-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the npm_and_yarn group in /frontend with 15 updates #173
base: master
Are you sure you want to change the base?
Bump the npm_and_yarn group in /frontend with 15 updates #173
Conversation
Bumps the npm_and_yarn group in /frontend with 15 updates: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.7.3` | `1.7.4` | | [semver](https://github.com/npm/node-semver) | `5.7.2` | `6.3.1` | | [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts) | `3.4.4` | `5.0.1` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.2.3` | `2.0.4` | | [ansi-html](https://github.com/Tjatse/ansi-html) | `0.0.7` | `0.0.9` | | [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` | | [browserslist](https://github.com/browserslist/browserslist) | `4.10.0` | `4.23.3` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.5.0` | `4.1.4` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [node-forge](https://github.com/digitalbazaar/forge) | `0.10.0` | `1.3.1` | | [postcss](https://github.com/postcss/postcss) | `7.0.21` | `7.0.39` | | [react-dev-utils](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-dev-utils) | `10.2.1` | `12.0.1` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.2` | `1.8.1` | | [webpack](https://github.com/webpack/webpack) | `4.42.0` | `5.94.0` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `3.7.3` | `5.3.4` | Updates `axios` from 1.7.3 to 1.7.4 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.3...v1.7.4) Updates `semver` from 5.7.2 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.2...v6.3.1) Updates `react-scripts` from 3.4.4 to 5.0.1 - [Release notes](https://github.com/facebook/create-react-app/releases) - [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-3.x.md) - [Commits](https://github.com/facebook/create-react-app/commits/[email protected]/packages/react-scripts) Updates `loader-utils` from 1.2.3 to 2.0.4 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.2.3...v2.0.4) Updates `ansi-html` from 0.0.7 to 0.0.9 - [Commits](https://github.com/Tjatse/ansi-html/commits) Updates `braces` from 2.3.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/commits/3.0.3) Updates `browserslist` from 4.10.0 to 4.23.3 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.10.0...4.23.3) Updates `tough-cookie` from 2.5.0 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v2.5.0...v4.1.4) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `postcss` from 7.0.21 to 7.0.39 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/7.0.39/CHANGELOG.md) - [Commits](postcss/postcss@7.0.21...7.0.39) Updates `react-dev-utils` from 10.2.1 to 12.0.1 - [Release notes](https://github.com/facebook/create-react-app/releases) - [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-1.x.md) - [Commits](https://github.com/facebook/create-react-app/commits/[email protected]/packages/react-dev-utils) Updates `shell-quote` from 1.7.2 to 1.8.1 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.2...v1.8.1) Updates `webpack` from 4.42.0 to 5.94.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v4.42.0...v5.94.0) Updates `webpack-dev-middleware` from 3.7.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.3...v5.3.4) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: react-scripts dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-html dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserslist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: react-dev-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
WalkthroughThe changes involve updates to the Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add Documentation and Community
|
Bumps the npm_and_yarn group in /frontend with 15 updates:
1.7.3
1.7.4
5.7.2
6.3.1
3.4.4
5.0.1
1.2.3
2.0.4
0.0.7
0.0.9
2.3.2
3.0.3
4.10.0
4.23.3
2.5.0
4.1.4
3.0.4
3.1.2
0.10.0
1.3.1
7.0.21
7.0.39
10.2.1
12.0.1
1.7.2
1.8.1
4.42.0
5.94.0
3.7.3
5.3.4
Updates
axios
from 1.7.3 to 1.7.4Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)Updates
semver
from 5.7.2 to 6.3.1Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
... (truncated)
Commits
44d27bc
chore: release 6.3.1928e56d
fix: better handling of whitespace (#591)39f6326
chore:@npmcli/template-oss
@4
.16.00eeceec
6.3.02779d96
Expose the token enum on the exports9f5f615
changelogce6190e
6.2.024af461
Add test coverage for bin file388ec1c
Addrtl
option to coerce from right to leftd062593
coerce(number) will coerce to a stringUpdates
react-scripts
from 3.4.4 to 5.0.1Commits
19fa58d
Publish9802941
fix: webpack noise printed only if error or warning (#12245)2eef1d0
Update templates to use React 18createRoot
(#12220)221e511
Publish5614c87
Add support for Tailwind (#11717)20edab4
fix(webpackDevServer): disable overlay for warnings (#11413)3afbbc0
Update all dependencies (#11624)f5467d5
feat(eslint-config-react-app): support ESLint 8.x (#11375)c7627ce
Update webpack and dev server (#11646)544befe
Update package.json (#11597)Updates
loader-utils
from 1.2.3 to 2.0.4Release notes
Sourced from loader-utils's releases.
... (truncated)
Changelog
Sourced from loader-utils's changelog.
... (truncated)
Commits
6688b50
chore(release): 2.0.4ac09944
fix: ReDoS problem (#225)7162619
chore(release): 2.0.3a93cf6f
fix(security): prototype polution exploit (#217)90c7c4b
chore(release): 2.0.28c2d24e
fix: base64 generation and unicode characters (#197)5fb5562
chore(release): 2.0.11069f61
fix: md4 support on Node.js v17 (#193)d9f4e23
chore(release): 2.0.0865dc03
refactor: switch tomd4
by default (#168)Updates
ansi-html
from 0.0.7 to 0.0.9Commits
Updates
braces
from 2.3.2 to 3.0.3Changelog
Sourced from braces's changelog.
Commits
Updates
browserslist
from 4.10.0 to 4.23.3Release notes
Sourced from browserslist's releases.
Changelog
Sourced from browserslist's changelog.
... (truncated)
Commits
ee095bd
Release 4.32.3 version0f4e6f7
Update dependencies8f87b3c
fix: browser ray gt or gte compare with latest version (#836)cdcfbc0
Release 4.23.2 version9e8188b
Update dependencies543fc48
Update Firefox ESRedd5309
Release 4.23.1 version9e8ca3d
Simplify codebbe6821
Update locka36e1ad
Update ESLint and dependenciesUpdates
tough-cookie
from 2.5.0 to 4.1.4Release notes
Sourced from tough-cookie's releases.
... (truncated)
Commits
cacbc37
Bump version to 4.1.4a48fb3a
Add tests for url validation50e69bf
Merge pull request #261 from postmanlabs/fix/url-string-validation1253d58
Merge pull request #409 from corvidism/validators-to-string238367e
Add local alias fortoString
4ff4d29
4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)12d4747
Prevent prototype pollution in cookie memstore (#283)f06b72d
Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...cf6debd
Fix incorrect string validation for URLb1a8898
fix: allow set cookies with localhost (#253)Maintainer changes
This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.
Updates
minimatch
from 3.0.4 to 3.1.2Commits
699c459
3.1.22f2b5ff
fix: trim pattern25d7c0d
3.1.155dda29
fix: treat nocase:true as always having magic5e1fb8d
3.1.0f8145c5
Add 'allowWindowsEscape' option570e8b1
add publishConfig for v3 publishes5b7cd33
3.0.620b4b56
[fix] revert all breaking syntax changes2ff0388
document, expose, and test 'partial:true' optionUpdates
node-forge
from 0.10.0 to 1.3.1Changelog
Sourced from node-forge's changelog.
... (truncated)
Commits
a0a4a42
Release 1.3.1.a33830f
Update changelog.740954d
Allow optional DigestAlgorithm parameters.56f4316
Allow DigestInfo.DigestAlgorith.parameters to be optionalcbf0bd5
Start 1.3.1-0.6c5b901
Release 1.3.0.0f3972a
Update changelog.dc77b39
Fix error checking.bb822c0
Add advisory links.d4395fe
Update changelog.Updates
postcss
from 7.0.21 to 7.0.39Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
e17c1ef
Release 7.0.39 version6791bd3
Reduce npm package44c581a
Replace nanocolors with picocolors8ba21fd
Remove eslint-ci3994c4a
Release 7.0.38 version6944e1d
Remove development keys from package.json4dd0af0
Release 7.0.37 version8408eb4
Add compilation step0c68063
Move tests to GitHub Actions98b61ba
Replace chalk to nanocolorsUpdates
react-dev-utils
from 10.2.1 to 12.0.1Changelog
Sourced from react-dev-utils's changelog.
... (truncated)
Commits
19fa58d
Publisha422bf2
Ensure posix compliant joins for urls in middleware (#11640)221e511
Publish3afbbc0
Update all dependencies (#11624)3880ba6
Remove dependency pinning (#11474)5cedfe4
Bump browserslist from 4.14.2 to 4.16.5 (#11476)63bba07
Upgrade jest and related packages from 26.6.0 to 27.1.0 (#11338)960b21e
Bump immer from 8.0.4 to 9.0.6 (#11364)f0a837c
Webpack 5 (#11201)369fccf
fix: fast refresh stops on needed bail outs (#11105)Updates
shell-quote
from 1.7.2 to 1.8.1Changelog
Sourced from shell-quote's changelog.
... (truncated)
Commits
da8a3ab
v1.8.1a66de94
[Tests] increase coverageb42ac73
[Refactor]parse
: hoistgetVar
to module levelfcb2e1a
[Refactor]parse
: useslice
oversubstr
, cache some valuesecf2a60
[Fix]parse
: preserve whitespace in comments1d58679
[Refactor]parse
: avoid shadowing a function arg6780ec5
[Refactor]parse
: a bit of cleanup227d474
[Refactor]parse
: tweak the regex to not match nothing7bcd90e
[Fix] properly support theescape
option8f0c5c3
[Refactor] hoist some vars to module levelMaintainer changes
This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.
Updates
webpack
from 4.42.0 to 5.94.0Release notes
Sourced from webpack's releases.
... (truncated)
Commits
eabf85d
chore(release): 5.94.0955e057
security: fix DOM clobbering in auto public path9822387
test: fixcbb86ed
test: fix5ac3d7f
fix: unexpected asi generation with sequence expression2411661
security: fix DOM clobbering in auto public path