Bump the npm_and_yarn group across 1 directory with 9 updates #6
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 8 updates in the / directory:
4.16.4
4.20.0
7.4.0
7.25.6
3.0.0
3.0.1
4.17.15
4.17.21
11.1.1
18.1.3
13.3.0
17.0.0
1.1.0
1.1.1
6.5.2
6.13.0
Updates
express
from 4.16.4 to 4.20.0Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
21df421
4.20.04c9ddc1
feat: upgrade to [email protected]9ebe5d5
feat: upgrade to [email protected] (#5928)ec4a01b
feat: upgrade to [email protected] (#5926)54271f6
fix: don't render redirect values in anchor href125bb74
[email protected] (#5902)2a980ad
[email protected] (#5781)a3e7e05
docs: specify new instructions forquestion
anddiscuss
c5addb9
deps: [email protected] (#5603)e35380a
docs: add@IamLizu
to the triage team (#5836)Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.
Updates
@babel/traverse
from 7.4.0 to 7.25.6Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
2f72b97
v7.25.6faceae9
fix:path.getAssignmentIdentifiers
may beundefined
(#16727)46ee612
Remove someNodePath
methods (#16655)2fdc8b5
fix: Generate sequence expression parentheses correctly (#16764)cbf124c
v7.25.42b289fb
fix: skip computed key when renaming (#16756)575863c
Avoid unnecessary parens around sequence expressions (#16722)5174ad1
Clean all always enabled parser plugins (#16572)52718ab
Discontinue babel-eslint-config-internal (#16718)dba45d3
IgnoredevDependencies
when generatingtsconfig.json
(#16659)Updates
ansi-regex
from 3.0.0 to 3.0.1Commits
f545bdb
3.0.1c57d4c2
fix a few old XO issues for backport419250f
Fix potential ReDoS (#37)Updates
body-parser
from 1.18.3 to 1.20.3Release notes
Sourced from body-parser's releases.
... (truncated)
Changelog
Sourced from body-parser's changelog.
... (truncated)
Commits
1752951
1.20.339744cf
chore: linter (#534)b2695c4
Merge commit from forkade0f3f
add scorecard to readme (#531)99a1bd6
deps: [email protected] (#521)9478591
fix: pin to [email protected]83db46a
ci: fix errors in ci github action for node 8 and 9 (#523)9d4e212
chore: add support for OSSF scorecard reporting (#522)ee91374
1.20.2368a93a
Fix strict json error message on Node.js 19+Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.
Updates
lodash
from 4.17.15 to 4.17.21Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.d7fbc52
Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.
Updates
yargs-parser
from 11.1.1 to 18.1.3Release notes
Sourced from yargs-parser's releases.
Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
d301a56
chore: release 18.1.3 (#269)f7e15b9
fix(setArg): options using camel-case and dot-notation populated twice (#268)78014fc
chore: release 18.1.2 (#263)41d3f81
fix(array, nargs): support -o=--value and --option=--value format (#262)b96b989
chore: release 18.1.1 (#259)63810ca
fix: proto will now be replaced with proto in parse (#258)48b6d9c
chore: release 18.1.0 (#257)9c60265
feat: introduce single-digit boolean aliases (#255)87e0a21
test: use bin to enforce coverage thresholds (#256)88f36c3
force releaseMaintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Updates
nyc
from 13.3.0 to 17.0.0Release notes
Sourced from nyc's releases.
Changelog
Sourced from nyc's changelog.
... (truncated)
Commits
fee2821
chore(main): release nyc 17.0.0 (#1558)10daacc
build: explicitly point to config files8120112
test: remove dependency on "true" which is not on all windows sytemsf6e5aba
chore(main): release 16.0.0 (#1554)b6ed598
fix(deps): address security alerts in deps (#1555)dda8e44
build: migrate to main branch (#1553)9ef340e
build: move tests over to latest tapjs (#1552)ab7c53b
chore: Remove package-lock.json91ae8b8
chore(deps-dev): bump standard-version from 8.0.0 to 8.0.1a6336e1
chore(deps): bump lodash from 4.17.15 to 4.17.19Updates
pathval
from 1.1.0 to 1.1.1Release notes
Sourced from pathval's releases.
Commits
db6c3e3
chore: v1.1.17859e0e
Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution49ce1f4
style: correct rule in package.jsonc77b9d2
fix: prototype pollution vulnerability + working tests49031e4
chore: remove very old nodejs57730a9
chore: update deps and tool configurationa123018
Merge pull request #55 from chaijs/remove-lgtm07eb4a8
Delete MAINTAINERSa0147cd
Merge pull request #54 from astorije/patch-1aebb278
Center repo name on READMEMaintainer changes
This version was pushed to npm by chai, a new releaser for pathval since your current version.
Updates
qs
from 6.5.2 to 6.13.0Changelog
Sourced from qs's changelog.
... (truncated)
Commits
5cf516c
v6.13.08d56df2
[New]parse
: addstrictDepth
optionc9a6694
[Tests] usenpm audit
instead ofaud
f90cc35
v6.12.31bf9f7a
[Fix]parse
: properly account forstrictNullHandling
whenallowEmptyArrays
7ebf48b
[meta] fix changelog indentationd0dff11
v6.12.2f0b8d03
[Dev Deps] update@ljharb/eslint-config
,object-inspect
,tape
81835ff
[Fix]:parse
: parse encoded square bracketsdb47dcc
[readme] add CII best practices badgeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.