Skip to content

deps: bump the patch group across 1 directory with 2 updates#90

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/master/patch-92f49afe46
Closed

deps: bump the patch group across 1 directory with 2 updates#90
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/master/patch-92f49afe46

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 21, 2025
edited
Loading

Copy link
Copy Markdown

Bumps the patch group with 2 updates in the / directory: compression and express-openapi-validator.

Updates compression from 1.8.0 to 1.8.1

Release notes

Sourced from compression's releases.

v1.8.1

What's Changed

New Contributors

Full Changelog: expressjs/compression@1.8.0...v1.8.1

Changelog

Sourced from compression's changelog.

1.8.1 / 2025-07-17

Commits
  • 83a0c45 1.8.1
  • ce62713 deps: on-headers@1.1.0 (#246)
  • f4acb23 build(deps-dev): bump eslint-plugin-import from 2.31.0 to 2.32.0 (#244)
  • 6eaebe6 build(deps): bump actions/checkout from 4.1.1 to 4.2.2 (#241)
  • 37e0623 build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#240)
  • bc436b2 build(deps): bump actions/upload-artifact from 4.3.1 to 4.6.2 (#239)
  • 2f9f572 build(deps): bump github/codeql-action from 3.28.15 to 3.29.2 (#243)
  • 5f13b14 [StepSecurity] ci: Harden GitHub Actions (#235)
  • 76e0945 build(deps-dev): bump supertest from 6.2.3 to 6.3.4 (#231)
  • ae6ee80 build(deps-dev): bump eslint-plugin-import from 2.26.0 to 2.31.0 (#230)
  • Additional commits viewable in compare view

Updates express-openapi-validator from 5.5.6 to 5.5.7

Release notes

Sourced from express-openapi-validator's releases.

v5.5.7

(2025-06-11)

  • fix(#1071): Fix query param validation for literal bracket notation in param names (122ac9d)
  • fix(#1071): Fix query param validation for literal bracket notation in param names (#1084) (319b303), closes #1084
  • upgrade example to 5.5.6 (0b852b9)
  • chore(deps): bump multer in /examples/2-standard-multiple-api-specs (#1082) (631e4cc), closes #1082

(2025-06-07)

  • allErrors default remains false for >-5 (22ce174)
  • allErrors default remains false for >-5 (901c8dd)
  • allErrors default remains false for >-5 (0671ed9)
  • Delete test.txt (ef8105c)
  • fixes #1037 returns all errors, rather than just the first (8fa449b), closes #1037
  • v5.5.4 (af80f33)
  • chore(deps): bump multer and express-openapi-validator (#1076) (2c3a1e7), closes #1076
  • chore(deps): bump multer from 2.0.0 to 2.0.1 in /examples/1-standard (#1080) (d1f5ec5), closes #1080
  • fix: examples/1-standard/package.json & examples/1-standard/package-lock.json to reduce vulnerabilit (3810afc), closes #1074
  • fix: examples/2-standard-multiple-api-specs/package.json & examples/2-standard-multiple-api-specs/pa (fc86598), closes #1075

(2025-05-24)

(2025-05-19)

(2025-05-18)

  • fixes 1064: type: object and explode: false in query parameter is not working as expected (#1066) (7ff2fee), closes #1066
  • Update README.md (d47f1f6)
  • Update README.md (44e2d8f)
  • v5.5.1 (306b2ea)

(2025-05-11)

... (truncated)

Commits
  • 04fe161 v5.5.7
  • 319b303 fix(#1071): Fix query param validation for literal bracket notation in param ...
  • 122ac9d fix(#1071): Fix query param validation for literal bracket notation in param ...
  • 631e4cc chore(deps): bump multer in /examples/2-standard-multiple-api-specs (#1082)
  • 0b852b9 upgrade example to 5.5.6
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 21, 2025
@dependabot
deps: bump the patch group across 1 directory with 2 updates
f3ea83d 
Bumps the patch group with 2 updates in the / directory: [compression](https://github.com/expressjs/compression) and [express-openapi-validator](https://github.com/cdimascio/express-openapi-validator).


Updates `compression` from 1.8.0 to 1.8.1
- [Release notes](https://github.com/expressjs/compression/releases)
- [Changelog](https://github.com/expressjs/compression/blob/master/HISTORY.md)
- [Commits](expressjs/compression@1.8.0...v1.8.1)

Updates `express-openapi-validator` from 5.5.6 to 5.5.7
- [Release notes](https://github.com/cdimascio/express-openapi-validator/releases)
- [Changelog](https://github.com/cdimascio/express-openapi-validator/blob/master/CHANGE_HISTORY.md)
- [Commits](cdimascio/express-openapi-validator@v5.5.6...v5.5.7)

---
updated-dependencies:
- dependency-name: compression
  dependency-version: 1.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: express-openapi-validator
  dependency-version: 5.5.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/master/patch-92f49afe46 branch from 063cf39 to f3ea83d Compare August 18, 2025 05:49
@dependabot @github

dependabot Bot commented on behalf of github Sep 8, 2025

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Sep 8, 2025
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/master/patch-92f49afe46 branch September 8, 2025 03:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants