-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group across 5 directories with 8 updates #18477
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the npm_and_yarn group with 2 updates in the / directory: [braces](https://github.com/micromatch/braces) and [ws](https://github.com/websockets/ws). Bumps the npm_and_yarn group with 4 updates in the /docroot/design-system directory: [braces](https://github.com/micromatch/braces), [ws](https://github.com/websockets/ws), [ejs](https://github.com/mde/ejs) and [express](https://github.com/expressjs/express). Bumps the npm_and_yarn group with 2 updates in the /docroot/modules/custom/va_gov_graphql/assets/explorer directory: [braces](https://github.com/micromatch/braces) and [undici](https://github.com/nodejs/undici). Bumps the npm_and_yarn group with 5 updates in the /docroot/themes/custom/vagovclaro directory: | Package | From | To | | --- | --- | --- | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [ws](https://github.com/websockets/ws) | `8.11.0` | `8.17.1` | | [socket.io-client](https://github.com/socketio/socket.io-client) | `4.6.1` | `4.7.5` | | [socket.io](https://github.com/socketio/socket.io) | `4.6.1` | `4.7.5` | | [axios](https://github.com/axios/axios) | `1.6.1` | `1.6.2` | Bumps the npm_and_yarn group with 1 update in the /scripts/cd_metrics directory: [braces](https://github.com/micromatch/braces). Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `ws` from 8.13.0 to 8.18.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.13.0...8.18.0) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `ws` from 6.2.2 to 6.2.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.13.0...8.18.0) Updates `ejs` from 3.1.9 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.9...v3.1.10) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `undici` from 5.26.3 to 5.28.4 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.26.3...v5.28.4) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `ws` from 8.11.0 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.13.0...8.18.0) Updates `socket.io-client` from 4.6.1 to 4.7.5 - [Release notes](https://github.com/socketio/socket.io-client/releases) - [Changelog](https://github.com/socketio/socket.io-client/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-client@4.6.1...4.7.5) Updates `socket.io` from 4.6.1 to 4.7.5 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/4.7.5/CHANGELOG.md) - [Commits](socketio/socket.io@4.6.1...4.7.5) Updates `axios` from 1.6.1 to 1.6.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.1...v1.6.2) Updates `socket.io` from 4.6.1 to 4.7.5 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/4.7.5/CHANGELOG.md) - [Commits](socketio/socket.io@4.6.1...4.7.5) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-client dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Dependabot: : Pull requests that update a dependency file
Javascript
Pull requests that update Javascript code
labels
Jul 8, 2024
Closing, this work will need to be done manually. |
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm_and_yarn-47d853ccd5
branch
July 18, 2024 14:21
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Dependabot: : Pull requests that update a dependency file
Javascript
Pull requests that update Javascript code
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 2 updates in the / directory: braces and ws.
Bumps the npm_and_yarn group with 4 updates in the /docroot/design-system directory: braces, ws, ejs and express.
Bumps the npm_and_yarn group with 2 updates in the /docroot/modules/custom/va_gov_graphql/assets/explorer directory: braces and undici.
Bumps the npm_and_yarn group with 5 updates in the /docroot/themes/custom/vagovclaro directory:
3.0.2
3.0.3
8.11.0
8.17.1
4.6.1
4.7.5
4.6.1
4.7.5
1.6.1
1.6.2
Bumps the npm_and_yarn group with 1 update in the /scripts/cd_metrics directory: braces.
Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
ws
from 8.13.0 to 8.18.0Release notes
Sourced from ws's releases.
... (truncated)
Commits
976c53c
[dist] 8.18.059b9629
[feature] Add support forBlob
(#2229)0d1b5e6
[security] Use more descriptive text for 2017 vulnerability link15f11a0
[security] Add new DoS vulnerability to SECURITY.md3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variableUpdates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
ws
from 6.2.2 to 6.2.3Release notes
Sourced from ws's releases.
... (truncated)
Commits
976c53c
[dist] 8.18.059b9629
[feature] Add support forBlob
(#2229)0d1b5e6
[security] Use more descriptive text for 2017 vulnerability link15f11a0
[security] Add new DoS vulnerability to SECURITY.md3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variableUpdates
ejs
from 3.1.9 to 3.1.10Release notes
Sourced from ejs's releases.
Commits
d3f807d
Version 3.1.109ee26dd
Mocha TDDe469741
Basic pollution protection715e950
Merge pull request #756 from Jeffrey-mu/maincabe314
Include advanced usage examples29b076c
Added header11503c7
Merge branch 'main' of github.com:mde/ejs into main7690404
Added security banner to READMEf47d7ae
Update SECURITY.md828cea1
Update SECURITY.mdUpdates
express
from 4.18.2 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: [email protected]Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
undici
from 5.26.3 to 5.28.4Release notes
Sourced from undici's releases.
... (truncated)
Commits
fb98306
Bumped v5.28.42b39440
Merge pull request from GHSA-9qxr-qj54-h67264e3402
Merge pull request from GHSA-m4v8-wqvr-p9f7723c4e7
Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"0e9d54b
skip failing test due to Node.js changese71cb4c
Bumped v5.28.320c65b8
Fix tests for Node.js v20.11.0 (#2618)8ec52cd
Fix tests for Node.js v21 (#2609)d3aa574
Merge pull request from GHSA-3787-6prv-h9w39a14e5f
Bumped v5.28.2Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
ws
from 8.11.0 to 8.17.1Release notes
Sourced from ws's releases.
... (truncated)
Commits
976c53c
[dist] 8.18.059b9629
[feature] Add support forBlob
(#2229)0d1b5e6
[security] Use more descriptive text for 2017 vulnerability link15f11a0
[security] Add new DoS vulnerability to SECURITY.md3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variableUpdates
socket.io-client
from 4.6.1 to 4.7.5Release notes
Sourced from socket.io-client's releases.
... (truncated)
Changelog
Sourced from socket.io-client's changelog.
... (truncated)
Commits
4f6030f
chore(release): 4.7.534cbfbb
fix: discard acknowledgements upon disconnection8cfea8c
chore(release): 4.7.4ca5d50e
chore(release): 4.7.3f9c16f2
fix(typings): fix the type of the socket#id attributeb3f0cab
ci: add Node.js 20 in the test matrix5a3eafe
fix(typings): accept string | undefined as init argument605de78
fix: improve compatibility with node16 module resolution (#1595)d00ccd2
ci: bump appiumVersion for Android tests in SauceLabs928d76d
chore(release): 4.7.2Updates
socket.io
from 4.6.1 to 4.7.5Release notes
Sourced from socket.io's releases.
... (truncated)
Changelog
Sourced from socket.io's changelog.
... (truncated)
Commits
5017681
chore(release): 4.7.5bf64870
fix: close the adapters when the server is closed748e18c
ci: test with older TypeScript versionb9ce6a2
refactor: create specific adapter for parent namespaces (#4950)54dabe5
ci: upgrade to actions/checkout@4 and actions/setup-node@4e426f3e
fix: remove duplicate pipeline when serving bundlee36062c
docs: update the webtransport example0bbe8ae
docs: only execute the passport middleware once914a8bd
docs: add example with JWTd943c3e
docs: update the Passport.js exampleUpdates
axios
from 1.6.1 to 1.6.2Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
b3be365
chore(release): v1.6.2 (#6082)8739acb
chore(ci): removed redundant release action; (#6081)bfa9c30
chore(docs): fix outdated grunt to npm scripts (#6073)a2b0fb3
chore(docs): update README.md (#6048)b12a608
chore(ci): removed paths-ignore filter; (#6080)0c9d886
chore(ci): reworked ignoring files logic; (#6079)30873ee
chore(ci): add paths-ignore config to testing action; (#6078)cff9967
feat(withXSRFToken): added withXSRFToken option as a workaround to achieve th...7009715
chore(ci): fixed release notification action; (#6064)7144f10
chore(ci): fixed release notification action; (#6063)Updates
socket.io
from 4.6.1 to 4.7.5Release notes
Sourced from socket.io's releases.