⬆️ Bump the npm_and_yarn group across 2 directories with 25 updates #453

dependabot · 2024-04-22T16:48:12Z

Bumps the npm_and_yarn group with 20 updates in the / directory:

Package	From	To
axios	`0.21.1`	`0.28.0`
file-type	`16.5.3`	`16.5.4`
electron	`19.0.13`	`22.3.25`
node-sass	`6.0.1`	`7.0.0`
webpack	`5.68.0`	`5.76.0`
@babel/traverse	`7.17.0`	`7.24.1`
decode-uri-component	`0.2.0`	`0.2.2`
ejs	`3.1.6`	`3.1.10`
eventsource	`1.1.0`	`1.1.2`
express	`4.17.2`	`4.19.2`
get-func-name	`2.0.0`	`2.0.2`
http-cache-semantics	`4.1.0`	`4.1.1`
ip	`1.1.5`	`1.1.9`
jszip	`3.7.1`	`3.10.1`
minimist	`1.2.5`	`1.2.8`
moment	`2.29.1`	`2.30.1`
plist	`3.0.4`	`3.1.0`
terser	`5.10.0`	`5.30.4`
url-parse	`1.5.4`	`1.5.10`
word-wrap	`1.2.3`	`1.2.5`

Bumps the npm_and_yarn group with 7 updates in the /src/electron directory:

Package	From	To
axios	`0.21.4`	`0.28.0`
async	`3.2.3`	`3.2.5`
ip	`1.1.5`	`1.1.9`
minimatch	`3.0.4`	`3.1.2`
minimist	`1.2.5`	`1.2.8`
@chainsafe/libp2p-noise	`5.0.2`	`5.0.3`
protobufjs	`6.11.2`	`6.11.4`

Updates axios from 0.21.1 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

v0.27.1

Fixes and Functionality:

Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)

Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

3b7635a [Release] v0.28.0 (#6211)
27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
80c3d74 chore(ci): backported publish action; (#6224)
2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
880b42e docs: Fix a typo in README
c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
80b546c fix: loosing request header (#4858) (#4871)
6acb5ef feat: brower platform add data protocol. (#4814)
bbb2264 fix(typing): axios response headers can be undefined (#4813)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates file-type from 16.5.3 to 16.5.4

Release notes

Sourced from file-type's releases.

v16.5.4

Fix: Malformed MKV could cause an infinite loop sindresorhus/file-type@d868356

CVE-2022-36313

Also fixed in 17.1.3

Commits

b5fe3b9 16.5.4
d868356 Fix: Malformed MKV could cause an infinite loop
See full diff in compare view

Updates electron from 19.0.13 to 22.3.25

Commits

1c1c132 chore: cherry-pick 3fbd1dca6a4d from libvpx (#40026)
d892c2b build: fixup autoninja (#39899)
6132e80 build: run on circle hosts for forks (#39865)
a953199 build: use aks backed runners for linux builds (#39838)
056eacf chore: cherry-pick b2eab7500a18 from chromium (#39827)
5f8ef81 fix: ensure app load is limited to real asar files when appropriate (#39811)
4995c9e chore: cherry-pick 1 changes from Release-3-M116 (#39758)
e29cdac build: fix depot_tools patch application (#39751)
b58903d chore: cherry-pick 1 changes from Release-2-M116 (#39689)
33f9dce chore: cherry-pick 2 changes from Release-1-M116 (#39648)
Additional commits viewable in compare view

Updates node-sass from 6.0.1 to 7.0.0

Release notes

Sourced from node-sass's releases.

v7.0.0

Breaking changes

Drop support for Node 15 (@nschonni)

Set rejectUnauthorized to true by default (@scott-ut, #3149)

Features

Add support for Node 17 (@nschonni)

Dependencies

Bump eslint from 7.32.0 to 8.0.0 (@nschonni, #3191)

Bump fs-extra from 0.30.0 to 10.0.0 (@nschonni, #3102)

Bump npmlog from 4.1.2 to 5.0.0 (@nschonni, #3156)

Bump chalk from 1.1.3 to 4.1.2 (@nschonni, #3161)

Community

Remove double word "support" from documentation (@pzrq, #3159)

Misc

Bump various GitHub Actions dependencies (@nschonni)

Supported Environments

OS Architecture Node

Windows x86 & x64 12, 14, 16, 17

OSX x64 12, 14, 16, 17

Linux* x64 12, 14, 16, 17

Alpine Linux x64 12, 14, 16, 17

FreeBSD i386 amd64 12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

Commits

918dcb3 Lint fix
0a21792 Set rejectUnauthorized to true by default (#3149)
e80d4af chore: Drop EOL Node 15 (#3122)
d753397 feat: Add Node 17 support (#3195)
dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0
bfa1a3c build(deps): bump actions/setup-node from 2.4.0 to 2.4.1
80d6c00 chore: Windows x86 on GitHub Actions (#3041)
566dc27 build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)
7bb5157 build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)
2efb38f build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)
Additional commits viewable in compare view

Updates webpack from 5.68.0 to 5.76.0

Release notes

Sourced from webpack's releases.

v5.76.0

Bugfixes

Avoid cross-realm object access by @Jack-Works in webpack/webpack#16500

Improve hash performance via conditional initialization by @lvivski in webpack/webpack#16491

Serialize generatedCode info to fix bug in asset module cache restoration by @ryanwilsonperkin in webpack/webpack#16703

Improve performance of hashRegExp lookup by @ryanwilsonperkin in webpack/webpack#16759

Features

add target to LoaderContext type by @askoufis in webpack/webpack#16781

Security

CVE-2022-37603 fixed by @akhilgkrishnan in webpack/webpack#16446

Repo Changes

Fix HTML5 logo in README by @jakebailey in webpack/webpack#16614

Replace TypeScript logo in README by @jakebailey in webpack/webpack#16613

Update actions/cache dependencies by @piwysocki in webpack/webpack#16493

New Contributors

@Jack-Works made their first contribution in webpack/webpack#16500

@lvivski made their first contribution in webpack/webpack#16491

@jakebailey made their first contribution in webpack/webpack#16614

@akhilgkrishnan made their first contribution in webpack/webpack#16446

@ryanwilsonperkin made their first contribution in webpack/webpack#16703

@piwysocki made their first contribution in webpack/webpack#16493

@askoufis made their first contribution in webpack/webpack#16781

Full Changelog: webpack/webpack@v5.75.0...v5.76.0

v5.75.0

Bugfixes

experiments.* normalize to false when opt-out

avoid NaN%

show the correct error when using a conflicting chunk name in code

HMR code tests existance of window before trying to access it

fix eval-nosources-* actually exclude sources

fix race condition where no module is returned from processing module

fix position of standalong semicolon in runtime code

Features

add support for @import to extenal CSS when using experimental CSS in node

add i64 support to the deprecated WASM implementation

Developer Experience

expose EnableWasmLoadingPlugin

add more typings

generate getters instead of readonly properties in typings to allow overriding them

... (truncated)

Commits

97b1718 Merge pull request #16781 from askoufis/loader-context-target-type
b84efe6 Merge pull request #16759 from ryanwilsonperkin/real-content-hash-regex-perf
c98e9e0 Merge pull request #16493 from piwysocki/patch-1
5f34acf feat: Add target to LoaderContext type
b7fc4d8 Merge pull request #16703 from ryanwilsonperkin/ryanwilsonperkin/fix-16160
63ea82d Merge branch 'webpack:main' into patch-1
4ba2252 Merge pull request #16446 from akhilgkrishnan/patch-1
1acd635 Merge pull request #16613 from jakebailey/ts-logo
302eb37 Merge pull request #16614 from jakebailey/html5-logo
cfdb1df Improve performance of hashRegExp lookup
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

Updates @babel/traverse from 7.17.0 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates ejs from 3.1.6 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates eventsource from 1.1.0 to 1.1.2

Changelog

Sourced from eventsource's changelog.

1.1.2

Inline origin resolution, drops original dependency (#281 Espen Hovlandsdal)

1.1.1

Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal)

Commits

0a8b85b 1.1.2
f99ae66 docs: update history for 1.1.2
06c9721 chore: rebuild polyfill
9494642 fix: inline origin resolution, drop original dependency (#281)
aa7a408 1.1.1
56d489e chore: rebuild polyfill
4a951e5 docs: update history for 1.1.1
f9f6416 fix: strip sensitive headers on redirect to different origin
See full diff in compare view

Updates express from 4.17.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in

Bumps the npm_and_yarn group with 20 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `0.21.1` | `0.28.0` | | [file-type](https://github.com/sindresorhus/file-type) | `16.5.3` | `16.5.4` | | [electron](https://github.com/electron/electron) | `19.0.13` | `22.3.25` | | [node-sass](https://github.com/sass/node-sass) | `6.0.1` | `7.0.0` | | [webpack](https://github.com/webpack/webpack) | `5.68.0` | `5.76.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.17.0` | `7.24.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` | | [eventsource](https://github.com/EventSource/eventsource) | `1.1.0` | `1.1.2` | | [express](https://github.com/expressjs/express) | `4.17.2` | `4.19.2` | | [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [jszip](https://github.com/Stuk/jszip) | `3.7.1` | `3.10.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [moment](https://github.com/moment/moment) | `2.29.1` | `2.30.1` | | [plist](https://github.com/TooTallNate/node-plist) | `3.0.4` | `3.1.0` | | [terser](https://github.com/terser/terser) | `5.10.0` | `5.30.4` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.5.4` | `1.5.10` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Bumps the npm_and_yarn group with 7 updates in the /src/electron directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `0.21.4` | `0.28.0` | | [async](https://github.com/caolan/async) | `3.2.3` | `3.2.5` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [@chainsafe/libp2p-noise](https://github.com/ChainSafe/js-libp2p-noise) | `5.0.2` | `5.0.3` | | [protobufjs](https://github.com/protobufjs/protobuf.js) | `6.11.2` | `6.11.4` | Updates `axios` from 0.21.1 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.28.0) Updates `file-type` from 16.5.3 to 16.5.4 - [Release notes](https://github.com/sindresorhus/file-type/releases) - [Commits](sindresorhus/file-type@v16.5.3...v16.5.4) Updates `electron` from 19.0.13 to 22.3.25 - [Release notes](https://github.com/electron/electron/releases) - [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md) - [Commits](electron/electron@v19.0.13...v22.3.25) Updates `node-sass` from 6.0.1 to 7.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v6.0.1...v7.0.0) Updates `webpack` from 5.68.0 to 5.76.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.68.0...v5.76.0) Updates `@babel/traverse` from 7.17.0 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `ejs` from 3.1.6 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.6...v3.1.10) Updates `eventsource` from 1.1.0 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.2) Updates `express` from 4.17.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.2...4.19.2) Updates `follow-redirects` from 1.14.7 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.15.6) Updates `get-func-name` from 2.0.0 to 2.0.2 - [Release notes](https://github.com/chaijs/get-func-name/releases) - [Commits](https://github.com/chaijs/get-func-name/commits/v2.0.2) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `jszip` from 3.7.1 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.7.1...v3.10.1) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `moment` from 2.29.1 to 2.30.1 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.1...2.30.1) Updates `plist` from 3.0.4 to 3.1.0 - [Release notes](https://github.com/TooTallNate/node-plist/releases) - [Changelog](https://github.com/TooTallNate/plist.js/blob/master/History.md) - [Commits](https://github.com/TooTallNate/node-plist/commits) Updates `terser` from 5.10.0 to 5.30.4 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.10.0...v5.30.4) Updates `url-parse` from 1.5.4 to 1.5.10 - [Commits](unshiftio/url-parse@1.5.4...1.5.10) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `axios` from 0.21.4 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.28.0) Updates `async` from 3.2.3 to 3.2.5 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v3.2.3...v3.2.5) Updates `follow-redirects` from 1.14.7 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.7...v1.15.6) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `@chainsafe/libp2p-noise` from 5.0.2 to 5.0.3 - [Release notes](https://github.com/ChainSafe/js-libp2p-noise/releases) - [Changelog](https://github.com/ChainSafe/js-libp2p-noise/blob/master/CHANGELOG.md) - [Commits](ChainSafe/js-libp2p-noise@v5.0.2...v5.0.3) Updates `protobufjs` from 6.11.2 to 6.11.4 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](https://github.com/protobufjs/protobuf.js/commits) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: file-type dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: electron dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: get-func-name dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: plist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@chainsafe/libp2p-noise" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 22, 2024

This was referenced Apr 22, 2024

⬆️ Bump express from 4.17.2 to 4.19.2 #321

Closed

⬆️ Bump follow-redirects from 1.14.7 to 1.15.6 #317

Closed

⬆️ Bump ip from 1.1.5 to 1.1.9 #316

Closed

TheComputerGenie merged commit ed21db9 into main Apr 22, 2024
1 check passed

TheComputerGenie deleted the dependabot/npm_and_yarn/npm_and_yarn-e2b9d1cd8c branch April 22, 2024 16:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⬆️ Bump the npm_and_yarn group across 2 directories with 25 updates #453

⬆️ Bump the npm_and_yarn group across 2 directories with 25 updates #453

dependabot bot commented on behalf of github Apr 22, 2024

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

⬆️ Bump the npm_and_yarn group across 2 directories with 25 updates #453

⬆️ Bump the npm_and_yarn group across 2 directories with 25 updates #453

Conversation

dependabot bot commented on behalf of github Apr 22, 2024

Release v0.28.0

Release notes:

Bug Fixes

Backports from v1.x:

v0.27.2

v0.27.1

Fixes and Functionality:

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

Backports from v1.x:

0.27.2 (April 27, 2022)

0.27.1 (April 26, 2022)

v16.5.4

v7.0.0

Breaking changes

Features

Dependencies

Community

Misc

Supported Environments

v5.76.0

Bugfixes

Features

Security

Repo Changes

New Contributors

v5.75.0

Bugfixes

Features

Developer Experience

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

v0.2.2

v0.2.1

v3.1.10

v3.1.9

v3.1.8

v3.1.7

1.1.2

1.1.1

4.19.2

What's Changed

4.19.1

What's Changed