-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group across 5 directories with 23 updates #3
base: develop
Are you sure you want to change the base?
Bump the npm_and_yarn group across 5 directories with 23 updates #3
Conversation
Bumps the npm_and_yarn group with 20 updates in the / directory: | Package | From | To | | --- | --- | --- | | [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.0` | `9.0.1` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `2.6.8` | | [semver](https://github.com/npm/node-semver) | `7.3.7` | `7.5.2` | | [postcss](https://github.com/postcss/postcss) | `8.2.13` | `8.4.31` | | [axios](https://github.com/axios/axios) | `0.21.2` | `0.28.0` | | [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` | | [mysql2](https://github.com/sidorares/node-mysql2) | `2.3.3` | `3.9.8` | | [vm2](https://github.com/patriksimek/vm2) | `3.9.11` | `3.9.19` | | [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.4.23` | `0.5.0` | | [got](https://github.com/sindresorhus/got) | `11.8.3` | `11.8.5` | | [nodemailer](https://github.com/nodemailer/nodemailer) | `6.7.2` | `6.9.9` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.16.3` | `7.24.7` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` | | [luxon](https://github.com/moment/luxon) | `3.0.4` | `3.4.4` | | [msgpackr](https://github.com/kriszyp/msgpackr) | `1.6.2` | `1.10.2` | | [import-in-the-middle](https://github.com/DataDog/import-in-the-middle) | `1.3.4` | `1.8.0` | Bumps the npm_and_yarn group with 14 updates in the /packages/server directory: | Package | From | To | | --- | --- | --- | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `2.6.8` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` | | [mysql2](https://github.com/sidorares/node-mysql2) | `2.3.3` | `3.9.8` | | [vm2](https://github.com/patriksimek/vm2) | `3.9.11` | `3.9.19` | | [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.4.23` | `0.5.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.2` | `7.24.7` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` | | [luxon](https://github.com/moment/luxon) | `3.2.1` | `3.4.4` | | [msgpackr](https://github.com/kriszyp/msgpackr) | `1.6.2` | `1.10.2` | | [import-in-the-middle](https://github.com/DataDog/import-in-the-middle) | `1.3.4` | `1.8.0` | Bumps the npm_and_yarn group with 3 updates in the /packages/types directory: [axios](https://github.com/axios/axios), [qs](https://github.com/ljharb/qs) and [tough-cookie](https://github.com/salesforce/tough-cookie). Bumps the npm_and_yarn group with 14 updates in the /packages/worker directory: | Package | From | To | | --- | --- | --- | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `2.6.8` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` | | [got](https://github.com/sindresorhus/got) | `11.8.3` | `11.8.5` | | [nodemailer](https://github.com/nodemailer/nodemailer) | `6.7.2` | `6.9.9` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.2` | `7.24.7` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` | | [luxon](https://github.com/moment/luxon) | `3.0.4` | `3.4.4` | | [msgpackr](https://github.com/kriszyp/msgpackr) | `1.7.2` | `1.10.2` | | [import-in-the-middle](https://github.com/DataDog/import-in-the-middle) | `1.3.4` | `1.8.0` | | [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.2.2` | `7.3.0` | Bumps the npm_and_yarn group with 8 updates in the /qa-core directory: | Package | From | To | | --- | --- | --- | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.7` | `2.6.8` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.13` | `7.24.7` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` | | [luxon](https://github.com/moment/luxon) | `3.2.1` | `3.4.4` | | [msgpackr](https://github.com/kriszyp/msgpackr) | `1.8.3` | `1.10.2` | Updates `jsonwebtoken` from 9.0.0 to 9.0.1 - [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md) - [Commits](auth0/node-jsonwebtoken@v9.0.0...v9.0.1) Updates `node-fetch` from 2.6.7 to 2.6.8 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v2.6.8) Updates `semver` from 7.3.7 to 7.5.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.7...v7.5.2) Updates `postcss` from 8.2.13 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.2.13...8.4.31) Updates `axios` from 0.21.2 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.2...v0.28.0) Updates `tar` from 6.1.11 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v6.2.1) Updates `mysql2` from 2.3.3 to 3.9.8 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.9.8) Updates `vm2` from 3.9.11 to 3.9.19 - [Release notes](https://github.com/patriksimek/vm2/releases) - [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md) - [Commits](patriksimek/vm2@3.9.11...3.9.19) Updates `xml2js` from 0.4.23 to 0.5.0 - [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0) Updates `got` from 11.8.3 to 11.8.5 - [Release notes](https://github.com/sindresorhus/got/releases) - [Commits](sindresorhus/got@v11.8.3...v11.8.5) Updates `nodemailer` from 6.7.2 to 6.9.9 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v6.7.2...v6.9.9) Updates `@babel/traverse` from 7.16.3 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `follow-redirects` from 1.15.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `luxon` from 3.0.4 to 3.4.4 - [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md) - [Commits](moment/luxon@3.0.4...3.4.4) Updates `msgpackr` from 1.6.2 to 1.10.2 - [Release notes](https://github.com/kriszyp/msgpackr/releases) - [Commits](https://github.com/kriszyp/msgpackr/commits/v1.10.2) Updates `import-in-the-middle` from 1.3.4 to 1.8.0 - [Release notes](https://github.com/DataDog/import-in-the-middle/releases) - [Commits](nodejs/import-in-the-middle@v1.3.4...v1.8.0) Updates `node-fetch` from 2.6.7 to 2.6.8 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v2.6.8) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.7...v7.5.2) Updates `tar` from 6.1.11 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v6.2.1) Updates `mysql2` from 2.3.3 to 3.9.8 - [Release notes](https://github.com/sidorares/node-mysql2/releases) - [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md) - [Commits](sidorares/node-mysql2@v2.3.3...v3.9.8) Updates `vm2` from 3.9.11 to 3.9.19 - [Release notes](https://github.com/patriksimek/vm2/releases) - [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md) - [Commits](patriksimek/vm2@3.9.11...3.9.19) Updates `xml2js` from 0.4.23 to 0.5.0 - [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0) Updates `@babel/traverse` from 7.18.2 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `follow-redirects` from 1.15.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `luxon` from 3.2.1 to 3.4.4 - [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md) - [Commits](moment/luxon@3.0.4...3.4.4) Updates `msgpackr` from 1.6.2 to 1.10.2 - [Release notes](https://github.com/kriszyp/msgpackr/releases) - [Commits](https://github.com/kriszyp/msgpackr/commits/v1.10.2) Updates `import-in-the-middle` from 1.3.4 to 1.8.0 - [Release notes](https://github.com/DataDog/import-in-the-middle/releases) - [Commits](nodejs/import-in-the-middle@v1.3.4...v1.8.0) Updates `axios` from 1.1.3 to 1.7.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.2...v0.28.0) Updates `qs` from 6.11.0 to 6.12.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.11.0...v6.12.1) Updates `tough-cookie` from 4.1.2 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4) Updates `follow-redirects` from 1.15.2 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `node-fetch` from 2.6.7 to 2.6.8 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v2.6.8) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.7...v7.5.2) Updates `tar` from 6.1.11 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v6.2.1) Updates `got` from 11.8.3 to 11.8.5 - [Release notes](https://github.com/sindresorhus/got/releases) - [Commits](sindresorhus/got@v11.8.3...v11.8.5) Updates `nodemailer` from 6.7.2 to 6.9.9 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v6.7.2...v6.9.9) Updates `@babel/traverse` from 7.18.2 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `follow-redirects` from 1.15.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `luxon` from 3.0.4 to 3.4.4 - [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md) - [Commits](moment/luxon@3.0.4...3.4.4) Updates `msgpackr` from 1.7.2 to 1.10.2 - [Release notes](https://github.com/kriszyp/msgpackr/releases) - [Commits](https://github.com/kriszyp/msgpackr/commits/v1.10.2) Updates `import-in-the-middle` from 1.3.4 to 1.8.0 - [Release notes](https://github.com/DataDog/import-in-the-middle/releases) - [Commits](nodejs/import-in-the-middle@v1.3.4...v1.8.0) Updates `protobufjs` from 7.2.2 to 7.3.0 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v7.2.2...protobufjs-v7.3.0) Updates `node-fetch` from 2.6.7 to 2.6.8 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.7...v2.6.8) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.7...v7.5.2) Updates `tar` from 6.1.11 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v6.2.1) Updates `@babel/traverse` from 7.18.13 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `follow-redirects` from 1.15.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `luxon` from 3.2.1 to 3.4.4 - [Changelog](https://github.com/moment/luxon/blob/master/CHANGELOG.md) - [Commits](moment/luxon@3.0.4...3.4.4) Updates `msgpackr` from 1.8.3 to 1.10.2 - [Release notes](https://github.com/kriszyp/msgpackr/releases) - [Commits](https://github.com/kriszyp/msgpackr/commits/v1.10.2) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: tar dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mysql2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vm2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: xml2js dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: got dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nodemailer dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: luxon dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: msgpackr dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: import-in-the-middle dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: mysql2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vm2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: xml2js dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: luxon dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: msgpackr dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: import-in-the-middle dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: axios dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: got dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: nodemailer dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: luxon dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: msgpackr dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: import-in-the-middle dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: protobufjs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: luxon dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: msgpackr dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. Summary: The changes in this pull request primarily involve updating the dependencies of various Budibase packages, including The key updates include:
Overall, the changes in this pull request demonstrate the project's commitment to keeping its dependencies up-to-date and secure. However, it is crucial to continue monitoring the security of the application and its dependencies, and to promptly address any new vulnerabilities that may be discovered. Files Changed:
Powered by DryRun Security |
Bumps the npm_and_yarn group with 20 updates in the / directory:
9.0.0
9.0.1
2.6.7
2.6.8
7.3.7
7.5.2
8.2.13
8.4.31
0.21.2
0.28.0
6.1.11
6.2.1
2.3.3
3.9.8
3.9.11
3.9.19
0.4.23
0.5.0
11.8.3
11.8.5
6.7.2
6.9.9
7.16.3
7.24.7
0.2.0
0.2.2
1.0.1
1.0.2
1.2.3
1.2.5
3.0.0
3.0.1
1.15.1
1.15.6
3.0.4
3.4.4
1.6.2
1.10.2
1.3.4
1.8.0
Bumps the npm_and_yarn group with 14 updates in the /packages/server directory:
2.6.7
2.6.8
5.7.1
5.7.2
6.1.11
6.2.1
2.3.3
3.9.8
3.9.11
3.9.19
0.4.23
0.5.0
7.18.2
7.24.7
2.2.1
2.2.3
1.2.3
1.2.5
3.0.0
3.0.1
1.15.1
1.15.6
3.2.1
3.4.4
1.6.2
1.10.2
1.3.4
1.8.0
Bumps the npm_and_yarn group with 3 updates in the /packages/types directory: axios, qs and tough-cookie.
Bumps the npm_and_yarn group with 14 updates in the /packages/worker directory:
2.6.7
2.6.8
5.7.1
5.7.2
6.1.11
6.2.1
11.8.3
11.8.5
6.7.2
6.9.9
7.18.2
7.24.7
2.2.1
2.2.3
1.2.3
1.2.5
3.0.0
3.0.1
1.15.1
1.15.6
3.0.4
3.4.4
1.7.2
1.10.2
1.3.4
1.8.0
7.2.2
7.3.0
Bumps the npm_and_yarn group with 8 updates in the /qa-core directory:
2.6.7
2.6.8
5.7.1
5.7.2
6.1.11
6.2.1
7.18.13
7.24.7
2.2.1
2.2.3
1.15.1
1.15.6
3.2.1
3.4.4
1.8.3
1.10.2
Updates
jsonwebtoken
from 9.0.0 to 9.0.1Changelog
Sourced from jsonwebtoken's changelog.
Commits
84539b2
Updating package version to 9.0.1 (#920)a99fd4b
fix(stubs): allow decode method to be stubbed (#876)Maintainer changes
This version was pushed to npm by jake.lacey, a new releaser for jsonwebtoken since your current version.
Updates
node-fetch
from 2.6.7 to 2.6.8Release notes
Sourced from node-fetch's releases.
Commits
6e9464d
ci(release): install dependenciesdd2a0ba
ci(release): install dependencies49bef02
ci(release): use latest Node LTSce37bcd
ci(semantic-release): config1768eaa
ci(release): initial version8bb6e31
fix: prevent hoisting of the undefinedglobal
variable inbrowser.js
(#1534)e218f8d
Add missing changelog entries. (#1613)fddad0e
fix(headers): don't forward secure headers on protocol change (#1605)50536d1
fix: premature close with chunked transfer encoding and for async iterators i...838d971
Handle zero-length OK deflate responses (#903)Maintainer changes
This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.
Updates
semver
from 7.3.7 to 7.5.2Release notes
Sourced from semver's releases.
... (truncated)
Changelog
Sourced from semver's changelog.
... (truncated)
Commits
e7b78de
chore: release 7.5.258c791f
fix: diff when detecting major change from prerelease (#566)5c8efbc
fix: preserve build in raw after inc (#565)717534e
fix: better handling of whitespace (#564)2f738e9
chore: bump@npmcli/template-oss
from 4.14.1 to 4.15.1 (#558)aa016a6
chore: release 7.5.1d30d25a
fix: show type on invalid semver error (#559)09c69e2
chore: bump@npmcli/template-oss
from 4.13.0 to 4.14.1 (#555)5b02ad7
chore: release 7.5.0e219bb4
fix: throw on bad version with correct error message (#552)Maintainer changes
This version was pushed to npm by npm-cli-ops, a new releaser for semver since your current version.
Updates
postcss
from 8.2.13 to 8.4.31Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
90208de
Release 8.4.31 version58cc860
Fix carrier return parsing4fff8e4
Improve pnpm test outputcd43ed1
Update dependenciescaa916b
Update dependencies8972f76
Typo11a5286
Typo45c5501
Release 8.4.30 versionbc3c341
Update linterb2be58a
Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...Updates
axios
from 0.21.2 to 0.28.0Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
3b7635a
[Release] v0.28.0 (#6211)27c0076
feat(backport): added ability for paramsSerializer to handle function; (#6227)80c3d74
chore(ci): backported publish action; (#6224)2755df5
fix(security): fixed CVE-2023-45857 by backportingwithXSRFToken
option to ...880b42e
docs: Fix a typo in READMEc4bf0a4
Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)1e2679f
fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...80b546c
fix: loosing request header (#4858) (#4871)6acb5ef
feat: brower platform add data protocol. (#4814)bbb2264
fix(typing): axios response headers can be undefined (#4813)Updates
tar
from 6.1.11 to 6.2.1Release notes
Sourced from tar's releases.
Changelog
Sourced from tar's changelog.
... (truncated)
Commits
bef7b1e
6.2.1fe8cd57
prevent extraction in excessively deep subfoldersfe7ebfd
remove security.md5bc9d40
6.2.0fe1ef5e
changelog 6.2e483220
get rid of npm lint stuff689928a
ci that works outside of npm orgdb6f539
file inference improvements for .tbr and .tgz336fa8f
refactor: dry and other pr commentseeba222
chore: lint fixesUpdates
mysql2
from 2.3.3 to 3.9.8Release notes
Sourced from mysql2's releases.
... (truncated)
Changelog
Sourced from mysql2's changelog.
... (truncated)
Commits
f637d3f
chore(master): release 3.9.8 (#2700)efe3db5
fix(security): sanitize fields and tables when using nestTables (#2702)2e03694
fix: support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2...8b5f691
fix(typings): typo fromjonServerPublicKey
toonServerPublicKey
(#2699)5c75802
build(deps-dev): bump tsx from 4.10.5 to 4.11.0 in /website (#2695)179769f
build(deps): bump@easyops-cn/docusaurus-search-local
in /website (#2696)56289e2
build(deps-dev): bump poku from 1.12.1 to 1.13.0 (#2698)b029308
build(deps-dev): bump poku from 1.12.1 to 1.13.0 in /website (#2697)