Bump the npm_and_yarn group across 2 directories with 15 updates #2

dependabot · 2024-03-26T04:33:47Z

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package	From	To
@babel/traverse	`7.0.0-beta.42`	`7.24.1`
fsevents	`1.1.2`	`1.2.13`
handlebars	`4.0.10`	`4.7.8`
lodash	`4.17.4`	`4.17.21`
minimatch	`3.0.4`	`3.1.2`
path-parse	`1.0.5`	`1.0.7`
semver	`5.4.1`	`5.7.2`
tmpl	`1.0.4`	`1.0.5`
Bumps the npm_and_yarn group with 7 updates in the /example/app directory:

Package	From	To
fsevents	`1.1.3`	`1.2.13`
handlebars	`4.0.11`	`4.7.8`
minimatch	`3.0.4`	`3.1.2`
path-parse	`1.0.5`	`1.0.7`
tmpl	`1.0.4`	`1.0.5`
ua-parser-js	`0.7.17`	`0.7.37`
express	`4.16.3`	`4.19.2`

Updates @babel/traverse from 7.0.0-beta.42 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for @babel/traverse since your current version.

Updates fsevents from 1.1.2 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

v1.2.3

Added node v10 for pre-built binaries

C++ tuning to fix potential SIGILL and cyclic dependency (#204)

v1.2.2

Fixed node-pre-gyp bundling issue

v1.2.1

[unpublished because of errors during publish process]

v1.2.0

BREAKING: End support for Node v0.12. If you are using Node v0.12 please pin your fsevents dependencies to v1.1.3. Not bumping semver major for this release was a compromise solution discussed in #199 and #201.

Node v0.10 should continue to work with local compilation for now, but hosted pre-built binaries will no longer be provided. If this is a constraint for you, please pin to an earlier version.

Fixed security vulnerability warnings by updating node-pre-gyp to ^0.9.0

Compatibility updates for nan v2.9.0

v1.1.3

Added node v9 for pre-built binaries

Fixed bug related to using --no-bin-links option on install

Updated node-pre-gyp to latest version (0.6.39)

Commits

844a05d Version Bump
f393f2a Only build fsevents on macOS (#322)
6a281a7 [publish binary]
acc2bce [publish binary]
f532b6e [publish binary]
4c6a1c0 Add node 13 to travis matrix.
92e40aa Release 1.2.12.
909af26 Release v1.2.11
7074adb Release v1.2.10
0a052f6 Node.js v12 support for v1.x (#274)
Additional commits viewable in compare view

Updates handlebars from 4.0.10 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

Make library compatible with workers (#1894) - 3d3796c

Don't rely on Node.js global object (#1776) - 2954e7e

Fix compiling of each block params in strict mode (#1855) - 30dbf04

Fix rollup warning when importing Handlebars as ESM - 03d387b

Fix bundler issue with webpack 5 (#1862) - c6c6bbb

Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

fix weird error in integration tests - eb860c0

fix: check prototype property access in strict-mode (#1736) - b6d3de7

fix: escape property names in compat mode (#1736) - f058970

refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8

chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

#1672 - Switch cmd parser to latest minimist (@dougwilson

Compatibility notes:

Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

~~Node.js version support has been changed to v6+~~ Reverted in 4.7.6

Compatibility notes:

... (truncated)

Commits

8dc3d25 v4.7.8
668c4fb Fix browser tests in CI pipeline
c65c6cc Test on Node 18
3d3796c Make library compatible with workers
075b354 Fix sync issue with npm lock-file
30dbf04 Fix compiling of each block params in strict mode
e3a5448 Fix bundler issue with webpack 5
8e23642 Fix integration-tests issue with npm >= 7
88ac068 use https instead of git for mustache submodule
c68bc08 Fix typo
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Updates hawk from 3.1.3 to 6.0.2

Commits

d251edf Fix missing let in crypto browser helper. Closes #210
5c25e82 Merge pull request #205 from LKI/master
c7f9fab Be more specific on hash algorithm in README
2c0012f Update deps. Closes #203
05e585d Merge pull request #198 from Dreyer/fix_readme
40a9fab Updated usage example in README.md
7ea2c0a 6.0.0
54be9e2 Linting
552f81e Remove component support. Closes #196
0816715 Remove bower support. Closes #195
Additional commits viewable in compare view

Updates hoek from 2.16.3 to 4.2.0

Commits

1db691b 4.2.0
a4b9939 node 8
8a2e118 Merge pull request #204 from g-k/add-escape-json
be57205 escapeJson matching on charcodes
9bff98b document escapeJSON function
d1231c9 remove unused namedJson internal
cf70d6d match and replace once to improve escapeJson perf
a758d13 trigger rebuild for travis
c5c19d7 only escape JSON we care about
f28a438 Add escapeJson
Additional commits viewable in compare view

Updates lodash from 4.17.4 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
ded9bc6 Bump to v4.17.20.
63150ef Documentation fixes.
00f0f62 test.js: Remove trailing comma.
846e434 Temporarily use a custom fork of lodash-cli.
5d046f3 Re-enable Travis tests on 4.17 branch.
aa816b3 Remove /npm-package.
d7fbc52 Bump to v4.17.19
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates minimatch from 3.0.4 to 3.1.2

Commits

699c459 3.1.2
2f2b5ff fix: trim pattern
25d7c0d 3.1.1
55dda29 fix: treat nocase:true as always having magic
5e1fb8d 3.1.0
f8145c5 Add 'allowWindowsEscape' option
570e8b1 add publishConfig for v3 publishes
5b7cd33 3.0.6
20b4b56 [fix] revert all breaking syntax changes
2ff0388 document, expose, and test 'partial:true' option
Additional commits viewable in compare view

Updates path-parse from 1.0.5 to 1.0.7

Commits

See full diff in compare view

Updates qs from 6.4.0 to 6.5.1

Changelog

Sourced from qs's changelog.

6.5.1

[Fix] Fix parsing & compacting very deep objects (#224)

[Refactor] name utils functions

[Dev Deps] update eslint, @ljharb/eslint-config, tape

[Tests] up to node v8.4; use nvm install-latest-npm so newer npm doesn’t break older node

[Tests] Use precise dist for Node.js 0.6 runtime (#225)

[Tests] make 0.6 required, now that it’s passing

[Tests] on node v8.2; fix npm on node 0.6

6.5.0

[New] add utils.assign

[New] pass default encoder/decoder to custom encoder/decoder functions (#206)

[New] parse/stringify: add ignoreQueryPrefix/addQueryPrefix options, respectively (#213)

[Fix] Handle stringifying empty objects with addQueryPrefix (#217)

[Fix] do not mutate options argument (#207)

[Refactor] parse: cache index to reuse in else statement (#182)

[Docs] add various badges to readme (#208)

[Dev Deps] update eslint, browserify, iconv-lite, tape

[Tests] up to node v8.1, v7.10, v6.11; npm v4.6 breaks on node < v1; npm v5+ breaks on node < v4

[Tests] add editorconfig-tools

6.4.1

[Fix] parse: ignore __proto__ keys (#428)

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] use safer-buffer instead of Buffer constructor

[Fix] utils.merge: avoid a crash with a null target and an array source

[Fix] utils.merge: avoid a crash with a null target and a truthy non-array source

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Robustness] stringify: avoid relying on a global undefined (#427)

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] Clean up license text so it’s properly detected as BSD-3-Clause

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

0e838da v6.5.1
53b54cb [Refactor] name utils functions.
dfd28c6 [Dev Deps] update eslint, @ljharb/eslint-config, tape
461a04d Merge pull request #224 from dougwilson/non-recursive-compact
2ed6ea4 Fix parsing & compacting very deep objects
841b933 [Tests] up to node v8.4; use nvm install-latest-npm so newer npm doesn’...
3be7c11 Use precise dist for Node.js 0.6 runtime
489f2f8 [Tests] make 0.6 required, now that it’s passing
a80052d [Tests] on node v8.2; fix npm on node 0.6
d66ac17 v6.5.0
Additional commits viewable in compare view

Updates request from 2.81.0 to 2.83.0

Changelog

Sourced from request's changelog.

v2.83.0 (2017/09/27)

#2776 Updating tough-cookie due to security fix. (#2776) (@karlnorling)

v2.82.0 (2017/09/19)

#2703 Add Node.js v8 to Travis CI (@ryysud)

#2751 Update of hawk and qs to latest version (#2751) (@Olivier-Moreau)

#2658 Fixed some text in README.md (#2658) (@Marketionist)

#2635 chore(package): update aws-sign2 to version 0.7.0 (#2635) (@greenkeeperio-bot)

#2641 Update README to simplify & update convenience methods (#2641) (@FredKSchott)

#2541 Add convenience method for HTTP OPTIONS (#2541) (@jamesseanwright)

#2605 Add promise support section to README (#2605) (@FredKSchott)

#2579 refactor(lint): replace eslint with standard (#2579) (@ahmadnassri)

#2598 Update codecov to version 2.0.2 🚀 (@greenkeeperio-bot)

#2590 Adds test-timing keepAlive test (@nicjansma)

#2589 fix tabulation on request example README.MD (@odykyi)

#2594 chore(dependencies): har-validator to 5.x [removes babel dep] (@ahmadnassri)

Commits

dd427d7 2.83.0
5b623b5 Updating tough-cookie due to security fix. (#2776)
6f1b51e 2.82.1
0ab5c36 2.82.0
ffdf0d3 Updating deps.
4386836 Merge branch 'master' of github.com:request/request
1527407 Merge pull request #2703 from ryysud/add-nodejs-v8-to-travis
3afcbf8 Merge branch 'master' of github.com:request/request
479143d Update of hawk and qs to latest version (#2751)
169be11 Add Node.js v8 to Travis CI
Additional commits viewable in compare view

Updates semver from 5.4.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
c83c18c 5.7.1
956e228 Correct typo in README
8055dda 5.7.0
604e73d auto-publishing scripts
bed01e2 remove the nomin comments, since we don't minify any more anyway
9cb68f1 document parse method
38d42ca 5.7 changelog
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates tmpl from 1.0.4 to 1.0.5

Commits

See full diff in compare view

Updates fsevents from 1.1.3 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Release v1.2.9 - Node v12 compatibility

No release notes provided.

Release Pre-NAPI v1.2.8

No release notes provided.

Version Bump (bundle node-pre-gyp)

No release notes provided.

Prebuilt v11.x

No release notes provided.

v1.2.3

Added node v10 for pre-built binaries

C++ tuning to fix potential SIGILL and cyclic dependency (#204)

v1.2.2

Fixed node-pre-gyp bundling issue

v1.2.1

[unpublished because of errors during publish process]

v1.2.0

BREAKING: End support for Node v0.12. If you are using Node v0.12 please pin your fsevents dependencies to v1.1.3. Not bumping semver major for this release was a compromise solution discussed in #199 and #201.

Node v0.10 should continue to work with local compilation for now, but hosted pre-built binaries will no longer be provided. If this is a constraint for you, please pin to an earlier version.

Fixed security vulnerability warnings by updating node-pre-gyp to ^0.9.0

Compatibility updates for nan v2.9.0

v1.1.3

Added node v9 for pre-built binaries

Fixed bug related to using --no-bin-links option on install

Updated node-pre-gyp to latest version (0.6.39)

Commits

844a05d Version Bump
f393f2a Only build fsevents on macOS (#322)
6a281a7 [publish binary]
acc2bce [publish binary]
f532b6e [publish binary]
4c6a1c0 Add node 13 to travis matrix.
92e40aa Release 1.2.12.
909af26 Release v1.2.11
7074adb Release v1.2.10
Description has been truncated

Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.0.0-beta.42` | `7.24.1` | | [fsevents](https://github.com/fsevents/fsevents) | `1.1.2` | `1.2.13` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.10` | `4.7.8` | | [lodash](https://github.com/lodash/lodash) | `4.17.4` | `4.17.21` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.5` | `1.0.7` | | [semver](https://github.com/npm/node-semver) | `5.4.1` | `5.7.2` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | Bumps the npm_and_yarn group with 7 updates in the /example/app directory: | Package | From | To | | --- | --- | --- | | [fsevents](https://github.com/fsevents/fsevents) | `1.1.3` | `1.2.13` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.11` | `4.7.8` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.5` | `1.0.7` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.17` | `0.7.37` | | [express](https://github.com/expressjs/express) | `4.16.3` | `4.19.2` | Updates `@babel/traverse` from 7.0.0-beta.42 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `fsevents` from 1.1.2 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.2...v1.2.13) Updates `handlebars` from 4.0.10 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.10...v4.7.8) Updates `hawk` from 3.1.3 to 6.0.2 - [Release notes](https://github.com/mozilla/hawk/releases) - [Commits](mozilla/hawk@v3.1.3...v6.0.2) Updates `hoek` from 2.16.3 to 4.2.0 - [Release notes](https://github.com/hapijs/hoek/releases) - [Commits](hapijs/hoek@v2.16.3...v4.2.0) Updates `lodash` from 4.17.4 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.4...4.17.21) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `path-parse` from 1.0.5 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.4.0 to 6.5.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.4.0...v6.5.1) Updates `request` from 2.81.0 to 2.83.0 - [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md) - [Commits](request/request@v2.81.0...v2.83.0) Updates `semver` from 5.4.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.4.1...v5.7.2) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `fsevents` from 1.1.3 to 1.2.13 - [Release notes](https://github.com/fsevents/fsevents/releases) - [Commits](fsevents/fsevents@v1.1.2...v1.2.13) Updates `handlebars` from 4.0.11 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.0.10...v4.7.8) Updates `hawk` from 3.1.3 to 6.0.2 - [Release notes](https://github.com/mozilla/hawk/releases) - [Commits](mozilla/hawk@v3.1.3...v6.0.2) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `path-parse` from 1.0.5 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `qs` from 6.4.0 to 6.5.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.4.0...v6.5.1) Updates `request` from 2.81.0 to 2.85.0 - [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md) - [Commits](request/request@v2.81.0...v2.83.0) Updates `tar` from 2.2.1 to 4.4.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v2.2.1...v4.4.1) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `ua-parser-js` from 0.7.17 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.17...0.7.37) Updates `express` from 4.16.3 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.16.3...4.19.2) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: hawk dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: hoek dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: lodash dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tmpl dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: fsevents dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: hawk dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: tmpl dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-04-10T00:29:55Z

Superseded by #3.

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 26, 2024

dependabot bot closed this Apr 10, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-9897026e57 branch April 10, 2024 00:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group across 2 directories with 15 updates #2

Bump the npm_and_yarn group across 2 directories with 15 updates #2

Uh oh!

dependabot bot commented on behalf of github Mar 26, 2024

Uh oh!

dependabot bot commented on behalf of github Apr 10, 2024

Uh oh!

Uh oh!

Bump the npm_and_yarn group across 2 directories with 15 updates #2

Bump the npm_and_yarn group across 2 directories with 15 updates #2

Uh oh!

Conversation

dependabot bot commented on behalf of github Mar 26, 2024

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

Release v1.2.13

Release v1.2.11

Intermediate Release

Release v1.2.9 - Node v12 compatibility

Release Pre-NAPI v1.2.8

Version Bump (bundle node-pre-gyp)

Prebuilt v11.x

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.3

v4.7.8

v4.7.8 - July 27th, 2023

v4.7.7 - February 15th, 2021

v4.7.6 - April 3rd, 2020

v4.7.5 - April 2nd, 2020

6.5.1

6.5.0

6.4.1

v2.83.0 (2017/09/27)

v2.82.0 (2017/09/19)

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

Release v1.2.13

Release v1.2.11

Intermediate Release

Release v1.2.9 - Node v12 compatibility

Release Pre-NAPI v1.2.8

Version Bump (bundle node-pre-gyp)

Prebuilt v11.x

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.3

Uh oh!

dependabot bot commented on behalf of github Apr 10, 2024

Uh oh!

Uh oh!