Skip to content

Bump form-data, less-middleware and sendgrid #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump form-data, less-middleware and sendgrid #37

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jul 21, 2025
edited
Loading

Removes form-data. It's no longer used after updating ancestor dependencies form-data, less-middleware and sendgrid. These dependencies need to be updated together.

Removes form-data

Updates less-middleware from 0.1.15 to 2.2.1

Release notes

Sourced from less-middleware's releases.

Bug Fix Release

Fixing bug #123 with the less file imports not having the information needed to invalidate the cache based on imported file changes.

Added the preprocess.importPaths to allow for changing the import paths based on the request variables.

Less 2.4 Compatibility

Updating to the latest version of Less to enable all the new features, especially the ability to use less plugins!

Comes with some breaking changes, be sure to consult the readme for the current options.

  • Upgraded to the 2.4 version of Less.
  • Updated dependencies to the latest versions.
  • Removed options.parser since Less is simplifying to just a render function.
  • Using options.render for passing through all rendering options directly to the less rendering.
  • Added postprocess.sourcemap option for modifying the sourcemap.
  • Added storeSourcemap option for manipulating the sourcemap storage.
  • Removed pre 0.1.x warning

SourceMap and Caching

This release includes improvements by @​neekey and @​viveksjain targeting sourcemap improvements and caching.

With the improvements from @​neekey, the sourcemap option for the compiler should be better at returning the correct line numbers in the css map.

Working with large numbers of less files also became easier thanks to @​viveksjain who implemented a cacheFile for saving "the imports (in JSON format) to the given cacheFile on exit." This can greatly improve startup time when nothing has changed in the fines.

Changelog

Sourced from less-middleware's changelog.

2.0.1

  • 22 Feb 2015

    • Fixed #123: imports are not objects for cache checking and did not have mtimes.
    • Added a preprocess.importPaths for modifying the import paths per request.

2.0.0

– 21 Feb 2015

  • Upgraded to the 2.4 version of Less.
  • Updated dependencies to the latest versions.
  • Removed options.parser since Less is simplifying to just a render function.
  • Using options.render for passing through all rendering options directly to the less rendering.
  • Changed options.storeCss arguments from (pathname, css, next) to (pathname, css, req, next)
  • Added postprocess.sourcemap option for modifying the sourcemap.
  • Added storeSourcemap option for manipulating the sourcemap storage.
  • Removed pre 0.1.x warning
Commits
  • 76f8886 Updating version.
  • 7471d55 Updating the node 8 fs fileWrite usage.
  • 2e10150 Updating dependencies.
  • b1c023f Merge branch 'master' of github.com:emberfeather/less.js-middleware
  • 6f3056c Merge pull request #149 from Jorundur/patch-1
  • 7a9cb9b "preprocessing" -> "postprocessing"
  • 8832b44 Reordering packages.o
  • e4c6a63 Updating dependencies.
  • ea9c121 Adding yarn.
  • 695b71a Updating link on dependency managment.
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by zoramite, a new releaser for less-middleware since your current version.


Updates sendgrid from 1.9.2 to 5.2.3

Release notes

Sourced from sendgrid's releases.

v5.2.2

Fix

  • Pull #418, Fixed #417
  • Update TypeScript definition to correct callback arguments for API
  • Thanks to Benjamin Pannell for the PR!

v5.2.1

Fixed

  • Pull #413: Handle null and undefined values in substitutions
  • Thanks to Matteo Ferrando for the PR!

v5.2.0

Fixed

  • Pull #410: Cast substitution values to strings
  • Thanks to Ryan James for the PR!

v5.1.2

Fixed

v5.1.1

Added

  • Pull #391
  • Return personalizations as an array of request compatible JSON.
  • Thanks to Paul Hrimiuc for the PR!

v5.1.0

Added

  • Pull #325
  • Run prism for tests
  • Now the mock SendGrid server, powered by Prism is automated locally and on Travis
  • Thanks to Mike Ralphson for the PR!

v5.0.1

Fixed

  • Pull #385
  • Remove JSON.parse() around response bodies in contact-importer
  • Thanks to Eemeli Aro for the PR!

v5.0.0

BREAKING CHANGE

  • Pull #328
  • Drop 0.10, 0.12 from supported Node.js versions, add 6
  • Thanks to Mike Ralphson for the PR!

v4.10.0

Added

... (truncated)

Upgrade guide

Sourced from sendgrid's upgrade guide.

Upgrade Guide

All MAJOR version bumps will have upgrade notes posted here.

[2023-12-05] 7.x.x to 8.x.x

  • Supported Node.js versions updated
    • Upgrade to Node.js = [12, 14, 16, lts]
    • Dropped support for Node.js < 12 (#1391)
    • Axios security vulnerability upgrade (#1391)
Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Bump form-data, less-middleware and sendgrid
6250d74 
Removes [form-data](https://github.com/form-data/form-data). It's no longer used after updating ancestor dependencies [form-data](https://github.com/form-data/form-data), [less-middleware](https://github.com/emberfeather/less.js-middleware) and [sendgrid](https://github.com/sendgrid/sendgrid-nodejs). These dependencies need to be updated together.


Removes `form-data`

Updates `less-middleware` from 0.1.15 to 2.2.1
- [Release notes](https://github.com/emberfeather/less.js-middleware/releases)
- [Changelog](https://github.com/emberfeather/less.js-middleware/blob/master/changelog.md)
- [Commits](emberfeather/less.js-middleware@0.1.15...2.2.1)

Updates `sendgrid` from 1.9.2 to 5.2.3
- [Release notes](https://github.com/sendgrid/sendgrid-nodejs/releases)
- [Changelog](https://github.com/sendgrid/sendgrid-nodejs/blob/main/CHANGELOG.md)
- [Upgrade guide](https://github.com/sendgrid/sendgrid-nodejs/blob/main/UPGRADE.md)
- [Commits](https://github.com/sendgrid/sendgrid-nodejs/commits)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 
  dependency-type: indirect
- dependency-name: less-middleware
  dependency-version: 2.2.1
  dependency-type: direct:production
- dependency-name: sendgrid
  dependency-version: 5.2.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant