Bump the npm_and_yarn group with 22 updates #16

dependabot · 2024-11-18T16:46:20Z

Bumps the npm_and_yarn group with 22 updates:

Package	From	To
karma	`6.3.2`	`6.3.16`
body-parser	`1.19.0`	`1.20.3`
braces	`3.0.2`	`3.0.3`
browserify-sign	`4.0.4`	`4.2.3`
cached-path-relative	`1.0.1`	`1.1.0`
cookie	`0.4.1`	`0.7.2`
elliptic	`6.4.1`	`6.6.1`
engine.io	`4.1.1`	`6.6.2`
follow-redirects	`1.5.9`	`1.15.9`
get-func-name	`2.0.0`	`2.0.2`
glob-parent	`5.1.0`	`5.1.2`
lodash	`4.17.20`	`4.17.21`
log4js	`6.3.0`	`6.9.1`
minimist	`1.2.0`	`1.2.8`
path-parse	`1.0.6`	`1.0.7`
qs	`6.7.0`	`6.13.0`
shell-quote	`1.6.1`	`1.8.1`
socket.io-parser	`4.0.4`	`4.2.4`
socket.io	`3.1.2`	`4.8.1`
terser	`5.3.4`	`5.36.0`
ua-parser-js	`0.7.28`	`0.7.39`
ws	`7.4.5`	`8.17.1`

Updates karma from 6.3.2 to 6.3.16

Release notes

Sourced from karma's releases.

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

remove string template from client code (91d5acd)

warn when singleRun and autoWatch are false (69cfc76)

security: remove XSS vulnerability in returnUrl query param (839578c)

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

deps: bump log4js to resolve security issue (5bf2df3), closes #3751

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

remove depreciation warning from log4js (41bed33)

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.0 (2022-06-14)

Features

support SRI verification of link tags (dc51a2e)

support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

6.3.15 (2022-02-05)

Bug Fixes

helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes karma-runner/karma-coverage#434

... (truncated)

Commits

ab4b328 chore(release): 6.3.16 [skip ci]
ff7edbb fix(security): mitigate the "Open Redirect Vulnerability"
c1befa0 chore(release): 6.3.15 [skip ci]
d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
653c762 ci: prevent duplicate CI tasks on creating a PR
c97e562 chore(release): 6.3.14 [skip ci]
91d5acd fix: remove string template from client code
69cfc76 fix: warn when singleRun and autoWatch are false
839578c fix(security): remove XSS vulnerability in returnUrl query param
db53785 chore(release): 6.3.13 [skip ci]
Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

1.20.0

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

1.20.0 / 2022-04-02

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

1.19.2 / 2022-02-15

deps: [email protected]

deps: [email protected]

Fix handling of __proto__ keys

deps: [email protected]

deps: [email protected]

1.19.1 / 2021-12-10

... (truncated)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates cached-path-relative from 1.0.1 to 1.1.0

Commits

See full diff in compare view

Updates cookie from 0.4.1 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

Add partitioned option

0.5.0

Add priority option

Fix expires option to reject invalid dates

pref: improve default decode speed

pref: remove slow string split in parse

0.4.2

pref: read value only when assigning in parse

pref: remove unnecessary regexp in parse

Commits

d19eaa1 0.7.2
bc38ffd Fix object assignment of hasOwnProperty (#177)
cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates elliptic from 6.4.1 to 6.6.1

Commits

9b77436 6.6.1
04cb6f5 Merge commit from fork
b8a7edd 6.6.0
34c8534 fix: signature verification due to leading zeros
3e46a48 6.5.7
accb61e lib: DER signature decoding correction
03e06e1 6.5.6
7ac5360 Merge commit from fork
7570078 6.5.5
206da2e lib: lint
Additional commits viewable in compare view

Updates engine.io from 4.1.1 to 6.6.2

Release notes

Sourced from engine.io's releases.

[email protected]

Bug Fixes

types: remove ws type from .d.ts file (175a2c5)

prevent infinite loop with Node.js built-in WebSocket (4865f2e)

Dependencies

ws@~8.17.1 (no change)

[email protected]

This release contains a bump of the cookie dependency.

See also: GHSA-pxg6-pf52-xh8x

Dependencies

ws@~8.17.1 (no change)

[email protected]

Bug Fixes

do not expose the TransformStream type (f9cb983)

[email protected]

Bug Fixes

discard all pending packets when the server is closed (923a12e)

uws: prevent the client from upgrading twice (d5095fe)

Dependencies

ws@~8.17.1 (no change)

[email protected]

Bug Fixes

move 'offline' event listener at the top (8a2f5a3)

only remove the event listener if it exists (9b3c9ab)

do not send a packet on an expired connection (#5134) (8adcfbf)

Performance Improvements

do not reset the heartbeat timer on each packet (7a23dde)

Dependencies

... (truncated)

Commits

9b80ab4 chore(release): [email protected]
a5d2368 ci: ignore tests when publishing to npm (bis)
88efd44 chore(deps): bump cookie to version 0.7.2 (#5205)
d0fc720 chore(release): [email protected]
4a0555c chore(release): [email protected]
2b60df1 chore(release): [email protected]
d4cb375 ci: ignore tests when publishing to npm
c251ae7 chore(release): [email protected]
8a2f5a3 fix(eio-client): move 'offline' event listener at the top
b04fa64 fix(sio): allow to join a room in a middleware (uws)
Additional commits viewable in compare view

Updates follow-redirects from 1.5.9 to 1.15.9

Commits

e4e55c7 Release version 1.15.9 of the npm package.
31a1abf Attempt much more gentle detection.
d2aaa97 Fix url field.
62558f0 Release version 1.15.8 of the npm package.
a8d1cee Return subtlety.
458ca8e Fix native URL test for Node 20.
ca49e44 Handle KeepAlive connections in tests.
f3711d7 Test on Node 20 and 22.
fda0faf Fix typo.
760757f Release version 1.15.7 of the npm package.
Additional commits viewable in compare view

Updates get-func-name from 2.0.0 to 2.0.2

Release notes

Sourced from get-func-name's releases.

v2.0.2

What's Changed

Revert previous changes that shipped this as an ES module.

Full Changelog: https://github.com/chaijs/get-func-name/commits/v2.0.2

v2.0.1

What's Changed

Fix GHSA-4q6p-r6v2-jvc5

Full Changelog: https://github.com/chaijs/get-func-name/commits/v2.0.1

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by keithamus, a new releaser for get-func-name since your current version.

Updates glob-parent from 5.1.0 to 5.1.2

Release notes

Sourced from glob-parent's releases.

v5.1.2

Bug Fixes

eliminate ReDoS (#36) (f923116)

v5.1.1

Bug Fixes

unescape exclamation mark (#26) (a98874f)

Changelog

Sourced from glob-parent's changelog.

5.1.2 (2021-03-06)

Bug Fixes

eliminate ReDoS (#36) (f923116)

6.0.2 (2021-09-29)

Bug Fixes

Improve performance (#53) (843f8de)

6.0.1 (2021-07-20)

Bug Fixes

Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

Correct mishandled escaped path separators (#34)

upgrade scaffold, dropping node <10 support

Bug Fixes

Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

unescape exclamation mark (#26) (a98874f)

Commits

eb2c439 chore: update changelog
12bcb6c chore: release 5.1.2
f923116 fix: eliminate ReDoS (#36)
0b014a7 chore: add JSDoc returns information (#33)
2b24ebd chore: generate initial changelog
9b6e874 chore: release 5.1.1
749c35e ci: try wrapping the JOB_ID in a string
5d39def ci: attempt to switch to published coveralls
0b5b37f ci: put the npm step back in for only Windows
473f5d8 ci: update azure build images
Additional commits viewable in compare view

Updates lodash from 4.17.20 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
See full diff in compare view

Updates log4js from 6.3.0 to 6.9.1

Changelog

Sourced from log4js's changelog.

6.9.1

fix(7922e82): regex for stacktrace - thanks @lamweili

addresses #1377 which has a regression since 6.8.0 from #1363 at commit 7922e82

6.9.0

feat: support for idempotent logging on browser - thanks @aellerton

addresses #968, #1270, #1288, #1372

docs: added that log4js.getLogger() may call log4js.configure() - thanks @lamweili

6.8.0

feat: added log4js.isConfigured() API - thanks @lamweili

docs: added log4js.isConfigured() - thanks @lamweili

feat(layout): support a specifier on %m - thanks @lamweili

fix: tilde expansion for windows - thanks @lamweili

docs: updated typescript usage - thanks @lamweili

test: improved test for fileAppender - thanks @lamweili

ci: generate coverage report in both text and html - thanks @lamweili

ci: replaced deprecated github set-output - thanks @lamweili

chore(deps): updated dependencies - thanks @lamweili

chore(deps): bump streamroller from 3.1.3 to 3.1.5

chore(deps): updated package-lock.json

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.3.0 to 17.4.4

chore(deps-dev): bump @commitlint/config-conventional from 17.3.0 to 17.4.4

chore(deps-dev): bump eslint from 8.28.0 to 8.34.0

chore(deps-dev): bump eslint-config-prettier from 8.5.0 to 8.6.0

chore(deps-dev): bump eslint-import-resolver-node from 0.3.6 to 0.3.7

chore(deps-dev): bump eslint-plugin-import from 2.26.0 to 2.27.5

chore(deps-dev): bump fs-extra from 10.1.0 to 11.1.0

chore(deps-dev): bump husky from 8.0.2 to 8.0.3

chore(deps-dev): bump prettier from 2.8.0 to 2.8.4

chore(deps-dev): bump tap from 16.3.2 to 16.3.4

chore(deps-dev): bump typescript from 4.9.3 to 4.9.5

chore(deps-dev): updated package-lock.json

chore(deps-dev): bump json5 from 1.0.1 to 1.0.2 - thanks @Dependabot

6.7.1

type: updated Configuration.levels type to allow for custom log levels - thanks @lamweili

docs: fixed typo in layouts.md - thanks @dtslvr

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.1.2 to 17.3.0

chore(deps-dev): bump @commitlint/config-conventional from 17.1.0 to 17.3.0

chore(deps-dev): bump eslint from 8.24.0 to 8.28.0

chore(deps-dev): bump husky from 8.0.1 to 8.0.2

chore(deps-dev): bump prettier from 2.7.1 to 2.8.0

chore(deps-dev): bump tap from 16.3.0 to 16.3.2

... (truncated)

Commits

26dcec6 6.9.1
63ae5b9 Merge pull request #1379 from log4js-node/update-docs
185fa66 docs: updated changelog for 6.9.1
ed54dc2 Merge pull request #1378 from log4js-node/1377-defaultparsecallstack-cant-par...
2628688 fix(7922e82): regex for stacktrace
b3919d8 6.9.0
7cfe8a4 Merge pull request #1376 from log4js-node/update-docs
f89e7b6 docs: updated changelog for 6.9.0
0082928 Merge pull request #1375 from log4js-node/update-docs
c0db6a4 docs: added that log4js.getLogger() may call log4js.configure()
Additional commits viewable in compare view

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

[Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)

[Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)

[Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

[Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)

[Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)

[Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

[Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)

[Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

Merge tag 'v0.2.3' a026794

[eslint] fix indentation and whitespace 5368ca4

[eslint] fix indentation and whitespace e5f5067

[eslint] more cleanup 62fde7d

[eslint] more cleanup 36ac5d0

[meta] add auto-changelog 73923d2

[actions] add reusable workflows d80727d

[eslint] add eslint; rules to enable later are warnings 48bc06a

[eslint] fix indentation 34b0f1c

[readme] rename and add badges 5df0fe4

[Dev Deps] switch from covert to nyc a48b128

[Dev Deps] update covert, tape; remove unnecessary tap f0fb958

[meta] create FUNDING.yml; add funding in package.json 3639e0c

[meta] use npmignore to autogenerate an npmignore file be2e038

Only apps should have lockfiles 282b570

isConstructorOrProto adapted from PR ef9153f

[Dev Deps] update @ljharb/eslint-config, aud 098873c

[Dev Deps] update @ljharb/eslint-config, aud 3124ed3

[meta] add safe-publish-latest 4b927de

[Tests] add aud in posttest b32d9bd

[meta] update repo URLs f9fdfc0

[actions] Avoid 0.6 tests due to build failures ba92fe6

[Dev Deps] update tape 950eaa7

[Dev Deps] add missing npmignore dev dep 3226afa

Merge tag 'v0.2.2'

Bumps the npm_and_yarn group with 22 updates: | Package | From | To | | --- | --- | --- | | [karma](https://github.com/karma-runner/karma) | `6.3.2` | `6.3.16` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [cached-path-relative](https://github.com/ashaffer/cached-path-relative) | `1.0.1` | `1.1.0` | | [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` | | [elliptic](https://github.com/indutny/elliptic) | `6.4.1` | `6.6.1` | | [engine.io](https://github.com/socketio/socket.io) | `4.1.1` | `6.6.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.5.9` | `1.15.9` | | [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` | | [glob-parent](https://github.com/gulpjs/glob-parent) | `5.1.0` | `5.1.2` | | [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.17.21` | | [log4js](https://github.com/log4js-node/log4js-node) | `6.3.0` | `6.9.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.13.0` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.6.1` | `1.8.1` | | [socket.io-parser](https://github.com/Automattic/socket.io-parser) | `4.0.4` | `4.2.4` | | [socket.io](https://github.com/socketio/socket.io) | `3.1.2` | `4.8.1` | | [terser](https://github.com/terser/terser) | `5.3.4` | `5.36.0` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.28` | `0.7.39` | | [ws](https://github.com/websockets/ws) | `7.4.5` | `8.17.1` | Updates `karma` from 6.3.2 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.3.2...v6.3.16) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `cached-path-relative` from 1.0.1 to 1.1.0 - [Commits](https://github.com/ashaffer/cached-path-relative/commits) Updates `cookie` from 0.4.1 to 0.7.2 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.1...v0.7.2) Updates `elliptic` from 6.4.1 to 6.6.1 - [Commits](indutny/elliptic@v6.4.1...v6.6.1) Updates `engine.io` from 4.1.1 to 6.6.2 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/[email protected]) Updates `follow-redirects` from 1.5.9 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.5.9...v1.15.9) Updates `get-func-name` from 2.0.0 to 2.0.2 - [Release notes](https://github.com/chaijs/get-func-name/releases) - [Commits](https://github.com/chaijs/get-func-name/commits/v2.0.2) Updates `glob-parent` from 5.1.0 to 5.1.2 - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](gulpjs/glob-parent@v5.1.0...v5.1.2) Updates `lodash` from 4.17.20 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.20...4.17.21) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.7.0 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.13.0) Updates `shell-quote` from 1.6.1 to 1.8.1 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.6.1...v1.8.1) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `socket.io` from 3.1.2 to 4.8.1 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/[email protected]) Updates `terser` from 5.3.4 to 5.36.0 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.3.4...v5.36.0) Updates `ua-parser-js` from 0.7.28 to 0.7.39 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/0.7.39/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.28...0.7.39) Updates `ws` from 7.4.5 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.5...8.17.1) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cached-path-relative dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: get-func-name dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob-parent dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Nov 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group with 22 updates #16

Bump the npm_and_yarn group with 22 updates #16

dependabot bot commented on behalf of github Nov 18, 2024

Bump the npm_and_yarn group with 22 updates #16

Are you sure you want to change the base?

Bump the npm_and_yarn group with 22 updates #16

Conversation

dependabot bot commented on behalf of github Nov 18, 2024

v6.3.16

6.3.16 (2022-02-10)

Bug Fixes

v6.3.15

6.3.15 (2022-02-05)

Bug Fixes

v6.3.14

6.3.14 (2022-02-05)

Bug Fixes

v6.3.13

6.3.13 (2022-01-31)

Bug Fixes

v6.3.12

6.3.12 (2022-01-24)

Bug Fixes

v6.3.11

6.3.11 (2022-01-13)

Bug Fixes

6.4.0 (2022-06-14)

Features

6.3.20 (2022-05-13)

Bug Fixes

6.3.19 (2022-04-19)

Bug Fixes

6.3.18 (2022-04-13)

Bug Fixes

6.3.17 (2022-02-28)

Bug Fixes

6.3.16 (2022-02-10)

Bug Fixes

6.3.15 (2022-02-05)

Bug Fixes

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.1

1.20.0

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v0.7.2

0.7.1

0.7.0

0.6.0

0.5.0

0.4.2

Bug Fixes

Dependencies

Dependencies

Bug Fixes

Bug Fixes

Dependencies

Bug Fixes

Performance Improvements

Dependencies

v2.0.2

What's Changed

v2.0.1

What's Changed

v5.1.2