Bump the npm_and_yarn group across 1 directory with 10 updates#6
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 10 updates#6dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 4 updates in the / directory: [mongoose](https://github.com/Automattic/mongoose), [debug](https://github.com/debug-js/debug), [fresh](https://github.com/jshttp/fresh) and [moment](https://github.com/moment/moment). Updates `mongoose` from 4.11.8 to 6.13.9 - [Release notes](https://github.com/Automattic/mongoose/releases) - [Changelog](https://github.com/Automattic/mongoose/blob/6.13.9/CHANGELOG.md) - [Commits](Automattic/mongoose@4.11.8...6.13.9) Updates `debug` from 2.6.8 to 2.6.9 - [Release notes](https://github.com/debug-js/debug/releases) - [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md) - [Commits](debug-js/debug@2.6.8...2.6.9) Updates `bson` from 1.0.4 to 4.7.2 - [Release notes](https://github.com/mongodb/js-bson/releases) - [Changelog](https://github.com/mongodb/js-bson/blob/v4.7.2/HISTORY.md) - [Commits](mongodb/js-bson@V1.0.4...v4.7.2) Updates `fresh` from 0.5.0 to 0.5.2 - [Changelog](https://github.com/jshttp/fresh/blob/master/HISTORY.md) - [Commits](jshttp/fresh@v0.5.0...v0.5.2) Updates `mime` from 1.3.6 to 1.6.0 - [Release notes](https://github.com/broofa/mime/releases) - [Changelog](https://github.com/broofa/mime/blob/v1.6.0/CHANGELOG.md) - [Commits](broofa/mime@v1.3.6...v1.6.0) Updates `moment` from 2.18.1 to 2.30.1 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.18.1...2.30.1) Updates `mongodb` from 2.2.31 to 4.17.2 - [Release notes](https://github.com/mongodb/node-mongodb-native/releases) - [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v4.17.2/HISTORY.md) - [Commits](mongodb/node-mongodb-native@v2.2.31...v4.17.2) Updates `morgan` from 1.8.2 to 1.11.0 - [Release notes](https://github.com/expressjs/morgan/releases) - [Changelog](https://github.com/expressjs/morgan/blob/master/HISTORY.md) - [Commits](expressjs/morgan@1.8.2...1.11.0) Updates `mpath` from 0.3.0 to 0.9.0 - [Changelog](https://github.com/mongoosejs/mpath/blob/master/History.md) - [Commits](https://github.com/aheckmann/mpath/commits) Updates `on-headers` from 1.0.1 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: mongoose dependency-version: 6.13.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: debug dependency-version: 2.6.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: bson dependency-version: 4.7.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fresh dependency-version: 0.5.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mime dependency-version: 1.6.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-version: 2.30.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mongodb dependency-version: 4.17.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: morgan dependency-version: 1.11.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mpath dependency-version: 0.9.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
|
@Nash0x7E2 do you mind unsubscribing me from all Stream repos? I keep getting dependabot PR notifications across Stream repos. It's frustrating to manually ignore every repo such notifications come from. Thanks. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 4 updates in the / directory: mongoose, debug, fresh and moment.
Updates
mongoosefrom 4.11.8 to 6.13.9Release notes
Sourced from mongoose's releases.
Changelog
Sourced from mongoose's changelog.
... (truncated)
Commits
473a92estyle: fix lint40e1af0quick fix for no elvis operator in node 12068ee25chore: release 6.13.93b0c5c0fix: handle other top-level query operators in sanitizeFilterb331eacMerge pull request #15434 from Automattic/vkarpov15/gh-154272097837chore: remove upload-artifact8045783chore: bump ubuntu versions in GitHub actions5235028docs(compatibility): add note that Mongoose ^6.5 works with MongoDB server 7.x1448c67Merge pull request #15303 from Automattic/vkarpov15/gh-1529917d1bd6fix ts benchmark by bumping max instantiationsUpdates
debugfrom 2.6.8 to 2.6.9Release notes
Sourced from debug's releases.
Changelog
Sourced from debug's changelog.
Commits
13abeaeRelease 2.6.9f53962eremove ReDoS regexp in %o formatter (#504)Updates
bsonfrom 1.0.4 to 4.7.2Release notes
Sourced from bson's releases.
... (truncated)
Changelog
Sourced from bson's changelog.
... (truncated)
Commits
c3fc5dfchore(release): 4.7.2a298d22fix(NODE-4932): remove .0 suffix from double extended json values (#553)5465c33chore(release): 4.7.1d86bd52fix(NODE-4905): double precision accuracy in canonical EJSON (#549)853bbb0chore(release): 4.7.01dc7eaefeat(NODE-4535): automatically promote UUIDs when deserializing and parsing U...e9afa9dfeat(NODE-4506): Make UUID a subclass of binary (#512)ff2b975feat(NODE-4419): UUID class deserialization (#509)f5dc9edfeat(NODE-4405): support serializing UUID class (#508)4d75481test(NODE-4357): delete windows tests (#510)Maintainer changes
This version was pushed to npm by nbbeeken, a new releaser for bson since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
freshfrom 0.5.0 to 0.5.2Changelog
Sourced from fresh's changelog.
Commits
02df6300.5.237cd4a2build: Node.js@8.5731c0ebbuild: Node.js@6.1121a0f0cperf: improve If-None-Match token parsingff5f257Fix regression matching multiple ETags in If-None-Matche8a4aaf0.5.17015bceperf: improve ETag match loop7a2b460Fix handling of modified headers with invalid dates1599530bench: add simple benchmarks74793d9build: eslint-plugin-node@5.1.1Updates
mimefrom 1.3.6 to 1.6.0Changelog
Sourced from mime's changelog.
... (truncated)
Commits
87b396e1.6.04db5125changelog3668c6bUse mime-score module to resolve extension conflicts. Fixes #183949b4511.5.085672d3application/font-woff -> font/woff1f6281dchmod cli.jsc0853d2update to mime-db@v1.31.03004636Generate CHANGELOG.md via github-release-noteseb24bae1.4.1855d0c4Fix #167Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
momentfrom 2.18.1 to 2.30.1Changelog
Sourced from moment's changelog.
... (truncated)
Commits
485d9a7Build 2.30.1e048b09Bump version to 2.30.1f9f2d58Update changelog for 2.30.1a52ffb2Revert "Merge pull request #5827 from BobZombie:feature/fix_d.ts"ddd6809Build 2.30.0be64d00Bump version to 2.30.0ad41179Update changelog for 2.30.063fe479[misc] Make code ES6 compatible0f0195fRevert "Merge pull request #5599 from Alanscut:issue_4985"15b82f5Revert "Merge pull request #5597 from Alanscut:issue-5596"Updates
mongodbfrom 2.2.31 to 4.17.2Release notes
Sourced from mongodb's releases.
... (truncated)
Changelog
Sourced from mongodb's changelog.
... (truncated)
Commits
aab9c46chore(4.x): release 4.17.2 [skip-ci] (#3926)bc3d020fix(NODE-5751): RTTPinger always sends legacy hello (#3923)c698918test(NODE-5738): update data lake test scripts (#3920)3934465ci(NODE-5654): remove vars from evergreen config (#3881)278523aci(NODE-5667): remove custom dep tests against master and fix prose test 14 (...85996c3test(NODE-5618): use npm 9 on eol node versions (#3862)cdc3d53chore(4.x): release 4.17.1 [skip-ci] (#3840)ff6c293fix(NODE-5573): fix saslprep import (#3838)c83a801chore(4.x): release 4.17.0 [skip-ci] (#3763)1b59955chore: update release automation scripts 4.x (#3824)Maintainer changes
This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
morganfrom 1.8.2 to 1.11.0Release notes
Sourced from morgan's releases.
... (truncated)
Changelog
Sourced from morgan's changelog.
Commits
e0e6f17Release 1.11.0 (#350)b3f5d9bMerge commit from fork203c758build(deps): bump github/codeql-action from 4.32.4 to 4.35.2 (#346)002bc81build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#347)561b0d7build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.0 (#338)2db705ebuild(deps): bump github/codeql-action from 3.29.7 to 4.32.4 (#337)a373c5fbuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.3 (#327)c8e72fabuild(deps): bump actions/checkout from 4.1.1 to 6.0.1 (#324)023300ebuild(deps): bump actions/upload-artifact from 4.3.1 to 4.6.2 (#307)9d8d6c0build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#306)Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for morgan since your current version.
Updates
mpathfrom 0.3.0 to 0.9.0Changelog
Sourced from mpath's changelog.
... (truncated)
Commits
Updates
on-headersfrom 1.0.1 to 1.1.0Release notes
Sourced from on-headers's releases.
Changelog
Sourced from on-headers's changelog.
Commits
4b017af1.1.0b636f2d♻️ refactor header array code3e2c2d4✨ ignore falsy header keys, matching node behavior172eb41✨ support duplicate headersc6e3849🔒️ fix array handling6893518💚 update CI - add newer node versions56a345d✨ add script to update known hashes175ab21👷 add upstream change detection (#31)ce0b2c8ci: apply OSSF Scorecard security best practices (#20)1a38c54fix: useubuntu-latestas ci runner (#19)Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for on-headers since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.