Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates #1427

Merged
merged 1 commit into from
Sep 14, 2024
Merged

chore(deps): bump the npm_and_yarn group across 1 directory with 9 updates #1427

merged 1 commit into from
Sep 14, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2024

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
axios 1.6.8 1.7.0
pug 3.0.2 3.0.3
undici 5.28.3 6.11.1
firebase 10.10.0 10.12.4
@angular-devkit/build-angular 17.3.2 17.3.8
ejs 3.1.9 3.1.10
ws 5.2.3 5.2.4

Updates axios from 1.6.8 to 1.7.0

Release notes

Sourced from axios's releases.

Release v1.7.0

Release notes:

Features

Bug Fixes

  • core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

Release v1.7.0-beta.2

Release notes:

Bug Fixes

  • fetch: capitalize HTTP method names; (#6395) (ad3174a)
  • fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
  • fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

Release v1.7.0-beta.1

Release notes:

Bug Fixes

  • core/axios: handle un-writable error stack (#6362) (81e0455)
  • fetch: fix cases when ReadableStream or Response.body are not available; (#6377) (d1d359d)
  • fetch: treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; (#6380) (bb5f9a5)

Contributors to this release

Install

npm i axios@next

Release v1.7.0-beta.0

Release notes:

Features

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.0 (2024-05-19)

Features

Bug Fixes

  • core/axios: handle un-writable error stack (#6362) (81e0455)

Contributors to this release

1.7.0-beta.2 (2024-05-19)

Bug Fixes

  • fetch: capitalize HTTP method names; (#6395) (ad3174a)
  • fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
  • fetch: fix headers getting from a stream response; (#6401) (870e0a7)

Contributors to this release

1.7.0-beta.1 (2024-05-07)

Bug Fixes

  • core/axios: handle un-writable error stack (#6362) (81e0455)
  • fetch: fix cases when ReadableStream or Response.body are not available; (#6377) (d1d359d)
  • fetch: treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; (#6380) (bb5f9a5)

Contributors to this release

1.7.0-beta.0 (2024-04-28)

Features

... (truncated)

Commits
  • 3041c61 [Release] v1.7.0 (#6408)
  • 18b13cb chore(docs): add fetch adapter docs; (#6407)
  • e62099b fix(fetch): fixed a possible memory leak in the AbortController for the strea...
  • b49aa8e chore(release): v1.7.0-beta.2 (#6403)
  • d57f03a chore(ci): bump create-pull-request version to fix a bug; (#6405)
  • 097b0d1 chore(ci): add tag resolution for npm releases based on package version; (#6404)
  • 870e0a7 fix(fetch): fix headers getting from a stream response; (#6401)
  • 95a3e8e fix(fetch): fix & optimize progress capturing for cases when the request data...
  • ad3174a fix(fetch): capitalize HTTP method names; (#6395)
  • b9f4848 chore(release): v1.7.0-beta.1 (#6383)
  • Additional commits viewable in compare view

Updates pug from 3.0.2 to 3.0.3

Release notes

Sourced from pug's releases.

pug-code-gen@3.0.3

Bug Fixes

  • Validate templateName and globals are valid JavaScript identifiers to prevent possible remote code execution if un-trusted user input is passed to the compilation options (#3438)

pug@3.0.3

Bug Fixes

  • Update pug-code-gen with the following fix: (#3438)

    Validate templateName and globals are valid JavaScript identifiers to prevent possible remote code execution if un-trusted user input is passed to the compilation options

Commits

Updates undici from 5.28.3 to 6.11.1

Release notes

Sourced from undici's releases.

v6.11.1

⚠️ Security Release ⚠️

What's Changed

Full Changelog: nodejs/undici@v6.11.0...v6.11.1

v6.11.0

What's Changed

Full Changelog: nodejs/undici@v6.10.2...v6.11.0

v6.10.2

What's Changed

New Contributors

... (truncated)

Commits

Updates firebase from 10.10.0 to 10.12.4

Release notes

Sourced from firebase's releases.

firebase@10.12.4

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/analytics@​0.10.6

Patch Changes

@​firebase/analytics-compat@​0.2.12

Patch Changes

@​firebase/app@​0.10.7

Patch Changes

  • Update SDK_VERSION.

@​firebase/app-check@​0.8.6

Patch Changes

@​firebase/app-check-compat@​0.3.13

Patch Changes

@​firebase/app-compat@​0.2.37

Patch Changes

  • Updated dependencies []:
  • @​firebase/app@​0.10.7

firebase@10.12.4

Patch Changes

... (truncated)

Commits

Updates @angular-devkit/build-angular from 17.3.2 to 17.3.8

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v17.3.8

17.3.8 (2024-05-22)

@​angular/cli

Commit Description
fix - 3ada6eb52 clarify optional migration instructions during ng update

@​angular-devkit/schematics

Commit Description
fix - 4b6ba8df1 SchematicTestRunner.runExternalSchematic fails with "The encoded data was not valid for encoding utf-8"

v17.3.7

17.3.7 (2024-05-08)

@​angular-devkit/build-angular

Commit Description
fix - 998c72036 decode URL pathname decoding during SSG fetch

@​angular-devkit/schematics

Commit Description
fix - 1ab1c6c9e use web standard error check for Deno support

v17.3.6

17.3.6 (2024-04-25)

@​angular-devkit/build-angular

Commit Description
fix - dcec59799 properly configure headers for media resources and HTML page

v17.3.5

17.3.5 (2024-04-17)

@​angular-devkit/build-angular

Commit Description
fix - 6191d06ca address Unable to deserialize cloned data issue with Yarn PnP
fix - 0335d6a5d remove type="text/css" from style tag

v17.3.4

17.3.4 (2024-04-11)

@​angular-devkit/build-angular

Commit Description
fix - 1128bdd64 ensure esbuild-based builders exclusively produce ESM output

v17.3.3

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

17.3.8 (2024-05-22)

@​angular/cli

Commit Type Description
3ada6eb52 fix clarify optional migration instructions during ng update

@​angular-devkit/schematics

Commit Type Description
4b6ba8df1 fix SchematicTestRunner.runExternalSchematic fails with "The encoded data was not valid for encoding utf-8"

17.3.7 (2024-05-08)

@​angular-devkit/build-angular

Commit Type Description
998c72036 fix decode URL pathname decoding during SSG fetch

@​angular-devkit/schematics

Commit Type Description
1ab1c6c9e fix use web standard error check for Deno support

17.3.6 (2024-04-25)

@​angular-devkit/build-angular

Commit Type Description
dcec59799 fix properly configure headers for media resources and HTML page

17.3.5 (2024-04-17)

... (truncated)

Commits
  • 78bd6da release: cut the v17.3.8 release
  • 4b6ba8d fix(@​angular-devkit/schematics): SchematicTestRunner.runExternalSchematic f...
  • 3ada6eb fix(@​angular/cli): clarify optional migration instructions during ng update
  • 4e05c4d release: cut the v17.3.7 release
  • cd43c1f refactor(@​schematics/angular): link for ignoring files
  • 998c720 fix(@​angular-devkit/build-angular): decode URL pathname decoding during SSG f...
  • 1ab1c6c fix(@​angular-devkit/schematics): use web standard error check for Deno support
  • c6b82f6 release: cut the v17.3.6 release
  • 6f1906f docs: add explanation of how to set up a new NPM package in Wombat
  • dcec597 fix(@​angular-devkit/build-angular): properly configure headers for media reso...
  • Additional commits viewable in compare view

Updates @grpc/grpc-js from 1.9.14 to 1.9.15

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.9.15

  • Avoid buffering significantly more than grpc.max_receive_message_size per received message.
Commits
  • 08b0422 Merge pull request from GHSA-7v5v-9h63-cj86
  • c75e048 grpc-js: Bump to 1.9.15
  • d5d62b4 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
  • 02d0344 Merge pull request #2741 from sergiitk/backport-1.9-psm-interop-common-prod-t...
  • cf14020 Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
  • da44229 Merge pull request #2738 from murgatroid99/backport-1.9-grpc-js_linkify-it_fix
  • 5ae7c8c Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
  • eed21ba Merge pull request #2714 from sergiitk/backport-1.9-psm-interop-pkg-dev
  • 63763a4 Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
  • See full diff in compare view

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

Updates ws from 5.2.3 to 5.2.4

Release notes

Sourced from ws's releases.

5.2.4

Bug fixes

  • Backported e55e5106 to the 5.x release line (4abd8f6d).
Commits

Updates vite from 5.1.5 to 5.1.7

Changelog

Sourced from vite's changelog.

5.1.7 (2024-03-24)

5.1.6 (2024-03-11)

  • chore(deps): update all non-major dependencies (#16131) (a862ecb), closes #16131
  • fix: check for publicDir before checking if it is a parent directory (#16046) (b6fb323), closes #16046
  • fix: escape single quote when relative base is used (#16060) (8f74ce4), closes #16060
  • fix: handle function property extension in namespace import (#16113) (f699194), closes #16113
  • fix: server middleware mode resolve (#16122) (8403546), closes #16122
  • fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124) (fd9de04), closes #16124
  • fix(worker): hide "The emitted file overwrites" warning if the content is same (#16094) (60dfa9e), closes #16094
  • fix(worker): throw error when circular worker import is detected and support self referencing worker (eef9da1), closes #16103
  • style(utils): remove null check (#16112) (0d2df52), closes #16112
  • refactor(runtime): share more code between runtime and main bundle (#16063) (93be84e), closes #16063
Commits
  • e710c2f release: v5.1.7
  • 5a056dd fix: fs.deny with globs with directories (#16250)
  • 6f7466e release: v5.1.6
  • a862ecb chore(deps): update all non-major dependencies (#16131)
  • 8403546 fix: server middleware mode resolve (#16122)
  • b6fb323 fix: check for publicDir before checking if it is a parent directory (#16046)
  • fd9de04 fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124)
  • f699194 fix: handle function property extension in namespace import (#16113)
  • 0d2df52 style(utils): remove null check (#16112)
  • eef9da1 fix(worker): throw error when circular worker import is detected and support ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 9 up…
9ed0770 
…dates

Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.6.8` | `1.7.0` |
| [pug](https://github.com/pugjs/pug) | `3.0.2` | `3.0.3` |
| [undici](https://github.com/nodejs/undici) | `5.28.3` | `6.11.1` |
| [firebase](https://github.com/firebase/firebase-js-sdk) | `10.10.0` | `10.12.4` |
| [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `17.3.2` | `17.3.8` |
| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |
| [ws](https://github.com/websockets/ws) | `5.2.3` | `5.2.4` |



Updates `axios` from 1.6.8 to 1.7.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.8...v1.7.0)

Updates `pug` from 3.0.2 to 3.0.3
- [Release notes](https://github.com/pugjs/pug/releases)
- [Commits](https://github.com/pugjs/pug/compare/pug@3.0.2...pug@3.0.3)

Updates `undici` from 5.28.3 to 6.11.1
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.28.3...v6.11.1)

Updates `firebase` from 10.10.0 to 10.12.4
- [Release notes](https://github.com/firebase/firebase-js-sdk/releases)
- [Changelog](https://github.com/firebase/firebase-js-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/firebase/firebase-js-sdk/compare/firebase@10.10.0...firebase@10.12.4)

Updates `@angular-devkit/build-angular` from 17.3.2 to 17.3.8
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@17.3.2...17.3.8)

Updates `@grpc/grpc-js` from 1.9.14 to 1.9.15
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.9.14...@grpc/grpc-js@1.9.15)

Updates `ejs` from 3.1.9 to 3.1.10
- [Release notes](https://github.com/mde/ejs/releases)
- [Commits](mde/ejs@v3.1.9...v3.1.10)

Updates `ws` from 5.2.3 to 5.2.4
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@5.2.3...5.2.4)

Updates `vite` from 5.1.5 to 5.1.7
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.1.7/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.1.7/packages/vite)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: pug
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: firebase
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@grpc/grpc-js"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ejs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 29, 2024
@julianpoy julianpoy merged commit 5c20319 into master Sep 14, 2024
4 checks passed
@julianpoy julianpoy deleted the dependabot/npm_and_yarn/npm_and_yarn-44a9a7b068 branch September 14, 2024 06:05
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@julianpoy