Bump the npm_and_yarn group across 1 directory with 18 updates #507

dependabot · 2024-06-19T05:44:42Z

Bumps the npm_and_yarn group with 18 updates in the / directory:

Package	From	To
ajv	`6.10.2`	`6.12.6`
braces	`3.0.2`	`3.0.3`
dot-prop	`4.2.0`	`4.2.1`
flat	`4.1.0`	`5.0.2`
mocha	`6.2.0`	`10.4.0`
follow-redirects	`1.15.2`	`1.15.6`
ini	`1.3.5`	`1.3.8`
y18n	`3.2.1`	`3.2.2`
yargs-parser	`7.0.0`	`13.1.2`
npm-check	`5.9.0`	`5.9.2`
minimist	`0.0.8`	`1.2.7`
mkdirp	`0.5.1`	`0.5.6`
pathval	`1.1.0`	`1.1.1`
qs	`6.7.0`	`6.11.0`
body-parser	`1.19.0`	`1.20.2`
socket.io-parser	`4.2.1`	`4.2.4`
ws	`8.2.3`	`8.17.1`
socket.io	`4.5.3`	`4.7.5`

Updates ajv from 6.10.2 to 6.12.6

Release notes

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@sambauers, #1143) Option keywords to add custom keywords (@franciscomorais, #1137) Types fixes (@boenrobot, @MattiAstedrone) Docs:

error logging example (@RadiationSickness)

TypeScript usage notes (@thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

Commits

fe59143 6.12.6
d580d3e Merge pull request #1298 from ajv-validator/fix-url
fd36389 fix: regular expression for "url" format
490e34c docs: link to v7-beta branch
9cd93a1 docs: note about v7 in readme
877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
f1c8e45 6.12.5
764035e Merge branch 'ChALkeR-chalker/fix-comma'
3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Updates dot-prop from 4.2.0 to 4.2.1

Release notes

Sourced from dot-prop's releases.

v4.2.1

Backport sindresorhus/dot-prop@3039c8c to the v4.x release line.

Commits

c914124 feat: patch 4.2.0 with fixes for CVE-2020-8116
See full diff in compare view

Updates flat from 4.1.0 to 5.0.2

Commits

e5ffd66 Release 5.0.2
fdb79d5 Update dependencies, refresh lockfile, format with standard.
e52185d Test against node 14 in CI.
0189cb1 Avoid arrow function syntax.
f25d3a1 Release 5.0.1
54cc7ad use standard formatting
779816e drop dependencies
2eea6d3 Bump lodash from 4.17.15 to 4.17.19
a61a554 Bump acorn from 7.1.0 to 7.4.0
20ef0ef Fix prototype pollution on unflatten
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by timoxley, a new releaser for flat since your current version.

Updates mocha from 6.2.0 to 10.4.0

Release notes

Sourced from mocha's releases.

v10.4.0

10.4.0 / 2024-03-26

🎉 Enhancements

#4829 feat: include .cause stacks in the error stack traces (@voxpelli)

#4985 feat: add file path to xunit reporter (@bmish)

🐛 Fixes

#5074 fix: harden error handling in lib/cli/run.js (@stalet)

🔩 Other

#5077 chore: add mtfoley/pr-compliance-action (@JoshuaKGoldberg)

#5060 chore: migrate ESLint config to flat config (@JoshuaKGoldberg)

#5095 chore: revert #5069 to restore Netlify builds (@voxpelli)

#5097 docs: add sponsored to sponsorship link rels (@JoshuaKGoldberg)

#5093 chore: add 'status: in triage' label to issue templates and docs (@JoshuaKGoldberg)

#5083 docs: fix CHANGELOG.md headings to start with a root-level h1 (@JoshuaKGoldberg)

#5100 chore: fix header generation and production build crashes (@JoshuaKGoldberg)

#5104 chore: bump ESLint ecmaVersion to 2020 (@JoshuaKGoldberg)

#5116 fix: eleventy template builds crash with 'unexpected token at ": string, msg..."' (@LcsK)

#4869 docs: fix documentation concerning glob expansion on UNIX (@binki)

#5122 test: fix xunit integration test (@voxpelli)

#5123 chore: activate dependabot for workflows (@voxpelli)

#5125 build(deps): bump the github-actions group with 2 updates (@dependabot)

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

Fix deprecated warn gh actions by @outsideris in mochajs/mocha#4962

fix #4837 Update glob due to vulnerability in dep by @jb2311 in mochajs/mocha#4970

Add Node v19 to test matrix by @juergba in mochajs/mocha#4974

chore: fix the ci by @Uzlopak in mochajs/mocha#5020

update can-i-use by @Uzlopak in mochajs/mocha#5021

chore: remove uuid dev dependency by @Uzlopak in mochajs/mocha#5022

chore: remove nanoid as dependency by @Uzlopak in mochajs/mocha#5024

chore: remove touch as dev dependency by @Uzlopak in mochajs/mocha#5023

chore: remove stale workflow by @JoshuaKGoldberg in mochajs/mocha#5029

docs: fix fragment ID for yargs' "extends" documentation by @Spencer-Doak in mochajs/mocha#4918

docs: use mocha.js instead of mocha in the example run by @nikolas in mochajs/mocha#4927

docs: fix jsdoc return type of titlePath method by @F3n67u in mochajs/mocha#4886

docs: overhaul contributing and maintenance docs for end-of-year 2023 by @JoshuaKGoldberg in mochajs/mocha#5038

docs: touchups to labels and a template title post-revamp by @JoshuaKGoldberg in mochajs/mocha#5050

fix: add alt text to Built with Netlify badge by @JoshuaKGoldberg in mochajs/mocha#5068

chore: inline nyan reporter's write function by @JoshuaKGoldberg in mochajs/mocha#5056

chore: remove unnecessary canvas dependency by @JoshuaKGoldberg in mochajs/mocha#5069

... (truncated)

Changelog

Sourced from mocha's changelog.

10.4.0 / 2024-03-26

🎉 Enhancements

#4829 feat: include .cause stacks in the error stack traces (@voxpelli)

#4985 feat: add file path to xunit reporter (@bmish)

🐛 Fixes

#5074 fix: harden error handling in lib/cli/run.js (@stalet)

🔩 Other

#5077 chore: add mtfoley/pr-compliance-action (@JoshuaKGoldberg)

#5060 chore: migrate ESLint config to flat config (@JoshuaKGoldberg)

#5095 chore: revert #5069 to restore Netlify builds (@voxpelli)

#5097 docs: add sponsored to sponsorship link rels (@JoshuaKGoldberg)

#5093 chore: add 'status: in triage' label to issue templates and docs (@JoshuaKGoldberg)

#5083 docs: fix CHANGELOG.md headings to start with a root-level h1 (@JoshuaKGoldberg)

#5100 chore: fix header generation and production build crashes (@JoshuaKGoldberg)

#5104 chore: bump ESLint ecmaVersion to 2020 (@JoshuaKGoldberg)

#5116 fix: eleventy template builds crash with 'unexpected token at ": string, msg..."' (@LcsK)

#4869 docs: fix documentation concerning glob expansion on UNIX (@binki)

#5122 test: fix xunit integration test (@voxpelli)

#5123 chore: activate dependabot for workflows (@voxpelli)

#5125 build(deps): bump the github-actions group with 2 updates (@dependabot)

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

🔩 Other

#5069: chore: remove unnecessary canvas dependency (@JoshuaKGoldberg)

#5068: fix: add alt text to Built with Netlify badge (@JoshuaKGoldberg)

#5056: chore: inline nyan reporter's write function (@JoshuaKGoldberg)

#5050: docs: touchups to labels and a template title post-revamp (@JoshuaKGoldberg)

#5038: docs: overhaul contributing and maintenance docs for end-of-year 2023 (@JoshuaKGoldberg)

#5029: chore: remove stale workflow (@JoshuaKGoldberg)

#5024: chore: remove nanoid as dependency (@Uzlopak)

#5023: chore: remove touch as dev dependency (@Uzlopak)

#5022: chore: remove uuid dev dependency (@Uzlopak)

#5021: update can-i-use (@Uzlopak)

#5020: chore: fix the ci (@Uzlopak)

#4974: Add Node v19 to test matrix (@juergba)

... (truncated)

Commits

ffd9557 Release v10.4.0
7ac67f3 build(deps): bump the github-actions group with 2 updates (#5125)
7a2781c chore: activate dependabot for workflows (#5123)
97dcbb2 fix: harden error handling in lib/cli/run.js (#5074)
6f3f45e fix: xunit integration test (#5122)
a5b5652 docs: fix documentation concerning glob expansion on UNIX (#4869)
efbb147 feat: add file path to xunit reporter (#4985)
a2e600d fix: closes #5115 (#5116)
3735873 feat: include .cause stacks in the error stack traces (#4829)
b88978d chore: bump ESLint ecmaVersion to 2020 (#5104)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.

Updates follow-redirects from 1.15.2 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Updates ini from 1.3.5 to 1.3.8

Commits

a2c5da8 1.3.8
af5c6bb Do not use Object.create(null)
8b648a1 don't test where our devdeps don't even work
c74c8af 1.3.7
024b8b5 update deps, add linting
032fbaf Use Object.create(null) to avoid default object property hazards
2da9039 1.3.6
cfea636 better git push script, before publish instead of after
56d2805 do not allow invalid hazardous string as section name
See full diff in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Updates y18n from 3.2.1 to 3.2.2

Release notes

Sourced from y18n's releases.

y18n y18n-v4.0.3

Bug Fixes

release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

y18n y18n-v4.0.2

Bug Fixes

security: ensure entry exists for backport (#120) (b22c0df)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

Updates yargs-parser from 7.0.0 to 13.1.2

Changelog

Sourced from yargs-parser's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

21.1.1 (2022-08-04)

Bug Fixes

typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

allow the browser build to be imported (#443) (a89259f)

Bug Fixes

halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)

node version check now uses process.versions.node (#450) (d07bcdb)

parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

return deno env object (#432) (b00eb87)

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

drops support for 10 (#421)

Bug Fixes

esm json import (#416) (90f970a)

parser should preserve inner quotes (#407) (ae11f49)

Code Refactoring

drops support for 10 (#421) (3aaf878)

20.2.9 (2021-06-20)

... (truncated)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.

Updates npm-check from 5.9.0 to 5.9.2

Commits

f8ce810 5.9.2
edc4a6d Downgrade depcheck to restore older Node.js support
dcb8bbe 5.9.1
c610aa8 Merge pull request #368 from omrilotan/2019-10-29-fix-vuln
ce892a9 Update depcheck
4b633e2 Fix vulnerabilities
f569c7d Merge pull request #326 from mansona/fixing-ci
b713af5 adding later node versions to CI
76cefd6 fixing CI for Node 4
f47c605 Merge pull request #321 from dyun8080/patch-1
Additional commits viewable in compare view

Updates minimist from 0.0.8 to 1.2.7

Changelog

Sourced from minimist's changelog.

v1.2.7 - 2022-10-10

Commits

[meta] add auto-changelog 0ebf4eb

[actions] add reusable workflows e115b63

[eslint] add eslint; rules to enable later are warnings f58745b

[Dev Deps] switch from covert to nyc ab03356

[readme] rename and add badges 236f4a0

[meta] create FUNDING.yml; add funding in package.json 783a49b

[meta] use npmignore to autogenerate an npmignore file f81ece6

Only apps should have lockfiles 56cad44

[Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f

[Tests] add aud in posttest 228ae93

[meta] add safe-publish-latest 01fc23f

[meta] update repo URLs 6b164c7

v1.2.6 - 2022-03-21

Commits

test from prototype pollution PR bc8ecee

isConstructorOrProto adapted from PR c2b9819

security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

security notice 4cf1354

additional test for constructor prototype pollution 1043d21

v1.2.3 - 2020-03-10

Commits

more failing proto pollution tests 13c01a5

even more aggressive checks for protocol pollution 38a4d1c

v1.2.2 - 2020-03-10

Commits

failing test for protocol pollution 0efed03

cleanup 67d3722

console.dir -> console.log 47acf72

don't assign onto proto 63e7ed0

... (truncated)

Commits

c590d75 v1.2.7
0ebf4eb [meta] add auto-changelog
e115b63 [actions] add reusable workflows
01fc23f [meta] add safe-publish-latest
f58745b [eslint] add eslint; rules to enable later are warnings
228ae93 [Tests] add aud in posttest
236f4a0 [readme] rename and add badges
ab03356 [Dev Deps] switch from covert to nyc
49c5f9f [Dev Deps] update covert, tape; remove unnecessary tap
783a49b [meta] create FUNDING.yml; add funding in package.json
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates mkdirp from 0.5.1 to 0.5.6

Commits

92f086d 0.5.6
2a28125 clean up tests
c905d65 update minimist
049cf18 0.5.5
bea6382 Remove unnecessary umask calls
42a012c 0.5.4
2867920 fix infinite loop on windows machines
d784e70 0.5.3
d612c5d add files list so this package isn't a monster
b2e7ba0 0.5.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.

Updates pathval from 1.1.0 to 1.1.1

Release notes

Sourced from pathval's releases.

v1.1.1

Fixes a security issue around prototype pollution.

Commits

db6c3e3 chore: v1.1.1
7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution
49ce1f4 style: correct rule in package.json
c77b9d2 fix: prototype pollution vulnerability + working tests
49031e4 chore: remove very old nodejs
57730a9 chore: update deps and tool configuration
a123018 Merge pull request #55 from chaijs/remove-lgtm
07eb4a8 Delete MAINTAINERS
a0147cd Merge pull request #54 from astorije/patch-1
aebb278 Center repo name on README
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by chai, a new releaser for pathval since your current version.

Updates qs from 6.7.0 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

[New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)

[readme] fix version badge

6.10.5

[Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

[Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)

[meta] use npmignore to autogenerate an npmignore file

[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

[Fix] parse: ignore __proto__ keys (#428)

[Robustness] stringify: avoid relying on a global undefined (#427)

[actions] reuse common workflows

[Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

[Fix] stringify: actually fix cyclic references (#426)

[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] add note and links for coercing primitive values (#408)

[actions] update codecov uploader

[actions] update workflows

[Tests] clean up stringify tests slightly

[Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

[Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

[New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)

[New] parse: add allowSparse option for collapsing arrays with missing indices (#312)

[meta] fix README.md (#399)

[meta] only run npm run dist in publish, not install

[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape

[Tests] fix tests on node v0.6

[Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run

[Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

[Fix] parse: ignore __proto__ keys (#428)

[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] add note and links for coercing primitive values (#408)

[Tests] clean up stringify tests slightly

[meta] fix README.md (#399)

Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits

56763c1 v6.11.0
ddd3e29 [readme] fix version badge
c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
95bc018 v6.10.5
0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
ba9703c v6.10.4
4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
113b990 [Dev Deps] update object-inspect
c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
2cf45b2 [meta] use npmignore to autogenerate an npmignore file
Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.2

Release notes

Sourced from body-parser's releases.

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

1.20.1

deps: qs@6.11.0

perf: remove unnecessary object clone

1.20.0

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: depd@2.0.0

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: http-errors@2.0.0

deps: depd@2.0.0

deps: statuses@2.0.1

deps: on-finished@2.4.1

deps: qs@6.10.3

deps: raw-body@2.5.1

deps: http-errors@2.0.0

1.19.2

deps: bytes@3.1.2

deps: qs@6.9.7

Fix handling of __proto__ keys

deps: raw-body@2.4.3

deps: bytes@3.1.2

1.19.1

deps: bytes@3.1.1

deps: http-errors@1.8.1

deps: inherits@2.0.4

deps: toidentifier@1.0.1

deps: setprototypeof@1.2.0

deps: qs@6.9.6

deps: raw-body@2.4.2

deps: bytes@3.1.1

deps: http-errors@1.8.1

deps: safe-buffer@5.2.1

deps: type-is@~1.6.18

Changelog

Sourced from body-parser's changelog.

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

1.20.1 / 2022-10-06

deps: qs@6.11.0

perf: remove unnecessary object clone

1.20.0 / 2022-04-02

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: depd@2.0.0

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: http-errors@2.0.0

deps: depd@2.0.0

deps: statuses@2.0.1

deps: on-finished@2.4.1

deps: qs@6.10.3

deps: raw-body@2.5.1

deps: http-errors@2.0.0

1.19.2 / 2022-02-15

deps: bytes@3.1.2

deps: qs@6.9.7

Fix handling of __proto__ keys

deps: raw-body@2.4.3

deps: bytes@3.1.2

1.19.1 / 2021-12-10

deps: bytes@3.1.1

deps: http-errors@1.8.1

deps: inherits@2.0.4

deps: toidentifier@1.0.1

deps: setprototypeof@1.2.0

deps: qs@6.9.6

... (truncated)

Commits

ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
0385872 deps: raw-body@2.5.2
2c35b41 build: eslint@8.34.0
f0646c2 build: Node.js@18.14
f345fb1 build: Node.js@14.21
6842efc deps: content-type@~1.0.5
5af7315 build: eslint-plugin-promise@6.1.1
8e605b3 build: supertest@6.3.3
cba6e77 build: mocha@10.2.0
Additional commits viewable in compare view

Updates socket.io-parser from 4.2.1 to 4.2.4

Release notes

Sourced from socket.io-parser's releases.

4.2.4

Bug Fixes

ensure reserved events cannot be used as event names (d9db473)

properly detect plain objects (b0e6400)

Links

Diff: socketio/socket.io-parser@4.2.3...4.2.4

4.2.3

⚠️ This release contains an important security fix ⚠️

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
TypeError: Cannot convert object to primitive value
       at Socket.emit (node:events:507:25)
       at .../node_modules/socket.io/lib/socket.js:531:14
Please upgrade as soon as possible.

Bug Fixes

check the format of the event name (

Bumps the npm_and_yarn group with 18 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ajv](https://github.com/ajv-validator/ajv) | `6.10.2` | `6.12.6` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [dot-prop](https://github.com/sindresorhus/dot-prop) | `4.2.0` | `4.2.1` | | [flat](https://github.com/hughsk/flat) | `4.1.0` | `5.0.2` | | [mocha](https://github.com/mochajs/mocha) | `6.2.0` | `10.4.0` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.6` | | [ini](https://github.com/npm/ini) | `1.3.5` | `1.3.8` | | [y18n](https://github.com/yargs/y18n) | `3.2.1` | `3.2.2` | | [yargs-parser](https://github.com/yargs/yargs-parser) | `7.0.0` | `13.1.2` | | [npm-check](https://github.com/dylang/npm-check) | `5.9.0` | `5.9.2` | | [minimist](https://github.com/minimistjs/minimist) | `0.0.8` | `1.2.7` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [pathval](https://github.com/chaijs/pathval) | `1.1.0` | `1.1.1` | | [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.11.0` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.2` | | [socket.io-parser](https://github.com/socketio/socket.io-parser) | `4.2.1` | `4.2.4` | | [ws](https://github.com/websockets/ws) | `8.2.3` | `8.17.1` | | [socket.io](https://github.com/socketio/socket.io) | `4.5.3` | `4.7.5` | Updates `ajv` from 6.10.2 to 6.12.6 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.10.2...v6.12.6) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `dot-prop` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/sindresorhus/dot-prop/releases) - [Commits](sindresorhus/dot-prop@v4.2.0...v4.2.1) Updates `flat` from 4.1.0 to 5.0.2 - [Release notes](https://github.com/hughsk/flat/releases) - [Commits](hughsk/flat@4.1.0...5.0.2) Updates `mocha` from 6.2.0 to 10.4.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v6.2.0...v10.4.0) Updates `follow-redirects` from 1.15.2 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) Updates `ini` from 1.3.5 to 1.3.8 - [Release notes](https://github.com/npm/ini/releases) - [Changelog](https://github.com/npm/ini/blob/main/CHANGELOG.md) - [Commits](npm/ini@v1.3.5...v1.3.8) Updates `y18n` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Updates `yargs-parser` from 7.0.0 to 13.1.2 - [Release notes](https://github.com/yargs/yargs-parser/releases) - [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs-parser/commits) Updates `npm-check` from 5.9.0 to 5.9.2 - [Release notes](https://github.com/dylang/npm-check/releases) - [Commits](dylang/npm-check@v5.9.0...v5.9.2) Updates `minimist` from 0.0.8 to 1.2.7 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v0.0.8...v1.2.7) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `pathval` from 1.1.0 to 1.1.1 - [Release notes](https://github.com/chaijs/pathval/releases) - [Changelog](https://github.com/chaijs/pathval/blob/master/CHANGELOG.md) - [Commits](chaijs/pathval@v1.1.0...v1.1.1) Updates `qs` from 6.7.0 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.11.0) Updates `body-parser` from 1.19.0 to 1.20.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.2) Updates `socket.io-parser` from 4.2.1 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.2.1...4.2.4) Updates `ws` from 8.2.3 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.2.3...8.17.1) Updates `socket.io` from 4.5.3 to 4.7.5 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io@4.5.3...4.7.5) --- updated-dependencies: - dependency-name: ajv dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dot-prop dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: flat dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ini dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yargs-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: npm-check dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mkdirp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pathval dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 19, 2024

dependabot bot mentioned this pull request Jun 19, 2024

Bump the npm_and_yarn group across 1 directory with 16 updates #506

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group across 1 directory with 18 updates #507

Bump the npm_and_yarn group across 1 directory with 18 updates #507

Uh oh!

dependabot bot commented on behalf of github Jun 19, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Bump the npm_and_yarn group across 1 directory with 18 updates #507

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 18 updates #507

Uh oh!

Conversation

dependabot bot commented on behalf of github Jun 19, 2024

v6.12.6

v6.12.5

v6.12.4

v6.12.3

v6.12.2

v6.12.1

v6.12.0

v6.11.0

v4.2.1

v10.4.0

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

v10.3.0

What's Changed

10.4.0 / 2024-03-26

🎉 Enhancements

🐛 Fixes

🔩 Other

10.3.0 / 2024-02-08

10.3.0-prerelease / 2024-01-18

🔩 Other

y18n y18n-v4.0.3

Bug Fixes

y18n y18n-v4.0.2

Bug Fixes

Changelog

21.1.1 (2022-08-04)

Bug Fixes

21.1.0 (2022-08-03)

Features

Bug Fixes

21.0.1 (2022-02-27)

Bug Fixes

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

Bug Fixes

Code Refactoring

20.2.9 (2021-06-20)

v1.2.7 - 2022-10-10

Commits

v1.2.6 - 2022-03-21

Commits

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

v1.2.3 - 2020-03-10

Commits

v1.2.2 - 2020-03-10

Commits

v1.1.1

6.11.0

6.10.5

6.10.4

6.10.3

6.10.2

6.10.1

6.10.0

6.9.7

1.20.2

1.20.1

1.20.0

1.19.2

1.19.1

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

4.2.4

Bug Fixes

Links

4.2.3