Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Comments

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates#1

Open
dependabot[bot] wants to merge 1 commit intomain from
dependabot/npm_and_yarn/npm_and_yarn-9a140f65d5
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #1
dependabot[bot] wants to merge 1 commit intomain from
dependabot/npm_and_yarn/npm_and_yarn-9a140f65d5

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 27, 2025

Bumps the npm_and_yarn group with 9 updates in the / directory:

Package From To
@babel/traverse 7.21.5 7.27.0
axios 1.4.0 1.8.4
braces 3.0.2 3.0.3
ejs 3.1.9 3.1.10
ip 2.0.0 removed
socks 2.7.1 2.8.4
ws 7.5.9 7.5.10
puppeteer 20.2.1 24.4.0
tough-cookie 4.1.2 4.1.4

Updates @babel/traverse from 7.21.5 to 7.27.0

Release notes

Sourced from @​babel/traverse's releases.

v7.27.0 (2025年03月24日)

Thanks @​ishchhabra and @​vovkasm for your first PRs!

👓 Spec Compliance

  • babel-generator, babel-parser

🚀 New Feature

  • babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • babel-parser, babel-types
    • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
  • babel-generator
  • babel-parser, babel-template
  • babel-plugin-transform-typescript, babel-traverse
  • babel-parser
  • babel-types
    • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-traverse
  • babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-cli
  • babel-plugin-transform-named-capturing-groups-regex, babel-types

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025年03月11日)

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.27.0 (2025年03月24日)

👓 Spec Compliance

  • babel-generator, babel-parser

🚀 New Feature

  • babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • babel-parser, babel-types
    • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
  • babel-generator
  • babel-parser, babel-template
  • babel-plugin-transform-typescript, babel-traverse
  • babel-parser
  • babel-types
    • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-traverse
  • babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-cli
  • babel-plugin-transform-named-capturing-groups-regex, babel-types

🏃‍♀️ Performance

v7.26.10 (2025年03月11日)

👓 Spec Compliance

🐛 Bug Fix

... (truncated)

Commits

Updates axios from 1.4.0 to 1.8.4

Release notes

Sourced from axios's releases.

Release v1.8.4

Release notes:

Bug Fixes

  • buildFullPath: handle allowAbsoluteUrls: false without baseURL (#6833) (f10c2e0)

Contributors to this release

Release v1.8.3

Release notes:

Bug Fixes

  • add missing type for allowAbsoluteUrls (#6818) (10fa70e)
  • xhr/fetch: pass allowAbsoluteUrls to buildFullPath in xhr and fetch adapters (#6814) (ec159e5)

Contributors to this release

Release v1.8.2

Release notes:

Bug Fixes

  • http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

Release v1.8.1

Release notes:

Bug Fixes

  • utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

Release v1.8.0

Release notes:

Bug Fixes

  • examples: application crashed when navigating examples in browser (#5938) (1260ded)
  • missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
  • utils: replace getRandomValues with crypto module (#6788) (23a25af)

... (truncated)

Changelog

Sourced from axios's changelog.

1.8.4 (2025年03月19日)

Bug Fixes

  • buildFullPath: handle allowAbsoluteUrls: false without baseURL (#6833) (f10c2e0)

Contributors to this release

1.8.3 (2025年03月10日)

Bug Fixes

  • add missing type for allowAbsoluteUrls (#6818) (10fa70e)
  • xhr/fetch: pass allowAbsoluteUrls to buildFullPath in xhr and fetch adapters (#6814) (ec159e5)

Contributors to this release

1.8.2 (2025年03月07日)

Bug Fixes

  • http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

1.8.1 (2025年02月26日)

Bug Fixes

  • utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

1.8.0 (2025年02月25日)

... (truncated)

Commits
  • 9f6f97b chore(release): v1.8.4 (#6844)
  • f10c2e0 fix(buildFullPath): handle allowAbsoluteUrls: false without baseURL (#6833)
  • 1e6632c chore(deps): bump tj-actions/changed-files in the github-actions group (#6838)
  • 39ec206 chore(release): v1.8.3 (#6819)
  • 10fa70e fix: add missing type for allowAbsoluteUrls (#6818)
  • 7821ef9 docs: update readme to include bun install (#6811)
  • ec159e5 fix(xhr/fetch): pass allowAbsoluteUrls to buildFullPath in xhr and `fet...
  • a9f7689 chore(release): v1.8.2 (#6812)
  • fb8eec2 fix(http-adapter): add allowAbsoluteUrls to path building (#6810)
  • 9812045 chore(sponsor): update sponsor block (#6804)
  • Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

Updates follow-redirects from 1.15.2 to 1.15.9

Commits
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • 458ca8e Fix native URL test for Node 20.
  • ca49e44 Handle KeepAlive connections in tests.
  • f3711d7 Test on Node 20 and 22.
  • fda0faf Fix typo.
  • 760757f Release version 1.15.7 of the npm package.
  • Additional commits viewable in compare view

Removes ip

Updates socks from 2.7.1 to 2.8.4

Release notes

Sourced from socks's releases.

2.8.4

No release notes provided.

2.8.3

No release notes provided.

2.8.2

No release notes provided.

2.8.1

Fixes issue with lock file in 2.7.3 and 2.8.0

2.7.3

Removed ip package dependency.

Commits

Updates ws from 7.5.9 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits

Updates puppeteer from 20.2.1 to 24.4.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.4.0

24.4.0 (2025年03月05日)

Features

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​puppeteer/browsers bumped from 2.7.1 to 2.8.0

puppeteer: v24.4.0

24.4.0 (2025年03月05日)

Features

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​puppeteer/browsers bumped from 2.7.1 to 2.8.0
      • puppeteer-core bumped from 24.3.1 to 24.4.0

puppeteer-core: v24.3.1

24.3.1 (2025年03月03日)

Bug Fixes

puppeteer: v24.3.1

24.3.1 (2025年03月03日)

Miscellaneous Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

... (truncated)

Changelog

Sourced from puppeteer's changelog.

24.4.0 (2025年03月05日)

Features

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​puppeteer/browsers bumped from 2.7.1 to 2.8.0

24.3.1 (2025年03月03日)

Miscellaneous Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.3.0 to 24.3.1

Bug Fixes

24.3.0 (2025年02月24日)

Miscellaneous Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.2.1 to 24.3.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for puppeteer since your current version.


Updates tough-cookie from 4.1.2 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

New Contributors

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

Commits
  • cacbc37 Bump version to 4.1.4
  • a48fb3a Add tests for url validation
  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
  • 238367e Add local alias for toString
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • cf6debd Fix incorrect string validation for URL
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

...pdates
Bumps the npm_and_yarn group with 9 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.27.0` |
| [axios](https://github.com/axios/axios) | `1.4.0` | `1.8.4` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |
| [ip](https://github.com/indutny/node-ip) | `2.0.0` | `removed` |
| [socks](https://github.com/JoshGlazebrook/socks) | `2.7.1` | `2.8.4` |
| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.10` |
| [puppeteer](https://github.com/puppeteer/puppeteer) | `20.2.1` | `24.4.0` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.2` | `4.1.4` |
Updates `@babel/traverse` from 7.21.5 to 7.27.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-traverse)
Updates `axios` from 1.4.0 to 1.8.4
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.4.0...v1.8.4)
Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)
Updates `ejs` from 3.1.9 to 3.1.10
- [Release notes](https://github.com/mde/ejs/releases)
- [Commits](mde/ejs@v3.1.9...v3.1.10)
Updates `follow-redirects` from 1.15.2 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9)
Removes `ip`
Updates `socks` from 2.7.1 to 2.8.4
- [Release notes](https://github.com/JoshGlazebrook/socks/releases)
- [Commits](JoshGlazebrook/socks@2.7.1...2.8.4)
Updates `ws` from 7.5.9 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.10)
Updates `puppeteer` from 20.2.1 to 24.4.0
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md)
- [Commits](puppeteer/puppeteer@puppeteer-v20.2.1...puppeteer-v24.4.0)
Updates `tough-cookie` from 4.1.2 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4)
---
updated-dependencies:
- dependency-name: "@babel/traverse"
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: axios
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: braces
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: ejs
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: follow-redirects
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: ip
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: socks
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: ws
 dependency-type: indirect
 dependency-group: npm_and_yarn
- dependency-name: puppeteer
 dependency-type: direct:development
 dependency-group: npm_and_yarn
- dependency-name: tough-cookie
 dependency-type: indirect
 dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants

AltStyle によって変換されたページ (->オリジナル) /