build(deps): bump the npm_and_yarn group across 1 directory with 4 updates #18248
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 4 updates in the /packages/guardian-prover-health-check-ui directory: axios, @sveltejs/kit, svelte and vite.
Updates
axios
from 1.6.2 to 1.7.4Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)0e4f9fa
chore(release): v1.7.2 (#6414)4f79aef
fix(fetch): enhance fetch API detection; (#6413)Updates
@sveltejs/kit
from 2.0.4 to 2.4.3Changelog
Sourced from
@sveltejs/kit
's changelog.... (truncated)
Commits
a93e19b
Version Packages (#11711)f56781f
fix: only disallow body with GET/HEAD requests (#11710)d570557
Version Packages (#11709)af34142
fix: ignore bodies sent with non-PUT/PATCH/POST requests (#11708)b8d0429
chore: upgrade playwright (#11690)b3c8a8c
Version Packages (#11681)36dc54a
fix: respectbuild.target
config supplied by user (#11688)ada5959
fix: default route config to{}
for feature checking (#11685)5dae367
fix: properly decode base64 strings insideread
(#11682)e228f89
fix: runtime error whenonNavigate
returns a function (#11678)Updates
svelte
from 4.2.8 to 4.2.19Release notes
Sourced from svelte's releases.
Changelog
Sourced from svelte's changelog.
... (truncated)
Commits
d8b3133
Version Packages (#12990)83e96e0
fix: escape<
in attribute strings (#12989)5ec4409
fix: ensure typings for\<svelte:options>
are picked up (#12902)230916f
Version Packages (#11925)dbe6057
chore: speed up regex (#11922)a8deae9
Version Packages (#11594)8592914
fix: correctly handle falsy values of style directives in SSR mode (#11584)8e4c778
Version Packages (#11491)1bab571
fix: additional check for component on destroy (svelte4) (#11489)9f2341f
Version Packages (#11202)Updates
vite
from 5.0.10 to 5.1.8Changelog
Sourced from vite's changelog.
... (truncated)
Commits
fe63231
release: v5.1.85caa08f
fix: avoid DOM Clobbering gadget ingetRelativeUrlFromDocument
(#18115)03f1033
fix: fs raw query (#18112)e710c2f
release: v5.1.75a056dd
fix:fs.deny
with globs with directories (#16250)6f7466e
release: v5.1.6a862ecb
chore(deps): update all non-major dependencies (#16131)8403546
fix: server middleware mode resolve (#16122)b6fb323
fix: check for publicDir before checking if it is a parent directory (#16046)fd9de04
fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.