chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates #1027

dependabot · 2024-04-12T14:13:40Z

Bumps the npm_and_yarn group with 17 updates in the / directory:

Package	From	To
mysql2	`2.1.0`	`3.9.4`
debug	`4.3.1`	`4.3.2`
express	`4.16.4`	`4.19.2`
plotly.js	`1.48.3`	`2.25.2`
acorn	`5.7.3`	`5.7.4`
es5-ext	`0.10.50`	`0.10.64`
ip	`1.1.5`	`1.1.9`
json5	`1.0.1`	`1.0.2`
minimatch	`3.0.4`	`3.1.2`
mixin-deep	`1.3.1`	`1.3.2`
moment	`2.26.0`	`2.30.1`
node-fetch	`2.6.0`	`2.7.0`
qs	`6.5.2`	`6.5.3`
underscore	`1.9.1`	`1.13.6`
webpack-dev-middleware	`6.1.1`	`6.1.3`
word-wrap	`1.2.3`	`1.2.5`
y18n	`4.0.0`	`4.0.3`

Updates mysql2 from 2.1.0 to 3.9.4

Release notes

Sourced from mysql2's releases.

v3.9.4

3.9.4 (2024-04-09)

Bug Fixes

SSL: separate each certificate into an individual item #2542 (63f1055)

security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)

Fixes a potential RCE attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

security: improve results object creation (#2574) (4a964a3)

Fixes a potential Prototype Pollution attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

docs: improve the contribution guidelines (#2552) (8a818ce)

v3.9.3

3.9.3 (2024-03-26)

Bug Fixes

security: improve cache key formation (#2424) (0d54b0c)

Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

update Amazon RDS SSL CA cert (#2131) (d9dccfd)

v3.9.2

3.9.2 (2024-02-26)

Bug Fixes

stream: premature close when it is paused (#2416) (7c6bc64)

types: expose TypeCast types (#2425) (336a7f1)

v3.9.1

3.9.1 (2024-01-29)

Bug Fixes

types: support encoding for string type cast (#2407) (1dc2011)

v3.9.0

3.9.0 (2024-01-26)

Features

introduce typeCast for execute method (#2398) (baaa92a)

v3.8.0

3.8.0 (2024-01-23)

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.9.4 (2024-04-09)

Bug Fixes

docs: improve the contribution guidelines (#2552) (8a818ce)

security: improve results object creation (#2574) (4a964a3)

security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)

3.9.3 (2024-03-26)

Bug Fixes

security: improve cache key formation (#2424) (0d54b0c)

Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab

update Amazon RDS SSL CA cert (#2131) (d9dccfd)

3.9.2 (2024-02-26)

Bug Fixes

stream: premature close when it is paused (#2416) (7c6bc64)

types: expose TypeCast types (#2425) (336a7f1)

3.9.1 (2024-01-29)

Bug Fixes

types: support encoding for string type cast (#2407) (1dc2011)

3.9.0 (2024-01-26)

Features

introduce typeCast for execute method (#2398) (baaa92a)

3.8.0 (2024-01-23)

Features

perf: cache iconv decoder (#2391) (b95b3db)

Bug Fixes

... (truncated)

Commits

cf3fa60 chore(master): release 3.9.4 (#2566)
4a964a3 fix(security): improve results object creation (#2574)
71115d8 ci: improve parser tests (#2573)
74abf9e fix(security): improve supportBigNumbers and bigNumberStrings sanitization (#...
8a818ce fix(docs): improve the contribution guidelines (#2552)
0f08c7c build(deps-dev): bump @docusaurus/tsconfig in /website (#2563)
165c4d6 build(deps-dev): bump @docusaurus/eslint-plugin in /website (#2564)
9b5ed7b build(deps): bump @docusaurus/preset-classic in /website (#2562)
096db64 build(deps-dev): bump typescript from 5.4.3 to 5.4.4 (#2561)
b91fd16 build(deps-dev): bump tsx from 4.7.1 to 4.7.2 in /website (#2557)
Additional commits viewable in compare view

Updates debug from 4.3.1 to 4.3.2

Release notes

Sourced from debug's releases.

4.3.2

Patch release 4.3.2

Caches enabled statuses on a per-logger basis to speed up .enabled checks (#799)

Thank you @omg!

Commits

e47f96d 4.3.2
1e9d38c cache enabled status per-logger (#799)
See full diff in compare view

Updates express from 4.16.4 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

... (truncated)

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates plotly.js from 1.48.3 to 2.25.2

Release notes

Sourced from plotly.js's releases.

v2.25.2

Changed

Update Croatian translations in hr locale [#6690], with thanks to @Mkranj for the contribution!

Fixed

Fix potential prototype pollution in plot API calls [#6703, 6704]

v2.25.1

Fixed

Fix clearing legend using react (regression introduced in 2.25.0) [#6695]

v2.25.0

Added

Add "Equal Earth" projection to geo subplots [#6670], with thanks to @apparebit for the contribution!

Add options to include legends for shapes and newshape [#6653]

Add Plotly.deleteActiveShape command [#6679]

Fixed

Fix contour plot colorscale domain (take account of zmin, zmax, cmin and cmax) [#6625], with thanks to @lvlte for the contribution!

Fix text markers on non-mapbox styled maps [#6652], with thanks to @baurt for the contribution!

Fix unhide isolated traces in multi legend cases (regression introduced in 2.24.3) [#6684]

v2.24.3

Fixed

Fix double clicking one item in a legend hides traces in other legends [#6655]

Fix double click pie slices when having multiple legends [#6657]

Fix per legend group and traceorder defaults when having multiple legends [#6664]

v2.24.2

Fixed

Fix legend groups toggle (regression introduced in 2.22.0) #6639

Fix waterfall hovertemplate not showing delta on totals similar #6635

v2.24.1

Fixed

Fix minimal copying of arrays in minExtend function (regression introduced in 2.24.0) #6632

v2.24.0

Added

add pattern to pie, funnelarea, sunburst, icicle and treemap traces [#6601, #6619, #6622, #6626, #6627, #6628, #6629], with thanks to @thierryVergult for the contribution!

Fixed

Fix to prevent accessing undefined (hoverText.hoverLabels) in case all currently shown markers have hoverinfo: "none" (regression introduced in 2.6.0) #6614,

... (truncated)

Changelog

Sourced from plotly.js's changelog.

[2.25.2] -- 2023-08-11

Changed

Update Croatian translations in hr locale [#6690], with thanks to @Mkranj for the contribution!

Fixed

Fix potential prototype pollution in plot API calls [#6703, 6704]

[2.25.1] -- 2023-08-02

Fixed

Fix clearing legend using react (regression introduced in 2.25.0) [#6695]

[2.25.0] -- 2023-07-25

Added

Add "Equal Earth" projection to geo subplots [#6670], with thanks to @apparebit for the contribution!

Add options to include legends for shapes and newshape [#6653]

Add Plotly.deleteActiveShape command [#6679]

Fixed

Fix contour plot colorscale domain (take account of zmin, zmax, cmin and cmax) [#6625], with thanks to @lvlte for the contribution!

Fix text markers on non-mapbox styled maps [#6652], with thanks to @baurt for the contribution!

Fix unhide isolated traces in multi legend cases (regression introduced in 2.24.3) [#6684]

[2.24.3] -- 2023-07-05

Fixed

Fix double clicking one item in a legend hides traces in other legends [#6655]

Fix double click pie slices when having multiple legends [#6657]

Fix per legend group and traceorder defaults when having multiple legends [#6664]

[2.24.2] -- 2023-06-09

Fixed

Fix legend groups toggle (regression introduced in 2.22.0) #6639

Fix waterfall hovertemplate not showing delta on totals similar #6635

[2.24.1] -- 2023-06-07

Fixed

... (truncated)

Commits

e824199 2.25.2
920a50e update readme and changelog for v2.25.2
27932d6 Merge pull request #6705 from plotly/reduce-flakiness
0249840 Merge pull request #6704 from plotly/nestedProperty-proto
a4a69d5 reduce flakiness on CI
a860a32 Merge pull request #6690 from Mkranj/croatian_translation
5cfbd6e add test
2bec998 guard against polluting proto in nestedProperty
5efd2a1 Merge pull request #6703 from plotly/expandObjectPaths-proto
e1e3175 fix delay in test
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by archmoj, a new releaser for plotly.js since your current version.

Updates acorn from 5.7.3 to 5.7.4

Commits

6370e90 Mark version 5.7.4
fbc15b1 More rigorously check surrogate pairs in regexp validator
See full diff in compare view

Updates bl from 1.2.2 to 2.2.1

Release notes

Sourced from bl's releases.

v2.2.1

Fix unintialized memory access

v2.2.0

Add indexOf docs #60

fix empty shallowSlice return #65

v2.1.2

use ES3 only #62

v2.1.1

Use native indexOf whenever possible #61

v2.1.0

Added indexOf #59

v2.0.1

Use require('readable-stream').Duplex #56

v2.0.0

Added support for readUIntLE and companions #55

Commits

8cb93f4 Bumped v2.2.1
dacc4ac Fix unintialized memory access
b6284a8 Bumped v2.2.0.
538a988 Merge pull request #60 from reconbot/reconbot/indexof-readme
635b6ce Merge pull request #65 from reconbot/reconbot/empty-slice
9b80b00 fix: empty shallowSlice return
055a3ff Merge pull request #63 from nwoltman/patch-1
c768eb8 Use Buffer.from() in the documentation
270e5f5 Bumped v2.1.2
91cbaf9 Merge pull request #62 from jhaenchen/DontUseES2015Const
Additional commits viewable in compare view

Updates es5-ext from 0.10.50 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

Manifest improvements:

(#190) (b8dc53f)

(c51d552)

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Bump dependencies (d7e0a61)

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

Improve postinstall script configuration (ab6b121)

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

Manifest improvements:

(#190) (b8dc53f)

(c51d552)

0.10.61 (2022-04-20)

Bug Fixes

Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Bump dependencies (d7e0a61)

0.10.60 (2022-04-07)

Maintenance Improvements

Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

Improve manifest wording (#122) (eb7ae59)

Update data in manifest (3d2935a)

0.10.58 (2022-03-11)

... (truncated)

Commits

f76b03d chore: Release v0.10.64
2881acd chore: Bump dependencies
c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
16f2b72 docs: Fix date in the changelog
de4e03c chore: Release v0.10.63
3fd53b7 chore: Upgrade lint-staged to v13
bf8ed79 chore: Ensure postinstall script does not crash on Windows
2cbbb07 chore: Bump dependencies
22d0416 chore: Bump LICENSE year
a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
Additional commits viewable in compare view

Updates ip from 1.1.5 to 1.1.9

Commits

1ecbf2f 1.1.9
6a3ada9 lib: fixed CVE-2023-42282 and added unit test
5dc3b2f 1.1.8
8e6f28b lib: even better node 6 support
088c9e5 1.1.7
1a4ca35 lib: add back support for Node.js 6
af82ef4 1.1.6
dba19f6 package: exclude test folder from publishing
7cd7f30 ci: use github workflows
4de50ae lib: node 18 support
See full diff in compare view

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2
e0c23fe docs: update CHANGELOG for v1.0.2
62a6540 fix: add proto to objects and arrays
See full diff in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

699c459 3.1.2
2f2b5ff fix: trim pattern
25d7c0d 3.1.1
55dda29 fix: treat nocase:true as always having magic
5e1fb8d 3.1.0
f8145c5 Add 'allowWindowsEscape' option
570e8b1 add publishConfig for v3 publishes
5b7cd33 3.0.6
20b4b56 [fix] revert all breaking syntax changes
2ff0388 document, expose, and test 'partial:true' option
Additional commits viewable in compare view

Updates minimist from 0.0.5 to 0.0.8

Changelog

Sourced from minimist's changelog.

v0.0.8 - 2014-02-20

Commits

return '' if flag is string and empty fa63ed4

handle joined single letters 66c248f

v0.0.7 - 2014-02-08

Commits

another swap of .test for .match d1da408

v0.0.6 - 2014-02-08

Commits

use .test() instead of .match() to not crash on non-string values in the arguments array 7e0d1ad

Commits

3754568 0.0.8
66c248f handle joined single letters
fa63ed4 return '' if flag is string and empty
cd46bf9 0.0.7
d1da408 another swap of .test for .match
8ef0bdf 0.0.6
7e0d1ad use .test() instead of .match() to not crash on non-string values in the argu...
See full diff in compare view

Updates mixin-deep from 1.3.1 to 1.3.2

Commits

754f0c2 1.3.2
90ee1fa ensure keys are valid when mixing in values
See full diff in compare view

Maintainer changes

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.

Updates moment from 2.26.0 to 2.30.1

Changelog

Sourced from moment's changelog.

2.30.1

Release Dec 27, 2023

Revert moment/moment#5827, because it's breaking a lot of TS code.

2.30.0 Full changelog

Release Dec 26, 2023

2.29.4

Release Jul 6, 2022

#6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

Release Apr 17, 2022

#5995 [bugfix] Remove const usage

#5990 misc: fix advisory link

2.29.2 See full changelog

Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

2.29.1 See full changelog

Release Oct 6, 2020

Updated deprecation message, bugfix in hi locale

2.29.0 See full changelog

Release Sept 22, 2020

New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

2.28.0 See full changelog

Release Sept 13, 2020

Fix bug where .format() modifies original instance, and locale updates

2.27.0 See full changelog

... (truncated)

Commits

485d9a7 Build 2.30.1
e048b09 Bump version to 2.30.1
f9f2d58 Update changelog for 2.30.1
a52ffb2 Revert "Merge pull request #5827 from BobZombie:feature/fix_d.ts"
ddd6809 Build 2.30.0
be64d00 Bump version to 2.30.0
ad41179 Update changelog for 2.30.0
63fe479 [misc] Make code ES6 compatible
0f0195f Revert "Merge pull request #5599 from Alanscut:issue_4985"
15b82f5 Revert "Merge pull request #5597 from Alanscut:issue-5596"
Additional commits viewable in compare view

Updates node-fetch from 2.6.0 to 2.7.0

Release notes

Sourced from node-fetch's releases.

v2.7.0

2.7.0 (2023-08-23)

Features

AbortError (#1744) (9b9d458)

v2.6.13

2.6.13 (2023-08-18)

Bug Fixes

Remove the default connection close header (#1765) (65ae25a), closes #1735 #1473 #1736

v2.6.12

2.6.12 (2023-06-29)

Bug Fixes

socket variable testing for undefined (#1726) (8bc3a7c)

v2.6.11

2.6.11 (2023-05-09)

Reverts

Revert "fix: handle bom in text and json (#1739)" (#1741) (afb36f6), closes #1739 #1741

v2.6.10

2.6.10 (2023-05-08)

Bug Fixes

handle bom in text and json (#1739) (29909d7)

v2.6.9

2.6.9 (2023-01-30)

Bug Fixes

"global is not defined" (#1704) (70f592d)

v2.6.8

2.6.8 (2023-01-13)

... (truncated)

Commits

9b9d458 feat: AbortError (#1744)
65ae25a fix: Remove the default connection close header (#1765)
8bc3a7c fix: socket variable testing for undefined (#1726)
afb36f6 Revert "fix: handle bom in text and json (#1739)" (#1741)
29909d7 fix: handle bom in text and json (#1739)
70f592d fix: "global is not defined" (

…pdates Bumps the npm_and_yarn group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [mysql2](https://github.com/sidorares/node-mysql2) | `2.1.0` | `3.9.4` | | [debug](https://github.com/debug-js/debug) | `4.3.1` | `4.3.2` | | [express](https://github.com/expressjs/express) | `4.16.4` | `4.19.2` | | [plotly.js](https://github.com/plotly/plotly.js) | `1.48.3` | `2.25.2` | | [acorn](https://github.com/acornjs/acorn) | `5.7.3` | `5.7.4` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.50` | `0.10.64` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `1.1.9` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [mixin-deep](https://github.com/jonschlinkert/mixin-deep) | `1.3.1` | `1.3.2` | | [moment](https://github.com/moment/moment) | `2.26.0` | `2.30.1` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.0` | `2.7.0` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [underscore](https://github.com/jashkenas/underscore) | `1.9.1` | `1.13.6` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `6.1.1` | `6.1.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [y18n](https://github.com/yargs/y18n) | `4.0.0` | `4.0.3` | Updates `mysql2` from 2.1.0 to 3.9.4 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.1.0...v3.9.4) Updates `debug` from 4.3.1 to 4.3.2 - [Release notes](https://github.com/debug-js/debug/releases) - [Commits](debug-js/debug@4.3.1...4.3.2) Updates `express` from 4.16.4 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.16.4...4.19.2) Updates `plotly.js` from 1.48.3 to 2.25.2 - [Release notes](https://github.com/plotly/plotly.js/releases) - [Changelog](https://github.com/plotly/plotly.js/blob/master/CHANGELOG.md) - [Commits](plotly/plotly.js@v1.48.3...v2.25.2) Updates `acorn` from 5.7.3 to 5.7.4 - [Commits](acornjs/acorn@5.7.3...5.7.4) Updates `bl` from 1.2.2 to 2.2.1 - [Release notes](https://github.com/rvagg/bl/releases) - [Changelog](https://github.com/rvagg/bl/blob/master/CHANGELOG.md) - [Commits](rvagg/bl@v1.2.2...v2.2.1) Updates `es5-ext` from 0.10.50 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.50...v0.10.64) Updates `ip` from 1.1.5 to 1.1.9 - [Commits](indutny/node-ip@v1.1.5...v1.1.9) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `minimist` from 0.0.5 to 0.0.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v0.0.5...v0.0.8) Updates `mixin-deep` from 1.3.1 to 1.3.2 - [Commits](jonschlinkert/mixin-deep@1.3.1...1.3.2) Updates `moment` from 2.26.0 to 2.30.1 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.26.0...2.30.1) Updates `node-fetch` from 2.6.0 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.0...v2.7.0) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `static-eval` from 0.2.4 to 2.1.1 - [Release notes](https://github.com/browserify/static-eval/releases) - [Changelog](https://github.com/browserify/static-eval/blob/master/CHANGELOG.md) - [Commits](browserify/static-eval@0.2.4...v2.1.1) Updates `underscore` from 1.9.1 to 1.13.6 - [Commits](jashkenas/underscore@1.9.1...1.13.6) Updates `webpack-dev-middleware` from 6.1.1 to 6.1.3 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v6.1.3/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v6.1.1...v6.1.3) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `y18n` from 4.0.0 to 4.0.3 - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md) - [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3) --- updated-dependencies: - dependency-name: mysql2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: debug dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: plotly.js dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: acorn dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: bl dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mixin-deep dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: static-eval dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: underscore dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: y18n dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-04-23T21:11:13Z

Superseded by #1029.

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 12, 2024

dependabot bot mentioned this pull request Apr 12, 2024

chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates #1025

Closed

dependabot bot closed this Apr 23, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-76d1685e3a branch April 23, 2024 21:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates #1027

chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates #1027

Uh oh!

dependabot bot commented on behalf of github Apr 12, 2024

Uh oh!

dependabot bot commented on behalf of github Apr 23, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates #1027

chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates #1027

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 12, 2024

v3.9.4

3.9.4 (2024-04-09)

Bug Fixes

v3.9.3

3.9.3 (2024-03-26)

Bug Fixes

v3.9.2

3.9.2 (2024-02-26)

Bug Fixes

v3.9.1

3.9.1 (2024-01-29)

Bug Fixes

v3.9.0

3.9.0 (2024-01-26)

Features

v3.8.0

3.8.0 (2024-01-23)

3.9.4 (2024-04-09)

Bug Fixes

3.9.3 (2024-03-26)

Bug Fixes

3.9.2 (2024-02-26)

Bug Fixes

3.9.1 (2024-01-29)

Bug Fixes

3.9.0 (2024-01-26)

Features

3.8.0 (2024-01-23)

Features

Bug Fixes

4.3.2

Patch release 4.3.2

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

4.18.1 / 2022-04-29

4.18.0 / 2022-04-25

v2.25.2

Changed

Fixed

v2.25.1

Fixed

v2.25.0

Added

Fixed

v2.24.3

Fixed

v2.24.2

Fixed

v2.24.1

Fixed

v2.24.0

Added

Fixed

[2.25.2] -- 2023-08-11

Changed

Fixed

[2.25.1] -- 2023-08-02

Fixed

[2.25.0] -- 2023-07-25

Added

Fixed

[2.24.3] -- 2023-07-05