Bump the npm_and_yarn group across 3 directories with 11 updates #46

dependabot · 2024-05-02T17:33:51Z

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package	From	To
axios	`1.6.7`	`1.6.8`
mysql2	`3.9.1`	`3.9.7`
express	`4.18.2`	`4.19.2`
@babel/traverse	`7.23.9`	`7.24.5`
ejs	`3.1.9`	`3.1.10`
jose	`5.2.1`	`5.2.4`
webpack-dev-middleware	`5.3.3`	`5.3.4`

Bumps the npm_and_yarn group with 1 update in the /apps/api directory: mysql2.
Bumps the npm_and_yarn group with 1 update in the /apps/ui directory: express.

Updates axios from 1.6.7 to 1.6.8

Release notes

Sourced from axios's releases.

Release v1.6.8

Release notes:

Bug Fixes

AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)

import: use named export for EventEmitter; (7320430)

vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

Jay

Dmitriy Mozgovoy

Mitchell

Emmanuel

Lucas Keller

Aditya Mogili

Miroslav Petrov

Changelog

Sourced from axios's changelog.

1.6.8 (2024-03-15)

Bug Fixes

AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)

import: use named export for EventEmitter; (7320430)

vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

Jay

Dmitriy Mozgovoy

Mitchell

Emmanuel

Lucas Keller

Aditya Mogili

Miroslav Petrov

Commits

ab3f0f9 chore(release): v1.6.8 (#6303)
2656612 fix(AxiosHeaders): fix AxiosHeaders conversion to an object during config mer...
7320430 fix(import): use named export for EventEmitter;
8786e0f fix(vulnerability): update follow-redirects to 1.15.6 (#6300)
d844227 chore: update and bump deps (#6238)
caa0625 docs: update README responseEncoding types (#6194)
41c4584 docs: Update README.md to point to current axios version in CDN links (#6196)
bf6974f chore(ci): add npm tag action; (#6231)
See full diff in compare view

Updates mongoose from 8.1.3 to 7.6.11

Changelog

Sourced from mongoose's changelog.

7.6.11 / 2024-04-11

fix(populate): avoid match function filtering out null values in populate result #14518

fix(schema): support setting discriminator options in Schema.prototype.discriminator() #14493 #14448

fix(schema): deduplicate idGetter so creating multiple models with same schema doesn't result in multiple id getters #14492 #14457

6.12.8 / 2024-04-10

fix(document): handle virtuals that are stored as objects but getter returns string with toJSON #14468 #14446

fix(schematype): consistently set wasPopulated to object with value property rather than boolean #14418

docs(model): add extra note about lean option for insertMany() skipping casting #14415 #14376

8.3.1 / 2024-04-08

fix(document): make update minimization unset property rather than setting to null #14504 #14445

fix(model): make Model.recompileSchema() also re-apply discriminators #14500 #14444

fix(schema): deduplicate idGetter so creating multiple models with same schema doesn't result in multiple id getters #14492

fix: update kareem -> 2.6.3 for index.d.ts #14508 #14497

fix(mongoose): make setDriver() update mongoose.model() connections and collections #14505

types(validation): support function for validator message property, and add support for accessing validator reason #14499 #14496

docs: remove typo #14501 epmartini

8.3.0 / 2024-04-03

feat: use [email protected]

feat(document): add validateAllPaths option to validate() and validateSync() #14467 #14414

feat: pathsToSave option to save() function #14385 #9583

feat(query): add options parameter to Query.prototype.sort() #14375 #14365

feat: add function SchemaType.prototype.validateAll #14434 #6910

fix: handle array schema definitions with of keyword #14447 #14416

types: add overwriteMiddlewareResult and skipMiddlewareFunction to types #14328 #14829

8.2.4 / 2024-03-28

types(query): bring "getFilter" and "getQuery" in-line with "find" and other types #14463 hasezoey

types(schema): re-export the defintion for SearchIndexDescription #14464 noseworthy

docs: removed unused hook from docs #14461 bernardarhia

8.2.3 / 2024-03-21

fix(schema): avoid returning string 'nested' as schematype #14453 #14443 #14435

types(schema): add missing search index types #14449 noseworthy

types: improve the typing of FilterQuery type to prevent it from only getting typed to any #14436 #14398 #14397

8.2.2 / 2024-03-15

fix(model): improve update minimizing to only minimize top-level properties in the update #14437 #14420 #13782

fix: add Null check in case schema.options['type'][0] is undefined #14431 Atharv-Bobde

types: consistently infer array of objects in schema as a DocumentArray #14430 #14367

types: add TypeScript interface for the new PipelineStage - Vector Search - solving issue #14428 #14429 jkorach

... (truncated)

Commits

c97c060 chore: release 7.6.11
247d029 fix(populate): avoid match function filtering out null values in populate r...
bf70152 Merge branch '6.x' into 7.x
c00a715 chore: release 6.12.8
8a8bea5 Merge pull request #14493 from Automattic/vkarpov15/gh-14448
f1ed8b1 fix(schema): deduplicate idGetter so creating multiple models with same schem...
f845fb2 fix(schema): support setting discriminator options in Schema.prototype.discri...
d3cb2ab Merge pull request #14468 from Automattic/vkarpov15/gh-14446
69a0581 fix(document): handle virtuals that are stored as objects but getter returns ...
759f0d4 Merge pull request #14458 from Automattic/vkarpov15/gh-14418
Additional commits viewable in compare view

Updates mysql2 from 3.9.1 to 3.9.7

Release notes

Sourced from mysql2's releases.

v3.9.7

3.9.7 (2024-04-21)

Bug Fixes

security: sanitize timezone parameter value to prevent code injection - report by zhaoyudi (Nebulalab) (#2608) (7d4b098)

v3.9.6

3.9.6 (2024-04-18)

Bug Fixes

binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

v3.9.5

3.9.5 (2024-04-17)

Bug Fixes

revert breaking change in results creation (#2591) (f7c60d0)

v3.9.4

3.9.4 (2024-04-09)

Bug Fixes

SSL: separate each certificate into an individual item #2542 (63f1055)

security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)

Fixes a potential RCE attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

security: improve results object creation (#2574) (4a964a3)

Fixes a potential Prototype Pollution attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

docs: improve the contribution guidelines (#2552) (8a818ce)

v3.9.3

3.9.3 (2024-03-26)

Bug Fixes

security: improve cache key formation (#2424) (0d54b0c)

Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

update Amazon RDS SSL CA cert (#2131) (d9dccfd)

v3.9.2

3.9.2 (2024-02-26)

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.9.7 (2024-04-21)

Bug Fixes

security: sanitize timezone parameter value to prevent code injection (#2608) (7d4b098)

3.9.6 (2024-04-18)

Bug Fixes

binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

3.9.5 (2024-04-17)

Bug Fixes

revert breaking change in results creation (#2591) (f7c60d0)

3.9.4 (2024-04-09)

Bug Fixes

docs: improve the contribution guidelines (#2552) (8a818ce)

security: improve results object creation (#2574) (4a964a3)

security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)

3.9.3 (2024-03-26)

Bug Fixes

security: improve cache key formation (#2424) (0d54b0c)

Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

update Amazon RDS SSL CA cert (#2131) (d9dccfd)

3.9.2 (2024-02-26)

Bug Fixes

stream: premature close when it is paused (#2416) (7c6bc64)

types: expose TypeCast types (#2425) (336a7f1)

Commits

2d3cad8 chore(master): release 3.9.7 (#2609)
7d4b098 fix(security): sanitize timezone parameter value to prevent code injection (#...
2efd6ab build(deps): bump lucide-react from 0.371.0 to 0.372.0 in /website (#2606)
e3391ed build(deps): bump lucide-react from 0.368.0 to 0.371.0 in /website (#2604)
4f58caa chore(master): release 3.9.6 (#2603)
705835d fix: binary parser sometimes reads out of packet bounds when results contain ...
2129818 chore(master): release 3.9.5 (#2600)
f7c60d0 fix: revert breaking change in results creation (#2591)
7f5b395 build(deps-dev): bump @typescript-eslint/eslint-plugin in /website (#2596)
a770052 build(deps-dev): bump @typescript-eslint/parser in /website (#2595)
Additional commits viewable in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates postcss from 8.4.33 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

Fixed endIndex: 0 in errors and warnings (by @romainmenke).

8.4.37

Fixed original.column are not numbers error in another case.

8.4.36

Fixed original.column are not numbers error on broken previous source map.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by @tim-we).

Cleaned up code (by @DrKiraDmitry).

Changelog

Sourced from postcss's changelog.

8.4.38

Fixed endIndex: 0 in errors and warnings (by @romainmenke).

8.4.37

Fixed original.column are not numbers error in another case.

8.4.36

Fixed original.column are not numbers error on broken previous source map.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by Tim Weißenfels).

Cleaned up code (by Dmitry Kirillov).

Commits

a69d45e Release 8.4.38 version
64e35d9 Update dependencies
c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
b45e7e9 fix endIndex
1bea246 failing test: for endIndex 0 in rangeBy
0fd1d86 Add changelog auto release on Github
49c906e Release 8.4.37 version
b5bd92c Fix another broken prev source map issue
2882039 Update dependencies
e5ad939 Release 8.4.36 version
Additional commits viewable in compare view

Updates @babel/traverse from 7.23.9 to 7.24.5

Release notes

Sourced from @babel/traverse's releases.

v7.24.5 (2024-04-29)

Thanks @romgrk and @sossost for your first PRs!

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

#16407 Recover from exported using declaration (@JLHwung)

🏠 Internal

Other

#16414 Relax ESLint peerDependency constraint to allow v9 (@liuxingbaoyu)

babel-parser

#16425 Improve @babel/parser AST types (@nicolo-ribaudo)

#16417 Always pass type argument to .startNode (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse

#16439 Make NodePath<T | U> distributive (@nicolo-ribaudo)

babel-plugin-proposal-partial-application, babel-types

#16421 Remove JSXNamespacedName from valid CallExpression args (@nicolo-ribaudo)

babel-plugin-transform-class-properties, babel-preset-env

#16406 Do not load unnecessary Babel 7 syntax plugins in Babel 8 (@nicolo-ribaudo)

🏃‍♀️ Performance

babel-helpers, babel-preset-env, babel-runtime-corejs3

#16357 Performance: improve objectWithoutPropertiesLoose on V8 (@romgrk)

Committers: 6

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Rom Grk (@romgrk)

@liuxingbaoyu

ynnsuis (@sossost)

v7.24.4 (2024-04-03)

Thanks @Dunqing, @luiscubal, and @samualtnorman for your first PRs!

👓 Spec Compliance

babel-parser

#16403 Forbid initializerless using (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16388 Ensure decorators are callable (@JLHwung)

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

#16407 Recover from exported using declaration (@JLHwung)

🏠 Internal

Other

#16414 Relax ESLint peerDependency constraint to allow v9 (@liuxingbaoyu)

babel-parser

#16425 Improve @babel/parser AST types (@nicolo-ribaudo)

#16417 Always pass type argument to .startNode (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse

#16439 Make NodePath<T | U> distributive (@nicolo-ribaudo)

babel-plugin-proposal-partial-application, babel-types

#16421 Remove JSXNamespacedName from valid CallExpression args (@nicolo-ribaudo)

babel-plugin-transform-class-properties, babel-preset-env

#16406 Do not load unnecessary Babel 7 syntax plugins in Babel 8 (@nicolo-ribaudo)

🏃‍♀️ Performance

babel-helpers, babel-preset-env, babel-runtime-corejs3

#16357 Performance: improve objectWithoutPropertiesLoose on V8 (@romgrk)

v7.24.4 (2024-04-03)

👓 Spec Compliance

babel-parser

#16403 Forbid initializerless using (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16388 Ensure decorators are callable (@JLHwung)

🐛 Bug Fix

babel-generator

#16402 fix: Correctly prints { [key in Bar]? } (@liuxingbaoyu)

#16394 fix: Correctly generate TSMappedType (@liuxingbaoyu)

babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env

#16390 Create bugfix plugin for classes in computed keys in Firefox (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16387 fix: support mutated outer decorated class binding (@JLHwung)

#16385 fix: Decorators when super() exists and protoInit is not needed (@liuxingbaoyu)

babel-plugin-transform-block-scoping

#16384 fix: Transform scoping for for X in loop (@liuxingbaoyu)

#16368 fix: Capture let when the for body is not a block (@liuxingbaoyu)

babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping

... (truncated)

Commits

ddbea7d v7.24.5
e779cad fix: TypeScript annotation affects output (#16377)
ee48754 Use multiple TypeScript projects (#16430)
4d8b2d0 Make NodePath\<T | U> distributive (#16439)
a84ec28 Enable eqeqeq rule (#16404)
822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
Additional commits viewable in compare view

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates follow-redirects from 1.15.5 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
See full diff in compare view

Updates jose from 5.2.1 to 5.2.4

Release notes

Sourced from jose's releases.

v5.2.4

Refactor

use createLocalJWKSet instead of LocalJWKSet in createRemoteJWKSet (a7c566c)

v5.2.3

Refactor

move iv generation and optional outputs around (05c4351)

v5.2.2

Fixes

types: iv and tag is optional in JSON serializations (53019cd)

Changelog

Sourced from jose's changelog.

5.2.4 (2024-04-07)

Refactor

use createLocalJWKSet instead of LocalJWKSet in createRemoteJWKSet (a7c566c)

5.2.3 (2024-03-07)

Refactor

move iv generation and optional outputs around (05c4351)

5.2.2 (2024-02-11)

Fixes

types: iv and tag is optional in JSON serializations (53019cd)

Commits

8fde79f chore(release): 5.2.4
3fc0f0a build: add an explicit workerd export target
02f1710 chore: bump dev deps
1f5a1cb chore: bump dev deps
a7c566c refactor: use createLocalJWKSet instead of LocalJWKSet in createRemoteJWKSet
8534023 chore: cleanup after release
259db54 chore(release): 5.2.3
ea8a76e chore: bump dev deps
7cb2e3e build: only run release action on the latest major tag releases
f009cc1 chore: bump dev deps
Additional commits viewable in compare view

Updates mongodb from 6.3.0 to 5.9.1

Changelog

Sourced from mongodb's changelog.

5.9.1 (2023-10-18)

Bug Fixes

NODE-5627: BulkWriteResult.insertedIds includes ids that were not inserted (#3870) (d766ae2)

NODE-5691: make findOne() close implicit session to avoid memory leak (#3889) (0d6c9cd)

5.9.0 (2023-09-14)

Features

NODE-5564: bump bson version to ^5.5.0 (#3865) (dc110e0)

Bug Fixes

NODE-5550: set AWS region from environment variable for STSClient (#3851) (2fab06b)

NODE-5587: recursive calls to next cause memory leak (#3842) (f60f1b5)

5.8.1 (2023-08-23)

Bug Fixes

NODE-5572: fix saslprep import (#3837) (250dc21)

5.8.0 (2023-08-21)

Features

NODE-5399: use mongodb-js/saslprep instead of saslprep (#3818) (c0d3927)

NODE-5429: deprecate the AutoEncrypter interface (

Bumps the npm_and_yarn group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.6.7` | `1.6.8` | | [mysql2](https://github.com/sidorares/node-mysql2) | `3.9.1` | `3.9.7` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.23.9` | `7.24.5` | | [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` | | [jose](https://github.com/panva/jose) | `5.2.1` | `5.2.4` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | Bumps the npm_and_yarn group with 1 update in the /apps/api directory: [mysql2](https://github.com/sidorares/node-mysql2). Bumps the npm_and_yarn group with 1 update in the /apps/ui directory: [express](https://github.com/expressjs/express). Updates `axios` from 1.6.7 to 1.6.8 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.7...v1.6.8) Updates `mongoose` from 8.1.3 to 7.6.11 - [Release notes](https://github.com/Automattic/mongoose/releases) - [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md) - [Commits](Automattic/mongoose@8.1.3...7.6.11) Updates `mysql2` from 3.9.1 to 3.9.7 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v3.9.1...v3.9.7) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `postcss` from 8.4.33 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.33...8.4.38) Updates `@babel/traverse` from 7.23.9 to 7.24.5 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.5/packages/babel-traverse) Updates `ejs` from 3.1.9 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.9...v3.1.10) Updates `follow-redirects` from 1.15.5 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6) Updates `jose` from 5.2.1 to 5.2.4 - [Release notes](https://github.com/panva/jose/releases) - [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md) - [Commits](panva/jose@v5.2.1...v5.2.4) Updates `mongodb` from 6.3.0 to 5.9.1 - [Release notes](https://github.com/mongodb/node-mongodb-native/releases) - [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v5.9.1/HISTORY.md) - [Commits](mongodb/node-mongodb-native@v6.3.0...v5.9.1) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `mysql2` from 3.2.1 to 3.9.7 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v3.9.1...v3.9.7) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mongoose dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mysql2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jose dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mongodb dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mysql2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label May 2, 2024

dependabot bot mentioned this pull request May 2, 2024

Bump the npm_and_yarn group across 3 directories with 10 updates #45

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 3 directories with 11 updates #46

Bump the npm_and_yarn group across 3 directories with 11 updates #46

dependabot bot commented on behalf of github May 2, 2024

Bump the npm_and_yarn group across 3 directories with 11 updates #46

Are you sure you want to change the base?

Bump the npm_and_yarn group across 3 directories with 11 updates #46

Conversation

dependabot bot commented on behalf of github May 2, 2024

Release v1.6.8

Release notes:

Bug Fixes

Contributors to this release

1.6.8 (2024-03-15)

Bug Fixes

Contributors to this release

7.6.11 / 2024-04-11

6.12.8 / 2024-04-10

8.3.1 / 2024-04-08

8.3.0 / 2024-04-03

8.2.4 / 2024-03-28

8.2.3 / 2024-03-21

8.2.2 / 2024-03-15

v3.9.7

3.9.7 (2024-04-21)

Bug Fixes

v3.9.6

3.9.6 (2024-04-18)

Bug Fixes

v3.9.5

3.9.5 (2024-04-17)

Bug Fixes

v3.9.4

3.9.4 (2024-04-09)

Bug Fixes

v3.9.3

3.9.3 (2024-03-26)

Bug Fixes

v3.9.2

3.9.2 (2024-02-26)

3.9.7 (2024-04-21)

Bug Fixes

3.9.6 (2024-04-18)

Bug Fixes

3.9.5 (2024-04-17)

Bug Fixes

3.9.4 (2024-04-09)

Bug Fixes

3.9.3 (2024-03-26)

Bug Fixes

3.9.2 (2024-02-26)

Bug Fixes

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

8.4.38

8.4.37

8.4.36

8.4.35

8.4.34

8.4.38

8.4.37

8.4.36

8.4.35

8.4.34

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

🏠 Internal

🏃‍♀️ Performance

Committers: 6

v7.24.4 (2024-04-03)

👓 Spec Compliance