Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group with 6 updates #47

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group with 6 updates #47

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 10, 2024

Bumps the npm_and_yarn group with 6 updates:

Package From To
body-parser 1.19.2 1.20.3
cookie 0.4.2 0.7.1
express 4.21.0 4.21.1
socket.io 4.7.5 4.8.0
webpack 5.76.1 5.94.0
@angular-devkit/build-angular 15.2.11 18.2.8

Updates body-parser from 1.19.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: [email protected]

1.20.1

1.20.0

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: [email protected]

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates cookie from 0.4.2 to 0.7.1

Release notes

Sourced from cookie's releases.

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

  • Add partitioned option

0.5.0

  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates express from 4.21.0 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

Commits

Updates socket.io from 4.7.5 to 4.8.0

Release notes

Sourced from socket.io's releases.

[email protected]

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";
const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun
Fetch ✅ (1)
NodeXHR
XHR
NodeWebSocket
WebSocket ✅ (2)
WebTransport

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:

import { io } from "socket.io-client";
</tr></table>

... (truncated)

Commits

Updates webpack from 5.76.1 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 15.2.11 to 18.2.8

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v18.2.8

18.2.8 (2024-10-09)

@​schematics/angular

Commit Description
fix - b522002ff add validation for component and directive class name
fix - dfd2d5c05 include index.csr.html in resources asset group

@​angular/build

Commit Description
fix - 9445916f9 Ctrl + C not terminating dev-server with SSR
fix - 9b5cfaa8c always generate a new hash for optimized chunk

v18.2.7

18.2.7 (2024-10-02)

@​schematics/angular

Commit Description
fix - 3f98193d6 support single quote setting in JetBrains IDEs

@​angular/build

Commit Description
fix - 8274184e1 add animate to valid self-closing elements
fix - 2648e811e add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
fix - 736e126e4 separate Vite cache by project

v18.2.6

18.2.6 (2024-09-25)

@​angular/build

Commit Description
fix - 9d0b67124 allow missing HTML file request to fallback to index
fix - 5fea635b2 update rollup to 4.22.4

v18.2.5

18.2.5 (2024-09-18)

@​angular/build

Commit Description
fix - 707431625 support HTTP HEAD requests for virtual output files
fix - 1032b3da1 update vite to 5.4.6

v18.2.4

18.2.4 (2024-09-11)

@​angular/build

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

18.2.8 (2024-10-09)

@​schematics/angular

Commit Type Description
b522002ff fix add validation for component and directive class name
dfd2d5c05 fix include index.csr.html in resources asset group

@​angular/build

Commit Type Description
9445916f9 fix Ctrl + C not terminating dev-server with SSR
9b5cfaa8c fix always generate a new hash for optimized chunk

19.0.0-next.9 (2024-10-02)

@​angular-devkit/build-angular

Commit Type Description
0a4ef3026 feat karma-coverage w/ app builder
dcbdca85c feat karma+esbuild+watch
9d7613db9 fix zone.js/testing + karma + esbuild

@​angular/build

Commit Type Description
f63072668 feat utilize ssr.entry during prerendering to enable access to local API routes
ecfb2b261 fix add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
87a90afd4 fix incomplete string escaping or encoding
c0b76e337 fix separate Vite cache by project

@​angular/ssr

Commit Type Description
50df63196 fix improve handling of route mismatches between Angular server routes and Angular router
64c52521d fix show error when multiple routes are set with RenderMode.AppShell
12ff37adb perf cache generated inline CSS for HTML

... (truncated)

Commits
  • 1e578df release: cut the v18.2.8 release
  • 9445916 fix(@​angular/build): Ctrl + C not terminating dev-server with SSR
  • 9b5cfaa fix(@​angular/build): always generate a new hash for optimized chunk
  • dfd2d5c fix(@​schematics/angular): include index.csr.html in resources asset group
  • af7e775 test: fix typo in directory name
  • b522002 fix(@​schematics/angular): add validation for component and directive class name
  • d21d1e6 release: cut the v18.2.7 release
  • e45983a docs: update license file match that of angular/angular
  • 736e126 fix(@​angular/build): separate Vite cache by project
  • 2648e81 fix(@​angular/build): add few more SVG elements animateMotion, animateTransfor...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group with 6 updates
eebe11a 
Bumps the npm_and_yarn group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [body-parser](https://github.com/expressjs/body-parser) | `1.19.2` | `1.20.3` |
| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `0.7.1` |
| [express](https://github.com/expressjs/express) | `4.21.0` | `4.21.1` |
| [socket.io](https://github.com/socketio/socket.io) | `4.7.5` | `4.8.0` |
| [webpack](https://github.com/webpack/webpack) | `5.76.1` | `5.94.0` |
| [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `15.2.11` | `18.2.8` |


Updates `body-parser` from 1.19.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.19.2...1.20.3)

Updates `cookie` from 0.4.2 to 0.7.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v0.7.1)

Updates `express` from 4.21.0 to 4.21.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md)
- [Commits](expressjs/express@4.21.0...4.21.1)

Updates `socket.io` from 4.7.5 to 4.8.0
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/[email protected]@4.8.0)

Updates `webpack` from 5.76.1 to 5.94.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.76.1...v5.94.0)

Updates `@angular-devkit/build-angular` from 15.2.11 to 18.2.8
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@15.2.11...18.2.8)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 10, 2024
@reposman33
Copy link
Owner

reposman33 commented Oct 11, 2024 via email

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 11, 2024

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@reposman33