Bump the npm_and_yarn group across 2 directories with 46 updates #139

dependabot · 2025-02-11T22:26:28Z

Bumps the npm_and_yarn group with 21 updates in the /web/vtadmin directory:

Package	From	To
postcss	`8.4.6`	`8.4.31`
@babel/traverse	`7.16.7`	`7.26.8`
json5	`1.0.1`	`1.0.2`
body-parser	`1.20.0`	`1.20.3`
express	`4.18.1`	`4.21.2`
braces	`3.0.2`	`3.0.3`
cross-spawn	`6.0.5`	`6.0.6`
cookie	`0.4.1`	`0.7.2`
msw	`0.36.8`	`2.7.0`
decode-uri-component	`0.2.0`	`0.2.2`
ejs	`3.1.8`	`3.1.10`
follow-redirects	`1.15.0`	`1.15.9`
fsevents	`2.3.2`	`2.3.3`
http-proxy-middleware	`2.0.6`	`2.0.7`
async	`3.2.3`	`3.2.6`
micromatch	`4.0.4`	`4.0.8`
minimist	`1.2.6`	`1.2.8`
rollup	`2.63.0`	`2.79.2`
shell-quote	`1.7.3`	`1.8.2`
webpack	`5.65.0`	`5.97.1`
webpack-dev-middleware	`5.3.3`	`5.3.4`

Bumps the npm_and_yarn group with 14 updates in the /web/vtctld2 directory:

Package	From	To
ajv	`4.11.8`	`6.12.6`
request	`2.87.0`	`2.88.2`
node-zopfli	`2.0.2`	`2.1.4`
request	`2.81.0`	`2.88.2`
body-parser	`1.18.2`	`1.20.3`
angular-cli	`1.0.0-beta.11-webpack.8`	`1.0.0-beta.22-1`
decode-uri-component	`0.2.0`	`0.2.2`
follow-redirects	`1.5.0`	`1.15.9`
fsevents	`1.2.4`	`1.2.13`
shell-quote	`1.6.1`	`1.8.2`
@angular/core	`2.0.0-rc.5`	`10.2.5`
karma	`0.13.22`	`6.3.16`
browserify-sign	`4.0.4`	`4.2.3`
set-value	`2.0.0`	`2.0.1`
union-value	`1.0.0`	`1.0.1`

Updates postcss from 8.4.6 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by @romainmenke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by @KingSora).

8.4.17

Fixed Node.before() unexpected behavior (by @romainmenke).

Added TOC to docs (by @muddv).

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

Fixed Node.before() unexpected behavior (by Romain Menke).

Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

90208de Release 8.4.31 version
58cc860 Fix carrier return parsing
4fff8e4 Improve pnpm test output
cd43ed1 Update dependencies
caa916b Update dependencies
8972f76 Typo
11a5286 Typo
45c5501 Release 8.4.30 version
bc3c341 Update linter
b2be58a Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...
Additional commits viewable in compare view

Updates @babel/traverse from 7.16.7 to 7.26.8

Release notes

Sourced from @babel/traverse's releases.

v7.26.8 (2025-02-08)

🏠 Internal

babel-preset-env

#17097 Update dependency babel-plugin-polyfill-corejs3 to ^0.11.0

v7.26.7 (2025-01-24)

Thanks @branchseer and @tquetano-netflix for your first PRs!

🐛 Bug Fix

babel-helpers, babel-preset-env, babel-runtime-corejs3

#17086 Make "object without properties" helpers ES6-compatible (@tquetano-netflix)

babel-plugin-transform-typeof-symbol

#17085 fix: Correctly handle typeof in arrow functions (@liuxingbaoyu)

babel-parser

#17079 Respect ranges option in estree method value (@JLHwung)

babel-core

#17052 Do not try to parse .ts configs as JSON if natively supported (@nicolo-ribaudo)

babel-plugin-transform-typescript

#17050 fix: correctly resolve references to non-constant enum members (@branchseer)

babel-plugin-transform-typescript, babel-traverse, babel-types

#17025 fix: Remove type-only import x = y.z (@liuxingbaoyu)

Committers: 6

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Tony Quetano (@tquetano-netflix)

@branchseer

@liuxingbaoyu

v7.26.6 (2025-01-13)

🐛 Bug Fix

babel-plugin-transform-nullish-coalescing-operator

#17061 fix: Chaining nullish coalescing operators output size regression (@liuxingbaoyu)

Committers: 1

@liuxingbaoyu

v7.26.5 (2025-01-10)

👓 Spec Compliance

babel-parser

#17011 Allow the dynamic import.defer() form of import defer (@babel-bot)

🐛 Bug Fix

babel-plugin-transform-block-scoped-functions

#17024 chore: Avoid calling isInStrictMode in Babel 7 (@liuxingbaoyu)

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

Changelog

Tags:

💥 [Breaking Change]

👓 [Spec Compliance]

🚀 [New Feature]

🐛 [Bug Fix]

📝 [Documentation]

🏠 [Internal]

💅 [Polish]

Note: Gaps between patch versions are faulty, broken or test releases.

This file contains the changelog starting from v7.15.0.

See CHANGELOG - v7.0.0 to v7.14.9 for v7.0.0 to v7.14.9 changes.

See CHANGELOG - v7 prereleases for v7.0.0-alpha.1 to v7.0.0-rc.4 changes.

See CHANGELOG - v4, CHANGELOG - v5, and CHANGELOG - v6 for v4.x-v6.x changes.

See CHANGELOG - 6to5 for the pre-4.0.0 version changelog.

See Babylon's CHANGELOG for the Babylon pre-7.0.0-beta.29 version changelog.

See babel-eslint's releases for the changelog before @babel/eslint-parser 7.8.0.

See eslint-plugin-babel's releases for the changelog before @babel/eslint-plugin 7.8.0.

v7.26.7 (2025-01-24)

🐛 Bug Fix

babel-helpers, babel-preset-env, babel-runtime-corejs3

#17086 Make "object without properties" helpers ES6-compatible (@tquetano-netflix)

babel-plugin-transform-typeof-symbol

#17085 fix: Correctly handle typeof in arrow functions (@liuxingbaoyu)

babel-parser

#17079 Respect ranges option in estree method value (@JLHwung)

babel-core

#17052 Do not try to parse .ts configs as JSON if natively supported (@nicolo-ribaudo)

babel-plugin-transform-typescript

#17050 fix: correctly resolve references to non-constant enum members (@branchseer)

babel-plugin-transform-typescript, babel-traverse, babel-types

#17025 fix: Remove type-only import x = y.z (@liuxingbaoyu)

v7.26.6 (2025-01-13)

🐛 Bug Fix

babel-plugin-transform-nullish-coalescing-operator

#17061 fix: Chaining nullish coalescing operators output size regression (@liuxingbaoyu)

v7.26.5 (2025-01-10)

👓 Spec Compliance

... (truncated)

Commits

0593941 v7.26.8
e02b0ff [Babel 8] Create TSTemplateLiteralType (#17066)
2d95140 v7.26.7
ad572fd fix: Remove type-only import x = y.z (#17025)
74181cf v7.26.5
d35794e [Babel 8] Create TSEnumBody for TSEnumDeclaration (#16979)
cd24cc0 chore: Update TS 5.7 (#17053)
cf7b9cd v7.26.4
f33704a Revert "perf: Improve scope information collection performance" (#17005)
36ca8fa v7.26.3
Additional commits viewable in compare view

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2
e0c23fe docs: update CHANGELOG for v1.0.2
62a6540 fix: add proto to objects and arrays
See full diff in compare view

Updates body-parser from 1.20.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.18.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: [email protected] by @blakeembrey in expressjs/express#5956

deps: bump [email protected] by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

[email protected] by @wesleytodd in expressjs/express#5954

fix(deps): [email protected] by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

deps: [email protected]

Fix backtracking protection

deps: [email protected]

Throws an error on invalid path values

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: [email protected]

includes [email protected]

deps: [email protected]

deps: [email protected]

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

... (truncated)

Commits

1faf228 4.21.2
2e0fb64 deps: bump [email protected] (#6209)
59fc270 deps: [email protected] (#5956)
51fc39c docs: add funding (#6065)
8e229f9 4.21.1
a024c8a fix(deps): [email protected]
7e562c6 4.21.0
1bcde96 fix(deps): [email protected] (#5946)
7d36477 fix(deps): [email protected] (#5951)
40d2d8f fix(deps): [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Updates cross-spawn from 6.0.5 to 6.0.6

Changelog

Sourced from cross-spawn's changelog.

6.0.6 (2024-11-18)

Bug Fixes

disable regexp backtracking (#160) (ba5aaef)

core: support worker threads (#127) (f4af31c)

Commits

d35c865 chore(release): 6.0.6
5a37e19 chore: update package.json and package.lock
ba5aaef fix: disable regexp backtracking (#160)
f4af31c fix(core): support worker threads (#127)
See full diff in compare view

Updates cookie from 0.4.1 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

Add partitioned option

0.5.0

Add priority option

Fix expires option to reject invalid dates

pref: improve default decode speed

pref: remove slow string split in parse

0.4.2

pref: read value only when assigning in parse

pref: remove unnecessary regexp in parse

Commits

d19eaa1 0.7.2
bc38ffd Fix object assignment of hasOwnProperty (#177)
cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates msw from 0.36.8 to 2.7.0

Release notes

Sourced from msw's releases.

v2.7.0 (2024-12-17)

Features

use picocolors instead of chalk (#2377) (85bdd82dfe4cd3d514d7820dad3338b485084fbf) @Namchee @kettanaito

v2.6.9 (2024-12-16)

Bug Fixes

support SharedArrayBuffer in HttpResponse.arrayBuffer (#2389) (41f00e1a67e21010ab9c1a46c8e92193b655f24a) @danilofuchs @kettanaito

v2.6.8 (2024-12-07)

Bug Fixes

setupServer: reapply interception after calling server.listen() after server.close() (#2383) (00da9cad4249b61732ee375d9dbefeb76028cc2b) @kettanaito

v2.6.7 (2024-12-06)

Bug Fixes

setupWorker: correctly delete internal accept header on passthrough (#2375) (3f40055b1d3814da4b30e5eb7555e09b1084798c) @smouillour @kettanaito

v2.6.6 (2024-11-22)

Bug Fixes

types: support optional path parameters (#2368) (3b7b776e8c0de341185df4686a895c24326748d3) @kettanaito

v2.6.5 (2024-11-16)

Bug Fixes

support non-configurable responses (#2360) (5bf3e3bf5f9a6d32c79410c11abd539ec4c2ddc5) @kettanaito

v2.6.4 (2024-11-10)

Bug Fixes

prevent infinite loop when bypassing sendBeacon() requests (#2353) (2fa98c327acc51189f87789d9155c4ec57be2299) @kettanaito

remove the internal bypass request header before performing the request as-is in Node.js (#2353) (2fa98c327acc51189f87789d9155c4ec57be2299) @kettanaito

v2.6.3 (2024-11-10)

Bug Fixes

handleRequest: remove transformResponse option (#2351) (74c4a3a89970bbfc498c812790daef13766dea72) @kettanaito

v2.6.2 (2024-11-07)

... (truncated)

Commits

e3234fd chore(release): v2.7.0
85bdd82 feat: use picocolors instead of chalk (#2377)
58f2d2c chore: use v18 in .nvmrc
a845ea1 chore(release): v2.6.9
417918f chore: pack/build before all e2e tests (#2395)
41f00e1 fix: support SharedArrayBuffer in HttpResponse.arrayBuffer (#2389)
a6c419c chore: split build into standalone jobs (#2386)
de3bedf chore(release): v2.6.8
00da9ca fix(setupServer): reapply interception after calling server.listen() after ...
e8d748e chore(ci): fix broken restore cache key
Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates ejs from 3.1.8 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates express from 4.18.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: [email protected] by @blakeembrey in expressjs/express#5956

deps: bump [email protected] by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

[email protected] by @wesleytodd in expressjs/express#5954

fix(deps): [email protected] by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in

Bumps the npm_and_yarn group with 21 updates in the /web/vtadmin directory: | Package | From | To | | --- | --- | --- | | [postcss](https://github.com/postcss/postcss) | `8.4.6` | `8.4.31` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.16.7` | `7.26.8` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.0` | `1.20.3` | | [express](https://github.com/expressjs/express) | `4.18.1` | `4.21.2` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `6.0.6` | | [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` | | [msw](https://github.com/mswjs/msw) | `0.36.8` | `2.7.0` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.0` | `1.15.9` | | [fsevents](https://github.com/fsevents/fsevents) | `2.3.2` | `2.3.3` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.7` | | [async](https://github.com/caolan/async) | `3.2.3` | `3.2.6` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.4` | `4.0.8` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.6` | `1.2.8` | | [rollup](https://github.com/rollup/rollup) | `2.63.0` | `2.79.2` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.3` | `1.8.2` | | [webpack](https://github.com/webpack/webpack) | `5.65.0` | `5.97.1` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | Bumps the npm_and_yarn group with 14 updates in the /web/vtctld2 directory: | Package | From | To | | --- | --- | --- | | [ajv](https://github.com/ajv-validator/ajv) | `4.11.8` | `6.12.6` | | [request](https://github.com/request/request) | `2.87.0` | `2.88.2` | | [node-zopfli](https://github.com/pierreinglebert/node-zopfli) | `2.0.2` | `2.1.4` | | [request](https://github.com/request/request) | `2.81.0` | `2.88.2` | | [body-parser](https://github.com/expressjs/body-parser) | `1.18.2` | `1.20.3` | | [angular-cli](https://github.com/angular/angular-cli) | `1.0.0-beta.11-webpack.8` | `1.0.0-beta.22-1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.5.0` | `1.15.9` | | [fsevents](https://github.com/fsevents/fsevents) | `1.2.4` | `1.2.13` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.8.2` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `2.0.0-rc.5` | `10.2.5` | | [karma](https://github.com/karma-runner/karma) | `0.13.22` | `6.3.16` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [set-value](https://github.com/jonschlinkert/set-value) | `2.0.0` | `2.0.1` | | [union-value](https://github.com/jonschlinkert/union-value) | `1.0.0` | `1.0.1` | Updates `postcss` from 8.4.6 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.6...8.4.31) Updates `@babel/traverse` from 7.16.7 to 7.26.8 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.8/packages/babel-traverse) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `body-parser` from 1.20.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.3) Updates `express` from 4.18.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.1...4.21.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cross-spawn` from 6.0.5 to 6.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6) Updates `cookie` from 0.4.1 to 0.7.2 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.1...v0.7.2) Updates `msw` from 0.36.8 to 2.7.0 - [Release notes](https://github.com/mswjs/msw/releases) - [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md) - [Commits](mswjs/msw@v0.36.8...v2.7.0) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `ejs` from 3.1.8 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.8...v3.1.10) Updates `express` from 4.18.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.1...4.21.2) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `follow-redirects` from 1.15.0 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.0...v1.15.9) Updates `fsevents` from 2.3.2 to 2.3.3 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v2.3.2...v2.3.3) Updates `http-proxy-middleware` from 2.0.6 to 2.0.7 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7) Updates `async` from 3.2.3 to 3.2.6 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v3.2.3...v3.2.6) Updates `micromatch` from 4.0.4 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.4...4.0.8) Updates `minimist` from 1.2.6 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.6...v1.2.8) Updates `nanoid` from 3.2.0 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.2.0...3.3.8) Updates `qs` from 6.10.3 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.10.3...v6.13.0) Updates `rollup` from 2.63.0 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.63.0...v2.79.2) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `shell-quote` from 1.7.3 to 1.8.2 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.3...v1.8.2) Updates `tough-cookie` from 4.0.0 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4) Updates `webpack` from 5.65.0 to 5.97.1 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.65.0...v5.97.1) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `ajv` from 4.11.8 to 6.12.6 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@4.11.8...v6.12.6) Updates `request` from 2.87.0 to 2.88.2 - [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md) - [Commits](https://github.com/request/request/commits) Updates `node-zopfli` from 2.0.2 to 2.1.4 - [Release notes](https://github.com/pierreinglebert/node-zopfli/releases) - [Changelog](https://github.com/pierreinglebert/node-zopfli/blob/master/History.md) - [Commits](pierreinglebert/node-zopfli@v2.0.2...v2.1.4) Updates `request` from 2.81.0 to 2.88.2 - [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md) - [Commits](https://github.com/request/request/commits) Updates `body-parser` from 1.18.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.3) Updates `angular-cli` from 1.0.0-beta.11-webpack.8 to 1.0.0-beta.22-1 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v1.0.0-beta.11-webpack.8...v1.0.0-beta.22-1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `express` from 4.16.3 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.1...4.21.2) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `follow-redirects` from 1.5.0 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.0...v1.15.9) Updates `fsevents` from 1.2.4 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v2.3.2...v2.3.3) Updates `http-proxy-middleware` from 0.15.2 to 0.17.4 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7) Updates `json-schema` from 0.2.2 to 0.2.3 - [Commits](https://github.com/kriszyp/json-schema/commits/v0.2.3) Updates `lodash` from 2.4.2 to 3.10.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@2.4.2...3.10.1) Updates `qs` from 5.1.0 to 5.2.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.10.3...v6.13.0) Updates `send` from 0.16.2 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.13.2 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `shell-quote` from 1.6.1 to 1.8.2 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.3...v1.8.2) Updates `tough-cookie` from 2.2.1 to 2.2.2 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4) Updates `webpack` from 2.1.0-beta.21 to 2.1.0-beta.25 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.65.0...v5.97.1) Updates `@angular/core` from 2.0.0-rc.5 to 10.2.5 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/10.2.5/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/10.2.5/packages/core) Updates `karma` from 0.13.22 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v0.13.22...v6.3.16) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `elliptic` from 6.4.0 to 6.6.1 - [Commits](indutny/elliptic@v6.4.0...v6.6.1) Updates `chownr` from 1.0.1 to 1.1.4 - [Commits](isaacs/chownr@v1.0.1...v1.1.4) Updates `lodash.template` from 2.3.0 to 3.6.2 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/commits) Updates `handlebars` from 4.0.5 to 4.0.11 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.5...v4.0.11) Updates `log4js` from 0.6.38 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v0.6.38...v6.9.1) Updates `set-value` from 2.0.0 to 2.0.1 - [Commits](jonschlinkert/set-value@2.0.0...2.0.1) Updates `union-value` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/jonschlinkert/union-value/releases) - [Commits](jonschlinkert/union-value@1.0.0...1.0.1) Updates `socket.io` from 1.6.0 to 4.8.1 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/[email protected]) Updates `socket.io-parser` from 2.3.1 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@2.3.1...4.2.4) Updates `url-parse` from 1.4.1 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.1...1.5.10) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: msw dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ajv dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-zopfli dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: angular-cli dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@angular/core" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: chownr dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash.template dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: set-value dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: union-value dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 11, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 2 directories with 46 updates #139

Bump the npm_and_yarn group across 2 directories with 46 updates #139

dependabot bot commented on behalf of github Feb 11, 2025

Bump the npm_and_yarn group across 2 directories with 46 updates #139

Are you sure you want to change the base?

Bump the npm_and_yarn group across 2 directories with 46 updates #139

Conversation

dependabot bot commented on behalf of github Feb 11, 2025

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.17

8.4.16

v7.26.8 (2025-02-08)

🏠 Internal

v7.26.7 (2025-01-24)

🐛 Bug Fix

Committers: 6

v7.26.6 (2025-01-13)

🐛 Bug Fix

Committers: 1

v7.26.5 (2025-01-10)

👓 Spec Compliance

🐛 Bug Fix

Changelog

v7.26.7 (2025-01-24)

🐛 Bug Fix

v7.26.6 (2025-01-13)

🐛 Bug Fix

v7.26.5 (2025-01-10)

👓 Spec Compliance

v1.0.2

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

v2.2.0 [code, diff]

v2.1.3 [code, diff]

v2.1.2 [code, diff]

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.1

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

4.21.2

What's Changed

4.21.1

What's Changed

4.21.0

What's Changed

New Contributors