Bump the npm_and_yarn group across 1 directory with 37 updates #9
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps the npm_and_yarn group with 18 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `11.2.6` | `11.2.7` | | [bootstrap](https://github.com/twbs/bootstrap) | `4.1.1` | `5.0.0` | | [karma](https://github.com/karma-runner/karma) | `6.1.2` | `6.3.16` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.13.0` | `7.25.6` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `5.0.1` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.21.0` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `0.1102.5` | `18.2.5` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.13.3` | `1.15.9` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [jszip](https://github.com/Stuk/jszip) | `3.6.0` | `3.10.1` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.13.0` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `7.6.3` | | [semver](https://github.com/npm/node-semver) | `6.3.0` | `7.6.3` | | [@angular/cli](https://github.com/angular/angular-cli) | `11.2.5` | `18.2.5` | Updates `@angular/core` from 11.2.6 to 11.2.7 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/11.2.7/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/11.2.7/packages/core) Updates `bootstrap` from 4.1.1 to 5.0.0 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v4.1.1...v5.0.0) Updates `karma` from 6.1.2 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.1.2...v6.3.16) Updates `@babel/traverse` from 7.13.0 to 7.25.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.6/packages/babel-traverse) Updates `ansi-regex` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `ansi-regex` from 4.1.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `ansi-regex` from 3.0.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `express` from 4.17.1 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.17.1...4.21.0) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `@angular-devkit/build-angular` from 0.1102.5 to 18.2.5 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular-cli/commits/18.2.5) Updates `engine.io` from 4.1.1 to 6.6.1 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/4.1.1...engine.io@6.6.1) Updates `express` from 4.17.1 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.17.1...4.21.0) Updates `follow-redirects` from 1.13.3 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.13.3...v1.15.9) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 1.0.1 to 2.2.0 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v2.2.0) Updates `jszip` from 3.6.0 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.6.0...v3.10.1) Updates `loader-utils` from 1.2.3 to 2.0.0 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/master/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.2.3...v2.0.0) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `micromatch` from 3.1.10 to 4.0.2 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@3.1.10...4.0.2) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `nanoid` from 3.1.22 to 3.3.7 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.22...3.3.7) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `postcss` from 7.0.21 to 8.4.41 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.21...8.4.41) Updates `qs` from 6.5.2 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.13.0) Updates `rollup` from 2.38.4 to 4.20.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.38.4...v4.20.0) Updates `semver` from 5.7.1 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v7.6.3) Updates `semver` from 6.3.0 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v7.6.3) Updates `@angular/cli` from 11.2.5 to 18.2.5 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v11.2.5...18.2.5) Updates `send` from 0.17.1 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.17.1...0.19.0) Updates `serve-static` from 1.14.1 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.14.1...v1.16.2) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `socket.io` from 3.1.2 to 4.8.0 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/3.1.2...socket.io@4.8.0) Updates `tar` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.0...v6.2.1) Updates `terser` from 4.8.0 to 5.31.6 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.8.0...v5.31.6) Updates `ua-parser-js` from 0.7.24 to 0.7.39 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/0.7.39/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.24...0.7.39) Updates `webpack-dev-middleware` from 3.7.2 to 7.4.2 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.2...v7.4.2) Updates `ws` from 6.2.1 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...8.17.1) --- updated-dependencies: - dependency-name: "@angular/core" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: bootstrap dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@angular-devkit/build-angular" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@angular/cli" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
This was referenced Sep 24, 2024
Closed
|
@dependabot rebase
…On Tuesday, September 24th, 2024 at 10:11, dependabot[bot] ***@***.***> wrote:
This automated pull request fixes a [security vulnerability](https://github.com/reposman33/Linx-IT_eventPlanner/security/dependabot/215) (high severity).
[Learn more about Dependabot security updates](https://docs.github.com/github/managing-security-vulnerabilities/configuring-dependabot-security-updates).
---------------------------------------------------------------
Bumps the npm_and_yarn group with 18 updates in the / directory:
Package From To
***@***.***/core](https://github.com/angular/angular/tree/HEAD/packages/core) 11.2.6 11.2.7
[bootstrap](https://github.com/twbs/bootstrap) 4.1.1 5.0.0
[karma](https://github.com/karma-runner/karma) 6.1.2 6.3.16
***@***.***/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) 7.13.0 7.25.6
[ansi-regex](https://github.com/chalk/ansi-regex) 5.0.0 5.0.1
[ansi-regex](https://github.com/chalk/ansi-regex) 4.1.0 5.0.1
[ansi-regex](https://github.com/chalk/ansi-regex) 3.0.0 5.0.1
[async](https://github.com/caolan/async) 2.6.3 2.6.4
[body-parser](https://github.com/expressjs/body-parser) 1.19.0 1.20.3
[express](https://github.com/expressjs/express) 4.17.1 4.21.0
[braces](https://github.com/micromatch/braces) 3.0.2 3.0.3
***@***.***/build-angular](https://github.com/angular/angular-cli) 0.1102.5 18.2.5
[follow-redirects](https://github.com/follow-redirects/follow-redirects) 1.13.3 1.15.9
[http-cache-semantics](https://github.com/kornelski/http-cache-semantics) 4.1.0 4.1.1
[jszip](https://github.com/Stuk/jszip) 3.6.0 3.10.1
[minimatch](https://github.com/isaacs/minimatch) 3.0.4 3.1.2
[minimist](https://github.com/minimistjs/minimist) 1.2.5 1.2.8
[qs](https://github.com/ljharb/qs) 6.5.2 6.13.0
[semver](https://github.com/npm/node-semver) 5.7.1 7.6.3
[semver](https://github.com/npm/node-semver) 6.3.0 7.6.3
***@***.***/cli](https://github.com/angular/angular-cli) 11.2.5 18.2.5
Updates @angular/core from 11.2.6 to 11.2.7
Changelog
Sourced from [@angular/core's changelog](https://github.com/angular/angular/blob/11.2.7/CHANGELOG.md).
> 11.2.7 (2021-03-24)
>
> Bug Fixes
>
> - compiler: correctly process multiple rules containing :host selectors ([#41261](https://redirect.github.com/angular/angular/issues/41261)) ([f358d6b](angular/angular@f358d6b)), closes [#41237](https://redirect.github.com/angular/angular/issues/41237)
> - compiler-cli: add useInlining option to type check config ([#41268](https://redirect.github.com/angular/angular/issues/41268)) ([57644e9](angular/angular@57644e9)), closes [#40963](https://redirect.github.com/angular/angular/issues/40963)
> - core: remove obsolete check for [class] and [className] presence ([#41254](https://redirect.github.com/angular/angular/issues/41254)) ([8a53b54](angular/angular@8a53b54))
> - language-service: show suggestion when type inference is suboptimal ([#41072](https://redirect.github.com/angular/angular/issues/41072)) ([18cd7a0](angular/angular@18cd7a0)), closes [angular/vscode-ng-language-service#1155](https://redirect.github.com/angular/vscode-ng-language-service/issues/1155) [#41042](https://redirect.github.com/angular/angular/issues/41042)
Commits
- [8a53b54](angular/angular@8a53b54) fix(core): remove obsolete check for [class] and [className] presence ([#41254](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41254))
- See full diff in [compare view](https://github.com/angular/angular/commits/11.2.7/packages/core)
Updates bootstrap from 4.1.1 to 5.0.0
Release notes
Sourced from [bootstrap's releases](https://github.com/twbs/bootstrap/releases).
> v5.0.0
>
> Highlights
>
> [#32155](https://redirect.github.com/twbs/bootstrap/issues/32155): Updated make-col() mixin to generate equal columns when no size is specified [#32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Added new color-scheme() mixin [#33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown menus now have option become clickable [#33453](https://redirect.github.com/twbs/bootstrap/issues/33453): Added new docs footer [#33548](https://redirect.github.com/twbs/bootstrap/issues/33548): Offcanvas header components are now vertically aligned [#33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Added offcanvas-top modifier [#33634](https://redirect.github.com/twbs/bootstrap/issues/33634): Added support for .dropdown-items wrapped in <li>s [#33626](https://redirect.github.com/twbs/bootstrap/issues/33626): Fix v5 regressions in tab dropdown functionality
>
> 🚀 Features
>
> - [#32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Add color-scheme mixin
> - [#33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown — Add option to make the dropdown menu clickable
> - [#33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Add offcanvas-top modifier
>
> 🎨 CSS
>
> - [#32155](https://redirect.github.com/twbs/bootstrap/issues/32155): Add equal column mixin
> - [#32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Add color-scheme mixin
> - [#33292](https://redirect.github.com/twbs/bootstrap/issues/33292): Make accordion icon rotation more natural
> - [#33411](https://redirect.github.com/twbs/bootstrap/issues/33411): Fix validation feedback icon in select multiple
> - [#33478](https://redirect.github.com/twbs/bootstrap/issues/33478): Make .nav-link color consistent when using buttons
> - [#33482](https://redirect.github.com/twbs/bootstrap/issues/33482): Dropdown — Apply positioning only when Popper is not used
> - [#33548](https://redirect.github.com/twbs/bootstrap/issues/33548): Vertically align offcanvas header components
> - [#33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Add offcanvas-top modifier
> - [#33550](https://redirect.github.com/twbs/bootstrap/issues/33550): Spinner alignment changes
> - [#33598](https://redirect.github.com/twbs/bootstrap/issues/33598): Hide validation icons from multiple selects
> - [#33600](https://redirect.github.com/twbs/bootstrap/issues/33600): Have $form-check-input-border's default derive from $black
> - [#33607](https://redirect.github.com/twbs/bootstrap/issues/33607): Reduce color-scheme complexity
> - [#33642](https://redirect.github.com/twbs/bootstrap/issues/33642): use :read-only css selector instead [readonly] for consistency
> - [#33658](https://redirect.github.com/twbs/bootstrap/issues/33658): fix: use list-group variable instead of alert
> - [#33736](https://redirect.github.com/twbs/bootstrap/issues/33736): accordion: fix border-top on Firefox
>
> ☕️ JavaScript
>
> - [#32439](https://redirect.github.com/twbs/bootstrap/issues/32439): Decouple BackDrop from modal
> - [#33245](https://redirect.github.com/twbs/bootstrap/issues/33245): Decouple Modal's scrollbar functionality
> - [#33249](https://redirect.github.com/twbs/bootstrap/issues/33249): Simplify Modal Config
> - [#33250](https://redirect.github.com/twbs/bootstrap/issues/33250): Simplify ScrollSpy config
> - [#33310](https://redirect.github.com/twbs/bootstrap/issues/33310): fix: make EventHandler better handle mouseenter/mouseleave events
> - [#33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown — Add option to make the dropdown menu clickable
> - [#33429](https://redirect.github.com/twbs/bootstrap/issues/33429): Remove element event listeners through base component
> - [#33451](https://redirect.github.com/twbs/bootstrap/issues/33451): Add missing things in hide method of dropdown
> - [#33456](https://redirect.github.com/twbs/bootstrap/issues/33456): Use our isDisabled util on dropdown
> - [#33466](https://redirect.github.com/twbs/bootstrap/issues/33466): Refactor dropdown's hide functionality
> - [#33479](https://redirect.github.com/twbs/bootstrap/issues/33479): Fix dropdown escape propagation
> - [#33496](https://redirect.github.com/twbs/bootstrap/issues/33496): Use cached noop function
... (truncated)
Commits
- [bf09367](twbs/bootstrap@bf09367) Release v5.0.0 ([#33647](https://redirect.github.com/twbs/bootstrap/issues/33647))
- [48ae5a7](twbs/bootstrap@48ae5a7) Rewrite migration guide ([#33834](https://redirect.github.com/twbs/bootstrap/issues/33834))
- [f086572](twbs/bootstrap@f086572) refactor(docs): Added form file input variables ([#33833](https://redirect.github.com/twbs/bootstrap/issues/33833))
- [1a54286](twbs/bootstrap@1a54286) Fix doc typo and Bootstrap Icons link ([#33832](https://redirect.github.com/twbs/bootstrap/issues/33832))
- [e2df73f](twbs/bootstrap@e2df73f) Update migration guide for some v5 changes ([#33829](https://redirect.github.com/twbs/bootstrap/issues/33829))
- [1e6356a](twbs/bootstrap@1e6356a) Neutralise more words from placeholder text ([#33731](https://redirect.github.com/twbs/bootstrap/issues/33731))
- [6633845](twbs/bootstrap@6633845) Bump eslint-config-xo from 0.35.0 to 0.36.0 ([#33646](https://redirect.github.com/twbs/bootstrap/issues/33646))
- [cb38744](twbs/bootstrap@cb38744) Tweak toast docs ([#33810](https://redirect.github.com/twbs/bootstrap/issues/33810))
- [c2ff225](twbs/bootstrap@c2ff225) Bump rollup from 2.46.0 to 2.47.0 ([#33818](https://redirect.github.com/twbs/bootstrap/issues/33818))
- [c090ea2](twbs/bootstrap@c090ea2) Bump @babel/preset-env from 7.14.0 to 7.14.1 ([#33819](https://redirect.github.com/twbs/bootstrap/issues/33819))
- Additional commits viewable in [compare view](twbs/bootstrap@v4.1.1...v5.0.0)
Maintainer changes
This version was pushed to npm by [mdo](https://www.npmjs.com/~mdo), a new releaser for bootstrap since your current version.
Updates karma from 6.1.2 to 6.3.16
Release notes
Sourced from [karma's releases](https://github.com/karma-runner/karma/releases).
> v6.3.16
>
> [6.3.16](karma-runner/karma@v6.3.15...v6.3.16) (2022-02-10)
>
> Bug Fixes
>
> - security: mitigate the "Open Redirect Vulnerability" ([ff7edbb](karma-runner/karma@ff7edbb))
>
> v6.3.15
>
> [6.3.15](karma-runner/karma@v6.3.14...v6.3.15) (2022-02-05)
>
> Bug Fixes
>
> - helper: make mkdirIfNotExists helper resilient to concurrent calls ([d9dade2](karma-runner/karma@d9dade2)), closes [karma-runner/karma-coverage#434](https://redirect.github.com//redirect.github.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333)
>
> v6.3.14
>
> [6.3.14](karma-runner/karma@v6.3.13...v6.3.14) (2022-02-05)
>
> Bug Fixes
>
> - remove string template from client code ([91d5acd](karma-runner/karma@91d5acd))
> - warn when singleRun and autoWatch are false ([69cfc76](karma-runner/karma@69cfc76))
> - security: remove XSS vulnerability in returnUrl query param ([839578c](karma-runner/karma@839578c))
>
> v6.3.13
>
> [6.3.13](karma-runner/karma@v6.3.12...v6.3.13) (2022-01-31)
>
> Bug Fixes
>
> - deps: bump log4js to resolve security issue ([5bf2df3](karma-runner/karma@5bf2df3)), closes [#3751](https://redirect.github.com/karma-runner/karma/issues/3751)
>
> v6.3.12
>
> [6.3.12](karma-runner/karma@v6.3.11...v6.3.12) (2022-01-24)
>
> Bug Fixes
>
> - remove depreciation warning from log4js ([41bed33](karma-runner/karma@41bed33))
>
> v6.3.11
>
> [6.3.11](karma-runner/karma@v6.3.10...v6.3.11) (2022-01-13)
>
> Bug Fixes
>
> - deps: pin colors package to 1.4.0 due to security vulnerability ([a5219c5](karma-runner/karma@a5219c5))
... (truncated)
Changelog
Sourced from [karma's changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md).
> [6.3.16](karma-runner/karma@v6.3.15...v6.3.16) (2022-02-10)
>
> Bug Fixes
>
> - security: mitigate the "Open Redirect Vulnerability" ([ff7edbb](karma-runner/karma@ff7edbb))
>
> [6.3.15](karma-runner/karma@v6.3.14...v6.3.15) (2022-02-05)
>
> Bug Fixes
>
> - helper: make mkdirIfNotExists helper resilient to concurrent calls ([d9dade2](karma-runner/karma@d9dade2)), closes [karma-runner/karma-coverage#434](https://redirect.github.com//redirect.github.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333)
>
> [6.3.14](karma-runner/karma@v6.3.13...v6.3.14) (2022-02-05)
>
> Bug Fixes
>
> - remove string template from client code ([91d5acd](karma-runner/karma@91d5acd))
> - warn when singleRun and autoWatch are false ([69cfc76](karma-runner/karma@69cfc76))
> - security: remove XSS vulnerability in returnUrl query param ([839578c](karma-runner/karma@839578c))
>
> [6.3.13](karma-runner/karma@v6.3.12...v6.3.13) (2022-01-31)
>
> Bug Fixes
>
> - deps: bump log4js to resolve security issue ([5bf2df3](karma-runner/karma@5bf2df3)), closes [#3751](https://redirect.github.com/karma-runner/karma/issues/3751)
>
> [6.3.12](karma-runner/karma@v6.3.11...v6.3.12) (2022-01-24)
>
> Bug Fixes
>
> - remove depreciation warning from log4js ([41bed33](karma-runner/karma@41bed33))
>
> [6.3.11](karma-runner/karma@v6.3.10...v6.3.11) (2022-01-13)
>
> Bug Fixes
>
> - deps: pin colors package to 1.4.0 due to security vulnerability ([a5219c5](karma-runner/karma@a5219c5))
>
> [6.3.10](karma-runner/karma@v6.3.9...v6.3.10) (2022-01-08)
>
> Bug Fixes
>
> - logger: create parent folders if they are missing ([0d24bd9](karma-runner/karma@0d24bd9)), closes [#3734](https://redirect.github.com/karma-runner/karma/issues/3734)
... (truncated)
Commits
- [ab4b328](karma-runner/karma@ab4b328) chore(release): 6.3.16 [skip ci]
- [ff7edbb](karma-runner/karma@ff7edbb) fix(security): mitigate the "Open Redirect Vulnerability"
- [c1befa0](karma-runner/karma@c1befa0) chore(release): 6.3.15 [skip ci]
- [d9dade2](karma-runner/karma@d9dade2) fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
- [653c762](karma-runner/karma@653c762) ci: prevent duplicate CI tasks on creating a PR
- [c97e562](karma-runner/karma@c97e562) chore(release): 6.3.14 [skip ci]
- [91d5acd](karma-runner/karma@91d5acd) fix: remove string template from client code
- [69cfc76](karma-runner/karma@69cfc76) fix: warn when singleRun and autoWatch are false
- [839578c](karma-runner/karma@839578c) fix(security): remove XSS vulnerability in returnUrl query param
- [db53785](karma-runner/karma@db53785) chore(release): 6.3.13 [skip ci]
- Additional commits viewable in [compare view](karma-runner/karma@v6.1.2...v6.3.16)
Updates @babel/traverse from 7.13.0 to 7.25.6
Release notes
Sourced from [@babel/traverse's releases](https://github.com/babel/babel/releases).
> v7.25.6 (2024-08-29)
>
> Thanks [@j4k0xb](https://github.com/j4k0xb) for your first PR!
>
> 🐛 Bug Fix
>
> - babel-generator
>
> - [#16783](https://redirect.github.com/babel/babel/pull/16783) Properly print inner comments in TS array types ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [#16775](https://redirect.github.com/babel/babel/pull/16775) fix: jsx whitespace is not properly preserved when retainLines ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-traverse
>
> - [#16727](https://redirect.github.com/babel/babel/pull/16727) fix: path.getAssignmentIdentifiers may be undefined ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-parser
>
> - [#16761](https://redirect.github.com/babel/babel/pull/16761) fix: improve static canFollowModifier checks ([@JLHwung](https://github.com/JLHwung))
>
> - babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
>
> - [#16769](https://redirect.github.com/babel/babel/pull/16769) Only wrap functions in superPropertyGet helper ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
>
> - [#16780](https://redirect.github.com/babel/babel/pull/16780) Do not enforce printing space between ( and comments ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
>
> - [#16781](https://redirect.github.com/babel/babel/pull/16781) Don't throw when enabling both syntax-import-{assertions,attributes} ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16782](https://redirect.github.com/babel/babel/pull/16782) TS union/intersection nested in union does not need parens ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 🏠 Internal
>
> - babel-generator
>
> - [#16777](https://redirect.github.com/babel/babel/pull/16777) Remove unused parent params in the generator ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> Committers: 5
>
> - Babel Bot ([@babel-bot](https://github.com/babel-bot))
> - Huáng Jùnliàng ([@JLHwung](https://github.com/JLHwung))
> - Nicolò Ribaudo ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [@j4k0xb](https://github.com/j4k0xb)
> - [@liuxingbaoyu](https://github.com/liuxingbaoyu)
>
> v7.25.5 (2024-08-23)
>
> 🐛 Bug Fix
>
> - babel-generator, babel-traverse
>
> - [#16764](https://redirect.github.com/babel/babel/pull/16764) fix: Generate sequence expression parentheses correctly ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> 💅 Polish
>
> - babel-generator
>
> - [#16738](https://redirect.github.com/babel/babel/pull/16738) Only force-parenthesize satisfies's LHS if it has newlines ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> Committers: 2
>
> - Nicolò Ribaudo ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [@liuxingbaoyu](https://github.com/liuxingbaoyu)
>
> v7.25.4 (2024-08-22)
... (truncated)
Changelog
Sourced from [@babel/traverse's changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md).
> v7.25.6 (2024-08-29)
>
> 🐛 Bug Fix
>
> - babel-generator
>
> - [#16783](https://redirect.github.com/babel/babel/pull/16783) Properly print inner comments in TS array types ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [#16775](https://redirect.github.com/babel/babel/pull/16775) fix: jsx whitespace is not properly preserved when retainLines ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-traverse
>
> - [#16727](https://redirect.github.com/babel/babel/pull/16727) fix: path.getAssignmentIdentifiers may be undefined ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-parser
>
> - [#16761](https://redirect.github.com/babel/babel/pull/16761) fix: improve static canFollowModifier checks ([@JLHwung](https://github.com/JLHwung))
>
> - babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
>
> - [#16769](https://redirect.github.com/babel/babel/pull/16769) Only wrap functions in superPropertyGet helper ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
>
> - [#16780](https://redirect.github.com/babel/babel/pull/16780) Do not enforce printing space between ( and comments ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
>
> - [#16781](https://redirect.github.com/babel/babel/pull/16781) Don't throw when enabling both syntax-import-{assertions,attributes} ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16782](https://redirect.github.com/babel/babel/pull/16782) TS union/intersection nested in union does not need parens ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 🏠 Internal
>
> - babel-generator
>
> - [#16777](https://redirect.github.com/babel/babel/pull/16777) Remove unused parent params in the generator ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> v7.25.5 (2024-08-23)
>
> 🐛 Bug Fix
>
> - babel-generator, babel-traverse
>
> - [#16764](https://redirect.github.com/babel/babel/pull/16764) fix: Generate parentheses correctly ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> 💅 Polish
>
> - babel-generator
>
> - [#16738](https://redirect.github.com/babel/babel/pull/16738) Only force-parenthesize satisfies's LHS if it has newlines ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> v7.25.4 (2024-08-22)
>
> 🐛 Bug Fix
>
> - babel-traverse
>
> - [#16756](https://redirect.github.com/babel/babel/pull/16756) fix: Skip computed key when renaming ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
>
> - [#16755](https://redirect.github.com/babel/babel/pull/16755) fix: Decorator 2018-09 may throw an exception ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-types
>
> - [#16710](https://redirect.github.com/babel/babel/pull/16710) Visit AST fields nodes according to their syntactical order ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16709](https://redirect.github.com/babel/babel/pull/16709) Print semicolon after TS export namespace as A ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
>
> - [#16722](https://redirect.github.com/babel/babel/pull/16722) Avoid unnecessary parens around sequence expressions ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator, babel-plugin-transform-class-properties
>
> - [#16714](https://redirect.github.com/babel/babel/pull/16714) Avoid unnecessary parens around exported arrow functions ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
... (truncated)
Commits
- [2f72b97](babel/babel@2f72b97) v7.25.6
- [faceae9](babel/babel@faceae9) fix: path.getAssignmentIdentifiers may be undefined ([#16727](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16727))
- [46ee612](babel/babel@46ee612) Remove some NodePath methods ([#16655](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16655))
- [2fdc8b5](babel/babel@2fdc8b5) fix: Generate sequence expression parentheses correctly ([#16764](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16764))
- [cbf124c](babel/babel@cbf124c) v7.25.4
- [2b289fb](babel/babel@2b289fb) fix: skip computed key when renaming ([#16756](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16756))
- [575863c](babel/babel@575863c) Avoid unnecessary parens around sequence expressions ([#16722](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16722))
- [5174ad1](babel/babel@5174ad1) Clean all always enabled parser plugins ([#16572](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16572))
- [52718ab](babel/babel@52718ab) Discontinue babel-eslint-config-internal ([#16718](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16718))
- [dba45d3](babel/babel@dba45d3) Ignore devDependencies when generating tsconfig.json ([#16659](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16659))
- Additional commits viewable in [compare view](https://github.com/babel/babel/commits/v7.25.6/packages/babel-traverse)
Updates ansi-regex from 5.0.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://redirect.github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://redirect.github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates ansi-regex from 4.1.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://redirect.github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://redirect.github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates ansi-regex from 3.0.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://redirect.github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://redirect.github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://redirect.github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates async from 2.6.3 to 2.6.4
Changelog
Sourced from [async's changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md).
> v2.6.4
>
> - Fix potential prototype pollution exploit ([#1828](https://redirect.github.com/caolan/async/issues/1828))
Commits
- [c6bdaca](caolan/async@c6bdaca) Version 2.6.4
- [8870da9](caolan/async@8870da9) Update built files
- [4df6754](caolan/async@4df6754) update changelog
- [8f7f903](caolan/async@8f7f903) Fix prototype pollution vulnerability ([#1828](https://redirect.github.com/caolan/async/issues/1828))
- See full diff in [compare view](caolan/async@v2.6.3...v2.6.4)
Maintainer changes
This version was pushed to npm by [hargasinski](https://www.npmjs.com/~hargasinski), a new releaser for async since your current version.
Updates body-parser from 1.19.0 to 1.20.3
Release notes
Sourced from [body-parser's releases](https://github.com/expressjs/body-parser/releases).
> 1.20.3
>
> What's Changed
>
> Important
>
> - deps: ***@***.***
> - add depth option to customize the depth level in the parser
> - IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). [Documentation](https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth)
>
> Other changes
>
> - chore: add support for OSSF scorecard reporting by [@inigomarquinez](https://github.com/inigomarquinez) in [expressjs/body-parser#522](https://redirect.github.com/expressjs/body-parser/pull/522)
> - ci: fix errors in ci github action for node 8 and 9 by [@inigomarquinez](https://github.com/inigomarquinez) in [expressjs/body-parser#523](https://redirect.github.com/expressjs/body-parser/pull/523)
> - fix: pin to ***@***.*** by [@wesleytodd](https://github.com/wesleytodd) in [expressjs/body-parser#527](https://redirect.github.com/expressjs/body-parser/pull/527)
> - deps: ***@***.*** by [@melikhov-dev](https://github.com/melikhov-dev) in [expressjs/body-parser#521](https://redirect.github.com/expressjs/body-parser/pull/521)
> - Add OSSF Scorecard badge by [@bjohansebas](https://github.com/bjohansebas) in [expressjs/body-parser#531](https://redirect.github.com/expressjs/body-parser/pull/531)
> - Linter by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/body-parser#534](https://redirect.github.com/expressjs/body-parser/pull/534)
> - Release: 1.20.3 by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/body-parser#535](https://redirect.github.com/expressjs/body-parser/pull/535)
>
> New Contributors
>
> - [@inigomarquinez](https://github.com/inigomarquinez) made their first contribution in [expressjs/body-parser#522](https://redirect.github.com/expressjs/body-parser/pull/522)
> - [@melikhov-dev](https://github.com/melikhov-dev) made their first contribution in [expressjs/body-parser#521](https://redirect.github.com/expressjs/body-parser/pull/521)
> - [@bjohansebas](https://github.com/bjohansebas) made their first contribution in [expressjs/body-parser#531](https://redirect.github.com/expressjs/body-parser/pull/531)
> - [@UlisesGascon](https://github.com/UlisesGascon) made their first contribution in [expressjs/body-parser#534](https://redirect.github.com/expressjs/body-parser/pull/534)
>
> Full Changelog: ***@***.***(expressjs/body-parser@1.20.2...1.20.3)
>
> 1.20.2
>
> - Fix strict json error message on Node.js 19+
> - deps: content-type@~1.0.5
>
> - perf: skip value escaping when unnecessary
>
> - deps: ***@***.***
>
> 1.20.1
>
> - deps: ***@***.***
> - perf: remove unnecessary object clone
>
> 1.20.0
>
> - Fix error message for json parse whitespace in strict
> - Fix internal error when inflated body exceeds limit
> - Prevent loss of async hooks context
> - Prevent hanging when request already read
> - deps: ***@***.***
>
> - Replace internal eval usage with Function constructor
> - Use instance methods on process to check for listeners
>
> - deps: ***@***.***
>
> - deps: ***@***.***
> - deps: ***@***.***
>
> - deps: ***@***.***
> - deps: ***@***.***
... (truncated)
Changelog
Sourced from [body-parser's changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md).
> 1.20.3 / 2024-09-10
>
> - deps: ***@***.***
> - add depth option to customize the depth level in the parser
> - IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
>
> 1.20.2 / 2023-02-21
>
> - Fix strict json error message on Node.js 19+
> - deps: content-type@~1.0.5
>
> - perf: skip value escaping when unnecessary
>
> - deps: ***@***.***
>
> 1.20.1 / 2022-10-06
>
> - deps: ***@***.***
> - perf: remove unnecessary object clone
>
> 1.20.0 / 2022-04-02
>
> - Fix error message for json parse whitespace in strict
> - Fix internal error when inflated body exceeds limit
> - Prevent loss of async hooks context
> - Prevent hanging when request already read
> - deps: ***@***.***
>
> - Replace internal eval usage with Function constructor
> - Use instance methods on process to check for listeners
>
> - deps: ***@***.***
>
> - deps: ***@***.***
> - deps: ***@***.***
>
> - deps: ***@***.***
> - deps: ***@***.***
> - deps: ***@***.***
>
> - deps: ***@***.***
>
> 1.19.2 / 2022-02-15
>
> - deps: ***@***.***
> - deps: ***@***.***
>
> - Fix handling of __proto__ keys
>
> - deps: ***@***.***
>
> - deps: ***@***.***
>
> 1.19.1 / 2021-12-10
... (truncated)
Commits
- [1752951](expressjs/body-parser@1752951) 1.20.3
- [39744cf](expressjs/body-parser@39744cf) chore: linter ([#534](https://redirect.github.com/expressjs/body-parser/issues/534))
- [b2695c4](expressjs/body-parser@b2695c4) Merge commit from fork
- [ade0f3f](expressjs/body-parser@ade0f3f) add scorecard to readme ([#531](https://redirect.github.com/expressjs/body-parser/issues/531))
- [99a1bd6](expressjs/body-parser@99a1bd6) deps: ***@***.*** ([#521](https://redirect.github.com/expressjs/body-parser/issues/521))
- [9478591](expressjs/body-parser@9478591) fix: pin to ***@***.***
- [83db46a](expressjs/body-parser@83db46a) ci: fix errors in ci github action for node 8 and 9 ([#523](https://redirect.github.com/expressjs/body-parser/issues/523))
- [9d4e212](expressjs/body-parser@9d4e212) chore: add support for OSSF scorecard reporting ([#522](https://redirect.github.com/expressjs/body-parser/issues/522))
- [ee91374](expressjs/body-parser@ee91374) 1.20.2
- [368a93a](expressjs/body-parser@368a93a) Fix strict json error message on Node.js 19+
- Additional commits viewable in [compare view](expressjs/body-parser@1.19.0...1.20.3)
Maintainer changes
This version was pushed to npm by [ulisesgascon](https://www.npmjs.com/~ulisesgascon), a new releaser for body-parser since your current version.
Updates express from 4.17.1 to 4.21.0
Release notes
Sourced from [express's releases](https://github.com/expressjs/express/releases).
> 4.21.0
>
> What's Changed
>
> - Deprecate "back" magic string in redirects by [@blakeembrey](https://github.com/blakeembrey) in [expressjs/express#5935](https://redirect.github.com/expressjs/express/pull/5935)
> - ***@***.*** by [@wesleytodd](https://github.com/wesleytodd) in [expressjs/express#5954](https://redirect.github.com/expressjs/express/pull/5954)
> - fix(deps): ***@***.*** by [@wesleytodd](https://github.com/wesleytodd) in [expressjs/express#5951](https://redirect.github.com/expressjs/express/pull/5951)
> - Upgraded dependency qs to 6.13.0 to match qs in body-parser by [@agadzinski93](https://github.com/agadzinski93) in [expressjs/express#5946](https://redirect.github.com/expressjs/express/pull/5946)
>
> New Contributors
>
> - [@agadzinski93](https://github.com/agadzinski93) made their first contribution in [expressjs/express#5946](https://redirect.github.com/expressjs/express/pull/5946)
>
> Full Changelog: ***@***.***(expressjs/express@4.20.0...4.21.0)
>
> 4.20.0
>
> What's Changed
>
> Important
>
> - IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
> - Remove link renderization in html while using res.redirect
>
> Other Changes
>
> - 4.19.2 Staging by [@wesleytodd](https://github.com/wesleytodd) in [expressjs/express#5561](https://redirect.github.com/expressjs/express/pull/5561)
> - remove duplicate location test for data uri by [@wesleytodd](https://github.com/wesleytodd) in [expressjs/express#5562](https://redirect.github.com/expressjs/express/pull/5562)
> - feat: document beta releases expectations by [@marco-ippolito](https://github.com/marco-ippolito) in [expressjs/express#5565](https://redirect.github.com/expressjs/express/pull/5565)
> - Cut down on duplicated CI runs by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5564](https://redirect.github.com/expressjs/express/pull/5564)
> - Add a Threat Model by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5526](https://redirect.github.com/expressjs/express/pull/5526)
> - Assign captain of encodeurl by [@blakeembrey](https://github.com/blakeembrey) in [expressjs/express#5579](https://redirect.github.com/expressjs/express/pull/5579)
> - Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5587](https://redirect.github.com/expressjs/express/pull/5587)
> - docs: update Security.md by [@inigomarquinez](https://github.com/inigomarquinez) in [expressjs/express#5590](https://redirect.github.com/expressjs/express/pull/5590)
> - docs: update triage nomination policy by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5600](https://redirect.github.com/expressjs/express/pull/5600)
> - Add CodeQL (SAST) by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5433](https://redirect.github.com/expressjs/express/pull/5433)
> - docs: add UlisesGascon as triage initiative captain by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5605](https://redirect.github.com/expressjs/express/pull/5605)
> - deps: encodeurl@~2.0.0 by [@blakeembrey](https://github.com/blakeembrey) in [expressjs/express#5569](https://redirect.github.com/expressjs/express/pull/5569)
> - skip QUERY method test by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5628](https://redirect.github.com/expressjs/express/pull/5628)
> - ignore ETAG query test on 21 and 22, reuse skip util by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5639](https://redirect.github.com/expressjs/express/pull/5639)
> - add support ***@***.*** in the CI by [@mertcanaltin](https://github.com/mertcanaltin) in [expressjs/express#5627](https://redirect.github.com/expressjs/express/pull/5627)
> - doc: add table of contents, tc/triager lists to readme by [@mertcanaltin](https://github.com/mertcanaltin) in [expressjs/express#5619](https://redirect.github.com/expressjs/express/pull/5619)
> - List and sort all projects, add captains by [@blakeembrey](https://github.com/blakeembrey) in [expressjs/express#5653](https://redirect.github.com/expressjs/express/pull/5653)
> - docs: add [@UlisesGascon](https://github.com/UlisesGascon) as captain for cookie-parser by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5666](https://redirect.github.com/expressjs/express/pull/5666)
> - ✨ bring back query tests for node 21 by [@ctcpip](https://github.com/ctcpip) in [expressjs/express#5690](https://redirect.github.com/expressjs/express/pull/5690)
> - [v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5672](https://redirect.github.com/expressjs/express/pull/5672)
> - skip QUERY tests for Node 21 only, still not supported by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5695](https://redirect.github.com/expressjs/express/pull/5695)
> - 📝 update people, add ctcpip to TC by [@ctcpip](https://github.com/ctcpip) in [expressjs/express#5683](https://redirect.github.com/expressjs/express/pull/5683)
> - remove minor version pinning from ci by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5722](https://redirect.github.com/expressjs/express/pull/5722)
> - Fix link variable use in attribution section of CODE OF CONDUCT by [@IamLizu](https://github.com/IamLizu) in [expressjs/express#5762](https://redirect.github.com/expressjs/express/pull/5762)
> - Replace Appveyor windows testing with GHA by [@jonchurch](https://github.com/jonchurch) in [expressjs/express#5599](https://redirect.github.com/expressjs/express/pull/5599)
> - Add OSSF Scorecard badge by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5436](https://redirect.github.com/expressjs/express/pull/5436)
> - update scorecard link by [@bjohansebas](https://github.com/bjohansebas) in [expressjs/express#5814](https://redirect.github.com/expressjs/express/pull/5814)
> - Nominate [@IamLizu](https://github.com/IamLizu) to the triage team by [@UlisesGascon](https://github.com/UlisesGascon) in [expressjs/express#5836](https://redirect.github.com/expressjs/express/pull/5836)
> - deps: ***@***.*** by [@blakeembrey](https://github.com/blakeembrey) in [expressjs/express#5603](https://redirect.github.com/expressjs/express/pull/5603)
... (truncated)
Changelog
Sourced from [express's changelog](https://github.com/expressjs/express/blob/4.21.0/History.md).
> 4.21.0 / 2024-09-11
>
> - Deprecate res.location("back") and res.redirect("back") magic string
> - deps: ***@***.***
>
> - includes ***@***.***
>
> - deps: ***@***.***
> - deps: ***@***.***
>
> 4.20.0 / 2024-09-10
>
> - deps: ***@***.***
>
> - Remove link renderization in html while redirecting
>
> - deps: ***@***.***
>
> - Remove link renderization in html while redirecting
>
> - deps: ***@***.***
>
> - add depth option to customize the depth level in the parser
> - IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
>
> - Remove link renderization in html while using res.redirect
> - deps: ***@***.***
>
> - Adds support for named matching groups in the routes using a regex
> - Adds backtracking protection to parameters without regexes defined
>
> - deps: encodeurl@~2.0.0
>
> - Removes encoding of \, |, and ^ to align better with URL spec
>
> - Deprecate passing options.maxAge and options.expires to res.clearCookie
>
> - Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
>
> 4.19.2 / 2024-03-25
>
> - Improved fix for open redirect allow list bypass
>
> 4.19.1 / 2024-03-20
>
> - Allow passing non-strings to res.location with new encoding handling checks
>
> 4.19.0 / 2024-03-20
>
> - Prevent open redirect allow list bypass due to encodeurl
> - deps: ***@***.***
>
> 4.18.3 / 2024-02-29
>
> - Fix routing requests without method
> - deps: ***@***.***
>
> - Fix strict json error message on Node.js 19+
> - deps: content-type@~1.0.5
... (truncated)
Commits
- [7e562c6](expressjs/express@7e562c6) 4.21.0
- [1bcde96](expressjs/express@1bcde96) fix(deps): ***@***.*** ([#5946](https://redirect.github.com/expressjs/express/issues/5946))
- [7d36477](expressjs/express@7d36477) fix(deps): ***@***.*** ([#5951](https://redirect.github.com/expressjs/express/issues/5951))
- [40d2d8f](expressjs/express@40d2d8f) fix(deps): ***@***.***
- [77ada90](expressjs/express@77ada90) Deprecate "back" magic string in redirects ([#5935](https://redirect.github.com/expressjs/express/issues/5935))
- [21df421](expressjs/express@21df421) 4.20.0
- [4c9ddc1](expressjs/express@4c9ddc1) feat: upgrade to ***@***.***
- [9ebe5d5](expressjs/express@9ebe5d5) feat: upgrade to ***@***.*** ([#5928](https://redirect.github.com/expressjs/express/issues/5928))
- [ec4a01b](expressjs/express@ec4a01b) feat: upgrade to ***@***.*** ([#5926](https://redirect.github.com/expressjs/express/issues/5926))
- [54271f6](expressjs/express@54271f6) fix: don't render redirect values in anchor href
- Additional commits viewable in [compare view](expressjs/express@4.17.1...4.21.0)
Maintainer changes
This version was pushed to npm by [wesleytodd](https://www.npmjs.com/~wesleytodd), a new releaser for express since your current version.
Updates braces from 3.0.2 to 3.0.3
Commits
- [74b2db2](micromatch/braces@74b2db2) 3...
Description has been truncated
---------------------------------------------------------------
You can view, comment on, or merge this pull request online at:
#9
Commit Summary
- [25170c7](25170c7) Bump the npm_and_yarn group across 1 directory with 37 updates
File Changes
([3 files](https://github.com/reposman33/Linx-IT_eventPlanner/pull/9/files))
- M [package-lock.json](https://github.com/reposman33/Linx-IT_eventPlanner/pull/9/files#diff-053150b640a7ce75eff69d1a22cae7f0f94ad64ce9a855db544dda0929316519) (20586)
- M [package.json](https://github.com/reposman33/Linx-IT_eventPlanner/pull/9/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519) (10)
- M [yarn.lock](https://github.com/reposman33/Linx-IT_eventPlanner/pull/9/files#diff-51e4f558fae534656963876761c95b83b6ef5da5103c4adef6768219ed76c2de) (10275)
Patch Links:
- https://github.com/reposman33/Linx-IT_eventPlanner/pull/9.patch
- https://github.com/reposman33/Linx-IT_eventPlanner/pull/9.diff
—
Reply to this email directly, [view it on GitHub](#9), or [unsubscribe](https://github.com/notifications/unsubscribe-auth/AAYNOZW63UNQZSR26FSSTOLZYEND3AVCNFSM6AAAAABOXWWJS6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU2DINRYGI2TKOA).
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
|
|
Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 18 updates in the / directory:
11.2.611.2.74.1.15.0.06.1.26.3.167.13.07.25.65.0.05.0.14.1.05.0.13.0.05.0.12.6.32.6.41.19.01.20.34.17.14.21.03.0.23.0.30.1102.518.2.51.13.31.15.94.1.04.1.13.6.03.10.13.0.43.1.21.2.51.2.86.5.26.13.05.7.17.6.36.3.07.6.311.2.518.2.5Updates
@angular/corefrom 11.2.6 to 11.2.7Changelog
Sourced from
@angular/core's changelog.Commits
8a53b54fix(core): remove obsolete check for [class] and [className] presence (#41254)Updates
bootstrapfrom 4.1.1 to 5.0.0Release notes
Sourced from bootstrap's releases.
... (truncated)
Commits
bf09367Release v5.0.0 (#33647)48ae5a7Rewrite migration guide (#33834)f086572refactor(docs): Added form file input variables (#33833)1a54286Fix doc typo and Bootstrap Icons link (#33832)e2df73fUpdate migration guide for some v5 changes (#33829)1e6356aNeutralise more words from placeholder text (#33731)6633845Bump eslint-config-xo from 0.35.0 to 0.36.0 (#33646)cb38744Tweak toast docs (#33810)c2ff225Bump rollup from 2.46.0 to 2.47.0 (#33818)c090ea2Bump@babel/preset-envfrom 7.14.0 to 7.14.1 (#33819)Maintainer changes
This version was pushed to npm by mdo, a new releaser for bootstrap since your current version.
Updates
karmafrom 6.1.2 to 6.3.16Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
ab4b328chore(release): 6.3.16 [skip ci]ff7edbbfix(security): mitigate the "Open Redirect Vulnerability"c1befa0chore(release): 6.3.15 [skip ci]d9dade2fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762ci: prevent duplicate CI tasks on creating a PRc97e562chore(release): 6.3.14 [skip ci]91d5acdfix: remove string template from client code69cfc76fix: warn whensingleRunandautoWatcharefalse839578cfix(security): remove XSS vulnerability inreturnUrlquery paramdb53785chore(release): 6.3.13 [skip ci]Updates
@babel/traversefrom 7.13.0 to 7.25.6Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.... (truncated)
Commits
2f72b97v7.25.6faceae9fix:path.getAssignmentIdentifiersmay beundefined(#16727)46ee612Remove someNodePathmethods (#16655)2fdc8b5fix: Generate sequence expression parentheses correctly (#16764)cbf124cv7.25.42b289fbfix: skip computed key when renaming (#16756)575863cAvoid unnecessary parens around sequence expressions (#16722)5174ad1Clean all always enabled parser plugins (#16572)52718abDiscontinue babel-eslint-config-internal (#16718)dba45d3IgnoredevDependencieswhen generatingtsconfig.json(#16659)Updates
ansi-regexfrom 5.0.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
ansi-regexfrom 4.1.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
ansi-regexfrom 3.0.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
asyncfrom 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdacaVersion 2.6.48870da9Update built files4df6754update changelog8f7f903Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
body-parserfrom 1.19.0 to 1.20.3Release notes
Sourced from body-parser's releases.
... (truncated)
Changelog
Sourced from body-parser's changelog.
... (truncated)
Commits
17529511.20.339744cfchore: linter (#534)b2695c4Merge commit from forkade0f3fadd scorecard to readme (#531)99a1bd6deps: qs@6.12.3 (#521)9478591fix: pin to node@22.4.183db46aci: fix errors in ci github action for node 8 and 9 (#523)9d4e212chore: add support for OSSF scorecard reporting (#522)ee913741.20.2368a93aFix strict json error message on Node.js 19+Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.
Updates
expressfrom 4.17.1 to 4.21.0Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
7e562c64.21.01bcde96fix(deps): qs@6.13.0 (#5946)7d36477fix(deps): serve-static@1.16.2 (#5951)40d2d8ffix(deps): finalhandler@1.3.177ada90Deprecate"back"magic string in redirects (#5935)21df4214.20.04c9ddc1feat: upgrade to serve-static@0.16.09ebe5d5feat: upgrade to send@0.19.0 (#5928)ec4a01bfeat: upgrade to body-parser@1.20.3 (#5926)54271f6fix: don't render redirect values in anchor hrefMaintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
bracesfrom 3.0.2 to 3.0.3Commits
74b2db23...Description has been truncated