build(deps): bump the npm_and_yarn group across 5 directories with 25 updates #218

dependabot · 2024-12-17T09:52:51Z

Bumps the npm_and_yarn group with 6 updates in the /base directory:

Package	From	To
express	`4.18.1`	`4.20.0`
js-yaml	`3.14.1`	`4.1.0`
semver	`5.7.1`	`5.7.2`
send	`0.18.0`	`0.19.0`
express	`4.20.0`	`4.21.2`
yargs-parser	`2.4.1`	`21.1.1`
@stefcud/configyml	`0.0.5`	`1.3.2`

Bumps the npm_and_yarn group with 4 updates in the /drt directory: semver, protobufjs, async and jszip.
Bumps the npm_and_yarn group with 3 updates in the /gbfs directory: braces, got and nodemon.
Bumps the npm_and_yarn group with 6 updates in the /geocoder directory:

Package	From	To
express	`4.17.3`	`4.21.2`
braces	`3.0.2`	`3.0.3`
got	`9.6.0`	`removed`
nodemon	`2.0.15`	`2.0.22`
cookiejar	`2.1.3`	`2.1.4`
es5-ext	`0.10.53`	`0.10.64`

Bumps the npm_and_yarn group with 7 updates in the /journey directory:

Package	From	To
express	`4.17.3`	`4.21.2`
async	`2.6.3`	`2.6.4`
es5-ext	`0.10.53`	`0.10.64`
moment	`2.29.1`	`2.29.4`
node-sass	`6.0.1`	`9.0.0`
semantic-release	`15.14.0`	`19.0.3`
eventsource	`1.1.0`	`1.1.2`

Updates express from 4.18.1 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

... (truncated)

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates js-yaml from 3.14.1 to 4.1.0

Changelog

Sourced from js-yaml's changelog.

[4.1.0] - 2021-04-15

Added

Types are now exported as yaml.types.XXX.

Every type now has options property with original arguments kept as they were (see yaml.types.int.options as an example).

Changed

Schema.extend() now keeps old type order in case of conflicts (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as abcd instead of cbad).

[4.0.0] - 2021-01-03

Changed

Check migration guide to see details for all breaking changes.

Breaking: "unsafe" tags !!js/function, !!js/regexp, !!js/undefined are moved to js-yaml-js-types package.

Breaking: removed safe* functions. Use load, loadAll, dump instead which are all now safe by default.

yaml.DEFAULT_SAFE_SCHEMA and yaml.DEFAULT_FULL_SCHEMA are removed, use yaml.DEFAULT_SCHEMA instead.

yaml.Schema.create(schema, tags) is removed, use schema.extend(tags) instead.

!!binary now always mapped to Uint8Array on load.

Reduced nesting of /lib folder.

Parse numbers according to YAML 1.2 instead of YAML 1.1 (01234 is now decimal, 0o1234 is octal, 1:23 is parsed as string instead of base60).

dump() no longer quotes :, [, ], (, ) except when necessary, #470, #557.

Line and column in exceptions are now formatted as (X:Y) instead of at line X, column Y (also present in compact format), #332.

Code snippet created in exceptions now contains multiple lines with line numbers.

dump() now serializes undefined as null in collections and removes keys with undefined in mappings, #571.

dump() with skipInvalid=true now serializes invalid items in collections as null.

Custom tags starting with ! are now dumped as !tag instead of !<!tag>, #576.

Custom tags starting with tag:yaml.org,2002: are now shorthanded using !!, #258.

Added

Added .mjs (es modules) support.

Added quotingType and forceQuotes options for dumper to configure string literal style, #290, #529.

Added styles: { '!!null': 'empty' } option for dumper (serializes { foo: null } as "foo: "), #570.

Added replacer option (similar to option in JSON.stringify), #339.

Custom Tag can now handle all tags or multiple tags with the same prefix, #385.

Fixed

Astral characters are no longer encoded by dump(), #587.

"duplicate mapping key" exception now points at the correct column, #452.

Extra commas in flow collections (e.g. [foo,,bar]) now throw an exception instead of producing null, #321.

__proto__ key no longer overrides object prototype, #164.

... (truncated)

Commits

2cef47b 4.1.0 released
810b149 dist rebuild
2b5620e Export built-in types, type override now preserves order
ab31bba doc: clarify lineWidth dump options (#612)
ee74ce4 4.0.0 released
a44bb7c dist rebuild
aee620a Throw an error if block sequence/mapping indent contains a tab
f0f205b Fix parsing of invalid block mappings
e8cf6f6 Fix error with anchor not being assigned to an empty node
a583097 Shorthand tags with !! whenever possible
Additional commits viewable in compare view

Updates body-parser from 1.20.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates cookie from 0.5.0 to 0.6.0

Release notes

Sourced from cookie's releases.

0.6.0

Add partitioned option

Changelog

Sourced from cookie's changelog.

0.6.0 / 2023-11-06

Add partitioned option

Commits

38323ba 0.6.0
7560154 build: [email protected]
c45b52d docs: switch badges to badgen
84a1567 Add partitioned option
c67a478 docs: fix typos in HISTORY
52a76c1 docs: fix typo in HISTORY
5f22857 Fix typo in JSDoc
da7e44e build: [email protected]
936036a build: [email protected]
197f670 build: [email protected]
Additional commits viewable in compare view

Updates path-to-regexp from 0.1.7 to 0.1.10

Release notes

Sourced from path-to-regexp's releases.

Backtrack protection

Fixed

Add backtrack protection to parameters 29b96b4

This will break some edge cases but should improve performance

pillarjs/path-to-regexp@v0.1.9...v0.1.10

Support non-lookahead regex output

Added

Allow a non-lookahead regex (#312) c4272e4

component/path-to-regexp@v0.1.8...v0.1.9

Support named matching groups in RegExp

Added

Add support for named matching groups (#301) 114f62d

pillarjs/path-to-regexp@v0.1.7...v0.1.8

Commits

c827fce 0.1.10
29b96b4 Add backtrack protection to parameters
ac4c234 Update repo url (#314)
bdb6635 0.1.9
c4272e4 Allow a non-lookahead regex (#312)
51a1955 0.1.8
114f62d Add support for named matching groups (#301)
See full diff in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates send from 0.18.0 to 0.19.0

Release notes

Sourced from send's releases.

0.19.0

What's Changed

Remove link renderization in html while redirecting (pillarjs/send#235)

New Contributors

@UlisesGascon made their first contribution in pillarjs/send#235

Full Changelog: pillarjs/send@0.18.0...0.19.0

Changelog

Sourced from send's changelog.

0.19.0 / 2024-09-10

Remove link renderization in html while redirecting

Commits

9d2db99 0.19.0
ae4f298 Merge commit from fork
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.

Updates express from 4.20.0 to 4.21.2

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

[email protected] by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

... (truncated)

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates serve-static from 1.15.0 to 1.16.2

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

Remove link renderization in html while redirecting (expressjs/serve-static#173)

New Contributors

@UlisesGascon made their first contribution in expressjs/serve-static#173

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

Changelog

Sourced from serve-static's changelog.

1.16.2 / 2024-09-11

deps: encodeurl@~2.0.0

1.16.1 / 2024-09-11

deps: [email protected]

1.16.0 / 2024-09-10

Remove link renderization in html while redirecting

Commits

ec9c5ec 1.16.2
f454d37 fix(deps): encodeurl@~2.0.0
77a8255 1.16.1
4263f49 fix(deps): [email protected]
48c7397 1.16.0
0c11fad Merge commit from fork
See full diff in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for serve-static since your current version.

Updates yargs-parser from 2.4.1 to 21.1.1

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

allow the browser build to be imported (#443) (a89259f)

Bug Fixes

halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)

node version check now uses process.versions.node (#450) (d07bcdb)

parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

return deno env object (#432) (b00eb87)

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

drops support for 10 (#421)

Bug Fixes

esm json import (#416) (90f970a)

parser should preserve inner quotes (#407) (ae11f49)

Code Refactoring

drops support for 10 (#421) (3aaf878)

yargs-parser yargs-parser-v20.2.9

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

21.1.1 (2022-08-04)

Bug Fixes

typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

allow the browser build to be imported (#443) (a89259f)

Bug Fixes

halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)

node version check now uses process.versions.node (#450) (d07bcdb)

parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

return deno env object (#432) (b00eb87)

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

drops support for 10 (#421)

Bug Fixes

esm json import (#416) (90f970a)

parser should preserve inner quotes (#407) (ae11f49)

Code Refactoring

drops support for 10 (#421) (3aaf878)

20.2.9 (2021-06-20)

Bug Fixes

... (truncated)

Commits

3aba24c chore(main): release yargs-parser 21.1.1 (#455)
d69f9c3 fix(typescript): ignore .cts files during publish (#454)
90067a0 chore(main): release yargs-parser 21.1.0 (#446)
d07bcdb fix: node version check now uses process.versions.node (#450)
c0c6079 chore(deps): update dependency puppeteer to v16 (

… updates Bumps the npm_and_yarn group with 6 updates in the /base directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.18.1` | `4.20.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `4.1.0` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [send](https://github.com/pillarjs/send) | `0.18.0` | `0.19.0` | | [express](https://github.com/expressjs/express) | `4.20.0` | `4.21.2` | | [yargs-parser](https://github.com/yargs/yargs-parser) | `2.4.1` | `21.1.1` | | [@stefcud/configyml](https://github.com/stefanocudini/configYml) | `0.0.5` | `1.3.2` | Bumps the npm_and_yarn group with 4 updates in the /drt directory: [semver](https://github.com/npm/node-semver), [protobufjs](https://github.com/protobufjs/protobuf.js), [async](https://github.com/caolan/async) and [jszip](https://github.com/Stuk/jszip). Bumps the npm_and_yarn group with 3 updates in the /gbfs directory: [braces](https://github.com/micromatch/braces), [got](https://github.com/sindresorhus/got) and [nodemon](https://github.com/remy/nodemon). Bumps the npm_and_yarn group with 6 updates in the /geocoder directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.17.3` | `4.21.2` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` | | [nodemon](https://github.com/remy/nodemon) | `2.0.15` | `2.0.22` | | [cookiejar](https://github.com/bmeck/node-cookiejar) | `2.1.3` | `2.1.4` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | Bumps the npm_and_yarn group with 7 updates in the /journey directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.17.3` | `4.21.2` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [moment](https://github.com/moment/moment) | `2.29.1` | `2.29.4` | | [node-sass](https://github.com/sass/node-sass) | `6.0.1` | `9.0.0` | | [semantic-release](https://github.com/semantic-release/semantic-release) | `15.14.0` | `19.0.3` | | [eventsource](https://github.com/EventSource/eventsource) | `1.1.0` | `1.1.2` | Updates `express` from 4.18.1 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.20.0) Updates `js-yaml` from 3.14.1 to 4.1.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@3.14.1...4.1.0) Updates `body-parser` from 1.20.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.3) Updates `cookie` from 0.5.0 to 0.6.0 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md) - [Commits](jshttp/cookie@v0.5.0...v0.6.0) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `express` from 4.20.0 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.20.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `yargs-parser` from 2.4.1 to 21.1.1 - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md) - [Commits](yargs/yargs-parser@v2.4.1...yargs-parser-v21.1.1) Updates `@stefcud/configyml` from 0.0.5 to 1.3.2 - [Commits](stefanocudini/configYml@v0.0.5...v1.3.2) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `protobufjs` from 6.11.2 to 6.11.4 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](https://github.com/protobufjs/protobuf.js/commits) Updates `async` from 3.2.3 to 3.2.6 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v3.2.3...v3.2.6) Updates `jszip` from 3.7.1 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.7.1...v3.10.1) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Removes `got` Updates `nodemon` from 2.0.15 to 2.0.22 - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](remy/nodemon@v2.0.15...v2.0.22) Updates `express` from 4.17.3 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.20.0) Updates `body-parser` from 1.19.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.3) Updates `cookie` from 0.4.2 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md) - [Commits](jshttp/cookie@v0.5.0...v0.6.0) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `send` from 0.17.2 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.14.2 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Removes `got` Updates `nodemon` from 2.0.15 to 2.0.22 - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](remy/nodemon@v2.0.15...v2.0.22) Updates `cookiejar` from 2.1.3 to 2.1.4 - [Commits](https://github.com/bmeck/node-cookiejar/commits) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `express` from 4.17.3 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.20.0) Updates `body-parser` from 1.19.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.3) Updates `cookie` from 0.4.2 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md) - [Commits](jshttp/cookie@v0.5.0...v0.6.0) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `send` from 0.17.2 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.14.2 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v3.2.3...v3.2.6) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `moment` from 2.29.1 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.1...2.29.4) Updates `node-sass` from 6.0.1 to 9.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v6.0.1...v9.0.0) Updates `semantic-release` from 15.14.0 to 19.0.3 - [Release notes](https://github.com/semantic-release/semantic-release/releases) - [Commits](semantic-release/semantic-release@v15.14.0...v19.0.3) Updates `eventsource` from 1.1.0 to 1.1.2 - [Release notes](https://github.com/EventSource/eventsource/releases) - [Changelog](https://github.com/EventSource/eventsource/blob/main/CHANGELOG.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.2) Updates `marked` from 0.7.0 to 4.3.0 - [Release notes](https://github.com/markedjs/marked/releases) - [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json) - [Commits](markedjs/marked@v0.7.0...v4.3.0) Updates `scss-tokenizer` from 0.2.3 to 0.4.3 - [Release notes](https://github.com/sasstools/scss-tokenizer/releases) - [Commits](sasstools/scss-tokenizer@v0.2.3...v0.4.3) Updates `semver-regex` from 2.0.0 to 3.1.4 - [Release notes](https://github.com/sindresorhus/semver-regex/releases) - [Commits](sindresorhus/semver-regex@v2.0.0...v3.1.4) --- updated-dependencies: - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yargs-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@stefcud/configyml" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nodemon dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nodemon dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: cookiejar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: semantic-release dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: marked dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: scss-tokenizer dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver-regex dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-12-17T09:54:02Z

Superseded by #219.

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 17, 2024

dependabot bot closed this Dec 17, 2024

dependabot bot deleted the dependabot/npm_and_yarn/base/npm_and_yarn-5242a06ac4 branch December 17, 2024 09:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the npm_and_yarn group across 5 directories with 25 updates #218

build(deps): bump the npm_and_yarn group across 5 directories with 25 updates #218

dependabot bot commented on behalf of github Dec 17, 2024

dependabot bot commented on behalf of github Dec 17, 2024

build(deps): bump the npm_and_yarn group across 5 directories with 25 updates #218

build(deps): bump the npm_and_yarn group across 5 directories with 25 updates #218

Conversation

dependabot bot commented on behalf of github Dec 17, 2024

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

[4.1.0] - 2021-04-15

Added

Changed

[4.0.0] - 2021-01-03

Changed

Added

Fixed

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.1

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

0.6.0

0.6.0 / 2023-11-06

Backtrack protection

Support non-lookahead regex output

Support named matching groups in RegExp

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

0.19.0

What's Changed

New Contributors

0.19.0 / 2024-09-10

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

1.16.0

What's Changed

New Contributors

1.16.2 / 2024-09-11

1.16.1 / 2024-09-11

1.16.0 / 2024-09-10

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

Bug Fixes

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Support named matching groups in `RegExp`