Skip to content

Commit

Permalink
chore: bump the npm_and_yarn group across 2 directories with 8 updates (
Browse files Browse the repository at this point in the history 
#1136)

Bumps the npm_and_yarn group with 2 updates in the /typescript
directory: [express](https://github.com/expressjs/express) and
[http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware).
Bumps the npm_and_yarn group with 3 updates in the
/typescript/fiddle-proxy directory:
[express](https://github.com/expressjs/express),
[http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware)
and [cookie](https://github.com/jshttp/cookie).

Updates `express` from 4.21.0 to 4.21.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@​joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.1/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): [email protected]</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `http-proxy-middleware` from 3.0.2 to 3.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/releases">http-proxy-middleware's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(pathFilter): handle errors by <a
href="https://github.com/chimurai"><code>@​chimurai</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1043">chimurai/http-proxy-middleware#1043</a></li>
<li>chore(package): v3.0.3 by <a
href="https://github.com/chimurai"><code>@​chimurai</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1044">chimurai/http-proxy-middleware#1044</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3">https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md">http-proxy-middleware's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.3">v3.0.3</a></h2>
<ul>
<li>fix(pathFilter): handle errors</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/43f38836b5ff00a6e46ae357dfd071361fa93ca1"><code>43f3883</code></a>
chore(package): v3.0.3 (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1044">#1044</a>)</li>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22"><code>788b21e</code></a>
fix(pathFilter): handle errors (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1043">#1043</a>)</li>
<li>See full diff in <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `cookie` from 0.6.0 to 0.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jshttp/cookie/releases">cookie's
releases</a>.</em></p>
<blockquote>
<h2>0.7.1</h2>
<p><strong>Fixed</strong></p>
<ul>
<li>Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)
<ul>
<li>Although not permitted in the spec, some users expect this to work
and user agents ignore the leading dot according to spec</li>
</ul>
</li>
<li>Add fast path for <code>serialize</code> without options, use
<code>obj.hasOwnProperty</code> when parsing (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1">https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1</a></p>
<h2>0.7.0</h2>
<ul>
<li>perf: parse cookies ~10% faster (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a> by
<a href="https://github.com/kurtextrem"><code>@​kurtextrem</code></a>
and <a
href="https://redirect.github.com/jshttp/cookie/issues/170">#170</a>)</li>
<li>fix: narrow the validation of cookies to match RFC6265 (<a
href="https://redirect.github.com/jshttp/cookie/issues/167">#167</a> by
<a href="https://github.com/bewinsnw"><code>@​bewinsnw</code></a>)</li>
<li>fix: add <code>main</code> to <code>package.json</code> for rspack
(<a href="https://redirect.github.com/jshttp/cookie/issues/166">#166</a>
by <a
href="https://github.com/proudparrot2"><code>@​proudparrot2</code></a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0">https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014"><code>cf4658f</code></a>
0.7.1</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e"><code>6a8b8f5</code></a>
Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0"><code>58015c0</code></a>
Remove more code and perf wins (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627"><code>ab057d6</code></a>
0.7.0</li>
<li><a
href="https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542"><code>5f02ca8</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579"><code>a5d591c</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105"><code>51968f9</code></a>
Skip isNaN</li>
<li><a
href="https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc"><code>9e7ca51</code></a>
perf(parse): cache length, return early (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/d6f39b0aab5521a8b118b466a515fd6eb0b9f65e"><code>d6f39b0</code></a>
Fix tests for old node</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6bb701f14e59c5e768933bfae9b578db4ed26c6e"><code>6bb701f</code></a>
Remove failing scorecard</li>
<li>Additional commits viewable in <a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.1">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~blakeembrey">blakeembrey</a>, a new
releaser for cookie since your current version.</p>
</details>
<br />

Updates `express` from 4.19.2 to 4.20.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@​joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.1/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): [email protected]</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `http-proxy-middleware` from 3.0.0 to 3.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/releases">http-proxy-middleware's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(pathFilter): handle errors by <a
href="https://github.com/chimurai"><code>@​chimurai</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1043">chimurai/http-proxy-middleware#1043</a></li>
<li>chore(package): v3.0.3 by <a
href="https://github.com/chimurai"><code>@​chimurai</code></a> in <a
href="https://redirect.github.com/chimurai/http-proxy-middleware/pull/1044">chimurai/http-proxy-middleware#1044</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3">https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md">http-proxy-middleware's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.3">v3.0.3</a></h2>
<ul>
<li>fix(pathFilter): handle errors</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/43f38836b5ff00a6e46ae357dfd071361fa93ca1"><code>43f3883</code></a>
chore(package): v3.0.3 (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1044">#1044</a>)</li>
<li><a
href="https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22"><code>788b21e</code></a>
fix(pathFilter): handle errors (<a
href="https://redirect.github.com/chimurai/http-proxy-middleware/issues/1043">#1043</a>)</li>
<li>See full diff in <a
href="https://github.com/chimurai/http-proxy-middleware/compare/v3.0.2...v3.0.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `body-parser` from 1.20.2 to 1.20.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/body-parser/releases">body-parser's
releases</a>.</em></p>
<blockquote>
<h2>1.20.3</h2>
<h2>What's Changed</h2>
<h3>Important</h3>
<ul>
<li>deps: [email protected]</li>
<li>add <code>depth</code> option to customize the depth level in the
parser</li>
<li><strong>IMPORTANT:</strong> The default <code>depth</code> level for
parsing URL-encoded data is now <code>32</code> (previously was
<code>Infinity</code>). <a
href="https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation</a></li>
</ul>
<h3>Other changes</h3>
<ul>
<li>chore: add support for OSSF scorecard reporting by <a
href="https://github.com/inigomarquinez"><code>@​inigomarquinez</code></a>
in <a
href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li>
<li>ci: fix errors in ci github action for node 8 and 9 by <a
href="https://github.com/inigomarquinez"><code>@​inigomarquinez</code></a>
in <a
href="https://redirect.github.com/expressjs/body-parser/pull/523">expressjs/body-parser#523</a></li>
<li>fix: pin to [email protected] by <a
href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/body-parser/pull/527">expressjs/body-parser#527</a></li>
<li>deps: [email protected] by <a
href="https://github.com/melikhov-dev"><code>@​melikhov-dev</code></a>
in <a
href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li>
<li>Add OSSF Scorecard badge by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li>
<li>Linter by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li>
<li>Release: 1.20.3 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/body-parser/pull/535">expressjs/body-parser#535</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/inigomarquinez"><code>@​inigomarquinez</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li>
<li><a
href="https://github.com/melikhov-dev"><code>@​melikhov-dev</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li>
<li><a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li>
<li><a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/body-parser/blob/master/HISTORY.md">body-parser's
changelog</a>.</em></p>
<blockquote>
<h1>1.20.3 / 2024-09-10</h1>
<ul>
<li>deps: [email protected]</li>
<li>add <code>depth</code> option to customize the depth level in the
parser</li>
<li>IMPORTANT: The default <code>depth</code> level for parsing
URL-encoded data is now <code>32</code> (previously was
<code>Infinity</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/body-parser/commit/17529513673e39ba79886a7ce3363320cf1c0c50"><code>1752951</code></a>
1.20.3</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/39744cfe2ac4fb37a19ed7c43e3a74332f428e17"><code>39744cf</code></a>
chore: linter (<a
href="https://redirect.github.com/expressjs/body-parser/issues/534">#534</a>)</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"><code>b2695c4</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/ade0f3f82f91086d6cd2ed2cb4b0aff448fbc2e5"><code>ade0f3f</code></a>
add scorecard to readme (<a
href="https://redirect.github.com/expressjs/body-parser/issues/531">#531</a>)</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/99a1bd62456f932004b84767d6393bc261f75d36"><code>99a1bd6</code></a>
deps: [email protected] (<a
href="https://redirect.github.com/expressjs/body-parser/issues/521">#521</a>)</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/947859160527c7aaaa20da79e2c3ba542baaaf66"><code>9478591</code></a>
fix: pin to [email protected]</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/83db46a1e5512135ce01ed90b9132ee16a2657a8"><code>83db46a</code></a>
ci: fix errors in ci github action for node 8 and 9 (<a
href="https://redirect.github.com/expressjs/body-parser/issues/523">#523</a>)</li>
<li><a
href="https://github.com/expressjs/body-parser/commit/9d4e2125b580b055b2a3aa140df9b8fce363af46"><code>9d4e212</code></a>
chore: add support for OSSF scorecard reporting (<a
href="https://redirect.github.com/expressjs/body-parser/issues/522">#522</a>)</li>
<li>See full diff in <a
href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new
releaser for body-parser since your current version.</p>
</details>
<br />

Updates `cookie` from 0.6.0 to 0.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jshttp/cookie/releases">cookie's
releases</a>.</em></p>
<blockquote>
<h2>0.7.1</h2>
<p><strong>Fixed</strong></p>
<ul>
<li>Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)
<ul>
<li>Although not permitted in the spec, some users expect this to work
and user agents ignore the leading dot according to spec</li>
</ul>
</li>
<li>Add fast path for <code>serialize</code> without options, use
<code>obj.hasOwnProperty</code> when parsing (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1">https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1</a></p>
<h2>0.7.0</h2>
<ul>
<li>perf: parse cookies ~10% faster (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a> by
<a href="https://github.com/kurtextrem"><code>@​kurtextrem</code></a>
and <a
href="https://redirect.github.com/jshttp/cookie/issues/170">#170</a>)</li>
<li>fix: narrow the validation of cookies to match RFC6265 (<a
href="https://redirect.github.com/jshttp/cookie/issues/167">#167</a> by
<a href="https://github.com/bewinsnw"><code>@​bewinsnw</code></a>)</li>
<li>fix: add <code>main</code> to <code>package.json</code> for rspack
(<a href="https://redirect.github.com/jshttp/cookie/issues/166">#166</a>
by <a
href="https://github.com/proudparrot2"><code>@​proudparrot2</code></a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0">https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014"><code>cf4658f</code></a>
0.7.1</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e"><code>6a8b8f5</code></a>
Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0"><code>58015c0</code></a>
Remove more code and perf wins (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627"><code>ab057d6</code></a>
0.7.0</li>
<li><a
href="https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542"><code>5f02ca8</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579"><code>a5d591c</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105"><code>51968f9</code></a>
Skip isNaN</li>
<li><a
href="https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc"><code>9e7ca51</code></a>
perf(parse): cache length, return early (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/d6f39b0aab5521a8b118b466a515fd6eb0b9f65e"><code>d6f39b0</code></a>
Fix tests for old node</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6bb701f14e59c5e768933bfae9b578db4ed26c6e"><code>6bb701f</code></a>
Remove failing scorecard</li>
<li>Additional commits viewable in <a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.1">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~blakeembrey">blakeembrey</a>, a new
releaser for cookie since your current version.</p>
</details>
<br />

Updates `express` from 4.20.0 to 4.21.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@​joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.1/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): [email protected]</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `micromatch` from 4.0.7 to 4.0.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/releases">micromatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.8</h2>
<p>Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We
consider the issues low-priority, so even if you see automated scanners
saying otherwise, don't be scared.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md">micromatch's
changelog</a>.</em></p>
<blockquote>
<h2>[4.0.8] - 2024-08-22</h2>
<ul>
<li>backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920"><code>8bd704e</code></a>
4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a"><code>a0e6841</code></a>
run verb to generate README documentation</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a"><code>4ec2884</code></a>
Merge branch 'v4' into hauserkristof-feature/v4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade"><code>03aa805</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/micromatch/issues/266">#266</a>
from hauserkristof/feature/v4.0.8</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8"><code>814f5f7</code></a>
lint</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae"><code>67fcce6</code></a>
fix: CHANGELOG about braces &amp; CVE-2024-4068, v4.0.5</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30"><code>113f2e3</code></a>
fix: CVE numbers in CHANGELOG</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f"><code>d9dbd9a</code></a>
feat: updated CHANGELOG</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e"><code>2ab1315</code></a>
fix: use actions/setup-node@v4</li>
<li><a
href="https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce"><code>1406ea3</code></a>
feat: rework test to work on macos with node 10,12 and 14</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/micromatch/compare/4.0.7...4.0.8">compare
view</a></li>
</ul>
</details>
<br />

Updates `path-to-regexp` from 0.1.7 to 0.1.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pillarjs/path-to-regexp/releases">path-to-regexp's
releases</a>.</em></p>
<blockquote>
<h2>Backtrack protection</h2>
<p><strong>Fixed</strong></p>
<ul>
<li>Add backtrack protection to parameters  29b96b4
<ul>
<li>This will break some edge cases but should improve performance</li>
</ul>
</li>
</ul>
<p><a
href="https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10">https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10</a></p>
<h2>Support non-lookahead regex output</h2>
<p><strong>Added</strong></p>
<ul>
<li>Allow a non-lookahead regex (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/312">#312</a>)
c4272e4</li>
</ul>
<p><a
href="https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9">https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9</a></p>
<h2>Support named matching groups in <code>RegExp</code></h2>
<p><strong>Added</strong></p>
<ul>
<li>Add support for named matching groups (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/301">#301</a>)
114f62d</li>
</ul>
<p><a
href="https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8">https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868"><code>c827fce</code></a>
0.1.10</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"><code>29b96b4</code></a>
Add backtrack protection to parameters</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7"><code>ac4c234</code></a>
Update repo url (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/314">#314</a>)</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53"><code>bdb6635</code></a>
0.1.9</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/c4272e44774bfeef53e123f9b8d91cc35d3aaf31"><code>c4272e4</code></a>
Allow a non-lookahead regex (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/312">#312</a>)</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/51a1955aba523eabf60990109a738b0d03964755"><code>51a1955</code></a>
0.1.8</li>
<li><a
href="https://github.com/pillarjs/path-to-regexp/commit/114f62d336f4428fedfdd96ae2202a7d523f5084"><code>114f62d</code></a>
Add support for named matching groups (<a
href="https://redirect.github.com/pillarjs/path-to-regexp/issues/301">#301</a>)</li>
<li>See full diff in <a
href="https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.10">compare
view</a></li>
</ul>
</details>
<br />

Updates `send` from 0.18.0 to 0.19.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pillarjs/send/releases">send's
releases</a>.</em></p>
<blockquote>
<h2>0.19.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove link renderization in html while redirecting (<a
href="https://redirect.github.com/pillarjs/send/pull/235">pillarjs/send#235</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
made their first contribution in <a
href="https://redirect.github.com/pillarjs/send/pull/235">pillarjs/send#235</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pillarjs/send/compare/0.18.0...0.19.0">https://github.com/pillarjs/send/compare/0.18.0...0.19.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pillarjs/send/blob/master/HISTORY.md">send's
changelog</a>.</em></p>
<blockquote>
<h1>0.19.0 / 2024-09-10</h1>
<ul>
<li>Remove link renderization in html while redirecting</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce"><code>9d2db99</code></a>
0.19.0</li>
<li><a
href="https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"><code>ae4f298</code></a>
Merge commit from fork</li>
<li>See full diff in <a
href="https://github.com/pillarjs/send/compare/0.18.0...0.19.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new
releaser for send since your current version.</p>
</details>
<br />

Updates `serve-static` from 1.15.0 to 1.16.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/serve-static/releases">serve-static's
releases</a>.</em></p>
<blockquote>
<h2>1.16.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove link renderization in html while redirecting (<a
href="https://redirect.github.com/expressjs/serve-static/pull/173">expressjs/serve-static#173</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/serve-static/pull/173">expressjs/serve-static#173</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0">https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md">serve-static's
changelog</a>.</em></p>
<blockquote>
<h1>1.16.2 / 2024-09-11</h1>
<ul>
<li>deps: encodeurl@~2.0.0</li>
</ul>
<h1>1.16.1 / 2024-09-11</h1>
<ul>
<li>deps: [email protected]</li>
</ul>
<h1>1.16.0 / 2024-09-10</h1>
<ul>
<li>Remove link renderization in html while redirecting</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2"><code>ec9c5ec</code></a>
1.16.2</li>
<li><a
href="https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114"><code>f454d37</code></a>
fix(deps): encodeurl@~2.0.0</li>
<li><a
href="https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77"><code>77a8255</code></a>
1.16.1</li>
<li><a
href="https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d"><code>4263f49</code></a>
fix(deps): [email protected]</li>
<li><a
href="https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed"><code>48c7397</code></a>
1.16.0</li>
<li><a
href="https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"><code>0c11fad</code></a>
Merge commit from fork</li>
<li>See full diff in <a
href="https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.2">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~wesleytodd">wesleytodd</a>, a new releaser
for serve-static since your current version.</p>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/BoundaryML/baml/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Dec 5, 2024
1 parent 9a3913e commit a37d486
Show file tree
Hide file tree
Showing 4 changed files with 448 additions and 138 deletions.
Loading

0 comments on commit a37d486

Please sign in to comment.