Bump qs, body-parser and express in /nuve #1862
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps qs to 6.9.7 and updates ancestor dependencies qs, body-parser and express. These dependencies need to be updated together.
Updates
qs
from 6.7.0 to 6.9.7Changelog
Sourced from qs's changelog.
... (truncated)
Commits
4cd0032
v6.9.7e799ba5
[Fix]parse
: ignore__proto__
keys (#428)02ca358
[Robustness]stringify
: avoid relying on a globalundefined
(#427)4a17709
[Fix]stringify
: avoid encoding arrayformat comma when `encodeValuesOnly = ...c0e13e9
[readme] remove travis badge; add github actions/codecov badges; update URLs4113a5f
[Tests] clean up stringify tests slightly749a584
[Docs] add note and links for coercing primitive values (#408)cce2082
[meta] fix README.md (#399)c44f0c5
Revert "[meta] ignore eclint transitive audit warning"e6cfd8b
[actions] backport actions from mainUpdates
body-parser
from 1.19.0 to 1.19.2Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
424dadd
1.19.211248a2
deps: [email protected]7a088eb
build: [email protected]ecedf31
build: [email protected]b6bfabd
build: [email protected]badd6b2
build: fix code coverage aggregate upload96b448a
build: [email protected]70560b1
build: [email protected]548a06f
build: [email protected]3b00678
deps: [email protected]Updates
express
from 4.17.1 to 4.17.3Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
3d7fce5
4.17.3f906371
build: update example dependencies6381bc6
deps: [email protected]a007863
deps: [email protected]e98f584
Revert "build: use [email protected] for Node.js < 4"a659137
tests: use strict modea39e409
tests: prevent leaking changes to NODE_ENV82de4de
examples: fix path traversal in downloads example12310c5
build: use nyc for test coverage884657d
examples: remove bitwise syntax for includes checkYou can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.