Bump the npm_and_yarn group across 1 directory with 31 updates #7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps the npm_and_yarn group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `11.2.5` | `11.2.6` | | [karma](https://github.com/karma-runner/karma) | `6.1.2` | `6.3.16` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.13.0` | `7.25.6` | | [@npmcli/git](https://github.com/npm/git) | `2.0.6` | `2.1.0` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `5.0.1` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` | | [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.2.3` | `3.3.1` | | [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `0.1102.4` | `18.2.5` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.13.3` | `1.15.9` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [jszip](https://github.com/Stuk/jszip) | `3.6.0` | `3.10.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [tar](https://github.com/isaacs/node-tar) | `6.1.0` | `6.2.1` | Updates `@angular/core` from 11.2.5 to 11.2.6 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/11.2.6/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/11.2.6/packages/core) Updates `karma` from 6.1.2 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.1.2...v6.3.16) Updates `@babel/traverse` from 7.13.0 to 7.25.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.6/packages/babel-traverse) Updates `@npmcli/git` from 2.0.6 to 2.1.0 - [Release notes](https://github.com/npm/git/releases) - [Changelog](https://github.com/npm/git/blob/main/CHANGELOG.md) - [Commits](npm/git@v2.0.6...v2.1.0) Updates `ansi-regex` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `ansi-regex` from 4.1.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `ansi-regex` from 3.0.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v5.0.0...v5.0.1) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `json5` from 2.2.0 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `json5` from 1.0.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `loader-utils` from 1.2.3 to 3.3.1 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/master/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.2.3...v3.3.1) Updates `@angular-devkit/build-angular` from 0.1102.4 to 18.2.5 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular-cli/commits/18.2.5) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `braces` from 2.3.2 to 3.0.2 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/commits/3.0.2) Updates `postcss` from 7.0.21 to 8.4.41 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.21...8.4.41) Updates `dns-packet` from 1.3.1 to 5.6.1 - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](mafintosh/dns-packet@v1.3.1...v5.6.1) Updates `ws` from 6.2.1 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...8.17.1) Updates `express` from 4.17.1 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.17.1...4.21.0) Updates `follow-redirects` from 1.13.3 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.13.3...v1.15.9) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `jszip` from 3.6.0 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.6.0...v3.10.1) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `nanoid` from 3.1.20 to 3.3.7 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.20...3.3.7) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `rollup` from 2.38.4 to 4.20.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.38.4...v4.20.0) Updates `send` from 0.17.1 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.17.1...0.19.0) Updates `serve-static` from 1.14.1 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.14.1...v1.16.2) Updates `socket.io` from 3.1.2 to 4.8.0 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/3.1.2...socket.io@4.8.0) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `tar` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.0...v6.2.1) Updates `webpack-dev-middleware` from 3.7.2 to 7.4.2 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.2...v7.4.2) --- updated-dependencies: - dependency-name: "@angular/core" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@npmcli/git" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@angular-devkit/build-angular" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dns-packet dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
This was referenced Sep 24, 2024
Closed
Closed
|
@dependabot rebase
…On Tuesday, September 24th, 2024 at 10:11, dependabot[bot] ***@***.***> wrote:
This automated pull request fixes a [security vulnerability](https://github.com/reposman33/Fedex-coding-challenge/security/dependabot/101) (high severity).
[Learn more about Dependabot security updates](https://docs.github.com/github/managing-security-vulnerabilities/configuring-dependabot-security-updates).
---------------------------------------------------------------
Bumps the npm_and_yarn group with 17 updates in the / directory:
Package From To
***@***.***/core](https://github.com/angular/angular/tree/HEAD/packages/core) 11.2.5 11.2.6
[karma](https://github.com/karma-runner/karma) 6.1.2 6.3.16
***@***.***/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) 7.13.0 7.25.6
***@***.***/git](https://github.com/npm/git) 2.0.6 2.1.0
[ansi-regex](https://github.com/chalk/ansi-regex) 5.0.0 5.0.1
[ansi-regex](https://github.com/chalk/ansi-regex) 4.1.0 5.0.1
[ansi-regex](https://github.com/chalk/ansi-regex) 3.0.0 5.0.1
[async](https://github.com/caolan/async) 2.6.3 2.6.4
[json5](https://github.com/json5/json5) 2.2.0 2.2.3
[json5](https://github.com/json5/json5) 1.0.1 2.2.3
[loader-utils](https://github.com/webpack/loader-utils) 1.2.3 3.3.1
***@***.***/build-angular](https://github.com/angular/angular-cli) 0.1102.4 18.2.5
[body-parser](https://github.com/expressjs/body-parser) 1.19.0 1.20.3
[follow-redirects](https://github.com/follow-redirects/follow-redirects) 1.13.3 1.15.9
[json-schema](https://github.com/kriszyp/json-schema) 0.2.3 0.4.0
[jsprim](https://github.com/joyent/node-jsprim) 1.4.1 1.4.2
[jszip](https://github.com/Stuk/jszip) 3.6.0 3.10.1
[minimist](https://github.com/minimistjs/minimist) 1.2.5 1.2.8
[qs](https://github.com/ljharb/qs) 6.5.2 6.5.3
[tar](https://github.com/isaacs/node-tar) 6.1.0 6.2.1
Updates @angular/core from 11.2.5 to 11.2.6
Changelog
Sourced from [@angular/core's changelog](https://github.com/angular/angular/blob/11.2.6/CHANGELOG.md).
> 11.2.6 (2021-03-17)
>
> Bug Fixes
>
> - core: remove duplicated EMPTY_OBJ constant ([#41153](https://github.com/angular/angular/issues/41153)) ([fa97166](angular/angular@fa97166))
> - forms: properly handle the change to the FormGroup shape ([#40829](https://github.com/angular/angular/issues/40829)) ([60ac964](angular/angular@60ac964)), closes [#13788](https://github.com/angular/angular/issues/13788)
> - localize: render correct closing tag placeholder names in XLIFF 2 ([#41152](https://github.com/angular/angular/issues/41152)) ([7dbb550](angular/angular@7dbb550)), closes [#41142](https://github.com/angular/angular/issues/41142)
> - localize: trim extracted equiv-text values ([#41180](https://github.com/angular/angular/issues/41180)) ([ed6c09a](angular/angular@ed6c09a)), closes [#41176](https://github.com/angular/angular/issues/41176)
> - ngcc: do not compile JavaScript sources if typings-only processing is repeated ([#41209](https://github.com/angular/angular/issues/41209)) ([be050b2](angular/angular@be050b2)), closes [#41198](https://github.com/angular/angular/issues/41198)
>
> Performance Improvements
>
> - forms: avoid direct references to the Validators class ([#41189](https://github.com/angular/angular/issues/41189)) ([#41220](https://github.com/angular/angular/issues/41220)) ([804b6b6](angular/angular@804b6b6))
> - forms: make FormBuilder class tree-shakable ([#41126](https://github.com/angular/angular/issues/41126)) ([ffc93e0](angular/angular@ffc93e0))
> - forms: make RadioControlRegistry class tree-shakable ([#41126](https://github.com/angular/angular/issues/41126)) ([6414590](angular/angular@6414590))
> - forms: make built-in ControlValueAccessors more tree-shakable ([#41146](https://github.com/angular/angular/issues/41146)) ([#41197](https://github.com/angular/angular/issues/41197)) ([5908eda](angular/angular@5908eda))
Commits
- [6414590](angular/angular@6414590) perf(forms): make RadioControlRegistry class tree-shakable ([#41126](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41126))
- [804b6b6](angular/angular@804b6b6) perf(forms): avoid direct references to the Validators class ([#41189](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41189)) ([#41220](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41220))
- [5908eda](angular/angular@5908eda) perf(forms): make built-in ControlValueAccessors more tree-shakable ([#41146](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41146)) ...
- [fa97166](angular/angular@fa97166) fix(core): remove duplicated EMPTY_OBJ constant ([#41153](https://github.com/angular/angular/tree/HEAD/packages/core/issues/41153))
- See full diff in [compare view](https://github.com/angular/angular/commits/11.2.6/packages/core)
Updates karma from 6.1.2 to 6.3.16
Release notes
Sourced from [karma's releases](https://github.com/karma-runner/karma/releases).
> v6.3.16
>
> [6.3.16](karma-runner/karma@v6.3.15...v6.3.16) (2022-02-10)
>
> Bug Fixes
>
> - security: mitigate the "Open Redirect Vulnerability" ([ff7edbb](karma-runner/karma@ff7edbb))
>
> v6.3.15
>
> [6.3.15](karma-runner/karma@v6.3.14...v6.3.15) (2022-02-05)
>
> Bug Fixes
>
> - helper: make mkdirIfNotExists helper resilient to concurrent calls ([d9dade2](karma-runner/karma@d9dade2)), closes [karma-runner/karma-coverage#434](https://github.com//github.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333)
>
> v6.3.14
>
> [6.3.14](karma-runner/karma@v6.3.13...v6.3.14) (2022-02-05)
>
> Bug Fixes
>
> - remove string template from client code ([91d5acd](karma-runner/karma@91d5acd))
> - warn when singleRun and autoWatch are false ([69cfc76](karma-runner/karma@69cfc76))
> - security: remove XSS vulnerability in returnUrl query param ([839578c](karma-runner/karma@839578c))
>
> v6.3.13
>
> [6.3.13](karma-runner/karma@v6.3.12...v6.3.13) (2022-01-31)
>
> Bug Fixes
>
> - deps: bump log4js to resolve security issue ([5bf2df3](karma-runner/karma@5bf2df3)), closes [#3751](https://github.com/karma-runner/karma/issues/3751)
>
> v6.3.12
>
> [6.3.12](karma-runner/karma@v6.3.11...v6.3.12) (2022-01-24)
>
> Bug Fixes
>
> - remove depreciation warning from log4js ([41bed33](karma-runner/karma@41bed33))
>
> v6.3.11
>
> [6.3.11](karma-runner/karma@v6.3.10...v6.3.11) (2022-01-13)
>
> Bug Fixes
>
> - deps: pin colors package to 1.4.0 due to security vulnerability ([a5219c5](karma-runner/karma@a5219c5))
... (truncated)
Changelog
Sourced from [karma's changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md).
> [6.3.16](karma-runner/karma@v6.3.15...v6.3.16) (2022-02-10)
>
> Bug Fixes
>
> - security: mitigate the "Open Redirect Vulnerability" ([ff7edbb](karma-runner/karma@ff7edbb))
>
> [6.3.15](karma-runner/karma@v6.3.14...v6.3.15) (2022-02-05)
>
> Bug Fixes
>
> - helper: make mkdirIfNotExists helper resilient to concurrent calls ([d9dade2](karma-runner/karma@d9dade2)), closes [karma-runner/karma-coverage#434](https://github.com//github.com/karma-runner/karma-coverage/issues/434/issues/issuecomment-1017939333)
>
> [6.3.14](karma-runner/karma@v6.3.13...v6.3.14) (2022-02-05)
>
> Bug Fixes
>
> - remove string template from client code ([91d5acd](karma-runner/karma@91d5acd))
> - warn when singleRun and autoWatch are false ([69cfc76](karma-runner/karma@69cfc76))
> - security: remove XSS vulnerability in returnUrl query param ([839578c](karma-runner/karma@839578c))
>
> [6.3.13](karma-runner/karma@v6.3.12...v6.3.13) (2022-01-31)
>
> Bug Fixes
>
> - deps: bump log4js to resolve security issue ([5bf2df3](karma-runner/karma@5bf2df3)), closes [#3751](https://github.com/karma-runner/karma/issues/3751)
>
> [6.3.12](karma-runner/karma@v6.3.11...v6.3.12) (2022-01-24)
>
> Bug Fixes
>
> - remove depreciation warning from log4js ([41bed33](karma-runner/karma@41bed33))
>
> [6.3.11](karma-runner/karma@v6.3.10...v6.3.11) (2022-01-13)
>
> Bug Fixes
>
> - deps: pin colors package to 1.4.0 due to security vulnerability ([a5219c5](karma-runner/karma@a5219c5))
>
> [6.3.10](karma-runner/karma@v6.3.9...v6.3.10) (2022-01-08)
>
> Bug Fixes
>
> - logger: create parent folders if they are missing ([0d24bd9](karma-runner/karma@0d24bd9)), closes [#3734](https://github.com/karma-runner/karma/issues/3734)
... (truncated)
Commits
- [ab4b328](karma-runner/karma@ab4b328) chore(release): 6.3.16 [skip ci]
- [ff7edbb](karma-runner/karma@ff7edbb) fix(security): mitigate the "Open Redirect Vulnerability"
- [c1befa0](karma-runner/karma@c1befa0) chore(release): 6.3.15 [skip ci]
- [d9dade2](karma-runner/karma@d9dade2) fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
- [653c762](karma-runner/karma@653c762) ci: prevent duplicate CI tasks on creating a PR
- [c97e562](karma-runner/karma@c97e562) chore(release): 6.3.14 [skip ci]
- [91d5acd](karma-runner/karma@91d5acd) fix: remove string template from client code
- [69cfc76](karma-runner/karma@69cfc76) fix: warn when singleRun and autoWatch are false
- [839578c](karma-runner/karma@839578c) fix(security): remove XSS vulnerability in returnUrl query param
- [db53785](karma-runner/karma@db53785) chore(release): 6.3.13 [skip ci]
- Additional commits viewable in [compare view](karma-runner/karma@v6.1.2...v6.3.16)
Updates @babel/traverse from 7.13.0 to 7.25.6
Release notes
Sourced from [@babel/traverse's releases](https://github.com/babel/babel/releases).
> v7.25.6 (2024-08-29)
>
> Thanks [@j4k0xb](https://github.com/j4k0xb) for your first PR!
>
> 🐛 Bug Fix
>
> - babel-generator
>
> - [#16783](https://github.com/babel/babel/pull/16783) Properly print inner comments in TS array types ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [#16775](https://github.com/babel/babel/pull/16775) fix: jsx whitespace is not properly preserved when retainLines ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-traverse
>
> - [#16727](https://github.com/babel/babel/pull/16727) fix: path.getAssignmentIdentifiers may be undefined ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-parser
>
> - [#16761](https://github.com/babel/babel/pull/16761) fix: improve static canFollowModifier checks ([@JLHwung](https://github.com/JLHwung))
>
> - babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
>
> - [#16769](https://github.com/babel/babel/pull/16769) Only wrap functions in superPropertyGet helper ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
>
> - [#16780](https://github.com/babel/babel/pull/16780) Do not enforce printing space between ( and comments ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
>
> - [#16781](https://github.com/babel/babel/pull/16781) Don't throw when enabling both syntax-import-{assertions,attributes} ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16782](https://github.com/babel/babel/pull/16782) TS union/intersection nested in union does not need parens ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 🏠 Internal
>
> - babel-generator
>
> - [#16777](https://github.com/babel/babel/pull/16777) Remove unused parent params in the generator ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> Committers: 5
>
> - Babel Bot ([@babel-bot](https://github.com/babel-bot))
> - Huáng Jùnliàng ([@JLHwung](https://github.com/JLHwung))
> - Nicolò Ribaudo ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [@j4k0xb](https://github.com/j4k0xb)
> - [@liuxingbaoyu](https://github.com/liuxingbaoyu)
>
> v7.25.5 (2024-08-23)
>
> 🐛 Bug Fix
>
> - babel-generator, babel-traverse
>
> - [#16764](https://github.com/babel/babel/pull/16764) fix: Generate sequence expression parentheses correctly ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> 💅 Polish
>
> - babel-generator
>
> - [#16738](https://github.com/babel/babel/pull/16738) Only force-parenthesize satisfies's LHS if it has newlines ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> Committers: 2
>
> - Nicolò Ribaudo ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [@liuxingbaoyu](https://github.com/liuxingbaoyu)
>
> v7.25.4 (2024-08-22)
... (truncated)
Changelog
Sourced from [@babel/traverse's changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md).
> v7.25.6 (2024-08-29)
>
> 🐛 Bug Fix
>
> - babel-generator
>
> - [#16783](https://github.com/babel/babel/pull/16783) Properly print inner comments in TS array types ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
> - [#16775](https://github.com/babel/babel/pull/16775) fix: jsx whitespace is not properly preserved when retainLines ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-traverse
>
> - [#16727](https://github.com/babel/babel/pull/16727) fix: path.getAssignmentIdentifiers may be undefined ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-parser
>
> - [#16761](https://github.com/babel/babel/pull/16761) fix: improve static canFollowModifier checks ([@JLHwung](https://github.com/JLHwung))
>
> - babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
>
> - [#16769](https://github.com/babel/babel/pull/16769) Only wrap functions in superPropertyGet helper ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
>
> - [#16780](https://github.com/babel/babel/pull/16780) Do not enforce printing space between ( and comments ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
>
> - [#16781](https://github.com/babel/babel/pull/16781) Don't throw when enabling both syntax-import-{assertions,attributes} ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16782](https://github.com/babel/babel/pull/16782) TS union/intersection nested in union does not need parens ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 🏠 Internal
>
> - babel-generator
>
> - [#16777](https://github.com/babel/babel/pull/16777) Remove unused parent params in the generator ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> v7.25.5 (2024-08-23)
>
> 🐛 Bug Fix
>
> - babel-generator, babel-traverse
>
> - [#16764](https://github.com/babel/babel/pull/16764) fix: Generate parentheses correctly ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> 💅 Polish
>
> - babel-generator
>
> - [#16738](https://github.com/babel/babel/pull/16738) Only force-parenthesize satisfies's LHS if it has newlines ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> v7.25.4 (2024-08-22)
>
> 🐛 Bug Fix
>
> - babel-traverse
>
> - [#16756](https://github.com/babel/babel/pull/16756) fix: Skip computed key when renaming ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
>
> - [#16755](https://github.com/babel/babel/pull/16755) fix: Decorator 2018-09 may throw an exception ([@liuxingbaoyu](https://github.com/liuxingbaoyu))
>
> - babel-types
>
> - [#16710](https://github.com/babel/babel/pull/16710) Visit AST fields nodes according to their syntactical order ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator
>
> - [#16709](https://github.com/babel/babel/pull/16709) Print semicolon after TS export namespace as A ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> 💅 Polish
>
> - babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
>
> - [#16722](https://github.com/babel/babel/pull/16722) Avoid unnecessary parens around sequence expressions ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
>
> - babel-generator, babel-plugin-transform-class-properties
>
> - [#16714](https://github.com/babel/babel/pull/16714) Avoid unnecessary parens around exported arrow functions ([@nicolo-ribaudo](https://github.com/nicolo-ribaudo))
... (truncated)
Commits
- [2f72b97](babel/babel@2f72b97) v7.25.6
- [faceae9](babel/babel@faceae9) fix: path.getAssignmentIdentifiers may be undefined ([#16727](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16727))
- [46ee612](babel/babel@46ee612) Remove some NodePath methods ([#16655](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16655))
- [2fdc8b5](babel/babel@2fdc8b5) fix: Generate sequence expression parentheses correctly ([#16764](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16764))
- [cbf124c](babel/babel@cbf124c) v7.25.4
- [2b289fb](babel/babel@2b289fb) fix: skip computed key when renaming ([#16756](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16756))
- [575863c](babel/babel@575863c) Avoid unnecessary parens around sequence expressions ([#16722](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16722))
- [5174ad1](babel/babel@5174ad1) Clean all always enabled parser plugins ([#16572](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16572))
- [52718ab](babel/babel@52718ab) Discontinue babel-eslint-config-internal ([#16718](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16718))
- [dba45d3](babel/babel@dba45d3) Ignore devDependencies when generating tsconfig.json ([#16659](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/16659))
- Additional commits viewable in [compare view](https://github.com/babel/babel/commits/v7.25.6/packages/babel-traverse)
Updates @npmcli/git from 2.0.6 to 2.1.0
Changelog
Sourced from [@npmcli/git's changelog](https://github.com/npm/git/blob/main/CHANGELOG.md).
> Changelog
>
> [5.0.8](npm/git@v5.0.7...v5.0.8) (2024-07-09)
>
> Bug Fixes
>
> - [2135513](npm/git@2135513) [#194](https://github.com/npm/git/pull/194) smarter git ssh override ([#194](https://github.com/npm/git/issues/194)) ([@dennishenry](https://github.com/dennishenry), pacotedev)
>
> [5.0.7](npm/git@v5.0.6...v5.0.7) (2024-05-04)
>
> Bug Fixes
>
> - [fbf9390](npm/git@fbf9390) [#186](https://github.com/npm/git/pull/186) linting: no-unused-vars ([@lukekarrys](https://github.com/lukekarrys))
>
> Chores
>
> - [3a54aa9](npm/git@3a54aa9) [#186](https://github.com/npm/git/pull/186) bump @npmcli/template-oss to 4.22.0 ([@lukekarrys](https://github.com/lukekarrys))
> - [ea26e3a](npm/git@ea26e3a) [#186](https://github.com/npm/git/pull/186) postinstall for dependabot template-oss PR ([@lukekarrys](https://github.com/lukekarrys))
> - [b7ab170](npm/git@b7ab170) [#184](https://github.com/npm/git/pull/184) bump @npmcli/template-oss from 4.21.3 to 4.21.4 ([@dependabot](https://github.com/dependabot)[bot])
>
> [5.0.6](npm/git@v5.0.5...v5.0.6) (2024-04-12)
>
> Dependencies
>
> - [683deed](npm/git@683deed) [#182](https://github.com/npm/git/pull/182) ***@***.*** ([#182](https://github.com/npm/git/issues/182))
>
> [5.0.5](npm/git@v5.0.4...v5.0.5) (2024-04-08)
>
> Bug Fixes
>
> - [d9bf355](npm/git@d9bf355) [#180](https://github.com/npm/git/pull/180) use fs/promises instead of util.promisify ([#180](https://github.com/npm/git/issues/180)) ([@lukekarrys](https://github.com/lukekarrys))
>
> [5.0.4](npm/git@v5.0.3...v5.0.4) (2023-12-19)
>
> Bug Fixes
>
> - [c398872](npm/git@c398872) [#176](https://github.com/npm/git/pull/176) lazy load of which module ([#176](https://github.com/npm/git/issues/176)) ([@thecodrr](https://github.com/thecodrr))
>
> Chores
>
> - [46192f5](npm/git@46192f5) [#175](https://github.com/npm/git/pull/175) postinstall for dependabot template-oss PR ([@lukekarrys](https://github.com/lukekarrys))
> - [51011f8](npm/git@51011f8) [#175](https://github.com/npm/git/pull/175) bump @npmcli/template-oss from 4.21.1 to 4.21.3 ([@dependabot](https://github.com/dependabot)[bot])
> - [8b1d897](npm/git@8b1d897) [#173](https://github.com/npm/git/pull/173) postinstall for dependabot template-oss PR ([@lukekarrys](https://github.com/lukekarrys))
> - [157ed48](npm/git@157ed48) [#173](https://github.com/npm/git/pull/173) bump @npmcli/template-oss from 4.19.0 to 4.21.1 ([@dependabot](https://github.com/dependabot)[bot])
> - [0d06a9f](npm/git@0d06a9f) [#154](https://github.com/npm/git/pull/154) postinstall for dependabot template-oss PR ([@lukekarrys](https://github.com/lukekarrys))
> - [b425d28](npm/git@b425d28) [#154](https://github.com/npm/git/pull/154) bump @npmcli/template-oss from 4.18.1 to 4.19.0 ([@dependabot](https://github.com/dependabot)[bot])
> - [ecc938a](npm/git@ecc938a) [#152](https://github.com/npm/git/pull/152) postinstall for dependabot template-oss PR ([@lukekarrys](https://github.com/lukekarrys))
> - [72430ad](npm/git@72430ad) [#152](https://github.com/npm/git/pull/152) bump @npmcli/template-oss from 4.18.0 to 4.18.1 ([@dependabot](https://github.com/dependabot)[bot])
>
> [5.0.3](npm/git@v5.0.2...v5.0.3) (2023-08-30)
... (truncated)
Commits
- [101abac](npm/git@101abac) 2.1.0
- [766de2f](npm/git@766de2f) Throw custom errors from spawn ([#32](https://github.com/npm/git/issues/32))
- [ef5cfcc](npm/git@ef5cfcc) 2.0.9
- [ab646cf](npm/git@ab646cf) Do not allow git replacement objects by default ([#30](https://github.com/npm/git/issues/30))
- [94e2543](npm/git@94e2543) update tap, test on node 16
- [1ce7b97](npm/git@1ce7b97) 2.0.8
- [9fab115](npm/git@9fab115) Merge pull request [#29](https://github.com/npm/git/issues/29) from npm/nlf/no-shell
- [f48dc34](npm/git@f48dc34) chore: run lint as posttest
- [e69549f](npm/git@e69549f) fix: remove path escaping since we do not need it when not using a shell
- [766bfbe](npm/git@766bfbe) fix: do not use a shell for git commands
- Additional commits viewable in [compare view](npm/git@v2.0.6...v2.1.0)
Maintainer changes
This version was pushed to npm by [lukekarrys](https://www.npmjs.com/~lukekarrys), a new releaser for @npmcli/git since your current version.
Updates ansi-regex from 5.0.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates ansi-regex from 4.1.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates ansi-regex from 3.0.0 to 5.0.1
Release notes
Sourced from [ansi-regex's releases](https://github.com/chalk/ansi-regex/releases).
> v5.0.1
>
> Fixes (backport of 6.0.1 to v5)
>
> This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in [#38](https://github.com/chalk/ansi-regex/issues/38).
>
> - Fix [ReDoS](https://en.wikipedia.org/wiki/ReDoS) in certain cases ([#37](https://github.com/chalk/ansi-regex/issues/37)) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.
>
> [CVE-2021-3807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807)
>
> https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1
>
> Thank you [@yetingli](https://github.com/yetingli) for the patch and reproduction case!
Commits
- [a9babce](chalk/ansi-regex@a9babce) 5.0.1
- [4657833](chalk/ansi-regex@4657833) fix incorrect format
- [c3c0b3f](chalk/ansi-regex@c3c0b3f) Fix potential ReDoS ([#37](https://github.com/chalk/ansi-regex/issues/37))
- [178363b](chalk/ansi-regex@178363b) Move to GitHub Actions ([#35](https://github.com/chalk/ansi-regex/issues/35))
- [0755e66](chalk/ansi-regex@0755e66) Add [@Qix](https://github.com/Qix)- to funding.yml
- See full diff in [compare view](chalk/ansi-regex@v5.0.0...v5.0.1)
Updates async from 2.6.3 to 2.6.4
Changelog
Sourced from [async's changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md).
> v2.6.4
>
> - Fix potential prototype pollution exploit ([#1828](https://github.com/caolan/async/issues/1828))
Commits
- [c6bdaca](caolan/async@c6bdaca) Version 2.6.4
- [8870da9](caolan/async@8870da9) Update built files
- [4df6754](caolan/async@4df6754) update changelog
- [8f7f903](caolan/async@8f7f903) Fix prototype pollution vulnerability ([#1828](https://github.com/caolan/async/issues/1828))
- See full diff in [compare view](caolan/async@v2.6.3...v2.6.4)
Maintainer changes
This version was pushed to npm by [hargasinski](https://www.npmjs.com/~hargasinski), a new releaser for async since your current version.
Updates json5 from 2.2.0 to 2.2.3
Release notes
Sourced from [json5's releases](https://github.com/json5/json5/releases).
> v2.2.3
>
> - Fix: ***@***.*** is now the 'latest' release according to npm instead of v1.0.2. ([#299](https://github.com/json5/json5/issues/299))
>
> v2.2.2
>
> - Fix: Properties with the name __proto__ are added to objects and arrays. ([#199](https://github.com/json5/json5/issues/199)) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ([#295](https://github.com/json5/json5/issues/295)).
>
> v2.2.1
>
> - Fix: Removed dependence on minimist to patch [CVE-2021-44906](https://github.com/advisories/GHSA-xvch-5gv4-984h). ([#266](https://github.com/json5/json5/issues/266))
Changelog
Sourced from [json5's changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md).
> v2.2.3 [[code](https://github.com/json5/json5/tree/v2.2.3), [diff](json5/json5@v2.2.2...v2.2.3)]
>
> - Fix: ***@***.*** is now the 'latest' release according to npm instead of v1.0.2. ([#299](https://github.com/json5/json5/issues/299))
>
> v2.2.2 [[code](https://github.com/json5/json5/tree/v2.2.2), [diff](json5/json5@v2.2.1...v2.2.2)]
>
> - Fix: Properties with the name __proto__ are added to objects and arrays. ([#199](https://github.com/json5/json5/issues/199)) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ([#295](https://github.com/json5/json5/issues/295)).
>
> v2.2.1 [[code](https://github.com/json5/json5/tree/v2.2.1), [diff](json5/json5@v2.2.0...v2.2.1)]
>
> - Fix: Removed dependence on minimist to patch [CVE-2021-44906](https://github.com/advisories/GHSA-xvch-5gv4-984h). ([#266](https://github.com/json5/json5/issues/266))
Commits
- [c3a7524](json5/json5@c3a7524) 2.2.3
- [94fd06d](json5/json5@94fd06d) docs: update CHANGELOG for v2.2.3
- [3b8cebf](json5/json5@3b8cebf) docs(security): use GitHub security advisories
- [f0fd9e1](json5/json5@f0fd9e1) docs: publish a security policy
- [6a91a05](json5/json5@6a91a05) docs(template): bug -> bug report
- [14f8cb1](json5/json5@14f8cb1) 2.2.2
- [10cc7ca](json5/json5@10cc7ca) docs: update CHANGELOG for v2.2.2
- [7774c10](json5/json5@7774c10) fix: add proto to objects and arrays
- [edde30a](json5/json5@edde30a) Readme: slight tweak to intro
- [97286f8](json5/json5@97286f8) Improve example in readme
- Additional commits viewable in [compare view](json5/json5@v2.2.0...v2.2.3)
Updates json5 from 1.0.1 to 2.2.3
Release notes
Sourced from [json5's releases](https://github.com/json5/json5/releases).
> v2.2.3
>
> - Fix: ***@***.*** is now the 'latest' release according to npm instead of v1.0.2. ([#299](https://github.com/json5/json5/issues/299))
>
> v2.2.2
>
> - Fix: Properties with the name __proto__ are added to objects and arrays. ([#199](https://github.com/json5/json5/issues/199)) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ([#295](https://github.com/json5/json5/issues/295)).
>
> v2.2.1
>
> - Fix: Removed dependence on minimist to patch [CVE-2021-44906](https://github.com/advisories/GHSA-xvch-5gv4-984h). ([#266](https://github.com/json5/json5/issues/266))
Changelog
Sourced from [json5's changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md).
> v2.2.3 [[code](https://github.com/json5/json5/tree/v2.2.3), [diff](json5/json5@v2.2.2...v2.2.3)]
>
> - Fix: ***@***.*** is now the 'latest' release according to npm instead of v1.0.2. ([#299](https://github.com/json5/json5/issues/299))
>
> v2.2.2 [[code](https://github.com/json5/json5/tree/v2.2.2), [diff](json5/json5@v2.2.1...v2.2.2)]
>
> - Fix: Properties with the name __proto__ are added to objects and arrays. ([#199](https://github.com/json5/json5/issues/199)) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! ([#295](https://github.com/json5/json5/issues/295)).
>
> v2.2.1 [[code](https://github.com/json5/json5/tree/v2.2.1), [diff](json5/json5@v2.2.0...v2.2.1)]
>
> - Fix: Removed dependence on minimist to patch [CVE-2021-44906](https://github.com/advisories/GHSA-xvch-5gv4-984h). ([#266](https://github.com/json5/json5/issues/266))
Commits
- [c3a7524](json5/json5@c3a7524) 2.2.3
- [94fd06d](json5/json5@94fd06d) docs: update CHANGELOG for v2.2.3
- [3b8cebf](json5/json5@3b8cebf) docs(security): use GitHub security advisories
- [f0fd9e1](json5/json5@f0fd9e1) docs: publish a security policy
- [6a91a05](json5/json5@6a91a05) docs(template): bug -> bug report
- [14f8cb1](json5/json5@14f8cb1) 2.2.2
- [10cc7ca](json5/json5@10cc7ca) docs: update CHANGELOG for v2.2.2
- [7774c10](json5/json5@7774c10) fix: add proto to objects and arrays
- [edde30a](json5/json5@edde30a) Readme: slight tweak to intro
- [97286f8](json5/json5@97286f8) Improve example in readme
- Additional commits viewable in [compare view](json5/json5@v2.2.0...v2.2.3)
Updates loader-utils from 1.2.3 to 3.3.1
Release notes
Sourced from [loader-utils's releases](https://github.com/webpack/loader-utils/releases).
> v3.3.1
>
> [3.3.1](webpack/loader-utils@v3.3.0...v3.3.1) (2024-06-05)
>
> Bug Fixes
>
> - base64safe regex ([3b2d3b1](webpack/loader-utils@3b2d3b1))
>
> v3.3.0
>
> [3.3.0](webpack/loader-utils@v3.2.2...v3.3.0) (2024-06-04)
>
> Features
>
> - add digestType 'base64safe' ([#259](https://github.com/webpack/loader-utils/issues/259)) ([af15793](webpack/loader-utils@af15793))
>
> v3.2.2
>
> [3.2.2](webpack/loader-utils@v3.2.1...v3.2.2) (2024-05-29)
>
> Bug Fixes
>
> - unreachable code for directories ([128f945](webpack/loader-utils@128f945))
>
> v3.2.1
>
> [3.2.1](webpack/loader-utils@v3.2.0...v3.2.1) (2022-11-11)
>
> Bug Fixes
>
> - ReDoS problem ([#224](https://github.com/webpack/loader-utils/issues/224)) ([d2d752d](webpack/loader-utils@d2d752d))
>
> v3.2.0
>
> [3.2.0](webpack/loader-utils@v3.1.3...v3.2.0) (2021-11-11)
>
> Features
>
> - hash uniformity for base digests ([451858b](webpack/loader-utils@451858b))
>
> v3.1.3
>
> [3.1.3](webpack/loader-utils@v3.1.2...v3.1.3) (2021-11-04)
>
> Bug Fixes
>
> - crash with md4 hash ([#198](https://github.com/webpack/loader-utils/issues/198)) ([ef084d4](webpack/loader-utils@ef084d4))
>
> v3.1.2
>
> [3.1.2](webpack/loader-utils@v3.1.1...v3.1.2) (2021-11-04)
... (truncated)
Changelog
Sourced from [loader-utils's changelog](https://github.com/webpack/loader-utils/blob/master/CHANGELOG.md).
> [3.3.1](webpack/loader-utils@v3.3.0...v3.3.1) (2024-06-05)
>
> Bug Fixes
>
> - base64safe regex ([3b2d3b1](webpack/loader-utils@3b2d3b1))
>
> [3.3.0](webpack/loader-utils@v3.2.2...v3.3.0) (2024-06-04)
>
> Features
>
> - add digestType 'base64safe' ([#259](https://github.com/webpack/loader-utils/issues/259)) ([af15793](webpack/loader-utils@af15793))
>
> [3.2.2](webpack/loader-utils@v3.2.1...v3.2.2) (2024-05-29)
>
> Bug Fixes
>
> - unreachable code for directories ([128f945](webpack/loader-utils@128f945))
>
> [3.2.1](webpack/loader-utils@v3.2.0...v3.2.1) (2022-11-11)
>
> Bug Fixes
>
> - ReDoS problem ([#224](https://github.com/webpack/loader-utils/issues/224)) ([d2d752d](webpack/loader-utils@d2d752d))
>
> [3.2.0](webpack/loader-utils@v3.1.3...v3.2.0) (2021-11-11)
>
> Features
>
> - hash uniformity for base digests ([451858b](webpack/loader-utils@451858b))
>
> [3.1.3](webpack/loader-utils@v3.1.2...v3.1.3) (2021-11-04)
>
> Bug Fixes
>
> - crash with md4 hash ([#198](https://github.com/webpack/loader-utils/issues/198)) ([ef084d4](webpack/loader-utils@ef084d4))
>
> [3.1.2](webpack/loader-utils@v3.1.1...v3.1.2) (2021-11-04)
>
> Bug Fixes
>
> - bug with unicode characters ([#196](https://github.com/webpack/loader-utils/issues/196)) ([0426405](webpack/loader-utils@0426405))
>
> [3.1.1](webpack/loader-utils@v3.1.0...v3.1.1) (2021-11-04)
... (truncated)
Commits
- [06fcc0a](webpack/loader-utils@06fcc0a) chore(release): 3.3.1
- [3b2d3b1](webpack/loader-utils@3b2d3b1) fix: base64safe regex
- [2d6ed3c](webpack/loader-utils@2d6ed3c) chore(release): 3.3.0
- [af15793](webpack/loader-utils@af15793) feat: add digestType 'base64safe' ([#259](https://github.com/webpack/loader-utils/issues/259))
- [977b28d](webpack/loader-utils@977b28d) chore(release): 3.2.2
- [83e1c68](webpack/loader-utils@83e1c68) style: fix ([#258](https://github.com/webpack/loader-utils/issues/258))
- [128f945](webpack/loader-utils@128f945) fix: unreachable code for directories
- [50890cd](webpack/loader-utils@50890cd) docs: add missing security policy ([#251](https://github.com/webpack/loader-utils/issues/251))
- [62e12f1](webpack/loader-utils@62e12f1) chore(deps): bump word-wrap from 1.2.3 to 1.2.4 ([#247](https://github.com/webpack/loader-utils/issues/247))
- [9e20ec8](webpack/loader-utils@9e20ec8) chore(deps): bump semver from 5.7.1 to 5.7.2 ([#246](https://github.com/webpack/loader-utils/issues/246))
- Additional commits viewable in [compare view](webpack/loader-utils@v1.2.3...v3.3.1)
Updates @angular-devkit/build-angular from 0.1102.4 to 18.2.5
Release notes
Sourced from [@angular-devkit/build-angular's releases](https://github.com/angular/angular-cli/releases).
> v18.2.5
>
> 18.2.5 (2024-09-18)
>
> @angular/build
>
> Commit Description
> [fix - 707431625](angular/angular-cli@7074316) support HTTP HEAD requests for virtual output files
> [fix - 1032b3da1](angular/angular-cli@1032b3d) update vite to 5.4.6
>
> v18.2.4
>
> 18.2.4 (2024-09-11)
>
> @angular/build
>
> Commit Description
> [fix - 765309a2e](angular/angular-cli@765309a) prevent transformation of Node.js internal dependencies by Vite
>
> v18.2.3
>
> 18.2.3 (2024-09-04)
>
> @angular-devkit/build-angular
>
> Commit Description
> [fix - 482076612](angular/angular-cli@4820766) update webpack-dev-middleware to 7.4.2
>
> v18.2.2
>
> 18.2.2 (2024-08-29)
>
> @angular-devkit/build-angular
>
> Commit Description
> [fix - 504b00b93](angular/angular-cli@504b00b) clear context in Karma by default for single run executions
> [fix - 82b76086e](angular/angular-cli@82b7608) upgrade webpack to 5.94.0
>
> v18.2.1
>
> 18.2.1 (2024-08-21)
>
> @angular-devkit/schematics-cli
>
> Commit Description
> [fix - 94e27c88b](angular/angular-cli@94e27c8) prevent bypassing select/checkbox prompts on validation failure
>
> @angular/cli
>
> Commit Description
> [fix - 05a274a01](angular/angular-cli@05a274a) prevent bypassing select/checkbox prompts on validation failure
>
> @angular-devkit/build-angular
>
> Commit Description
> [fix - ddeb2b2b9](angular/angular-cli@ddeb2b2) remove outdated browser-esbuild option warning
>
> @angular/build
... (truncated)
Changelog
Sourced from [...](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
Description has been truncated
---------------------------------------------------------------
You can view, comment on, or merge this pull request online at:
#7
Commit Summary
- [0030457](0030457) Bump the npm_and_yarn group across 1 directory with 31 updates
File Changes
([2 files](https://github.com/reposman33/Fedex-coding-challenge/pull/7/files))
- M [package-lock.json](https://github.com/reposman33/Fedex-coding-challenge/pull/7/files#diff-053150b640a7ce75eff69d1a22cae7f0f94ad64ce9a855db544dda0929316519) (19969)
- M [package.json](https://github.com/reposman33/Fedex-coding-challenge/pull/7/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519) (6)
Patch Links:
- https://github.com/reposman33/Fedex-coding-challenge/pull/7.patch
- https://github.com/reposman33/Fedex-coding-challenge/pull/7.diff
—
Reply to this email directly, [view it on GitHub](#7), or [unsubscribe](https://github.com/notifications/unsubscribe-auth/AAYNOZXRURIYXDVP5YBEYULZYENBRAVCNFSM6AAAAABOXWVDR6VHI2DSMVQWIX3LMV43ASLTON2WKOZSGU2DINRYGEZDGOI).
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
|
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm_and_yarn-cee50ca2d2
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 17 updates in the / directory:
11.2.511.2.66.1.26.3.167.13.07.25.62.0.62.1.05.0.05.0.14.1.05.0.13.0.05.0.12.6.32.6.42.2.02.2.31.0.12.2.31.2.33.3.10.1102.418.2.51.19.01.20.31.13.31.15.90.2.30.4.01.4.11.4.23.6.03.10.11.2.51.2.86.5.26.5.36.1.06.2.1Updates
@angular/corefrom 11.2.5 to 11.2.6Changelog
Sourced from
@angular/core's changelog.Commits
6414590perf(forms): makeRadioControlRegistryclass tree-shakable (#41126)804b6b6perf(forms): avoid direct references to theValidatorsclass (#41189) (#41220)5908edaperf(forms): make built-in ControlValueAccessors more tree-shakable (#41146) ...fa97166fix(core): remove duplicated EMPTY_OBJ constant (#41153)Updates
karmafrom 6.1.2 to 6.3.16Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
ab4b328chore(release): 6.3.16 [skip ci]ff7edbbfix(security): mitigate the "Open Redirect Vulnerability"c1befa0chore(release): 6.3.15 [skip ci]d9dade2fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762ci: prevent duplicate CI tasks on creating a PRc97e562chore(release): 6.3.14 [skip ci]91d5acdfix: remove string template from client code69cfc76fix: warn whensingleRunandautoWatcharefalse839578cfix(security): remove XSS vulnerability inreturnUrlquery paramdb53785chore(release): 6.3.13 [skip ci]Updates
@babel/traversefrom 7.13.0 to 7.25.6Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.... (truncated)
Commits
2f72b97v7.25.6faceae9fix:path.getAssignmentIdentifiersmay beundefined(#16727)46ee612Remove someNodePathmethods (#16655)2fdc8b5fix: Generate sequence expression parentheses correctly (#16764)cbf124cv7.25.42b289fbfix: skip computed key when renaming (#16756)575863cAvoid unnecessary parens around sequence expressions (#16722)5174ad1Clean all always enabled parser plugins (#16572)52718abDiscontinue babel-eslint-config-internal (#16718)dba45d3IgnoredevDependencieswhen generatingtsconfig.json(#16659)Updates
@npmcli/gitfrom 2.0.6 to 2.1.0Changelog
Sourced from
@npmcli/git's changelog.... (truncated)
Commits
101abac2.1.0766de2fThrow custom errors from spawn (#32)ef5cfcc2.0.9ab646cfDo not allow git replacement objects by default (#30)94e2543update tap, test on node 161ce7b972.0.89fab115Merge pull request #29 from npm/nlf/no-shellf48dc34chore: run lint as postteste69549ffix: remove path escaping since we do not need it when not using a shell766bfbefix: do not use a shell for git commandsMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for
@npmcli/gitsince your current version.Updates
ansi-regexfrom 5.0.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
ansi-regexfrom 4.1.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
ansi-regexfrom 3.0.0 to 5.0.1Release notes
Sourced from ansi-regex's releases.
Commits
a9babce5.0.14657833fix incorrect formatc3c0b3fFix potential ReDoS (#37)178363bMove to GitHub Actions (#35)0755e66Add@Qix- to funding.ymlUpdates
asyncfrom 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdacaVersion 2.6.48870da9Update built files4df6754update changelog8f7f903Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
json5from 2.2.0 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a75242.2.394fd06ddocs: update CHANGELOG for v2.2.33b8cebfdocs(security): use GitHub security advisoriesf0fd9e1docs: publish a security policy6a91a05docs(template): bug -> bug report14f8cb12.2.210cc7cadocs: update CHANGELOG for v2.2.27774c10fix: add proto to objects and arraysedde30aReadme: slight tweak to intro97286f8Improve example in readmeUpdates
json5from 1.0.1 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a75242.2.394fd06ddocs: update CHANGELOG for v2.2.33b8cebfdocs(security): use GitHub security advisoriesf0fd9e1docs: publish a security policy6a91a05docs(template): bug -> bug report14f8cb12.2.210cc7cadocs: update CHANGELOG for v2.2.27774c10fix: add proto to objects and arraysedde30aReadme: slight tweak to intro97286f8Improve example in readmeUpdates
loader-utilsfrom 1.2.3 to 3.3.1Release notes
Sourced from loader-utils's releases.
... (truncated)
Changelog
Sourced from loader-utils's changelog.
... (truncated)
Commits
06fcc0achore(release): 3.3.13b2d3b1fix: base64safe regex2d6ed3cchore(release): 3.3.0af15793feat: add digestType 'base64safe' (#259)977b28dchore(release): 3.2.283e1c68style: fix (#258)128f945fix: unreachable code for directories50890cddocs: add missing security policy (#251)62e12f1chore(deps): bump word-wrap from 1.2.3 to 1.2.4 (#247)9e20ec8chore(deps): bump semver from 5.7.1 to 5.7.2 (#246)Updates
@angular-devkit/build-angularfrom 0.1102.4 to 18.2.5Release notes
Sourced from
@angular-devkit/build-angular's releases.... (truncated)
Changelog
Sourced from ...
Description has been truncated