Bump the npm_and_yarn group across 1 directory with 14 updates#1
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 14 updates#1dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [uuid](https://github.com/uuidjs/uuid) | `3.4.0` | `14.0.0` | | [xmldom](https://github.com/xmldom/xmldom) | `0.5.0` | `0.6.0` | | [webpack](https://github.com/webpack/webpack) | `5.91.0` | `5.104.1` | | [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.25.2` | `7.29.7` | | [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.9.3` | | [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` | | [postcss](https://github.com/postcss/postcss) | `8.4.40` | `8.5.16` | | [underscore](https://github.com/jashkenas/underscore) | `1.13.6` | `1.13.8` | Updates `uuid` from 3.4.0 to 14.0.0 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v3.4.0...v14.0.0) Updates `xmldom` from 0.5.0 to 0.6.0 - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](xmldom/xmldom@0.5.0...0.6.0) Updates `webpack` from 5.91.0 to 5.104.1 - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](webpack/webpack@v5.91.0...v5.104.1) Updates `@babel/core` from 7.25.2 to 7.29.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-core) Updates `fast-xml-parser` from 4.4.1 to 5.9.3 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v4.4.1...v5.9.3) Updates `follow-redirects` from 1.15.6 to 1.16.0 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.6...v1.16.0) Updates `js-cookie` from 2.2.1 to 3.0.8 - [Release notes](https://github.com/js-cookie/js-cookie/releases) - [Commits](js-cookie/js-cookie@v2.2.1...v3.0.8) Updates `jws` from 3.2.2 to 3.2.3 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.2.2...v3.2.3) Updates `lodash` from 4.17.21 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.18.1) Updates `ws` from 6.2.3 to 7.5.11 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.3...7.5.11) Updates `postcss` from 8.4.40 to 8.5.16 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.40...8.5.16) Updates `shell-quote` from 1.8.1 to 1.9.0 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.8.1...v1.9.0) Updates `underscore` from 1.13.6 to 1.13.8 - [Commits](jashkenas/underscore@1.13.6...1.13.8) Updates `yaml` from 2.5.0 to 2.9.0 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.5.0...v2.9.0) --- updated-dependencies: - dependency-name: uuid dependency-version: 14.0.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: xmldom dependency-version: 0.6.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: webpack dependency-version: 5.104.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/core" dependency-version: 7.29.7 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fast-xml-parser dependency-version: 5.9.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.16.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-cookie dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 3.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 7.5.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.16 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-version: 1.9.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: underscore dependency-version: 1.13.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: yaml dependency-version: 2.9.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 8 updates in the / directory:
3.4.014.0.00.5.00.6.05.91.05.104.17.25.27.29.74.4.15.9.33.2.23.2.38.4.408.5.161.13.61.13.8Updates
uuidfrom 3.4.0 to 14.0.0Release notes
Sourced from uuid's releases.
... (truncated)
Changelog
Sourced from uuid's changelog.
... (truncated)
Commits
7c1ea08chore(main): release 14.0.0 (#926)3d2c5b0Merge commit from forkf2c235ffix!: expectcryptoto be global everywhere (requires node@20+) (#935)529ef08chore: upgrade TypeScript and fixup types (#927)086fd79chore: update dependencies (#933)dc4ddb8feat!: drop node@18 support (#934)0f1f9c9chore: switch to Biome for parsing and linting (#932)e2879e6chore: use maintained version of npm-run-all (#930)ffa3138fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)0423d49docs: remove obsolete v1 option notes (#915)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
xmldomfrom 0.5.0 to 0.6.0Release notes
Sourced from xmldom's releases.
Changelog
Sourced from xmldom's changelog.
Commits
c80a161xmldon version 0.6.0bc36efdchore: regenerate package-lock.json8a92704Update eslint -> ^7.23.0 - devDependencies (#202)b12106eUpdate@stryker-mutator/core-> ^4.5.1 - devDependencies (#192)af4642edocs: Update Changelog (#197)5869d76test(stryker): Replace line numbers by error index (#201)a681852fix: Escape<when serializing attribute values (#199)bb12247Update eslint-config-prettier -> 8 - devDependencies (#187)48c51b3Update eslint -> ^7.22.0 - devDependencies (#185)82b0481refactor!: Avoid empty namespace value like xmlns:ds="" (#168)Maintainer changes
This version was pushed to npm by karfau, a new releaser for xmldom since your current version.
Updates
webpackfrom 5.91.0 to 5.104.1Release notes
Sourced from webpack's releases.
... (truncated)
Changelog
Sourced from webpack's changelog.
Commits
24e3c2dchore(release): new release (#20253)2efd21bfix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...c510070fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris4b0501cci: fix release (#20252)0c213ceci: use\<@&1450591255485743204>over@herefor discord notificationw5bf8bc5refactor: types for benchmarks and tests505a5e7chore(release): new release (#20188)0c06680refactor: update eslint configuration2eb0d6aci: release announcement (#20238)b2b2459ci: cancel in progress (#20239)Updates
@babel/corefrom 7.25.2 to 7.29.7Release notes
Sourced from @babel/core's releases.
... (truncated)
Commits
4fba754v7.29.704ea6b2v7.29.699f498a[7.x packport]Improve input source map handling (#18001)feba0a3Preserve original identifier names from input sourcemaps (#17992) (#17998)aa8394ev7.29.0ad0d03f[7.x backport] feat: Allow specifying startLine in code frame (#17739)d7f4008v7.28.6e130225Polish(standalone): improve message on invalid preset/plugin (#17606)99dcba5chore: enable some ts-eslint rules (#17592)c92c491Improve Unicode handling in code-frame tokenizer (#17589)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@babel/coresince your current version.Updates
fast-xml-parserfrom 4.4.1 to 5.9.3Release notes
Sourced from fast-xml-parser's releases.
... (truncated)
Changelog
Sourced from fast-xml-parser's changelog.
... (truncated)
Commits
93a09f15.9.39c1905eupdate strnum8d71292GitHub Actions workflow fixes (#844)784a044Harden GitHub Actions workflows (#841)bf9b81a5.9.2232abf5update publish action for better security73411faupdate checklistd57e33b5.9.13be603atesting release from Githubb6c41eaAdd GitHub Actions workflow for npm publishingMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for fast-xml-parser since your current version.
Updates
follow-redirectsfrom 1.15.6 to 1.16.0Commits
0c23a22Release version 1.16.0 of the npm package.844c4d3Add sensitiveHeaders option.5e8b8d0ci: add Node.js 24.x to the CI matrix7953e22ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v686dc1f8Sanitizing input.21ef28aRelease version 1.15.11 of the npm package.7c88135Roll back tree shaking.6e389baRelease version 1.15.10 of the npm package.5bc496eShake me up before you go-go.694d6b4Bump minimist from 1.2.5 to 1.2.8Updates
js-cookiefrom 2.2.1 to 3.0.8Release notes
Sourced from js-cookie's releases.
... (truncated)
Commits
d7a1096Craft v3.0.8 release248e685Use existing Chrome with puppeteerfc04269Remove QUnit related workaround in Grunt config265a685Tidy up package lock file478e591Disable Node deprecation DEP0044 for release workflow331d524Fix node version config for E2E test job11d773dEnsure ECMAScript compatibilityd788646Removeenginesproperty from packagee7d9a4dFix typo in test assertion messageb5fca24Make credentials use explicit in release workflowMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for js-cookie since your current version.
Updates
jwsfrom 3.2.2 to 3.2.3Release notes
Sourced from jws's releases.
Changelog
Sourced from jws's changelog.
Commits
4f6e73fMerge commit from forkbd0fea5version 3.2.37c3b4b4Enhance tests for HMAC streaming sign and verifya9b8ed9Improve secretOrKey initialization in VerifyStream6707fdeImprove secret handling in SignStreamMaintainer changes
This version was pushed to npm by julien.wollscheid, a new releaser for jws since your current version.
Updates
lodashfrom 4.17.21 to 4.18.1Release notes
Sourced from lodash's releases.
Commits
cb0b9b9release(patch): bump main to 4.18.1 (#6177)75535f5chore: prune stale advisory refs (#6170)62e91bcdocs: remove n_ Node.js < 6 REPL note from README (#6165)59be2derelease(minor): bump to 4.18.0 (#6161)af63457fix: broken tests for _.template 879aaa91073a76fix: linting issues879aaa9fix: validate imports keys in _.templatefe8d32efix: block prototype pollution in baseUnset via constructor/prototype traversal18ba0a3refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)b819080ci: add dist sync validation workflow (#6137)Updates
wsfrom 6.2.3 to 7.5.11Release notes
Sourced from ws's releases.
... (truncated)
Commits
fd36cd8[dist] 7.5.11e14c458[security] Limit retained message partsd962d70[dist] 7.5.1022c2876[security] Fix crash when the Upgrade header cannot be read (#2231)8a78f87[dist] 7.5.90435e6e[security] Fix same host check for ws+unix: redirects4271f07[dist] 7.5.8dc1781b[security] Drop sensitive headers when following insecure redirects2758ed3[fix] Abort the handshake if the Upgrade header is invalida370613[dist] 7.5.7Updates
postcssfrom 8.4.40 to 8.5.16Release notes
Sourced from postcss's releases.