Bump the npm_and_yarn group across 1 directory with 22 updates #71

dependabot · 2024-06-17T23:16:05Z

Bumps the npm_and_yarn group with 19 updates in the / directory:

Package	From	To
axios	`0.24.0`	`0.28.0`
ansi-regex	`4.1.0`	`5.0.1`
qs	`6.5.2`	`6.11.0`
body-parser	`1.19.0`	`1.20.2`
express	`4.17.1`	`4.19.2`
braces	`3.0.2`	`3.0.3`
ethereum-waffle	`3.4.0`	`4.0.10`
browserify-sign	`4.2.1`	`4.2.3`
decode-uri-component	`0.2.0`	`0.2.2`
got	`7.1.0`	`removed`
solidity-coverage	`0.7.17`	`0.8.12`
json-schema	`0.2.3`	`0.4.0`
jsprim	`1.4.1`	`1.4.2`
minimatch	`3.0.4`	`3.1.2`
recursive-readdir	`2.2.2`	`2.2.3`
minimist	`1.2.5`	`1.2.8`
simple-get	`2.8.1`	`2.8.2`
shelljs	`0.8.4`	`0.8.5`
undici	`5.23.0`	`5.28.4`

Updates axios from 0.24.0 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

v0.27.1

Fixes and Functionality:

Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)

Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

Fixed timeout error message for HTTP 4738

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 #4728

Adding types for progress event callbacks #4675

Fixed max body length defaults #4731

Added data URL support for node.js (#4725)

Added isCancel type assert (#4293)

Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)

Add string[] to AxiosRequestHeaders type (#4322)

Allow type definition for axios instance methods (#4224)

Fixed AxiosError stack capturing; (#4718)

Fixed AxiosError status code type; (#4717)

Adding Canceler parameters config and request (#4711)

fix(types): allow to specify partial default headers for instance creation (#4185)

Added blob to the list of protocols supported by the browser (#4678)

Fixing Z_BUF_ERROR when no content (#4701)

Fixed race condition on immediate requests cancellation (#4261)

Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248

Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)

Fix TS definition for AxiosRequestTransformer (#4201)

Use type alias instead of interface for AxiosPromise (#4505)

Include request and config when creating a CanceledError instance (#4659)

Added generic TS types for the exposed toFormData helper (#4668)

Optimized the code that checks cancellation (#4587)

Replaced webpack with rollup (#4596)

Added stack trace to AxiosError (#4624)

Updated AxiosError.config to be optional in the type definition (#4665)

Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

Fixed FormData posting in browser environment by reverting #3785 (#4640)

Enhanced protocol parsing implementation (#4639)

Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

3b7635a [Release] v0.28.0 (#6211)
27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
80c3d74 chore(ci): backported publish action; (#6224)
2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
880b42e docs: Fix a typo in README
c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
80b546c fix: loosing request header (#4858) (#4871)
6acb5ef feat: brower platform add data protocol. (#4814)
bbb2264 fix(typing): axios response headers can be undefined (#4813)
Additional commits viewable in compare view

Updates ansi-regex from 4.1.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @yetingli for the patch and reproduction case!

v5.0.0

Breaking

Require Node.js 8 166a0d5

Enhancements

Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

Commits

a9babce 5.0.1
4657833 fix incorrect format
c3c0b3f Fix potential ReDoS (#37)
178363b Move to GitHub Actions (#35)
0755e66 Add @Qix- to funding.yml
2b56fb0 5.0.0
f26f7fe Meta tweaks
e77ea17 Add TypeScript definition (#32)
166a0d5 Require Node.js 8
f115fca Tidelift tasks
See full diff in compare view

Updates qs from 6.5.2 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

[New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)

[readme] fix version badge

6.10.5

[Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

[Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)

[meta] use npmignore to autogenerate an npmignore file

[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

[Fix] parse: ignore __proto__ keys (#428)

[Robustness] stringify: avoid relying on a global undefined (#427)

[actions] reuse common workflows

[Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

[Fix] stringify: actually fix cyclic references (#426)

[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] add note and links for coercing primitive values (#408)

[actions] update codecov uploader

[actions] update workflows

[Tests] clean up stringify tests slightly

[Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

[Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

[New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)

[New] parse: add allowSparse option for collapsing arrays with missing indices (#312)

[meta] fix README.md (#399)

[meta] only run npm run dist in publish, not install

[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape

[Tests] fix tests on node v0.6

[Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run

[Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

[Fix] parse: ignore __proto__ keys (#428)

[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] add note and links for coercing primitive values (#408)

[Tests] clean up stringify tests slightly

[meta] fix README.md (#399)

Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits

56763c1 v6.11.0
ddd3e29 [readme] fix version badge
c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
95bc018 v6.10.5
0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
ba9703c v6.10.4
4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
113b990 [Dev Deps] update object-inspect
c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
2cf45b2 [meta] use npmignore to autogenerate an npmignore file
Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.2

Release notes

Sourced from body-parser's releases.

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

1.20.0

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

1.19.2

deps: [email protected]

deps: [email protected]

Fix handling of __proto__ keys

deps: [email protected]

deps: [email protected]

1.19.1

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: type-is@~1.6.18

Changelog

Sourced from body-parser's changelog.

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

1.20.0 / 2022-04-02

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

1.19.2 / 2022-02-15

deps: [email protected]

deps: [email protected]

Fix handling of __proto__ keys

deps: [email protected]

deps: [email protected]

1.19.1 / 2021-12-10

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
0385872 deps: [email protected]
2c35b41 build: [email protected]
f0646c2 build: [email protected]
f345fb1 build: [email protected]
6842efc deps: content-type@~1.0.5
5af7315 build: [email protected]
8e605b3 build: [email protected]
cba6e77 build: [email protected]
Additional commits viewable in compare view

Updates express from 4.17.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

... (truncated)

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

74b2db2 3.0.3
88f1429 update eslint. lint, fix unit tests.
415d660 Snyk js braces 6838727 (#40)
190510f fix tests, skip 1 test in test/braces.expand
716eb9f readme bump
a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
98414f9 remove funding file
665ab5d update keepEscaping doc (#27)
Additional commits viewable in compare view

Updates ethereum-waffle from 3.4.0 to 4.0.10

Release notes

Sourced from ethereum-waffle's releases.

@ethereum-waffle/chai@4.0.10

Patch Changes

4d83cde: Emit matcher improvement

[email protected]

Patch Changes

Updated dependencies [4d83cde]

@ethereum-waffle/mock-contract@4.0.4

@ethereum-waffle/chai@4.0.10

@ethereum-waffle/compiler@4.0.3

@ethereum-waffle/chai@4.0.9

Patch Changes

216f1d8: Switch hardhat error priority

[email protected]

Patch Changes

Updated dependencies [216f1d8]

@ethereum-waffle/chai@4.0.9

@ethereum-waffle/compiler@4.0.3

@ethereum-waffle/mock-contract@4.0.3

@ethereum-waffle/chai@4.0.8

Patch Changes

f93abe9: Move call history injection logic to hardhat plugin

9602243: 👔 revertedWith().withArgs no longer fails for uint values exceeding JavaScript's max int limit

b54c6b9: Add delta to balance changing matchers

64707ae: Allow special characters in revertedWith regex

702c6ab: 🗾 Extend matching of Hardhat revert reasons

a0f721a: Move ethers to peer deps

f6d240e: 🛶 Updates for hardhat v2.11

Updated dependencies [ee1d1b8]

Updated dependencies [a0f721a]

@ethereum-waffle/provider@4.0.5

[email protected]

Patch Changes

f93abe9: Move call history injection logic to hardhat plugin

a0f721a: Move ethers to peer deps

Updated dependencies [da92375]

Updated dependencies [f93abe9]

Updated dependencies [46b954e]

Updated dependencies [9602243]

Updated dependencies [fb6863d]

... (truncated)

Commits

0915e72 🎉 Release new version (#823)
4d83cde ⭐️ Support events not defined in a contract (#822)
a1d89d0 🎉 Release new version (#821)
216f1d8 🌏 Switch hardhat errors priority (#820)
13d1af0 🎉 Release new version (#796)
5637cc5 🦉 Optimism tests use latest commit (#819)
1fa1312 🥑 Add mock contract typing (#818)
702c6ab 🗾 Extend matching of Hardhat revert reasons (#802)
46b954e 🖼 Mock contract chaining behaviour (#816)
fb6863d 🍶 Implement mocking receive function to revert (#807)
Additional commits viewable in compare view

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

[patch] widen support to 0.12 9247adf

[patch] drop minimum node support to v1 4d0ee49

[Dev Deps] update aud, npmignore, tape 87f3a35

[actions] remove redundant finisher 37a4758

[Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12

[Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)

[Deps] update elliptic fb261ce

[Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

Commits

bf2c3ec v4.2.3
9247adf [patch] widen support to 0.12
f427270 [Deps] update `parse-asn1
87f3a35 [Dev Deps] update aud, npmignore, tape
fb261ce [Deps] update elliptic
4d0ee49 [patch] drop minimum node support to v1
9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
168e16f [Deps] pin elliptic due to a breaking change
37a4758 [actions] remove redundant finisher
4af5a90 v4.2.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates express from 4.17.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object c...
Description has been truncated

Bumps the npm_and_yarn group with 19 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `0.24.0` | `0.28.0` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.11.0` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.2` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.19.2` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [ethereum-waffle](https://github.com/EthWorks/Waffle) | `3.4.0` | `4.0.10` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [got](https://github.com/sindresorhus/got) | `7.1.0` | `removed` | | [solidity-coverage](https://github.com/sc-forks/solidity-coverage) | `0.7.17` | `0.8.12` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [recursive-readdir](https://github.com/jergason/recursive-readdir) | `2.2.2` | `2.2.3` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [simple-get](https://github.com/feross/simple-get) | `2.8.1` | `2.8.2` | | [shelljs](https://github.com/shelljs/shelljs) | `0.8.4` | `0.8.5` | | [undici](https://github.com/nodejs/undici) | `5.23.0` | `5.28.4` | Updates `axios` from 0.24.0 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.24.0...v0.28.0) Updates `ansi-regex` from 4.1.0 to 5.0.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v5.0.1) Updates `qs` from 6.5.2 to 6.11.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.11.0) Updates `body-parser` from 1.19.0 to 1.20.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.2) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `ethereum-waffle` from 3.4.0 to 4.0.10 - [Release notes](https://github.com/EthWorks/Waffle/releases) - [Commits](https://github.com/EthWorks/Waffle/compare/[email protected]@4.0.10) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `follow-redirects` from 1.14.4 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.4...v1.15.6) Updates `json5` from 0.5.1 to 1.0.1 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v0.5.1...v1.0.1) Updates `node-fetch` from 1.7.3 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@1.7.3...v2.7.0) Removes `got` Updates `solidity-coverage` from 0.7.17 to 0.8.12 - [Release notes](https://github.com/sc-forks/solidity-coverage/releases) - [Changelog](https://github.com/sc-forks/solidity-coverage/blob/master/CHANGELOG.md) - [Commits](https://github.com/sc-forks/solidity-coverage/commits/v0.8.12) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `recursive-readdir` from 2.2.2 to 2.2.3 - [Changelog](https://github.com/jergason/recursive-readdir/blob/master/CHANGELOG.md) - [Commits](https://github.com/jergason/recursive-readdir/commits/v2.2.3) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `simple-get` from 2.8.1 to 2.8.2 - [Commits](feross/simple-get@v2.8.1...v2.8.2) Updates `shelljs` from 0.8.4 to 0.8.5 - [Release notes](https://github.com/shelljs/shelljs/releases) - [Changelog](https://github.com/shelljs/shelljs/blob/master/CHANGELOG.md) - [Commits](shelljs/shelljs@v0.8.4...v0.8.5) Updates `undici` from 5.23.0 to 5.28.4 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.23.0...v5.28.4) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ethereum-waffle dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: solidity-coverage dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: recursive-readdir dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: simple-get dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shelljs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 22 updates #71

Bump the npm_and_yarn group across 1 directory with 22 updates #71

dependabot bot commented on behalf of github Jun 17, 2024

Bump the npm_and_yarn group across 1 directory with 22 updates #71

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 22 updates #71

Conversation

dependabot bot commented on behalf of github Jun 17, 2024

Release v0.28.0

Release notes:

Bug Fixes

Backports from v1.x:

v0.27.2

v0.27.1

Fixes and Functionality:

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

Backports from v1.x:

0.27.2 (April 27, 2022)

0.27.1 (April 26, 2022)

v5.0.1

Fixes (backport of 6.0.1 to v5)

v5.0.0

Breaking

Enhancements

6.11.0

6.10.5

6.10.4

6.10.3

6.10.2

6.10.1

6.10.0

6.9.7

1.20.2

1.20.1

1.20.0

1.19.2

1.19.1

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

4.18.1 / 2022-04-29

4.18.0 / 2022-04-25

@​ethereum-waffle/chai@​4.0.10

Patch Changes

[email protected]

Patch Changes

@​ethereum-waffle/chai@​4.0.9

Patch Changes

[email protected]

Patch Changes

@​ethereum-waffle/chai@​4.0.8

Patch Changes

[email protected]

Patch Changes

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

v0.2.2

v0.2.1

4.19.2

What's Changed

4.19.1

Fixes (backport of `6.0.1` to v5)

`@ethereum-waffle/chai@4`.0.10

`@ethereum-waffle/chai@4`.0.9

`@ethereum-waffle/chai@4`.0.8