chore(deps): bump the npm_and_yarn group with 12 updates #22

dependabot · 2024-11-08T20:38:21Z

Bumps the npm_and_yarn group with 13 updates:

Package	From	To
express	`4.19.2`	`4.20.0`
vite	`5.2.11`	`5.4.10`
axios	`1.6.8`	`1.7.7`
body-parser	`1.20.2`	`1.20.3`
braces	`3.0.2`	`3.0.3`
cookie	`0.6.0`	`0.7.1`
express	`4.20.0`	`4.21.1`
micromatch	`4.0.5`	`4.0.8`
lint-staged	`15.2.2`	`15.2.10`
path-to-regexp	`0.1.7`	`0.1.10`
rollup	`4.17.2`	`4.24.4`
send	`0.18.0`	`0.19.0`
serve-static	`1.15.0`	`1.16.2`

Updates express from 4.19.2 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Updates vite from 5.2.11 to 5.4.10

Release notes

Sourced from vite's releases.

v5.4.10

Please refer to CHANGELOG.md for details.

v5.4.9

Please refer to CHANGELOG.md for details.

v5.4.8

Please refer to CHANGELOG.md for details.

v5.4.7

Please refer to CHANGELOG.md for details.

v5.4.6

Please refer to CHANGELOG.md for details.

v5.4.5

Please refer to CHANGELOG.md for details.

v5.4.4

Please refer to CHANGELOG.md for details.

v5.4.3

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v5.4.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v5.4.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v5.4.0

Please refer to CHANGELOG.md for details.

v5.4.0-beta.1

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

5.4.10 (2024-10-23)

fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412

5.4.9 (2024-10-14)

fix: bump launch-editor-middleware to v2.9.1 (#18348) (508d9ab), closes #18348

fix(css): fix lightningcss dep url resolution with custom root (#18125) (eae00b5), closes #18125

fix(data-uri): only match ids starting with data: (#18241) (96084d6), closes #18241

fix(deps): bump tsconfck (#18322) (dc5434c), closes #18322

fix(hmr): don't try to rewrite imports for direct CSS soft invalidation (#18252) (851b258), closes #18252

fix(ssr): (backport #18150) fix source map remapping with multiple sources (#18204) (262a879), closes #18204

chore: update all url references of vitejs.dev to vite.dev (#18276) (c23558a), closes #18276

chore: update license copyright (#18278) (1864eb1), closes #18278

docs: update homepage (#18274) (ae44163), closes #18274

5.4.8 (2024-09-25)

fix(css): backport #18113, fix missing source file warning with sass modern api custom importer (#18 (7d47fc1), closes #18183

fix(css): backport #18128, ensure sass compiler initialized only once (#18184) (8464d97), closes #18128 #18184

5.4.7 (2024-09-20)

fix: treat config file as ESM in Deno (#18158) (b5908a2), closes #18158

5.4.6 (2024-09-16)

fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (179b177), closes #18115

fix: fs raw query (#18112) (6820bb3), closes #18112

5.4.5 (2024-09-13)

fix(preload): backport #18098, throw error preloading module as well (#18099) (faa2405), closes #18098 #18099

5.4.4 (2024-09-11)

fix: backport #17997, ensure req.url matches moduleByEtag URL to avoid incorrect 304 (#18078) (74a79c5), closes #17997 #18078

fix: backport #18063, allow scanning exports from script module in svelte (#18077) (d90ba40), closes #18063 #18077

... (truncated)

Commits

5f52bc8 release: v5.4.10
7d1a3bc fix: backport #18367,augment hash for CSS files to prevent chromium erroring ...
898d61f release: v5.4.9
508d9ab fix: bump launch-editor-middleware to v2.9.1 (#18348)
dc5434c fix(deps): bump tsconfck (#18322)
851b258 fix(hmr): don't try to rewrite imports for direct CSS soft invalidation (#18252)
96084d6 fix(data-uri): only match ids starting with data: (#18241)
eae00b5 fix(css): fix lightningcss dep url resolution with custom root (#18125)
c23558a chore: update all url references of vitejs.dev to vite.dev (#18276)
1864eb1 chore: update license copyright (#18278)
Additional commits viewable in compare view

Updates axios from 1.6.8 to 1.7.7

Release notes

Sourced from axios's releases.

Release v1.7.7

Release notes:

Bug Fixes

fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)

http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

Rishi556

Dmitriy Mozgovoy

Release v1.7.6

Release notes:

Bug Fixes

fetch: fix content length calculation for FormData payload; (#6524) (085f568)

fetch: optimize signals composing logic; (#6582) (df9889b)

Contributors to this release

Dmitriy Mozgovoy

Jacques Germishuys

kuroino721

Release v1.7.5

Release notes:

Bug Fixes

adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)

core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)

core: fix ReferenceError: navigator is not defined for custom environments; (#6567) (fed1a4b)

fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)

Contributors to this release

Dmitriy Mozgovoy

Antonin Bas

Hans Otto Wirtz

Release v1.7.4

Release notes:

Bug Fixes

sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)

sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

Lev Pachmanov

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.7 (2024-08-31)

Bug Fixes

fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)

http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

Rishi556

Dmitriy Mozgovoy

1.7.6 (2024-08-30)

Bug Fixes

fetch: fix content length calculation for FormData payload; (#6524) (085f568)

fetch: optimize signals composing logic; (#6582) (df9889b)

Contributors to this release

Dmitriy Mozgovoy

Jacques Germishuys

kuroino721

1.7.5 (2024-08-23)

Bug Fixes

adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)

core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)

core: fix ReferenceError: navigator is not defined for custom environments; (#6567) (fed1a4b)

fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)

Contributors to this release

Dmitriy Mozgovoy

Antonin Bas

Hans Otto Wirtz

1.7.4 (2024-08-13)

Bug Fixes

sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)

sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

... (truncated)

Commits

5b8a826 chore(release): v1.7.7 (#6585)
364993f fix(http): fixed support for IPv6 literal strings in url (#5731)
d198085 fix(fetch): fix stream handling in Safari by fallback to using a stream reade...
d584fcf chore(release): v1.7.6 (#6583)
bc03c6c chore(examples): fix module import (#6575)
df9889b fix(fetch): optimize signals composing logic; (#6582)
ee208cf chore(sponsor): update sponsor block (#6576)
085f568 fix(fetch): fix content length calculation for FormData payload; (#6524)
59cd6b0 chore(release): v1.7.5 (#6574)
6700a8a fix(core): add the missed implementation of AxiosError#status property; (#6573)
Additional commits viewable in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Updates cookie from 0.6.0 to 0.7.1

Release notes

Sourced from cookie's releases.

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

Commits

cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
d6f39b0 Fix tests for old node
6bb701f Remove failing scorecard
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates express from 4.20.0 to 4.21.1

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (

Bumps the npm_and_yarn group with 13 updates: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.19.2` | `4.20.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.2.11` | `5.4.10` | | [axios](https://github.com/axios/axios) | `1.6.8` | `1.7.7` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.3` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cookie](https://github.com/jshttp/cookie) | `0.6.0` | `0.7.1` | | [express](https://github.com/expressjs/express) | `4.20.0` | `4.21.1` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `15.2.2` | `15.2.10` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.7` | `0.1.10` | | [rollup](https://github.com/rollup/rollup) | `4.17.2` | `4.24.4` | | [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.0` | | [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.2` | Updates `express` from 4.19.2 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.19.2...4.20.0) Updates `vite` from 5.2.11 to 5.4.10 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.10/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.10/packages/vite) Updates `axios` from 1.6.8 to 1.7.7 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.8...v1.7.7) Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cookie` from 0.6.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.6.0...v0.7.1) Updates `express` from 4.20.0 to 4.21.1 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.19.2...4.20.0) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `lint-staged` from 15.2.2 to 15.2.10 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/master/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v15.2.2...v15.2.10) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `rollup` from 4.17.2 to 4.24.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.17.2...v4.24.4) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lint-staged dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-11-08T20:38:22Z

Dependabot tried to add @cmmarslender and @emlowe as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/Chia-Network/core-registry-dashboard-ui/pulls/22/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the Chia-Network/core-registry-dashboard-ui repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

dependabot · 2024-11-08T20:38:23Z

The following labels could not be found: dependencies, javascript, Changed.

socket-security · 2024-11-08T20:38:57Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected]	Transitive: environment, eval, filesystem, network, unsafe	`+64`	2.16 MB	blakeembrey, dougwilson, linusu, ...4 more
npm/[email protected]	Transitive: environment, filesystem, shell	`+52`	2.22 MB	okonet
npm/[email protected]	Transitive: environment, filesystem, network, shell	`+51`	279 MB	antfu, patak, soda, ...2 more

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

dependabot · 2024-11-08T22:19:33Z

Looks like these dependencies are no longer updatable, so this is no longer needed.

dependabot bot closed this Nov 8, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-c094e0aaf8 branch November 8, 2024 22:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm_and_yarn group with 12 updates #22

chore(deps): bump the npm_and_yarn group with 12 updates #22

dependabot bot commented on behalf of github Nov 8, 2024 •

edited

Loading

dependabot bot commented on behalf of github Nov 8, 2024

dependabot bot commented on behalf of github Nov 8, 2024

socket-security bot commented Nov 8, 2024

dependabot bot commented on behalf of github Nov 8, 2024

chore(deps): bump the npm_and_yarn group with 12 updates #22

chore(deps): bump the npm_and_yarn group with 12 updates #22

Conversation

dependabot bot commented on behalf of github Nov 8, 2024 • edited Loading

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

v5.4.10

v5.4.9

v5.4.8

v5.4.7

v5.4.6

v5.4.5

v5.4.4

v5.4.3

[email protected]

[email protected]

v5.4.2

[email protected]

v5.4.1

[email protected]

[email protected]

v5.4.0

v5.4.0-beta.1

5.4.10 (2024-10-23)

5.4.9 (2024-10-14)

5.4.8 (2024-09-25)

5.4.7 (2024-09-20)

5.4.6 (2024-09-16)

5.4.5 (2024-09-13)

5.4.4 (2024-09-11)

Release v1.7.7

Release notes:

Bug Fixes

Contributors to this release

Release v1.7.6

Release notes:

Bug Fixes

Contributors to this release

Release v1.7.5

Release notes:

Bug Fixes

Contributors to this release

Release v1.7.4

Release notes:

Bug Fixes

Contributors to this release

1.7.7 (2024-08-31)

Bug Fixes

Contributors to this release

1.7.6 (2024-08-30)

Bug Fixes

Contributors to this release

1.7.5 (2024-08-23)

Bug Fixes

Contributors to this release

1.7.4 (2024-08-13)

Bug Fixes

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.3 / 2024-09-10

0.7.1

0.7.0

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

dependabot bot commented on behalf of github Nov 8, 2024

dependabot bot commented on behalf of github Nov 8, 2024

socket-security bot commented Nov 8, 2024

dependabot bot commented on behalf of github Nov 8, 2024

dependabot bot commented on behalf of github Nov 8, 2024 •

edited

Loading