chore(deps): Bump the npm_and_yarn group across 1 directory with 28 updates #1

dependabot · 2024-10-14T13:22:17Z

Bumps the npm_and_yarn group with 25 updates in the / directory:

Package	From	To
postcss	`8.4.23`	`8.4.31`
rollup	`2.53.1`	`2.79.2`
body-parser	`1.20.2`	`1.20.3`
node-fetch	`2.7.0`	`3.2.10`
express	`4.19.2`	`4.20.0`
semver	`6.3.0`	`6.3.1`
vue-template-compiler	`2.7.15`	`2.7.16`
ws	`7.5.6`	`7.5.10`
axios	`0.21.4`	`0.28.0`
mysql2	`2.3.3`	`3.9.8`
es5-ext	`0.10.53`	`0.10.63`
@babel/traverse	`7.24.1`	`7.24.5`
cookiejar	`2.1.3`	`2.1.4`
decode-uri-component	`0.2.0`	`0.2.2`
eventsource	`1.1.0`	`1.1.2`
http-cache-semantics	`4.1.0`	`4.1.1`
loader-utils	`1.4.0`	`1.4.2`
markdown-it	`12.3.0`	`12.3.2`
plist	`3.0.4`	`3.1.0`
semver-regex	`3.1.3`	`3.1.4`
socket.io-parser	`3.3.3`	`3.3.4`
socket.io	`2.4.1`	`2.5.1`
ua-parser-js	`0.7.31`	`0.7.39`
url-parse	`1.5.3`	`1.5.10`
word-wrap	`1.2.3`	`1.2.5`

Updates postcss from 8.4.23 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

Changelog

Sourced from postcss's changelog.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

Commits

90208de Release 8.4.31 version
58cc860 Fix carrier return parsing
4fff8e4 Improve pnpm test output
cd43ed1 Update dependencies
caa916b Update dependencies
8972f76 Typo
11a5286 Typo
45c5501 Release 8.4.30 version
bc3c341 Update linter
b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
Additional commits viewable in compare view

Updates rollup from 2.53.1 to 2.79.2

Changelog

Sourced from rollup's changelog.

rollup changelog

4.24.0

2024-10-02

Features

Support preserving and transpiling JSX syntax (#5668)

Pull Requests

#5668: Introduce JSX support (@lukastaegert, @Martin-Idel, @felixhuttmann, @AlexDroll, @tiptr)

4.23.0

2024-10-01

Features

Collect all emitted names and originalFileNames for assets (#5686)

Pull Requests

#5686: Add names and originalFileNames to assets (@lukastaegert)

4.22.5

2024-09-27

Bug Fixes

Allow parsing of certain unicode characters again (#5674)

Pull Requests

#5674: Fix panic with unicode characters (@sapphi-red, @lukastaegert)

#5675: chore(deps): update dependency rollup to v4.22.4 [security] (@renovate[bot])

#5680: chore(deps): update dependency @rollup/plugin-commonjs to v28 (@renovate[bot], @lukastaegert)

#5681: chore(deps): update dependency @rollup/plugin-replace to v6 (@renovate[bot])

#5682: chore(deps): update dependency @rollup/plugin-typescript to v12 (@renovate[bot])

#5684: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])

4.22.4

2024-09-21

Bug Fixes

Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

... (truncated)

Commits

c9bd03d 2.79.2
48aef33 fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (#5677)
69ff418 2.79.1
04dce1b Update changelog
159137e fix: typo docs and contributors link in CONTRIBUTING.md (#4639)
e1392b3 Update type definition of resolveId (#4641)
7836357 Improve performance of chunk naming collision check (#4643)
71d20c9 Reduce permissions for repl-artefacts.yml workflow (#4630)
8193ea5 Adapt workflow to use Node 14 sub-version to work with branch protection
8477f8f 2.79.0
Additional commits viewable in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates node-fetch from 2.7.0 to 3.2.10

Release notes

Sourced from node-fetch's releases.

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

ReDoS referrer (#1611) (2880238)

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

possibly flaky test (#1523) (11b7033)

v3.2.7

3.2.7 (2022-07-11)

Bug Fixes

always warn Request.data (#1550) (4f43c9e)

v3.2.6

3.2.6 (2022-06-09)

Bug Fixes

undefined reference to response.body when aborted (#1578) (1c5ed6b)

v3.2.5

3.2.5 (2022-06-01)

Bug Fixes

use space in accept-encoding values (#1572) (a92b5d5), closes #1571

v3.2.4

3.2.4 (2022-04-28)

... (truncated)

Commits

2880238 fix: ReDoS referrer (#1611)
e87b093 fix(Headers): don't forward secure headers on protocol change (#1599)
bcfb71c chore: remove triple-slash directives from typings (#1285) (#1287)
95165d5 fix spelling (#1602)
11b7033 fix: possibly flaky test (#1523)
4f43c9e fix: always warn Request.data (#1550)
1c5ed6b fix: undefined reference to response.body when aborted (#1578)
a92b5d5 fix: use space in accept-encoding values (#1572)
0f122b8 docs: fix formdata code example (#1562)
6ae9c76 docs(readme): response.clone() is not async (#1560)
Additional commits viewable in compare view

Updates express from 4.19.2 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

6.2.0

Coerce numbers to strings when passed to semver.coerce()

Add rtl option to coerce from right to left

6.1.3

Handle X-ranges properly in includePrerelease mode

6.1.2

Do not throw when testing invalid version strings

6.1.1

Add options support for semver.coerce()

Handle undefined version passed to Range.test

6.1.0

Add semver.compareBuild function

Support * in semver.intersects

6.0

Fix intersects logic.

This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits

44d27bc chore: release 6.3.1
928e56d fix: better handling of whitespace (#591)
39f6326 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates vue-template-compiler from 2.7.15 to 2.7.16

Release notes

Sourced from vue-template-compiler's releases.

v2.7.16 "Swan Song"

This is the final release for Vue 2.

Vue 2 will reach End of Life on December 31st, 2023. For more details, please read this blog post.

Please refer to CHANGELOG.md for details.

v2.7.16-beta.2

Please refer to CHANGELOG.md for details.

v2.7.16-beta.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vue-template-compiler's changelog.

2.7.16 Swan Song (2023-12-24)

Bug Fixes

lifecycle: ensure component effect scopes are disconnected (56ce7f8), closes #13134

2.7.16-beta.2 (2023-12-14)

Bug Fixes

account for nested render calls (db9c566), closes #13131

types: export more types for v3 alignment (jsx / component options) (895669f), closes #13078 #13128

2.7.16-beta.1 (2023-12-08)

Bug Fixes

compiler-sfc: check template ref usage, (#12985) (83d9535), closes #12984

compiler-sfc: fix rewriteDefault edge cases (25f97a5), closes #13060 #12892 #12906

keep-alive: fix keep-alive memory leak (2632249), closes #12827

keep-alive: fix memory leak without breaking transition tests (e0747f4)

props: should not unwrap props that are raw refs (08382f0), closes #12930

shallowReactive: should track value if already reactive when set in shallowReactive (0ad8e8d)

style: always set new styles (f5ef882), closes #12901 #12946

types: fix shallowRef's return type (#12979) (a174c29), closes #12978

types: fix type augmentation and compiler-sfc types w/moduleResolution: bundler (#13107) (de0b97b), closes #13106

types: provide types for built-in components (3650c12), closes #13002

types: type VNodeChildren should allow type number (#13067) (24fcf69), closes #12973

utils: unwrap refs when stringifying values in template (ae3e4b1), closes #12884 #12888

watch: new property addition should trigger deep watcher with getter (6d857f5), closes #12967 #12972

Commits

13f4e7d release: v2.7.16
56ce7f8 fix(lifecycle): esnure component effect scopes are disconnected
305e4ae release: v2.7.16-beta.2
3e1037e chore: bump vitest to 1.0.4
db9c566 fix: account for nested render calls
895669f fix(types): export more types for v3 alignment (jsx / component options)
73bdf14 release: v2.7.16-beta.1
e0747f4 fix(keep-alive): fix memory leak without breaking transition tests
2632249 fix(keep-alive): fix keep-alive memory leak
3650c12 fix(types): provide types for built-in components
Additional commits viewable in compare view

Updates ws from 7.5.6 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

Backported 0fdcc0af to the 7.x release line (2758ed35).

Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

Backported 6946f5fe to the 7.x release line (1f72e2e1).

Commits

d962d70 [dist] 7.5.10
22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
8a78f87 [dist] 7.5.9
0435e6e [security] Fix same host check for ws+unix: redirects
4271f07 [dist] 7.5.8
dc1781b [security] Drop sensitive headers when following insecure redirects
2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
a370613 [dist] 7.5.7
1f72e2e [security] Drop sensitive headers when following redirects (#2013)
See full diff in compare view

Updates axios from 0.21.4 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

v0.27.1

Fixes and Functionality:

Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)

Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

3b7635a [Release] v0.28.0 (#6211)
27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
80c3d74 chore(ci): backported publish action; (#6224)
2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
880b42e docs: Fix a typo in README
c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
80b546c fix: loosing request header (#4858) (#4871)
6acb5ef feat: brower platform add data protocol. (#4814)
bbb2264 fix(typing): axios response headers can be undefined (#4813)
Additional commits viewable in compare view

Updates mysql2 from 2.3.3 to 3.9.8

Release notes

Sourced from mysql2's releases.

v3.9.8

3.9.8 (2024-05-26)

Bug Fixes

security: sanitize fields and tables when using nestTables (#2702) (efe3db5)

support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)

typings: typo from jonServerPublicKey to onServerPublicKey (

…pdates Bumps the npm_and_yarn group with 25 updates in the / directory: | Package | From | To | | --- | --- | --- | | [postcss](https://github.com/postcss/postcss) | `8.4.23` | `8.4.31` | | [rollup](https://github.com/rollup/rollup) | `2.53.1` | `2.79.2` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.3` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.7.0` | `3.2.10` | | [express](https://github.com/expressjs/express) | `4.19.2` | `4.20.0` | | [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` | | [vue-template-compiler](https://github.com/vuejs/vue) | `2.7.15` | `2.7.16` | | [ws](https://github.com/websockets/ws) | `7.5.6` | `7.5.10` | | [axios](https://github.com/axios/axios) | `0.21.4` | `0.28.0` | | [mysql2](https://github.com/sidorares/node-mysql2) | `2.3.3` | `3.9.8` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.63` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.24.1` | `7.24.5` | | [cookiejar](https://github.com/bmeck/node-cookiejar) | `2.1.3` | `2.1.4` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [eventsource](https://github.com/EventSource/eventsource) | `1.1.0` | `1.1.2` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [markdown-it](https://github.com/markdown-it/markdown-it) | `12.3.0` | `12.3.2` | | [plist](https://github.com/TooTallNate/node-plist) | `3.0.4` | `3.1.0` | | [semver-regex](https://github.com/sindresorhus/semver-regex) | `3.1.3` | `3.1.4` | | [socket.io-parser](https://github.com/Automattic/socket.io-parser) | `3.3.3` | `3.3.4` | | [socket.io](https://github.com/socketio/socket.io) | `2.4.1` | `2.5.1` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.31` | `0.7.39` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.5.3` | `1.5.10` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `postcss` from 8.4.23 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.23...8.4.31) Updates `rollup` from 2.53.1 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.53.1...v2.79.2) Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `node-fetch` from 2.7.0 to 3.2.10 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.7.0...v3.2.10) Updates `express` from 4.19.2 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.19.2...4.20.0) Updates `semver` from 6.3.0 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) Updates `vue-template-compiler` from 2.7.15 to 2.7.16 - [Release notes](https://github.com/vuejs/vue/releases) - [Changelog](https://github.com/vuejs/vue/blob/main/CHANGELOG.md) - [Commits](vuejs/vue@v2.7.15...v2.7.16) Updates `ws` from 7.5.6 to 7.5.10 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.6...7.5.10) Updates `axios` from 0.21.4 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.4...v0.28.0) Updates `mysql2` from 2.3.3 to 3.9.8 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.9.8) Updates `es5-ext` from 0.10.53 to 0.10.63 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.63) Updates `@babel/traverse` from 7.24.1 to 7.24.5 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse) Updates `serve-static` from 1.15.0 to 1.16.0 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...1.16.0) Updates `cookiejar` from 2.1.3 to 2.1.4 - [Commits](https://github.com/bmeck/node-cookiejar/commits) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `eventsource` from 1.1.0 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.2) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `markdown-it` from 12.3.0 to 12.3.2 - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md) - [Commits](markdown-it/markdown-it@12.3.0...12.3.2) Updates `nanoid` from 3.1.30 to 3.3.6 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.30...3.3.6) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `plist` from 3.0.4 to 3.1.0 - [Release notes](https://github.com/TooTallNate/node-plist/releases) - [Changelog](https://github.com/TooTallNate/plist.js/blob/master/History.md) - [Commits](https://github.com/TooTallNate/node-plist/commits) Updates `semver-regex` from 3.1.3 to 3.1.4 - [Release notes](https://github.com/sindresorhus/semver-regex/releases) - [Commits](https://github.com/sindresorhus/semver-regex/commits/v3.1.4) Updates `socket.io-parser` from 3.3.3 to 3.3.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/3.3.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@3.3.3...3.3.4) Updates `socket.io` from 2.4.1 to 2.5.1 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/2.5.1/CHANGELOG.md) - [Commits](socketio/socket.io@2.4.1...2.5.1) Updates `ua-parser-js` from 0.7.31 to 0.7.39 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/0.7.39/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.31...0.7.39) Updates `url-parse` from 1.5.3 to 1.5.10 - [Commits](unshiftio/url-parse@1.5.3...1.5.10) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vue-template-compiler dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ws dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mysql2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: cookiejar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: markdown-it dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: plist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): Bump the npm_and_yarn group across 1 directory with 28 updates #1

chore(deps): Bump the npm_and_yarn group across 1 directory with 28 updates #1

Uh oh!

dependabot bot commented on behalf of github Oct 14, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): Bump the npm_and_yarn group across 1 directory with 28 updates #1

Are you sure you want to change the base?

chore(deps): Bump the npm_and_yarn group across 1 directory with 28 updates #1

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 14, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

rollup changelog

4.24.0

Features

Pull Requests

4.23.0

Features

Pull Requests

4.22.5

Bug Fixes

Pull Requests

4.22.4

Bug Fixes

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.3 / 2024-09-10

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

v3.2.7

3.2.7 (2022-07-11)

Bug Fixes

v3.2.6

3.2.6 (2022-06-09)

Bug Fixes

v3.2.5

3.2.5 (2022-06-01)

Bug Fixes

v3.2.4

3.2.4 (2022-04-28)

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

6.3.1 (2023-07-10)

Bug Fixes

6.2.0

6.1.3

6.1.2

6.1.1

6.1.0

6.0

5.7

5.6

dependabot bot commented on behalf of github Oct 14, 2024 •

edited

Loading