New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the npm_and_yarn group across 1 directory with 30 updates #300
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/npm_and_yarn/src/Web/angular/npm_and_yarn-41fd0ce2b9
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
build(deps): bump the npm_and_yarn group across 1 directory with 30 updates #300
dependabot
wants to merge
1
commit into
main
from
dependabot/npm_and_yarn/src/Web/angular/npm_and_yarn-41fd0ce2b9
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…pdates Bumps the npm_and_yarn group with 24 updates in the /src/Web/angular directory: | Package | From | To | | --- | --- | --- | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `10.2.1` | `10.2.5` | | [lodash-es](https://github.com/lodash/lodash) | `4.17.15` | `4.17.21` | | [moment](https://github.com/moment/moment) | `2.24.0` | `2.29.4` | | [moment-timezone](https://github.com/moment/moment-timezone) | `0.5.28` | `0.5.35` | | [karma](https://github.com/karma-runner/karma) | `5.0.9` | `6.3.16` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.9.5` | `7.24.5` | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.0` | `6.12.4` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.3` | | [browserslist](https://github.com/browserslist/browserslist) | `4.11.1` | `4.23.0` | | [color-string](https://github.com/Qix-/color-string) | `1.5.3` | `1.9.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [eventsource](https://github.com/EventSource/eventsource) | `1.0.7` | `1.1.2` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.11.0` | `1.15.6` | | [hosted-git-info](https://github.com/npm/hosted-git-info) | `2.8.8` | `2.8.9` | | [jszip](https://github.com/Stuk/jszip) | `3.3.0` | `3.10.1` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `6.0.2` | | [terser](https://github.com/terser/terser) | `4.6.11` | `4.8.1` | | [url-parse](https://github.com/unshiftio/url-parse) | `1.4.7` | `1.5.10` | Updates `@angular/core` from 10.2.1 to 10.2.5 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/10.2.5/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/10.2.5/packages/core) Updates `lodash-es` from 4.17.15 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.17.21) Updates `moment` from 2.24.0 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.24.0...2.29.4) Updates `moment-timezone` from 0.5.28 to 0.5.35 - [Release notes](https://github.com/moment/moment-timezone/releases) - [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md) - [Commits](moment/moment-timezone@0.5.28...0.5.35) Updates `karma` from 5.0.9 to 6.3.16 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v5.0.9...v6.3.16) Updates `@babel/traverse` from 7.9.5 to 7.24.5 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse) Updates `ajv` from 6.12.0 to 6.12.4 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.0...v6.12.4) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `browserify-sign` from 4.0.4 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.3) Updates `browserslist` from 4.11.1 to 4.23.0 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.11.1...4.23.0) Updates `color-string` from 1.5.3 to 1.9.1 - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](https://github.com/Qix-/color-string/commits/1.9.1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `engine.io` from 3.4.2 to 6.5.4 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@3.4.2...6.5.4) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `eventsource` from 1.0.7 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.0.7...v1.1.2) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `follow-redirects` from 1.11.0 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.11.0...v1.15.6) Updates `hosted-git-info` from 2.8.8 to 2.8.9 - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](npm/hosted-git-info@v2.8.8...v2.8.9) Updates `jszip` from 3.3.0 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.3.0...v3.10.1) Updates `lodash` from 4.17.15 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.17.21) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `socket.io-parser` from 3.3.1 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@3.3.1...4.2.4) Updates `ssri` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v6.0.2) Updates `terser` from 4.6.11 to 4.8.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v4.6.11...v4.8.1) Updates `ua-parser-js` from 0.7.21 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.21...0.7.37) Updates `url-parse` from 1.4.7 to 1.5.10 - [Commits](unshiftio/url-parse@1.4.7...1.5.10) Updates `ws` from 6.1.4 to 6.2.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.1.4...6.2.1) --- updated-dependencies: - dependency-name: "@angular/core" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: lodash-es dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: moment dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: moment-timezone dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ajv dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserslist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: color-string dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hosted-git-info dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: url-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update Javascript code
labels
May 1, 2024
Quality Gate passedIssues Measures |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Pull requests that update a dependency file
javascript
Pull requests that update Javascript code
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 24 updates in the /src/Web/angular directory:
10.2.1
10.2.5
4.17.15
4.17.21
2.24.0
2.29.4
0.5.28
0.5.35
5.0.9
6.3.16
7.9.5
7.24.5
6.12.0
6.12.4
2.6.3
2.6.4
4.0.4
4.2.3
4.11.1
4.23.0
1.5.3
1.9.1
0.2.0
0.2.2
0.10.53
0.10.64
1.0.7
1.1.2
4.17.1
4.19.2
1.11.0
1.15.6
2.8.8
2.8.9
3.3.0
3.10.1
1.0.6
1.0.7
6.5.2
6.5.3
5.7.1
5.7.2
6.0.1
6.0.2
4.6.11
4.8.1
1.4.7
1.5.10
Updates
@angular/core
from 10.2.1 to 10.2.5Changelog
Sourced from
@angular/core
's changelog.... (truncated)
Commits
ba8da74
fix(core): fix possible XSS attack in development through SSR (#40525)90570c0
fix(core): setngDevMode
tofalse
when callingenableProdMode()
(#40160)0b8e3d5
fix(core): fix possible XSS attack in development through SSR. (#40152)1aee8b3
refactor(compiler): store thefullStart
location onParseSourceSpan
s (#39...812355c
perf(core): do not recurse into modules that have already been registered (#3...8f36c21
refactor(router): Small refactor of createUrlTree and extra tests (#39456)90acb91
docs: tView.preOrderHooks and tView.preOrderCheckHooks docs update (#39497)8c82106
fix(core): markDirty() should only mark flags when really scheduling tick. (#...Updates
lodash-es
from 4.17.15 to 4.17.21Commits
f299b52
Bump to v4.17.21c4847eb
Improve performance oftoNumber
,trim
andtrimEnd
on large input strings3469357
Prevent command injection through_.template
'svariable
optionded9bc6
Bump to v4.17.20.63150ef
Documentation fixes.00f0f62
test.js: Remove trailing comma.846e434
Temporarily use a custom fork oflodash-cli
.5d046f3
Re-enable Travis tests on4.17
branch.aa816b3
Remove/npm-package
.d7fbc52
Bump to v4.17.19Maintainer changes
This version was pushed to npm by bnjmnt4n, a new releaser for lodash-es since your current version.
Updates
moment
from 2.24.0 to 2.29.4Changelog
Sourced from moment's changelog.
... (truncated)
Commits
000ac18
Build 2.24.4f2006b6
Bump version to 2.24.4536ad0c
Update changelog for 2.29.49a3b589
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)6374fd8
Merge branch 'master' into developb4e6153
Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"7aebb16
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)57c9062
Build 2.29.3aaf50b6
Fixup release complaints26f4aef
Bump version to 2.29.3Updates
moment-timezone
from 0.5.28 to 0.5.35Release notes
Sourced from moment-timezone's releases.
Changelog
Sourced from moment-timezone's changelog.
Commits
b8fb1ba
Build moment-timezone 0.5.35f1b5e5a
Add changelog for 0.5.358b0eb0c
Bump version to 0.5.357915ac5
Bugfix: Prevent cleartext transmission of tz data during buildce955a3
Bugfix: Fix command injection vulnerability in grunt tzdata pipeline9430b4c
Merge remote-tracking branch 'origin/master' into developfeaf900
Updated contributing.md + added 2021e files704cfac
updated contributing.md877c863
Updated contributing.md + added 2021e files5a3015c
updated contributing.mdUpdates
karma
from 5.0.9 to 6.3.16Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
ab4b328
chore(release): 6.3.16 [skip ci]ff7edbb
fix(security): mitigate the "Open Redirect Vulnerability"c1befa0
chore(release): 6.3.15 [skip ci]d9dade2
fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762
ci: prevent duplicate CI tasks on creating a PRc97e562
chore(release): 6.3.14 [skip ci]91d5acd
fix: remove string template from client code69cfc76
fix: warn whensingleRun
andautoWatch
arefalse
839578c
fix(security): remove XSS vulnerability inreturnUrl
query paramdb53785
chore(release): 6.3.13 [skip ci]Updates
@babel/traverse
from 7.9.5 to 7.24.5Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
ddbea7d
v7.24.5e779cad
fix: TypeScript annotation affects output (#16377)ee48754
Use multiple TypeScript projects (#16430)4d8b2d0
MakeNodePath\<T | U>
distributive (#16439)a84ec28
Enableeqeqeq
rule (#16404)822b025
v7.24.1fc0d5ad
Update typescript and lint tools (#16351)69e7928
Consider well-known and registered symbols as literals (#16342)40110e9
Update source map deps (#16327)ce59160
v7.24.0Updates
ajv
from 6.12.0 to 6.12.4Release notes
Sourced from ajv's releases.
Commits
cf88d1d
6.12.4161670b
docs: readme linksb4568b4
docs: MOSS grant73f612f
fix: coercion of array to scalar that should fail validationd4d1a13
test: failing coercion tests with option coerceTypes: arraya1ebd03
Merge branch 'rgeerts-improved_language'bf63684
allowed unknown formatsc34840c
improved language to be more inclusive for less privileged populations521c3a5
6.12.3bd7107b
Merge pull request #1229 from ajv-validator/dependabot/npm_and_yarn/mocha-8.0.1Updates
async
from 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdaca
Version 2.6.48870da9
Update built files4df6754
update changelog8f7f903
Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
browserify-sign
from 4.0.4 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
... (truncated)
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
browserslist
from 4.11.1 to 4.23.0Release notes
Sourced from browserslist's releases.
Changelog
Sourced from browserslist's changelog.
... (truncated)
Commits
a23d971
Release 4.23 version61e7712
Update dependencies2c313aa
Add Github release workflow3caf908
Update CIb58ae05
feat: add BROWSERSLIST_ROOT_PATH (#819)8ddc4d8
Update grammar definition file (#817)65ad382
Release 4.22.3 version0efec9b
Add Node.js 21 to CIaaf5f2b
Update dependenciesa3ba90b
Updated regex to have the option of adding an extension after@companyName
bu...Updates
color-string
from 1.5.3 to 1.9.1Release notes
Sourced from color-string's releases.
....
Description has been truncated