Skip to content

Bump the npm_and_yarn group across 5 directories with 9 updates #143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the npm_and_yarn group across 5 directories with 9 updates #143

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 14, 2024

Bumps the npm_and_yarn group with 1 update in the /nodejs/axios/reactapp directory: async.
Bumps the npm_and_yarn group with 1 update in the /nodejs/url-shortener/urlfrontend directory: async.
Bumps the npm_and_yarn group with 8 updates in the /pact/pact-angular directory:

Package From To
js-yaml 3.7.0 3.14.1
ajv 5.5.2 8.12.0
request 2.87.0 2.88.2
async 2.6.0 2.6.4
json-schema 0.2.3 0.4.0
jsprim 1.4.1 1.4.2
yargs-parser 11.1.1 21.1.1
protractor 5.4.4 7.0.0

Bumps the npm_and_yarn group with 1 update in the /spring-boot/spring-boot-and-reactjs/publisher_registerUI directory: async.
Bumps the npm_and_yarn group with 1 update in the /spring-boot/thymeleaf-vue/client directory: js-yaml.

Updates async from 3.2.3 to 3.2.5

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

  • Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
  • Fix a bug where unshiftAsync was included in priorityQueue. (#1790)
Commits

Updates async from 3.2.4 to 3.2.5

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

  • Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
  • Fix a bug where unshiftAsync was included in priorityQueue. (#1790)
Commits

Updates js-yaml from 3.7.0 to 3.14.1

Changelog

Sourced from js-yaml's changelog.

[3.14.1] - 2020-12-07

Security

  • Fix possible code execution in (already unsafe) .load() (in &anchor).

[3.14.0] - 2020-05-22

Changed

  • Support safe/loadAll(input, options) variant of call.
  • CI: drop outdated nodejs versions.
  • Dev deps bump.

Fixed

  • Quote = in plain scalars #519.
  • Check the node type for !<?> tag in case user manually specifies it.
  • Verify that there are no null-bytes in input.
  • Fix wrong quote position when writing condensed flow, #526.

[3.13.1] - 2019-04-05

Security

  • Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

  • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

  • Fix noArrayIndent option for root level, #468.

[3.12.1] - 2019-01-05

Added

  • Added noArrayIndent option, #432.

[3.12.0] - 2018-06-02

Changed

  • Support arrow functions without a block statement, #421.

[3.11.0] - 2018-03-05

Added

  • Add arrow functions suport for !!js/function.

Fixed

  • Fix dump in bin/octal/hex formats for negative integers, #399.

... (truncated)

Commits
  • 37caaad 3.14.1 released
  • 094c0f7 dist rebuild
  • 9586ebe Avoid calling hasOwnProperty of user-controlled objects
  • 34e5072 3.14.0 released
  • 7b25c83 Browser files rebuild
  • 6f73473 Dev deps bump
  • 0c29349 Travis-CI: drop old nodejs versions
  • 10be97e fix(loader): Add support for safe/loadAll(input, options)
  • d6983dd Fix issue #526: wrong quote position writing condensed flow (#527)
  • 93fbf7d fix issue 526 (wrong quote position writing condensed flow)
  • Additional commits viewable in compare view

Updates ajv from 5.5.2 to 8.12.0

Release notes

Sourced from ajv's releases.

v8.12.0

  • fix JTD serialisation (remove leading comma in objects with only optional properties) (#2190, @​piliugin-anton)
  • empty JTD "values" schema (#2191)
  • empty object to work with JTD utility type (#2158, @​erikbrinkman)
  • fix JTD "discriminator" schema for objects with more than 8 properties (#2194)
  • correctly narrow "number" type to "integer" (#2192, @​JacobLey)
  • update Node.js versions in CI to 14, 16, 18 and 19

v8.11.2

Update dependencies

Export ValidationError and MissingRefError (ajv-validator/ajv#1840, @​dannyb648)

v8.11.1

Update dependencies

Export ValidationError and MissingRefError (#1840, @​dannyb648)

v8.11.0

Use root schemaEnv when resolving references in oneOf (#1901, @​asprouse)

Only use equal function in generated code when it is used (#1922, @​bhvngt)

v8.10.0

uriResolver option (@​zekth, #1862)

v8.9.0

Option code.esm to generate ESM exports for standalone validation functions (@​rehanvdm, #1861) Support discriminator keyword with $ref in oneOf subschemas (@​dfeufel, #1815)

v8.8.2

Use full RegExp string (with flags) as cache key, related to ajv-validator/ajv-keywords#220

v8.8.1

Fix minContains: 0 (#1819)

v8.8.0

Fix browser bundles in cdnjs regExp option allowing to specify alternative RegExp engine, e.g. re2 (@​efebarlas)

v8.7.1

Publish Ajv bundle for JSON Schema 2020-12 to cdnjs.com

v8.7.0

Update JSON Schema Test Suite. Change minContains: 0 now correctly allows empty array.

v8.6.3

Fix $ref resolution for schemas without $id (@​rbuckton, #1725) Support standalone module import from ESM modules without using .default property (@​bhvngt, #1757)

... (truncated)

Commits

Updates request from 2.87.0 to 2.88.2

Changelog

Sourced from request's changelog.

Change Log

v2.88.0 (2018/08/10)

Commits

Updates async from 2.6.0 to 2.6.4

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

  • Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
  • Fix a bug where unshiftAsync was included in priorityQueue. (#1790)
Commits

Updates json-schema from 0.2.3 to 0.4.0

Commits
  • f6f6a3b Use a little more robust method of checking instances
  • ef60987 Update version
  • b62f1da Protect against constructor modification, #84
  • fb427cd Link to json-schema-org repository in addition to site, fixes #54
  • 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
  • c52a27c Get basic test to pass
  • b3f42b3 Add security policy
  • 3b0cec3 Update version
  • c28470f Update readme to acknowledge the state of the package
  • 7dff9cd Merge pull request #81 from hodovani/patch-1
  • Additional commits viewable in compare view

Updates jsprim from 1.4.1 to 1.4.2

Changelog

Sourced from jsprim's changelog.

v1.4.2 (2021-11-29)

  • #35 Backport json-schema 0.4.0 to version 1.4.x
Commits
Maintainer changes

This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.


Updates tough-cookie from 2.3.3 to 2.5.0

Commits
  • 7c1fdf1 2.5.0
  • 9ff4ba5 Qualify the store.removeAllCookies documentation
  • 1855bf3 Additional documentation for removeAllCookies
  • 5cc9bd2 Extract tests, cover multiple error path
  • 28f0808 Only call removeAllCookies if actually implemented
  • 62802ef remove all cookies from cookie jar at once (#115)
  • 8783d46 Remove left-over mention of MPL from README
  • 8302ebc Merge pull request #121 from salesforce/punycode-2.1
  • d6ea115 Merge pull request #120 from salesforce/no-package-lock
  • b897b49 Merge pull request #119 from salesforce/inline-version
  • Additional commits viewable in compare view

Updates yargs-parser from 11.1.1 to 21.1.1

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

yargs-parser yargs-parser-v20.2.9

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

20.2.9 (2021-06-20)

Bug Fixes

... (truncated)

Commits
  • 3aba24c chore(main): release yargs-parser 21.1.1 (#455)
  • d69f9c3 fix(typescript): ignore .cts files during publish (#454)
  • 90067a0 chore(main): release yargs-parser 21.1.0 (#446)
  • d07bcdb fix: node version check now uses process.versions.node (#450)
  • c0c6079 chore(deps): update dependency puppeteer to v16 (#451)
  • a89259f feat: allow the browser build to be imported (#443)
  • c474bc1 fix(halt-at-non-option): prevent known args from being parsed when "unknown-o...
  • fd30238 chore(deps): update dependency serve to v14 (#449)
  • a072f9a chore(deps): update dependency puppeteer to v15 (#444)
  • 4f1060b fix: parse options ending with 3+ hyphens (#434)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.


Updates protractor from 5.4.4 to 7.0.0

Changelog

Sourced from protractor's changelog.

7.0.0

  • (9d2e18e) refactor: use console.log instead of util.puts

    utils.puts is no longer available in Node.JS 12

  • (c281157) refactor: remove debugger and explore methods

    BREAKING CHANGE: Debugger and explore methods are not compatable with Node 8+. Use debugger keyword instead. See: https://goo.gl/MvWqFh

  • (7cdb978) build: update several dev packages that have security issues

  • (8e82835) build: update webdriver-manager

  • (a1fe5f2) ci: update tests to run on Node 10 and 12

  • (3fc9220) fix: prototype Pollution vulnerability through outdated yargs package

    BREAKING CHANGE:

    Node.Js version 6 and 8 are no longer supported. Please update to Node.Js 10+

    Closes #5431

Commits
  • 71771de release: 7.0.0
  • 9d2e18e refactor: use console.log instead of util.puts
  • c281157 refactor: remove debugger and explore methods
  • 7cdb978 build: update several dev packages that have security issues
  • 8e82835 build: update webdriver-manager
  • a1fe5f2 ci: update tests to run on Node 10 and 12
  • 3fc9220 fix: prototype Pollution vulnerability through outdated yargs package
  • See full diff in compare view

Updates request from 2.87.0 to 2.88.2

Changelog

Sourced from request's changelog.

Change Log

v2.88.0 (2018/08/10)

Commits

Updates async from 3.2.4 to 3.2.5

Changelog

Sourced from async's changelog.

v3.2.5

  • Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

  • Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
  • Fix a bug where unshiftAsync was included in priorityQueue. (#1790)
Commits

Updates js-yaml from 3.14.0 to 3.14.1

Changelog

Sourced from js-yaml's changelog.

[3.14.1] - 2020-12-07

Security

  • Fix possible code execution in (already unsafe) .load() (in &anchor).

[3.14.0] - 2020-05-22

Changed

  • Support safe/loadAll(input, options) variant of call.
  • CI: drop outdated nodejs versions.
  • Dev deps bump.

Fixed

  • Quote = in plain scalars #519.
  • Check the node type for !<?> tag in case user manually specifies it.
  • Verify that there are no null-bytes in input.
  • Fix wrong quote position when writing condensed flow, #526.

[3.13.1] - 2019-04-05

Security

  • Fix possible code execution in (already unsafe) .load(), #480.

[3.13.0] - 2019-03-20

Security

  • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

[3.12.2] - 2019-02-26

Fixed

  • Fix noArrayIndent option for root level, #468.

[3.12.1] - 2019-01-05

Added

  • Added noArrayIndent option, #432.

[3.12.0] - 2018-06-02

Changed

  • Support arrow functions without a block statement, #421.

[3.11.0] - 2018-03-05

Added

  • Add arrow functions suport for !!js/function.

Fixed

  • Fix dump in bin/octal/hex formats for negative integers, #399.

... (truncated)

Commits
  • 37caaad 3.14.1 released
  • 094c0f7 dist rebuild
  • 9586ebe Avoid calling hasOwnProperty of user-controlled objects
  • 34e5072 3.14.0 released
  • 7b25c83 Browser files rebuild
  • 6f73473 Dev deps bump
  • 0c29349 Travis-CI: drop old nodejs versions
  • 10be97e fix(loader): Add support for safe/loadAll(input, options)
  • d6983dd Fix issue #526: wrong quote position writing condensed flow (#527)
  • 93fbf7d fix issue 526 (wrong quote position writing condensed flow)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 5 directories with 9 updates
55791fa 
Bumps the npm_and_yarn group with 1 update in the /nodejs/axios/reactapp directory: [async](https://github.com/caolan/async).
Bumps the npm_and_yarn group with 1 update in the /nodejs/url-shortener/urlfrontend directory: [async](https://github.com/caolan/async).
Bumps the npm_and_yarn group with 8 updates in the /pact/pact-angular directory:

| Package | From | To |
| --- | --- | --- |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.7.0` | `3.14.1` |
| [ajv](https://github.com/ajv-validator/ajv) | `5.5.2` | `8.12.0` |
| [request](https://github.com/request/request) | `2.87.0` | `2.88.2` |
| [async](https://github.com/caolan/async) | `2.6.0` | `2.6.4` |
| [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` |
| [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` |
| [yargs-parser](https://github.com/yargs/yargs-parser) | `11.1.1` | `21.1.1` |
| [protractor](https://github.com/angular/protractor) | `5.4.4` | `7.0.0` |

Bumps the npm_and_yarn group with 1 update in the /spring-boot/spring-boot-and-reactjs/publisher_registerUI directory: [async](https://github.com/caolan/async).
Bumps the npm_and_yarn group with 1 update in the /spring-boot/thymeleaf-vue/client directory: [js-yaml](https://github.com/nodeca/js-yaml).


Updates `async` from 3.2.3 to 3.2.5
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.3...v3.2.5)

Updates `async` from 3.2.4 to 3.2.5
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.3...v3.2.5)

Updates `js-yaml` from 3.7.0 to 3.14.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.7.0...3.14.1)

Updates `ajv` from 5.5.2 to 8.12.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v5.5.2...v8.12.0)

Updates `request` from 2.87.0 to 2.88.2
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Updates `async` from 2.6.0 to 2.6.4
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.3...v3.2.5)

Updates `json-schema` from 0.2.3 to 0.4.0
- [Commits](kriszyp/json-schema@v0.2.3...v0.4.0)

Updates `jsprim` from 1.4.1 to 1.4.2
- [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md)
- [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2)

Updates `tough-cookie` from 2.3.3 to 2.5.0
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.3.3...v2.5.0)

Updates `yargs-parser` from 11.1.1 to 21.1.1
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md)
- [Commits](yargs/yargs-parser@v11.1.1...yargs-parser-v21.1.1)

Updates `protractor` from 5.4.4 to 7.0.0
- [Release notes](https://github.com/angular/protractor/releases)
- [Changelog](https://github.com/angular/protractor/blob/7.0.0/CHANGELOG.md)
- [Commits](angular/protractor@5.4.4...7.0.0)

Updates `request` from 2.87.0 to 2.88.2
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Updates `async` from 3.2.4 to 3.2.5
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v3.2.3...v3.2.5)

Updates `js-yaml` from 3.14.0 to 3.14.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.7.0...3.14.1)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: request
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json-schema
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsprim
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: yargs-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: protractor
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: request
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 14, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jun 18, 2024

Superseded by #147.

@dependabot dependabot bot closed this Jun 18, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/nodejs/axios/reactapp/npm_and_yarn-89f993bb43 branch June 18, 2024 03:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants