Bump the npm_and_yarn group with 26 updates #41

dependabot · 2024-08-31T14:09:52Z

Bumps the npm_and_yarn group with 26 updates:

Package	From	To
async	`3.2.0`	`3.2.2`
axios	`0.21.1`	`0.28.0`
ip	`1.1.5`	`2.0.1`
lodash	`4.17.20`	`4.17.21`
moment	`2.29.1`	`2.29.4`
qs	`6.9.4`	`6.9.7`
ws	`7.4.2`	`7.5.10`
@actions/core	`1.2.6`	`1.9.1`
electron	`11.1.1`	`22.3.25`
webpack	`4.44.1`	`5.94.0`
webpack-dev-middleware	`3.7.2`	`5.3.4`
browserslist	`4.16.0`	`4.23.3`
color-string	`1.5.4`	`1.9.1`
decode-uri-component	`0.2.0`	`0.2.2`
ejs	`3.1.5`	`3.1.10`
elliptic	`6.5.3`	`6.5.7`
follow-redirects	`1.13.0`	`1.15.6`
jszip	`3.5.0`	`3.10.1`
minimist	`1.2.5`	`1.2.8`
node-fetch	`2.6.1`	`2.7.0`
path-parse	`1.0.6`	`1.0.7`
simple-get	`3.1.0`	`3.1.1`
ssri	`6.0.1`	`8.0.0`
terser	`4.8.0`	`5.31.6`
tmpl	`1.0.4`	`1.0.5`
ua-parser-js	`0.7.21`	`0.7.38`

Updates async from 3.2.0 to 3.2.2

Changelog

Sourced from async's changelog.

v3.2.2

Fix potential prototype pollution exploit

v3.2.1

Use queueMicrotask if available to the environment (#1761)

Minor perf improvement in priorityQueue (#1727)

More examples in documentation (#1726)

Various doc fixes (#1708, #1712, #1717, #1740, #1739, #1749, #1756)

Improved test coverage (#1754)

Commits

acc084e Version 3.2.2
acd7316 Update built files
b50d648 update changelog for 3.2.2
e1ecdbf Fix prototype pollution vulnerability
fc9ba65 Fix(docs): use plural callbacks word in lib/map.js (#1765)
b1b69b0 regen docs
cac52e3 update changelog
d1af045 Version 3.2.1
b31840e Update built files
159a119 Enhance examples for Collections methods. (#1726)
Additional commits viewable in compare view

Updates axios from 0.21.1 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

v0.27.1

Fixes and Functionality:

Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)

Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

3b7635a [Release] v0.28.0 (#6211)
27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
80c3d74 chore(ci): backported publish action; (#6224)
2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
880b42e docs: Fix a typo in README
c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
80b546c fix: loosing request header (#4858) (#4871)
6acb5ef feat: brower platform add data protocol. (#4814)
bbb2264 fix(typing): axios response headers can be undefined (#4813)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates ip from 1.1.5 to 2.0.1

Commits

3b0994a 2.0.1
32f468f lib: fixed CVE-2023-42282 and added unit test
4b2f4e7 2.0.0
369d56d lib: use Buffer.alloc
af82ef4 1.1.6
dba19f6 package: exclude test folder from publishing
7cd7f30 ci: use github workflows
4de50ae lib: node 18 support
See full diff in compare view

Updates lodash from 4.17.20 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
See full diff in compare view

Updates moment from 2.29.1 to 2.29.4

Changelog

Sourced from moment's changelog.

2.29.4

Release Jul 6, 2022

#6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

Release Apr 17, 2022

#5995 [bugfix] Remove const usage

#5990 misc: fix advisory link

2.29.2 See full changelog

Release Apr 3 2022

Address GHSA-8hfj-j24r-96c4

Commits

000ac18 Build 2.24.4
f2006b6 Bump version to 2.24.4
536ad0c Update changelog for 2.29.4
9a3b589 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
6374fd8 Merge branch 'master' into develop
b4e6153 Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"
7aebb16 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
57c9062 Build 2.29.3
aaf50b6 Fixup release complaints
26f4aef Bump version to 2.29.3
Additional commits viewable in compare view

Updates qs from 6.9.4 to 6.9.7

Changelog

Sourced from qs's changelog.

6.9.7

[Fix] parse: ignore __proto__ keys (#428)

[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] add note and links for coercing primitive values (#408)

[Tests] clean up stringify tests slightly

[meta] fix README.md (#399)

Revert "[meta] ignore eclint transitive audit warning"

[actions] backport actions from main

[Dev Deps] backport updates from main

6.9.6

[Fix] restore dist dir; mistakenly removed in d4f6c32

6.9.5

[Fix] stringify: do not encode parens for RFC1738

[Fix] stringify: fix arrayFormat comma with empty array/objects (#350)

[Refactor] format: remove util.assign call

[meta] add "Allow Edits" workflow; update rebase workflow

[actions] switch Automatic Rebase workflow to pull_request_target event

[Tests] stringify: add tests for #378

[Tests] migrate tests to Github Actions

[Tests] run nyc on all tests; use tape runner

[Dev Deps] update eslint, @ljharb/eslint-config, browserify, mkdirp, object-inspect, tape; add aud

Commits

4cd0032 v6.9.7
e799ba5 [Fix] parse: ignore __proto__ keys (#428)
02ca358 [Robustness] stringify: avoid relying on a global undefined (#427)
4a17709 [Fix] stringify: avoid encoding arrayformat comma when `encodeValuesOnly = ...
c0e13e9 [readme] remove travis badge; add github actions/codecov badges; update URLs
4113a5f [Tests] clean up stringify tests slightly
749a584 [Docs] add note and links for coercing primitive values (#408)
cce2082 [meta] fix README.md (#399)
c44f0c5 Revert "[meta] ignore eclint transitive audit warning"
e6cfd8b [actions] backport actions from main
Additional commits viewable in compare view

Updates ws from 7.4.2 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

Backported 0fdcc0af to the 7.x release line (2758ed35).

Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

Backported b8186dd1 to the 7.x release line (73dec34b).

Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

Backported 6a72da3e to the 7.x release line (76087fbf).

Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).

Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).

Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).

7.5.2

Bug fixes

... (truncated)

Commits

d962d70 [dist] 7.5.10
22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
8a78f87 [dist] 7.5.9
0435e6e [security] Fix same host check for ws+unix: redirects
4271f07 [dist] 7.5.8
dc1781b [security] Drop sensitive headers when following insecure redirects
2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
a370613 [dist] 7.5.7
1f72e2e [security] Drop sensitive headers when following redirects (#2013)
8ecd890 [dist] 7.5.6
Additional commits viewable in compare view

Updates @actions/core from 1.2.6 to 1.9.1

Changelog

Sourced from @actions/core's changelog.

1.9.1

Randomize delimiter when calling core.exportVariable

1.9.0

Added toPosixPath, toWin32Path and toPlatformPath utilities #1102

1.8.2

Update to v2.0.1 of @actions/http-client #1087

1.8.1

Update to v2.0.0 of @actions/http-client

1.8.0

Deprecate markdownSummary extension export in favor of summary

actions/toolkit#1072

actions/toolkit#1073

1.7.0

Added markdownSummary extension

1.6.0

Added OIDC Client function getIDToken

Added file parameter to AnnotationProperties

1.5.0

Added support for notice annotations and more annotation fields

1.4.0

Added the getMultilineInput function

1.3.0

Added the trimWhitespace option to getInput

Added the getBooleanInput function

1.2.7

Prepend newline for set-output

Commits

See full diff in compare view

Updates electron from 11.1.1 to 22.3.25

Commits

1c1c132 chore: cherry-pick 3fbd1dca6a4d from libvpx (#40026)
d892c2b build: fixup autoninja (#39899)
6132e80 build: run on circle hosts for forks (#39865)
a953199 build: use aks backed runners for linux builds (#39838)
056eacf chore: cherry-pick b2eab7500a18 from chromium (#39827)
5f8ef81 fix: ensure app load is limited to real asar files when appropriate (#39811)
4995c9e chore: cherry-pick 1 changes from Release-3-M116 (#39758)
e29cdac build: fix depot_tools patch application (#39751)
b58903d chore: cherry-pick 1 changes from Release-2-M116 (#39689)
33f9dce chore: cherry-pick 2 changes from Release-1-M116 (#39648)
Additional commits viewable in compare view

Updates webpack from 4.44.1 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

Added runtime condition for harmony reexport checked

Handle properly data/http/https protocols in source maps

Make bigint optimistic when browserslist not found

Move @types/eslint-scope to dev deps

Related in asset stats is now always an array when no related found

Handle ASI for export declarations

Mangle destruction incorrect with export named default properly

Fixed unexpected asi generation with sequence expression

Fixed a lot of types

New Features

Added new external type "module-import"

Support webpackIgnore for new URL() construction

[CSS] @import pathinfo support

Security

Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

Generate correct relative path to runtime chunks

Makes DefinePlugin quieter under default log level

Fixed mangle destructuring default in namespace import

Fixed consumption of eager shared modules for module federation

Strip slash for pretty regexp

Calculate correct contenthash for CSS generator options

New Features

Added the binary generator option for asset modules to explicitly keep source maps produced by loaders

Added the modern-module library value for tree shakable output

Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

Correct tidle range's comutation for module federation

Consider runtime for pure expression dependency update hash

Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits

eabf85d chore(release): 5.94.0
955e057 security: fix DOM clobbering in auto public path
9822387 test: fix
cbb86ed test: fix
5ac3d7f fix: unexpected asi generation with sequence expression
2411661 security: fix DOM clobbering in auto public path
b8c03d4 fix: unexpected asi generation with sequence expression
f46a03c revert: do not use heuristic fallback for "module-import"
60f1898 fix: do not use heuristic fallback for "module-import"
66306aa Revert "fix: module-import get fallback from externalsPresets"
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

Updates webpack-dev-middleware from 3.7.2 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

types for Request and Response (#1271) (eeb8aa8)

v5.3.2

5.3.2 (2022-05-17)

Bug Fixes

node types (#1195) (d68ab36)

compatibility with Node.js 18

v5.3.1

5.3.1 (2022-02-01)

Bug Fixes

types (#1187) (0f82e1d)

v5.3.0

5.3.0 (2021-12-16)

Features

added types (a2fa77f)

removed cjs wrapper (#1146) (b6d53d3)

v5.2.2

5.2.2 (2021-11-17)

Chore

update schema-utils package to 4.0.0 version

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

5.3.3 (2022-05-18)

Bug Fixes

types for Request and Response (#1271) (eeb8aa8)

5.3.2 (2022-05-17)

Bug Fixes

node types (#1195) (d68ab36)

5.3.1 (2022-02-01)

Bug Fixes

types (#1187) (0f82e1d)

5.3.0 (2021-12-16)

Features

added types (a2fa77f)

removed cjs wrapper (#1146) (b6d53d3)

5.2.2 (2021-11-17)

Chore

update schema-utils package to 4.0.0 version

5.2.1 (2021-09-25)

internal release, no visible changes and features

5.2.0 (2021-09-24)

... (truncated)

Commits

86071ea chore(release): 5.3.4
189c4ac fix(security): do not allow to read files above (#1779)
f3c62b8 chore(release): 5.3.3
eeb8aa8 fix: types for Request and Response (#1271)
1a45388 chore(release): 5.3.2
b8fb945 chore(deps): memfs force update (#1269)
f88067d chore: update deps and ci (#1260)
7186318 chore(deps-dev): bump @commitlint/cli
57c50ef ci: update checkout, setup-node, and codecov actions (#1267)
840146a chore(deps-dev): bump @babel/preset-env
Additional commits viewable in compare view

Updates browserslist from 4.16.0 to 4.23.3

Release notes

Sourced from browserslist's releases.

4.23.3

Fixed >= query for ios (by @syi0808).

4.23.2

Updated Firefox ESR.

4.23.1

Fixed feature query with mobile to desktop when caniuse lags (by @steverep).

4.23.0

Added BROWSERSLIST_ROOT_PATH (by @teleclimber).

Changelog

Sourced from browserslist's changelog.

4.23.3

Fixed >= query for ios (by @syi0808).

4.23.2

Updated Firefox ESR.

4.23.1

Fixed feature query with mobile to desktop when caniuse lags (by @steverep).

4.23.0

Added BROWSERSLIST_ROOT_PATH (by @teleclimber).

4.22.3

Fixed white spaces support in supports query (@g-plane).

Fixed shared config like @company/package/browserslist-config (@boucodes).

4.22.2

Fixed idempotency in time queries with mobileToDesktop (by Aliaksei Sapach).

4.22.1

Updated Firefox ESR (by @lerkor).

4.22

Added fully supports query (by Ben Scott).

Added partially supports alias for supports query (by Ben Scott).

4.21.11

Added warning to --update-db to move to new CLI (by Ivan Vasilev).

Fixed docs (by Tatsunori Uchino).

4.21.10

Updated Firefox ESR.

4.21.9

Fixed Opera Mobile edge cases (by Steve Repsher).

4.21.8

Fixed supports query and mobileToDesktop (by Steve Repsher).

4.21.7

Fixed last queries for Android (by Steve Repsher).

4.21.6

Fixed time queries with mobileToDesktop (by Steve Repsher).

Fixed docs (by Tatsunori Uchino, Will Stone, and Dominik Pschenitschni).

4.21.5

Fixed running Browserslist in browser environment.

4.21.4

... (truncated)

Commits

ee095bd Release 4.32.3 version
0f4e6f7 Update dependencies
8f87b3c fix: browser ray gt or gte compare with latest version (#836)
cdcfbc0 Release 4.23.2 version
9e8188b Update dependencies
543fc48 Update Firefox ESR
edd5309 Release 4.23.1 version
9e8ca3d Simplify code
bbe6821 Update lock
a36e1ad Update ESLint and dependencies
Additional commits viewable in compare view

Updates color-string from 1.5.4 to 1.9.1

Release notes

Sourced from color-string's releases.

1.9.0

Minor Release 1.9.0

Add parsing of exponential alpha values for HWB and HSL (#66)

Thanks to @babycannotsay for their contribution!

1.8.2

Patch release 1.8.2

Fix incorrect handling of optional comma in rgb() regex (#65)

Thanks to @gerdasi and @mastertheblaster for reporting and confirming the bug!

1.8.1

Patch release 1.8.1

Fix rgb alpha percentage parsing from int to float (#61)

Thanks to @clytras for their contribution!

1.8.0

Minor release 1.8.0

Add anchors to keyword regex (#64)

Thanks to @cq360767996 for their contribution!

1.7.4

Patch Release 1.7.4

Fix bug in .to.hex() output if the inputs aren't rounded numbers (#25)

1.7.3

Patch Release 1.7.3

Fix hue modulo operation (#50)

Thanks to @adroitwhiz for their contributions.

1.7.2

Patch Release 1.7.2

Fix issue where color-string with incorrectly return a color for properties on Object's prototype like "constructor". (#45)

Thanks to @tolmasky for their contributions.

1.7.1

Patch release 1.7.1

... (truncated)

Commits

d9b04bb 1.9.1
937b690 fix to.keyword returning Object.prototype values (#67)
4daceef 1.9.0
94a429e add parsing of exponential alpha values for HWB and HSL
fc2f880 1.8.2
32f3e00 fix incorrect handling of optional comma in rgb() regex (fixes #65)
0766ca7 1.8.1
0710543 Fix rgb alpha percentage parsing from int to float
ab299a7 1.8.0
bea8702 add anchors to keyword regex
Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates ejs from 3.1.5 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates elliptic from 6.5.3 to 6.5.7

Commits

3e46a48 6.5.7
accb61e lib: DER signature decoding correction

Bumps the npm_and_yarn group with 26 updates: | Package | From | To | | --- | --- | --- | | [async](https://github.com/caolan/async) | `3.2.0` | `3.2.2` | | [axios](https://github.com/axios/axios) | `0.21.1` | `0.28.0` | | [ip](https://github.com/indutny/node-ip) | `1.1.5` | `2.0.1` | | [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.17.21` | | [moment](https://github.com/moment/moment) | `2.29.1` | `2.29.4` | | [qs](https://github.com/ljharb/qs) | `6.9.4` | `6.9.7` | | [ws](https://github.com/websockets/ws) | `7.4.2` | `7.5.10` | | [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.2.6` | `1.9.1` | | [electron](https://github.com/electron/electron) | `11.1.1` | `22.3.25` | | [webpack](https://github.com/webpack/webpack) | `4.44.1` | `5.94.0` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `3.7.2` | `5.3.4` | | [browserslist](https://github.com/browserslist/browserslist) | `4.16.0` | `4.23.3` | | [color-string](https://github.com/Qix-/color-string) | `1.5.4` | `1.9.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ejs](https://github.com/mde/ejs) | `3.1.5` | `3.1.10` | | [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `6.5.7` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.13.0` | `1.15.6` | | [jszip](https://github.com/Stuk/jszip) | `3.5.0` | `3.10.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` | | [path-parse](https://github.com/jbgutierrez/path-parse) | `1.0.6` | `1.0.7` | | [simple-get](https://github.com/feross/simple-get) | `3.1.0` | `3.1.1` | | [ssri](https://github.com/npm/ssri) | `6.0.1` | `8.0.0` | | [terser](https://github.com/terser/terser) | `4.8.0` | `5.31.6` | | [tmpl](https://github.com/daaku/nodejs-tmpl) | `1.0.4` | `1.0.5` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.21` | `0.7.38` | Updates `async` from 3.2.0 to 3.2.2 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v3.2.0...v3.2.2) Updates `axios` from 0.21.1 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.28.0) Updates `ip` from 1.1.5 to 2.0.1 - [Commits](indutny/node-ip@v1.1.5...v2.0.1) Updates `lodash` from 4.17.20 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.20...4.17.21) Updates `moment` from 2.29.1 to 2.29.4 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.1...2.29.4) Updates `qs` from 6.9.4 to 6.9.7 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.9.4...v6.9.7) Updates `ws` from 7.4.2 to 7.5.10 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.2...7.5.10) Updates `@actions/core` from 1.2.6 to 1.9.1 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) Updates `electron` from 11.1.1 to 22.3.25 - [Release notes](https://github.com/electron/electron/releases) - [Changelog](https://github.com/electron/electron/blob/main/docs/breaking-changes.md) - [Commits](electron/electron@v11.1.1...v22.3.25) Updates `webpack` from 4.44.1 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v4.44.1...v5.94.0) Updates `webpack-dev-middleware` from 3.7.2 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.2...v5.3.4) Updates `browserslist` from 4.16.0 to 4.23.3 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.16.0...4.23.3) Updates `color-string` from 1.5.4 to 1.9.1 - [Release notes](https://github.com/Qix-/color-string/releases) - [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md) - [Commits](Qix-/color-string@1.5.4...1.9.1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `ejs` from 3.1.5 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.5...v3.1.10) Updates `elliptic` from 6.5.3 to 6.5.7 - [Commits](indutny/elliptic@v6.5.3...v6.5.7) Updates `follow-redirects` from 1.13.0 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.13.0...v1.15.6) Updates `jszip` from 3.5.0 to 3.10.1 - [Changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md) - [Commits](Stuk/jszip@v3.5.0...v3.10.1) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `node-fetch` from 2.6.1 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.1...v2.7.0) Updates `path-parse` from 1.0.6 to 1.0.7 - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) Updates `simple-get` from 3.1.0 to 3.1.1 - [Commits](feross/simple-get@v3.1.0...v3.1.1) Updates `ssri` from 6.0.1 to 8.0.0 - [Release notes](https://github.com/npm/ssri/releases) - [Changelog](https://github.com/npm/ssri/blob/main/CHANGELOG.md) - [Commits](npm/ssri@v6.0.1...v8.0.0) Updates `terser` from 4.8.0 to 5.31.6 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) Updates `tmpl` from 1.0.4 to 1.0.5 - [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5) Updates `ua-parser-js` from 0.7.21 to 0.7.38 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.21...0.7.38) --- updated-dependencies: - dependency-name: async dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ip dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: lodash dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: moment dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: qs dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ws dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@actions/core" dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: electron dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: browserslist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: color-string dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jszip dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-parse dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: simple-get dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ssri dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tmpl dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Aug 31, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group with 26 updates #41

Bump the npm_and_yarn group with 26 updates #41

dependabot bot commented on behalf of github Aug 31, 2024

Bump the npm_and_yarn group with 26 updates #41

Are you sure you want to change the base?

Bump the npm_and_yarn group with 26 updates #41

Conversation

dependabot bot commented on behalf of github Aug 31, 2024

v3.2.2

v3.2.1

Release v0.28.0

Release notes:

Bug Fixes

Backports from v1.x:

v0.27.2

v0.27.1

Fixes and Functionality:

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

Backports from v1.x:

0.27.2 (April 27, 2022)

0.27.1 (April 26, 2022)

2.29.4

2.29.3 Full changelog

2.29.2 See full changelog

6.9.7

6.9.6

6.9.5

7.5.10

Bug fixes

7.5.9

Bug fixes

7.5.8

Bug fixes

7.5.7

Bug fixes

7.5.6

Bug fixes

7.5.5

Bug fixes

7.5.4

Bug fixes

7.5.3

Bug fixes

7.5.2

Bug fixes

1.9.1

1.9.0

1.8.2

1.8.1

1.8.0

1.7.0

1.6.0

1.5.0

1.4.0

1.3.0

1.2.7

v5.94.0

Bug Fixes

New Features

Security

v5.93.0

Bug Fixes

New Features

v5.92.1

Bug Fixes

v5.92.0

Bug Fixes

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

v5.3.2

5.3.2 (2022-05-17)

Bug Fixes

v5.3.1

5.3.1 (2022-02-01)

Bug Fixes

v5.3.0

5.3.0 (2021-12-16)