Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the patch group across 5 directories with 9 updates #112

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the patch group across 5 directories with 9 updates #112

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 10, 2025
edited
Loading

Bumps the patch group with 9 updates in the / directory:

Package From To
turbo 2.2.3 2.4.1
@changesets/cli 2.27.9 2.27.12
@apollo/server 4.11.0 4.11.3
node-mocks-http 1.16.1 1.16.2
tsup 8.3.0 8.3.6
typescript 5.6.3 5.7.3
jose 5.4.0 5.9.6
@types/jsonwebtoken 9.0.6 9.0.8
graphql-yoga 5.9.0 5.11.0

Bumps the patch group with 2 updates in the /packages/apollo directory: turbo and @changesets/cli.
Bumps the patch group with 3 updates in the /packages/core directory: turbo, @changesets/cli and jose.
Bumps the patch group with 3 updates in the /packages/react directory: turbo, @changesets/cli and @types/jsonwebtoken.
Bumps the patch group with 2 updates in the /packages/yoga directory: turbo and @changesets/cli.

Updates turbo from 2.2.3 to 2.4.1

Release notes

Sourced from turbo's releases.

Turborepo v2.4.1

Full Changelog: vercel/turborepo@v2.4.0...v2.4.1

What's Changed

... (truncated)

Commits
  • b36f01a publish 2.4.1 to registry
  • e30e347 chore(deps-dev): bump the basic group in /examples/basic with 3 updates (#9933)
  • 51e3e19 chore(deps-dev): bump the with-svelte group in /examples/with-svelte with 3 u...
  • 0721e9b chore(deps-dev): bump the kitchen-sink group in /examples/kitchen-sink with 3...
  • fbb572f chore(deps-dev): bump the with-tailwind group in /examples/with-tailwind with...
  • 7d25b4c ci(fix): checkout before doing path filtering (#9920)
  • 273ed68 release(turborepo): 2.4.1-canary.3 (#9934)
  • ba14fce chore(release): remove goreleaser (#9918)
  • ee5dc12 feat(turbo): framework conditionals (#9853)
  • 4115d5c refactor: upgrade miette (#9910)
  • Additional commits viewable in compare view

Updates @changesets/cli from 2.27.9 to 2.27.12

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.27.12

Patch Changes

@​changesets/cli@​2.27.11

Patch Changes

  • Updated dependencies [f0270f6]:
    • @​changesets/config@​3.0.5
    • @​changesets/apply-release-plan@​7.0.7
    • @​changesets/get-release-plan@​4.0.6

@​changesets/cli@​2.27.10

Patch Changes

Commits

Updates @apollo/server from 4.11.0 to 4.11.3

Release notes

Sourced from @​apollo/server's releases.

@​apollo/server-integration-testsuite@​4.11.3

Patch Changes

@​apollo/server@​4.11.3

Patch Changes

@​apollo/server-integration-testsuite@​4.11.2

Patch Changes

@​apollo/server@​4.11.2

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

@​apollo/server-integration-testsuite@​4.11.1

Patch Changes

  • #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

    @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

    However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

    The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

    However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

  • Updated dependencies [bb81b2c]:

    • @​apollo/server@​4.11.1

@​apollo/server@​4.11.1

Patch Changes

  • #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

    @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

    However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

... (truncated)

Changelog

Sourced from @​apollo/server's changelog.

4.11.3

Patch Changes

4.11.2

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

4.11.1

Patch Changes

  • #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

    @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

    However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

    The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

    However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

Commits

Updates node-mocks-http from 1.16.1 to 1.16.2

Changelog

Sourced from node-mocks-http's changelog.

v 1.16.2

  • Fix: writeHead() sets headersSent [Issue #313]313.
Commits

Updates tsup from 8.3.0 to 8.3.6

Release notes

Sourced from tsup's releases.

v8.3.6

   🐞 Bug Fixes

    View changes on GitHub

v8.3.5

   🐞 Bug Fixes

    View changes on GitHub

v8.3.4

No significant changes

    View changes on GitHub

v8.3.3

No significant changes

    View changes on GitHub

v8.3.1

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates typescript from 5.6.3 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

Downloads are available on npm

TypeScript 5.7

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

Commits
  • a5e123d Update LKG
  • 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
  • 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
  • 9df7c36 Bump version to 5.7.3 and LKG
  • e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
  • 9ba364c Fix coverage build on release-5.7 (#60792)
  • 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
  • e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
  • 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
  • b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
  • Additional commits viewable in compare view

Updates jose from 5.4.0 to 5.9.6

Release notes

Sourced from jose's releases.

v5.9.6

Reverts

  • Revert "refactor(build): simplify package exports" (2ef3a52)

v5.9.4

Refactor

  • types: update error definitions (510c5ca)

v5.9.3

Refactor

  • use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

  • types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

  • types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

  • allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
</tr></table>

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.6 (2024-10-20)

Reverts

  • Revert "refactor(build): simplify package exports" (2ef3a52)

5.9.5 (2024-10-20)

Refactor

  • build: simplify package exports (4783f7f)

5.9.4 (2024-10-11)

Refactor

  • types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

  • use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

  • types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

  • types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

  • allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

... (truncated)

Commits
  • 27d26a4 chore(release): 5.9.6
  • 2ef3a52 Revert "refactor(build): simplify package exports"
  • 460a959 chore(release): 5.9.5
  • 4783f7f refactor(build): simplify package exports
  • 7521425 docs: resolve remaining conflict
  • 30365fd ci: use default CodeQL
  • ea5f212 chore: bump dev deps
  • ffad408 docs: update docs building dependencies
  • e2f737d test: temporary workaround chrome 130 and testcafe
  • 43c4bcc test: browser logs are polled
  • Additional commits viewable in compare view

Updates @types/jsonwebtoken from 9.0.6 to 9.0.8

Commits

Updates graphql-yoga from 5.9.0 to 5.11.0

Changelog

Sourced from graphql-yoga's changelog.

5.11.0

Minor Changes

  • #3727 5fd15b8 Thanks @​EmrysMyrddin! - Allow to configure the endpoint used by GraphiQL to send requests.

  • #3736 d13b8a4 Thanks @​ardatan! - Now it is possible to replace or wrap the logic how GraphQLParams handled;

    By default Yoga calls Envelop to handle the parameters, but now you can replace it with your own logic.

    Example: Wrap the GraphQL handling pipeline in an AsyncLocalStorage

    function myPlugin(): Plugin {
  const context = new AsyncLocalStorage();
  return {
    onParams({ paramsHandler, setParamsHandler }) {
      const store = { foo: 'bar' }
      setParamsHandler(payload => context.run(store, paramsHandler, payload))
   }
}

5.10.11

Patch Changes

  • #3712 1c055f5 Thanks @​ardatan! - Show deprecated input fields, arguments and all other input values in GraphiQL

5.10.10

Patch Changes

5.10.9

... (truncated)

Commits
  • de5cd14 chore(release): update monorepo packages versions (#3737)
  • 4feab38 fix: make TS linter happy (#3738)
  • 5fd15b8 [graphiql] fix types to allow overriding endpoint option (#3727)
  • d13b8a4 feat: replace/wrap the logic params handled - ParamsHandler (#3736)
  • ba5f1fb fix(deps): update all non-major dependencies (#3726)
  • d9f0511 chore(deps): update dependency graphql-scalars to v1.24.1 (#3723)
  • 3131745 fix(deps): update dependency @​types/node to v22.12.0 (#3716)
  • 0430c68 chore(release): update monorepo packages versions (#3713)
  • 1c055f5 fix(graphiql): show input value deprecations (#3712)
  • 601491c fix(deps): update all non-major dependencies (#3701)
  • Additional commits viewable in compare view

Updates turbo from 2.2.3 to 2.4.1

Release notes

Sourced from turbo's releases.

Turborepo v2.4.1

Full Changelog: vercel/turborepo@v2.4.0...v2.4.1

What's Changed

@dependabot
chore(deps): bump the patch group across 5 directories with 9 updates
58245b2 
Bumps the patch group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [turbo](https://github.com/vercel/turborepo) | `2.2.3` | `2.4.1` |
| [@changesets/cli](https://github.com/changesets/changesets) | `2.27.9` | `2.27.12` |
| [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server) | `4.11.0` | `4.11.3` |
| [node-mocks-http](https://github.com/eugef/node-mocks-http) | `1.16.1` | `1.16.2` |
| [tsup](https://github.com/egoist/tsup) | `8.3.0` | `8.3.6` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.6.3` | `5.7.3` |
| [jose](https://github.com/panva/jose) | `5.4.0` | `5.9.6` |
| [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) | `9.0.6` | `9.0.8` |
| [graphql-yoga](https://github.com/dotansimha/graphql-yoga/tree/HEAD/packages/graphql-yoga) | `5.9.0` | `5.11.0` |

Bumps the patch group with 2 updates in the /packages/apollo directory: [turbo](https://github.com/vercel/turborepo) and [@changesets/cli](https://github.com/changesets/changesets).
Bumps the patch group with 3 updates in the /packages/core directory: [turbo](https://github.com/vercel/turborepo), [@changesets/cli](https://github.com/changesets/changesets) and [jose](https://github.com/panva/jose).
Bumps the patch group with 3 updates in the /packages/react directory: [turbo](https://github.com/vercel/turborepo), [@changesets/cli](https://github.com/changesets/changesets) and [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken).
Bumps the patch group with 2 updates in the /packages/yoga directory: [turbo](https://github.com/vercel/turborepo) and [@changesets/cli](https://github.com/changesets/changesets).


Updates `turbo` from 2.2.3 to 2.4.1
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/release.md)
- [Commits](vercel/turborepo@v2.2.3...v2.4.1)

Updates `@changesets/cli` from 2.27.9 to 2.27.12
- [Release notes](https://github.com/changesets/changesets/releases)
- [Changelog](https://github.com/changesets/changesets/blob/main/docs/modifying-changelog-format.md)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/[email protected]...@changesets/[email protected])

Updates `@apollo/server` from 4.11.0 to 4.11.3
- [Release notes](https://github.com/apollographql/apollo-server/releases)
- [Changelog](https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-server/commits/@apollo/[email protected]/packages/server)

Updates `node-mocks-http` from 1.16.1 to 1.16.2
- [Release notes](https://github.com/eugef/node-mocks-http/releases)
- [Changelog](https://github.com/eugef/node-mocks-http/blob/master/HISTORY.md)
- [Commits](eugef/node-mocks-http@v1.16.1...v1.16.2)

Updates `tsup` from 8.3.0 to 8.3.6
- [Release notes](https://github.com/egoist/tsup/releases)
- [Commits](egoist/tsup@v8.3.0...v8.3.6)

Updates `typescript` from 5.6.3 to 5.7.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.6.3...v5.7.3)

Updates `jose` from 5.4.0 to 5.9.6
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v5.4.0...v5.9.6)

Updates `@types/jsonwebtoken` from 9.0.6 to 9.0.8
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

Updates `graphql-yoga` from 5.9.0 to 5.11.0
- [Release notes](https://github.com/dotansimha/graphql-yoga/releases)
- [Changelog](https://github.com/dotansimha/graphql-yoga/blob/main/packages/graphql-yoga/CHANGELOG.md)
- [Commits](https://github.com/dotansimha/graphql-yoga/commits/[email protected]/packages/graphql-yoga)

Updates `turbo` from 2.2.3 to 2.4.1
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/release.md)
- [Commits](vercel/turborepo@v2.2.3...v2.4.1)

Updates `@changesets/cli` from 2.27.9 to 2.27.12
- [Release notes](https://github.com/changesets/changesets/releases)
- [Changelog](https://github.com/changesets/changesets/blob/main/docs/modifying-changelog-format.md)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/[email protected]...@changesets/[email protected])

Updates `turbo` from 2.2.3 to 2.4.1
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/release.md)
- [Commits](vercel/turborepo@v2.2.3...v2.4.1)

Updates `@changesets/cli` from 2.27.9 to 2.27.12
- [Release notes](https://github.com/changesets/changesets/releases)
- [Changelog](https://github.com/changesets/changesets/blob/main/docs/modifying-changelog-format.md)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/[email protected]...@changesets/[email protected])

Updates `jose` from 5.4.0 to 5.9.6
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v5.4.0...v5.9.6)

Updates `turbo` from 2.2.3 to 2.4.1
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/release.md)
- [Commits](vercel/turborepo@v2.2.3...v2.4.1)

Updates `@changesets/cli` from 2.27.9 to 2.27.12
- [Release notes](https://github.com/changesets/changesets/releases)
- [Changelog](https://github.com/changesets/changesets/blob/main/docs/modifying-changelog-format.md)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/[email protected]...@changesets/[email protected])

Updates `@types/jsonwebtoken` from 9.0.6 to 9.0.8
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

Updates `turbo` from 2.2.3 to 2.4.1
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/release.md)
- [Commits](vercel/turborepo@v2.2.3...v2.4.1)

Updates `@changesets/cli` from 2.27.9 to 2.27.12
- [Release notes](https://github.com/changesets/changesets/releases)
- [Changelog](https://github.com/changesets/changesets/blob/main/docs/modifying-changelog-format.md)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/[email protected]...@changesets/[email protected])

---
updated-dependencies:
- dependency-name: turbo
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@changesets/cli"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: "@apollo/server"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: node-mocks-http
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: tsup
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: jose
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@types/jsonwebtoken"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: graphql-yoga
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: turbo
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@changesets/cli"
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: turbo
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@changesets/cli"
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: jose
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: turbo
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@changesets/cli"
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: "@types/jsonwebtoken"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: turbo
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: patch
- dependency-name: "@changesets/cli"
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 10, 2025
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Feb 10, 2025

⚠️ No Changeset found

Latest commit: 58245b2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@dependabot dependabot bot mentioned this pull request Feb 10, 2025
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 17, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Feb 17, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/patch-4b584f16e3 branch February 17, 2025 23:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants