  • NODE-5398: use mongodb-js/saslprep instead of saslprep (#3820) (5244711)

Bug Fixes

  • NODE-5262: AWS Lambda metadata detection logic is too permissive (#3683) (c0c3d99)
  • NODE-5311: construct error messages for AggregateErrors in Node16+ (#3683) (98b7bdf)
  • NODE-5316: prevent parallel topology creation in MongoClient.connect (#3696) (e13038d)
  • NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#3732) (2d028af)
  • NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#3812) (2910dca)

4.16.0 (2023-04-18)

Features

  • NODE-5159: add FaaS env information to client metadata (#3639) (e0b20f1)
  • NODE-5199: add alternative runtime detection to client metadata (#3647) (fba16ad)

Bug Fixes

  • NODE-5161: metadata duplication in handshake (#3628) (b790142)
  • NODE-5200: relax SRV record validation to account for a dot suffix (#3640) (4272c43)

4.15.0 (2023-04-04)

Features

... (truncated)

Commits
  • aab9c46 chore(4.x): release 4.17.2 [skip-ci] (#3926)
  • bc3d020 fix(NODE-5751): RTTPinger always sends legacy hello (#3923)
  • c698918 test(NODE-5738): update data lake test scripts (#3920)
  • 3934465 ci(NODE-5654): remove vars from evergreen config (#3881)
  • 278523a ci(NODE-5667): remove custom dep tests against master and fix prose test 14 (...
  • 85996c3 test(NODE-5618): use npm 9 on eol node versions (#3862)
  • cdc3d53 chore(4.x): release 4.17.1 [skip-ci] (#3840)
  • ff6c293 fix(NODE-5573): fix saslprep import (#3838)
  • c83a801 chore(4.x): release 4.17.0 [skip-ci] (#3763)
  • 1b59955 chore: update release automation scripts 4.x (#3824)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates morgan from 1.8.2 to 1.11.0

Release notes

Sourced from morgan's releases.

1.11.0

What's Changed

Security Fix:

New Contributors

Full Changelog: expressjs/morgan@1.10.0...1.11.0

1.10.1

What's Changed

New Contributors

Full Changelog: expressjs/morgan@1.10.0...1.10.1

1.10.0

  • Add :total-time token
  • Fix trailing space in colored status code for dev format
  • deps: basic-auth@~2.0.1
    • deps: safe-buffer@5.1.2
  • deps: depd@~2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value

... (truncated)

Changelog

Sourced from morgan's changelog.

1.11.0 / 2026-06-02

  • add :pid token

Security Fix:

1.10.1 / 2025-07-17

1.10.0 / 2020-03-20

  • Add :total-time token
  • Fix trailing space in colored status code for dev format
  • deps: basic-auth@~2.0.1
    • deps: safe-buffer@5.1.2
  • deps: depd@~2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value

1.9.1 / 2018-09-10

  • Fix using special characters in format
  • deps: depd@~1.1.2
    • perf: remove argument reassignment

1.9.0 / 2017-09-26

  • Use res.headersSent when available
  • deps: basic-auth@~2.0.0
    • Use safe-buffer for improved Buffer API
  • deps: debug@2.6.9
  • deps: depd@~1.1.1
    • Remove unnecessary Buffer loading
Commits
  • e0e6f17 Release 1.11.0 (#350)
  • b3f5d9b Merge commit from fork
  • 203c758 build(deps): bump github/codeql-action from 4.32.4 to 4.35.2 (#346)
  • 002bc81 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#347)
  • 561b0d7 build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.0 (#338)
  • 2db705e build(deps): bump github/codeql-action from 3.29.7 to 4.32.4 (#337)
  • a373c5f build(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.3 (#327)
  • c8e72fa build(deps): bump actions/checkout from 4.1.1 to 6.0.1 (#324)
  • 023300e build(deps): bump actions/upload-artifact from 4.3.1 to 4.6.2 (#307)
  • 9d8d6c0 build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#306)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for morgan since your current version.


Updates mpath from 0.3.0 to 0.9.0

Changelog

Sourced from mpath's changelog.

0.9.0 / 2022-04-17

  • feat: export stringToParts()

0.8.4 / 2021-09-01

  • fix: throw error if parts contains an element that isn't a string or number #13

0.8.3 / 2020-12-30

  • fix: use var instead of let/const for Node.js 4.x support

0.8.2 / 2020-12-30

  • fix(stringToParts): fall back to legacy treatment for square brackets if square brackets contents aren't a number Automattic/mongoose#9640
  • chore: add eslint

0.8.1 / 2020-12-10

  • fix(stringToParts): handle empty string and trailing dot the same way that split() does for backwards compat

0.8.0 / 2020-11-14

  • feat: support square bracket indexing for get(), set(), has(), and unset()

0.7.0 / 2020-03-24

0.6.0 / 2019-05-01

  • feat: support setting dotted paths within nested arrays

0.5.2 / 2019-04-25

  • fix: avoid using subclassed array constructor when doing map()

0.5.1 / 2018-08-30

  • fix: prevent writing to constructor and prototype as well as proto

0.5.0 / 2018-08-30

  • BREAKING CHANGE: disallow setting/unsetting proto properties
  • feat: re-add support for Node < 4 for this release

0.4.1 / 2018-04-08

... (truncated)

Commits

Updates on-headers from 1.0.1 to 1.1.0

Release notes

Sourced from on-headers's releases.

1.1.0

Important

What's Changed

New Contributors

Full Changelog: jshttp/on-headers@v1.0.2...v1.1.0

1.0.2

  • Fix res.writeHead patch missing return value
Changelog

Sourced from on-headers's changelog.

1.1.0 / 2025-07-17

1.0.2 / 2019-02-21

  • Fix res.writeHead patch missing return value
Commits
  • 4b017af 1.1.0
  • b636f2d ♻️ refactor header array code
  • 3e2c2d4 ✨ ignore falsy header keys, matching node behavior
  • 172eb41 ✨ support duplicate headers
  • c6e3849 🔒️ fix array handling
  • 6893518 💚 update CI - add newer node versions
  • 56a345d ✨ add script to update known hashes
  • 175ab21 👷 add upstream change detection (#31)
  • ce0b2c8 ci: apply OSSF Scorecard security best practices (#20)
  • 1a38c54 fix: use ubuntu-latest as ci runner (#19)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for on-headers since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 4 updates in the / directory: [mongoose](https://github.com/Automattic/mongoose), [debug](https://github.com/debug-js/debug), [fresh](https://github.com/jshttp/fresh) and [moment](https://github.com/moment/moment).


Updates `mongoose` from 4.11.8 to 6.13.9
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/6.13.9/CHANGELOG.md)
- [Commits](Automattic/mongoose@4.11.8...6.13.9)

Updates `debug` from 2.6.8 to 2.6.9
- [Release notes](https://github.com/debug-js/debug/releases)
- [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md)
- [Commits](debug-js/debug@2.6.8...2.6.9)

Updates `bson` from 1.0.4 to 4.7.2
- [Release notes](https://github.com/mongodb/js-bson/releases)
- [Changelog](https://github.com/mongodb/js-bson/blob/v4.7.2/HISTORY.md)
- [Commits](mongodb/js-bson@V1.0.4...v4.7.2)

Updates `fresh` from 0.5.0 to 0.5.2
- [Changelog](https://github.com/jshttp/fresh/blob/master/HISTORY.md)
- [Commits](jshttp/fresh@v0.5.0...v0.5.2)

Updates `mime` from 1.3.6 to 1.6.0
- [Release notes](https://github.com/broofa/mime/releases)
- [Changelog](https://github.com/broofa/mime/blob/v1.6.0/CHANGELOG.md)
- [Commits](broofa/mime@v1.3.6...v1.6.0)

Updates `moment` from 2.18.1 to 2.30.1
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](moment/moment@2.18.1...2.30.1)

Updates `mongodb` from 2.2.31 to 4.17.2
- [Release notes](https://github.com/mongodb/node-mongodb-native/releases)
- [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v4.17.2/HISTORY.md)
- [Commits](mongodb/node-mongodb-native@v2.2.31...v4.17.2)

Updates `morgan` from 1.8.2 to 1.11.0
- [Release notes](https://github.com/expressjs/morgan/releases)
- [Changelog](https://github.com/expressjs/morgan/blob/master/HISTORY.md)
- [Commits](expressjs/morgan@1.8.2...1.11.0)

Updates `mpath` from 0.3.0 to 0.9.0
- [Changelog](https://github.com/mongoosejs/mpath/blob/master/History.md)
- [Commits](https://github.com/aheckmann/mpath/commits)

Updates `on-headers` from 1.0.1 to 1.1.0
- [Release notes](https://github.com/jshttp/on-headers/releases)
- [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md)
- [Commits](jshttp/on-headers@v1.0.1...v1.1.0)

---
updated-dependencies:
- dependency-name: mongoose
  dependency-version: 6.13.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: debug
  dependency-version: 2.6.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: bson
  dependency-version: 4.7.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fresh
  dependency-version: 0.5.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mime
  dependency-version: 1.6.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: moment
  dependency-version: 2.30.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mongodb
  dependency-version: 4.17.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: morgan
  dependency-version: 1.11.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mpath
  dependency-version: 0.9.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: on-headers
  dependency-version: 1.1.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 11, 2026
@GroovinChip

GroovinChip commented Jul 11, 2026

Copy link
Copy Markdown

@Nash0x7E2 do you mind unsubscribing me from all Stream repos? I keep getting dependabot PR notifications across Stream repos. It's frustrating to manually ignore every repo such notifications come from. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant