Bump the production-dependencies group across 1 directory with 10 updates #63

dependabot · 2024-12-09T04:28:05Z

Bumps the production-dependencies group with 10 updates in the / directory:

Package	From	To
@babel/runtime	`7.25.6`	`7.26.0`
@natlibfi/melinda-backend-commons	`2.3.1`	`2.3.6`
@natlibfi/melinda-commons	`13.0.17`	`13.0.18`
@natlibfi/melinda-rest-api-client	`5.1.1`	`5.1.3`
@natlibfi/melinda-ui-commons	`5.0.0-alpha.13`	`5.0.0-alpha.14`
@natlibfi/passport-melinda-aleph	`3.0.1`	`3.0.5`
@natlibfi/passport-melinda-jwt	`2.0.0-alpha.5`	`2.0.0`
cookie-parser	`1.4.6`	`1.4.7`
debug	`4.3.7`	`4.4.0`
express	`4.21.0`	`4.21.2`

Updates @babel/runtime from 7.25.6 to 7.26.0

Release notes

Sourced from @babel/runtime's releases.

v7.26.0 (2024-10-25)

Thanks @timofei-iatsenko for your first PR!

You can find the release blog post with some highlights at https://babeljs.io/blog/2024/10/25/7.26.0.

🚀 New Feature

babel-core, babel-generator, babel-parser, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-preset-env, babel-standalone, babel-types

#16850 Enable import attributes parsing by default (@nicolo-ribaudo)

babel-core

#16862 feat: support async plugin's pre/post (@timofei-iatsenko)

babel-compat-data, babel-plugin-proposal-regexp-modifiers, babel-plugin-transform-regexp-modifiers, babel-preset-env, babel-standalone

#16692 Add transform-regexp-modifiers to preset-env (@JLHwung)

babel-parser

#16849 feat: add startIndex parser option (@DylanPiercey)

babel-generator, babel-parser, babel-plugin-syntax-flow

#16841 Always enable parsing of Flow enums (@nicolo-ribaudo)

babel-helpers, babel-preset-typescript, babel-runtime-corejs3

#16794 Support import() in rewriteImportExtensions (@liuxingbaoyu)

babel-generator, babel-parser

#16708 Add experimental format-preserving mode to @babel/generator (@nicolo-ribaudo)

🐛 Bug Fix

babel-core

#16928 Workaround Node.js bug for parallel loading of TLA modules (@nicolo-ribaudo)

#16926 Fix loading of modules with TLA in Node.js 23 (@nicolo-ribaudo)

💅 Polish

babel-plugin-proposal-json-modules, babel-plugin-transform-json-modules, babel-standalone

#16924 Rename proposal-json-modules to transform-json-modules (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16896 Inline @babel/highlight in @babel/code-frame (@nicolo-ribaudo)

babel-generator, babel-parser, babel-types

#16732 Add kind to TSModuleDeclaration (@liuxingbaoyu)

🏃‍♀️ Performance

babel-helper-module-transforms, babel-plugin-transform-modules-commonjs

#16882 perf: Improve module transforms (@liuxingbaoyu)

Committers: 5

Dylan Piercey (@DylanPiercey)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Timofei Iatsenko (@timofei-iatsenko)

@liuxingbaoyu

v7.25.9 (2024-10-22)

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.26.0 (2024-10-25)

🚀 New Feature

babel-core, babel-generator, babel-parser, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-preset-env, babel-standalone, babel-types

#16850 Enable import attributes parsing by default (@nicolo-ribaudo)

babel-core

#16862 feat: support async plugin's pre/post (@timofei-iatsenko)

babel-compat-data, babel-plugin-proposal-regexp-modifiers, babel-plugin-transform-regexp-modifiers, babel-preset-env, babel-standalone

#16692 Add transform-regexp-modifiers to preset-env (@JLHwung)

babel-parser

#16849 feat: add startIndex parser option (@DylanPiercey)

babel-generator, babel-parser, babel-plugin-syntax-flow

#16841 Always enable parsing of Flow enums (@nicolo-ribaudo)

babel-helpers, babel-preset-typescript, babel-runtime-corejs3

#16794 Support import() in rewriteImportExtensions (@liuxingbaoyu)

babel-generator, babel-parser

#16708 Add experimental format-preserving mode to @babel/generator (@nicolo-ribaudo)

🐛 Bug Fix

babel-core

#16928 Workaround Node.js bug for parallel loading of TLA modules (@nicolo-ribaudo)

#16926 Fix loading of modules with TLA in Node.js 23 (@nicolo-ribaudo)

💅 Polish

babel-plugin-proposal-json-modules, babel-plugin-transform-json-modules, babel-standalone

#16924 Rename proposal-json-modules to transform-json-modules (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16896 Inline @babel/highlight in @babel/code-frame (@nicolo-ribaudo)

babel-generator, babel-parser, babel-types

#16732 Add kind to TSModuleDeclaration (@liuxingbaoyu)

🏃‍♀️ Performance

babel-helper-module-transforms, babel-plugin-transform-modules-commonjs

#16882 perf: Improve module transforms (@liuxingbaoyu)

v7.25.9 (2024-10-22)

🐛 Bug Fix

babel-parser, babel-template, babel-types

#16905 fix: Keep type annotations in syntacticPlaceholders mode (@liuxingbaoyu)

babel-helper-compilation-targets, babel-preset-env

#16907 fix: support BROWSERSLIST{,_CONFIG} env (@JLHwung)

Other

#16884 Analyze ClassAccessorProperty to prevent the no-undef rule (@victorenator)

🏠 Internal

babel-helper-transform-fixture-test-runner

#16914 remove test options flaky (@JLHwung)

... (truncated)

Commits

63d3038 v7.26.0
b07957e v7.25.9
af91759 fix: Accidentally publishing useless files (#16917)
2533cfb v7.25.7
69d65f1 [babel 8] Require Node.js ^18.20.0 || ^20.17.0 || >=22.8.0 (#16800)
See full diff in compare view

Updates @natlibfi/melinda-backend-commons from 2.3.1 to 2.3.6

Release notes

Sourced from @natlibfi/melinda-backend-commons's releases.

v2.3.6

What's Changed

Test by @natlibfi-jonollil in NatLibFi/melinda-backend-commons-js#139

update poistot mail template by @natlibfi-jonollil in NatLibFi/melinda-backend-commons-js#140

Dependency update by @ammsalme in NatLibFi/melinda-backend-commons-js#143

Full Changelog: NatLibFi/melinda-backend-commons-js@v2.3.3...v2.3.6

v2.3.3

What's Changed

Dependency update by @ammsalme in NatLibFi/melinda-backend-commons-js#134

Full Changelog: NatLibFi/melinda-backend-commons-js@v2.3.1...v2.3.3

Commits

6f72371 2.3.6
fb1d853 Dependency update (#143)
1321d89 2.3.5
4783db9 update poistot mail template (#140)
2c16fca 2.3.4
641904e Test (#139)
b821873 2.3.3
aa70a10 Dependency update (#134)
7057de2 2.3.2
aeef354 Update utils.js
See full diff in compare view

Updates @natlibfi/melinda-commons from 13.0.17 to 13.0.18

Release notes

Sourced from @natlibfi/melinda-commons's releases.

v13.0.18

What's Changed

Dependency update by @ammsalme in NatLibFi/melinda-commons-js#178

Dependency update by @ammsalme in NatLibFi/melinda-commons-js#193

Full Changelog: NatLibFi/melinda-commons-js@v13.0.16...v13.0.18

Commits

90101f0 13.0.18
b4c59b1 Dependency update (#193)
bca0869 Dependency update (#178)
386d90c 13.0.3
See full diff in compare view

Updates @natlibfi/melinda-rest-api-client from 5.1.1 to 5.1.3

Release notes

Sourced from @natlibfi/melinda-rest-api-client's releases.

v5.1.3

What's Changed

deps-update and short response by @natlibfi-jonollil in NatLibFi/melinda-rest-api-client-js#128

Dependency Update by @ammsalme in NatLibFi/melinda-rest-api-client-js#134

Full Changelog: NatLibFi/melinda-rest-api-client-js@v5.1.1...v5.1.3

Commits

43334dc 5.1.3
57bbd8c Dependency Update (#134)
382b7a4 5.1.2
ee9ac2d deps-update and short response (#128)
See full diff in compare view

Updates @natlibfi/melinda-ui-commons from 5.0.0-alpha.13 to 5.0.0-alpha.14

Commits

b9094aa 5.0.0-alpha.14
5215932 Removed flex-grow from .navbar style (#36)
See full diff in compare view

Updates @natlibfi/passport-melinda-aleph from 3.0.1 to 3.0.5

Release notes

Sourced from @natlibfi/passport-melinda-aleph's releases.

v3.0.5

What's Changed

Fix console log by @ammsalme in NatLibFi/passport-melinda-aleph-js#32

Fix tests ; Dependency & Maintenance update by @ammsalme in NatLibFi/passport-melinda-aleph-js#33

Full Changelog: NatLibFi/passport-melinda-aleph-js@v3.0.3...v3.0.5

v3.0.3

What's Changed

Bump the development-dependencies group across 1 directory with 6 upd… by @ammsalme in NatLibFi/passport-melinda-aleph-js#30

Dependency Update & fix DOMparser error by @ammsalme in NatLibFi/passport-melinda-aleph-js#31

Full Changelog: NatLibFi/passport-melinda-aleph-js@v3.0.2...v3.0.3

v3.0.2

What's Changed

Fix export by @natlibfi-jonollil in NatLibFi/passport-melinda-aleph-js#18

Remove node-fetch by @natlibfi-jonollil in NatLibFi/passport-melinda-aleph-js#19

Dependency & Maintenance update by @ammsalme in NatLibFi/passport-melinda-aleph-js#24

New Contributors

@natlibfi-jonollil made their first contribution in NatLibFi/passport-melinda-aleph-js#18

Full Changelog: NatLibFi/passport-melinda-aleph-js@v2.0.4...v3.0.2

Commits

5e3296a 3.0.5
fc934fa Fix tests ; Dependency & Maintenance update (#33)
1f0290c Fix console log (#32)
67e587a 3.0.3
addf560 Dependency Update & fix DOMparser error (#31)
e1563bb Bump the development-dependencies group across 1 directory with 6 updates (#2...
48aa9a4 3.0.2
9d2f50d Dependency & Maintenance update (#24)
See full diff in compare view

Updates @natlibfi/passport-melinda-jwt from 2.0.0-alpha.5 to 2.0.0

Commits

ffe4d5c 2.0.0
b836829 Dependency update (#33)
See full diff in compare view

Updates cookie-parser from 1.4.6 to 1.4.7

Release notes

Sourced from cookie-parser's releases.

1.4.7

What's Changed

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/cookie-parser#103

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/cookie-parser#104

ci: Use GITHUB_OUTPUT envvar instead of set-output command by @arunsathiya in expressjs/cookie-parser#100

deps: cookie@0.7.2 by @SamChatfield in expressjs/cookie-parser#116

Release: 1.4.7 by @UlisesGascon in expressjs/cookie-parser#117

New Contributors

@inigomarquinez made their first contribution in expressjs/cookie-parser#103

@arunsathiya made their first contribution in expressjs/cookie-parser#100

@SamChatfield made their first contribution in expressjs/cookie-parser#116

@UlisesGascon made their first contribution in expressjs/cookie-parser#117

Full Changelog: expressjs/cookie-parser@1.4.6...1.4.7

Changelog

Sourced from cookie-parser's changelog.

1.4.7 / 2024-10-08

deps: cookie@0.7.2

Fix object assignment of hasOwnProperty

deps: cookie@0.7.1

Allow leading dot for domain

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing

deps: cookie@0.7.0

perf: parse cookies ~10% faster

fix: narrow the validation of cookies to match RFC6265

fix: add main to package.json for rspack

deps: cookie@0.6.0

Add partitioned option

deps: cookie@0.5.0

Add priority option

Fix expires option to reject invalid dates

pref: improve default decode speed

pref: remove slow string split in parse

deps: cookie@0.4.2

pref: read value only when assigning in parse

pref: remove unnecessary regexp in parse

Commits

5d61e1e 1.4.7
ccf1f54 deps: cookie@0.7.2 (#116)
429cfd4 ci: Use GITHUB_OUTPUT envvar instead of set-output command (#100)
ca4c97e ci: fix errors in ci pipeline for node 8 and 9 (#104)
97bdf39 ci: add support for OSSF scorecard reporting (#103)
e5862bd build: Node.js@17.6
f0688d2 build: Node.js@14.19
44ec541 build: Node.js@16.14
695435a deps: cookie@0.4.2
f66e7e1 build: mocha@9.2.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for cookie-parser since your current version.

Updates debug from 4.3.7 to 4.4.0

Release notes

Sourced from debug's releases.

4.4.0

Fixes (hopefully) the inefficient regex warnings in .enable().

Minor version as this is invariably going to break certain users who misuse the .enable() API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.

Full Changelog: debug-js/debug@4.3.7...4.4.0

Commits

7e3814c 4.4.0
d2d6bf0 fix inefficient .enable() regex and .enabled() test
See full diff in compare view

Updates express from 4.21.0 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

deps: path-to-regexp@0.1.12

Fix backtracking protection

deps: path-to-regexp@0.1.11

Throws an error on invalid path values

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

Commits

1faf228 4.21.2
2e0fb64 deps: bump path-to-regexp@0.1.12 (#6209)
59fc270 deps: path-to-regexp@0.1.11 (#5956)
51fc39c docs: add funding (#6065)
8e229f9 4.21.1
a024c8a fix(deps): cookie@0.7.1
See full diff in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…ates Bumps the production-dependencies group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.6` | `7.26.0` | | [@natlibfi/melinda-backend-commons](https://github.com/natlibfi/melinda-backend-commons-js) | `2.3.1` | `2.3.6` | | [@natlibfi/melinda-commons](https://github.com/natlibfi/melinda-commons-js) | `13.0.17` | `13.0.18` | | [@natlibfi/melinda-rest-api-client](https://github.com/natlibfi/melinda-rest-api-client-js) | `5.1.1` | `5.1.3` | | [@natlibfi/melinda-ui-commons](https://github.com/natlibfi/melinda-ui-commons) | `5.0.0-alpha.13` | `5.0.0-alpha.14` | | [@natlibfi/passport-melinda-aleph](https://github.com/natlibfi/passport-melinda-aleph-js) | `3.0.1` | `3.0.5` | | [@natlibfi/passport-melinda-jwt](https://github.com/natlibfi/passport-melinda-jwt-js) | `2.0.0-alpha.5` | `2.0.0` | | [cookie-parser](https://github.com/expressjs/cookie-parser) | `1.4.6` | `1.4.7` | | [debug](https://github.com/debug-js/debug) | `4.3.7` | `4.4.0` | | [express](https://github.com/expressjs/express) | `4.21.0` | `4.21.2` | Updates `@babel/runtime` from 7.25.6 to 7.26.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.0/packages/babel-runtime) Updates `@natlibfi/melinda-backend-commons` from 2.3.1 to 2.3.6 - [Release notes](https://github.com/natlibfi/melinda-backend-commons-js/releases) - [Commits](NatLibFi/melinda-backend-commons-js@v2.3.1...v2.3.6) Updates `@natlibfi/melinda-commons` from 13.0.17 to 13.0.18 - [Release notes](https://github.com/natlibfi/melinda-commons-js/releases) - [Commits](NatLibFi/melinda-commons-js@v13.0.17...v13.0.18) Updates `@natlibfi/melinda-rest-api-client` from 5.1.1 to 5.1.3 - [Release notes](https://github.com/natlibfi/melinda-rest-api-client-js/releases) - [Commits](NatLibFi/melinda-rest-api-client-js@v5.1.1...v5.1.3) Updates `@natlibfi/melinda-ui-commons` from 5.0.0-alpha.13 to 5.0.0-alpha.14 - [Release notes](https://github.com/natlibfi/melinda-ui-commons/releases) - [Commits](NatLibFi/melinda-ui-commons@v5.0.0-alpha.13...v5.0.0-alpha.14) Updates `@natlibfi/passport-melinda-aleph` from 3.0.1 to 3.0.5 - [Release notes](https://github.com/natlibfi/passport-melinda-aleph-js/releases) - [Commits](NatLibFi/passport-melinda-aleph-js@v3.0.1...v3.0.5) Updates `@natlibfi/passport-melinda-jwt` from 2.0.0-alpha.5 to 2.0.0 - [Release notes](https://github.com/natlibfi/passport-melinda-jwt-js/releases) - [Commits](NatLibFi/passport-melinda-jwt-js@v2.0.0-alpha.5...v2.0.0) Updates `cookie-parser` from 1.4.6 to 1.4.7 - [Release notes](https://github.com/expressjs/cookie-parser/releases) - [Changelog](https://github.com/expressjs/cookie-parser/blob/master/HISTORY.md) - [Commits](expressjs/cookie-parser@1.4.6...1.4.7) Updates `debug` from 4.3.7 to 4.4.0 - [Release notes](https://github.com/debug-js/debug/releases) - [Commits](debug-js/debug@4.3.7...4.4.0) Updates `express` from 4.21.0 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.21.0...4.21.2) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@natlibfi/melinda-backend-commons" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@natlibfi/melinda-commons" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@natlibfi/melinda-rest-api-client" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@natlibfi/melinda-ui-commons" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@natlibfi/passport-melinda-aleph" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@natlibfi/passport-melinda-jwt" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: cookie-parser dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: debug dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: express dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from a team as a code owner December 9, 2024 04:28

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the production-dependencies group across 1 directory with 10 updates #63

Bump the production-dependencies group across 1 directory with 10 updates #63

dependabot bot commented on behalf of github Dec 9, 2024 •

edited

Loading

Bump the production-dependencies group across 1 directory with 10 updates #63

Are you sure you want to change the base?

Bump the production-dependencies group across 1 directory with 10 updates #63

Conversation

dependabot bot commented on behalf of github Dec 9, 2024 • edited Loading

v7.26.0 (2024-10-25)

🚀 New Feature

🐛 Bug Fix

💅 Polish

🏠 Internal

🏃‍♀️ Performance

Committers: 5

v7.25.9 (2024-10-22)

v7.26.0 (2024-10-25)

🚀 New Feature

🐛 Bug Fix

💅 Polish

🏠 Internal

🏃‍♀️ Performance

v7.25.9 (2024-10-22)

🐛 Bug Fix

🏠 Internal

v2.3.6

What's Changed

v2.3.3

What's Changed

v13.0.18

What's Changed

v5.1.3

What's Changed

v3.0.5

What's Changed

v3.0.3

What's Changed

v3.0.2

What's Changed

New Contributors

1.4.7

What's Changed

New Contributors

1.4.7 / 2024-10-08

4.4.0

4.21.2

What's Changed

4.21.1

What's Changed

4.21.2 / 2024-11-06

4.21.1 / 2024-10-08

dependabot bot commented on behalf of github Dec 9, 2024 •

edited

Loading