Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group in /src/angular/osww-frontend with 9 updates #67

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group in /src/angular/osww-frontend with 9 updates #67

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 10, 2024

Bumps the npm_and_yarn group in /src/angular/osww-frontend with 9 updates:

Package From To
body-parser 1.20.1 1.20.3
express 4.18.2 4.21.1
braces 3.0.2 3.0.3
cookie 0.4.2 0.7.2
socket.io 4.6.0 4.8.0
webpack-dev-middleware 5.3.3 7.4.2
@angular-devkit/build-angular 14.2.10 18.2.8
ws 8.11.0 8.17.1
socket.io-adapter 2.5.2 2.5.5

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates express from 4.18.2 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.


Updates braces from 3.0.2 to 3.0.3

Commits

Updates cookie from 0.4.2 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

  • Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

  • Add partitioned option

0.5.0

  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates socket.io from 4.6.0 to 4.8.0

Release notes

Sourced from socket.io's releases.

socket.io-client@4.8.0

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";
const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun
Fetch ✅ (1)
NodeXHR
XHR
NodeWebSocket
WebSocket ✅ (2)
WebTransport

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:

import { io } from "socket.io-client";
</tr></table>

... (truncated)

Commits
  • d0fc720 chore(release): socket.io@4.8.0
  • 4a0555c chore(release): socket.io-client@4.8.0
  • 2b60df1 chore(release): engine.io@6.6.1
  • d4cb375 ci: ignore tests when publishing to npm
  • c251ae7 chore(release): engine.io-client@6.6.1
  • 8a2f5a3 fix(eio-client): move 'offline' event listener at the top
  • b04fa64 fix(sio): allow to join a room in a middleware (uws)
  • 7085f0e refactor(sio-client): mangle private attributes
  • 4f66708 chore(sio-client): use babel loose mode when transpiling classes
  • 1a95db2 chore(sio-client): add a script to compute the bundle size
  • Additional commits viewable in compare view

Updates express from 4.18.2 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.


Updates socket.io from 4.6.0 to 4.8.0

Release notes

Sourced from socket.io's releases.

socket.io-client@4.8.0

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";
const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun
Fetch ✅ (1)
NodeXHR
XHR
NodeWebSocket
WebSocket ✅ (2)
WebTransport

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:

import { io } from "socket.io-client";
</tr></table>

... (truncated)

Commits
  • d0fc720 chore(release): socket.io@4.8.0
  • 4a0555c chore(release): socket.io-client@4.8.0
  • 2b60df1 chore(release): engine.io@6.6.1
  • d4cb375 ci: ignore tests when publishing to npm
  • c251ae7 chore(release): engine.io-client@6.6.1
  • 8a2f5a3 fix(eio-client): move 'offline' event listener at the top
  • b04fa64 fix(sio): allow to join a room in a middleware (uws)
  • 7085f0e refactor(sio-client): mangle private attributes
  • 4f66708 chore(sio-client): use babel loose mode when transpiling classes
  • 1a95db2 chore(sio-client): add a script to compute the bundle size
  • Additional commits viewable in compare view

Updates webpack-dev-middleware from 5.3.3 to 7.4.2

Release notes

Sourced from webpack-dev-middleware's releases.

v7.4.2

7.4.2 (2024-08-21)

Bug Fixes

v7.4.1

7.4.1 (2024-08-20)

Bug Fixes

v7.4.0

7.4.0 (2024-08-15)

Features

  • added the cacheImmutable option to cache immutable assets (assets with a hash in file name like image.e12ab567.jpg) (5ed629d)
  • allow to configure the Cache-Control header (#1923) (f7529c3)

Bug Fixes

  • support devServer: false (b443f4d)

v7.3.0

7.3.0 (2024-07-18)

Features

v7.2.1

7.2.1 (2024-04-02)

Bug Fixes

  • avoid extra log

v7.2.0

7.2.0 (2024-03-29)

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

7.4.2 (2024-08-21)

Bug Fixes

7.4.1 (2024-08-20)

Bug Fixes

7.4.0 (2024-08-15)

Features

  • added the cacheImmutable option to cache immutable assets (assets with a hash in file name like image.e12ab567.jpg) (5ed629d)
  • allow to configure the Cache-Control header (#1923) (f7529c3)

Bug Fixes

  • support devServer: false (b443f4d)

7.3.0 (2024-07-18)

Features

7.2.1 (2024-04-02)

Bug Fixes

  • avoid extra log

7.2.0 (2024-03-29)

Features

... (truncated)

Commits
  • 5a916d8 chore(release): 7.4.2
  • c20f1d9 fix: no crash when headers are already sent (#1929)
  • 0f9a6c9 chore(deps-dev): bump the dependencies group with 4 updates (#1928)
  • 99e9b77 chore(release): 7.4.1
  • 8f9aa16 chore: ignore Rspack word
  • 21f1797 fix: assetsInfo may be undefined (rspack) (#1927)
  • 0034dd9 test: fix (#1926)
  • 60a2bc4 chore(deps-dev): bump the dependencies group with 4 updates (#1925)
  • 792ab65 chore(release): 7.4.0
  • 5ed629d feat: added the cacheImmutable option to cache immutable assets (assets with ...
  • Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 14.2.10 to 18.2.8

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v18.2.8

18.2.8 (2024-10-09)

@​schematics/angular

Commit Description
fix - b522002ff add validation for component and directive class name
fix - dfd2d5c05 include index.csr.html in resources asset group

@​angular/build

Commit Description
fix - 9445916f9 Ctrl + C not terminating dev-server with SSR
fix - 9b5cfaa8c always generate a new hash for optimized chunk

v18.2.7

18.2.7 (2024-10-02)

@​schematics/angular

Commit Description
fix - 3f98193d6 support single quote setting in JetBrains IDEs

@​angular/build

Commit Description
fix - 8274184e1 add animate to valid self-closing elements
fix - 2648e811e add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
fix - 736e126e4 separate Vite cache by project

v18.2.6

18.2.6 (2024-09-25)

@​angular/build

Commit Description
fix - 9d0b67124 allow missing HTML file request to fallback to index
fix - 5fea635b2 update rollup to 4.22.4

v18.2.5

18.2.5 (2024-09-18)

@​angular/build

Commit Description
fix - 707431625 support HTTP HEAD requests for virtual output files
fix - 1032b3da1 update vite to 5.4.6

v18.2.4

18.2.4 (2024-09-11)

@​angular/build

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

18.2.8 (2024-10-09)

@​schematics/angular

Commit Type Description
b522002ff fix add validation for component and directive class name
dfd2d5c05 fix include index.csr.html in resources asset group

@​angular/build

Commit Type Description
9445916f9 fix Ctrl + C not terminating dev-server with SSR
9b5cfaa8c fix always generate a new hash for optimized chunk

19.0.0-next.9 (2024-10-02)

@​angular-devkit/build-angular

Commit Type Description
0a4ef3026 feat karma-coverage w/ app builder
dcbdca85c feat karma+esbuild+watch
9d7613db9 fix zone.js/testing + karma + esbuild

@​angular/build

Commit Type Description
f63072668 feat utilize ssr.entry during prerendering to enable access to local API routes

@dependabot
Bump the npm_and_yarn group in /src/angular/osww-frontend with 9 updates
ebe4f7e 
Bumps the npm_and_yarn group in /src/angular/osww-frontend with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.3` |
| [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.1` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `0.7.2` |
| [socket.io](https://github.com/socketio/socket.io) | `4.6.0` | `4.8.0` |
| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `7.4.2` |
| [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `14.2.10` | `18.2.8` |
| [ws](https://github.com/websockets/ws) | `8.11.0` | `8.17.1` |
| [socket.io-adapter](https://github.com/socketio/socket.io-adapter) | `2.5.2` | `2.5.5` |


Updates `body-parser` from 1.20.1 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.1...1.20.3)

Updates `express` from 4.18.2 to 4.21.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md)
- [Commits](expressjs/express@4.18.2...4.21.1)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `cookie` from 0.4.2 to 0.7.2
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v0.7.2)

Updates `socket.io` from 4.6.0 to 4.8.0
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.6.0...socket.io@4.8.0)

Updates `express` from 4.18.2 to 4.21.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md)
- [Commits](expressjs/express@4.18.2...4.21.1)

Updates `socket.io` from 4.6.0 to 4.8.0
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.6.0...socket.io@4.8.0)

Updates `webpack-dev-middleware` from 5.3.3 to 7.4.2
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v7.4.2)

Updates `@angular-devkit/build-angular` from 14.2.10 to 18.2.8
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@14.2.10...18.2.8)

Updates `ws` from 8.11.0 to 8.17.1
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.11.0...8.17.1)

Updates `socket.io-adapter` from 2.5.2 to 2.5.5
- [Release notes](https://github.com/socketio/socket.io-adapter/releases)
- [Changelog](https://github.com/socketio/socket.io-adapter/blob/2.5.5/CHANGELOG.md)
- [Commits](socketio/socket.io-adapter@2.5.2...2.5.5)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: socket.io-adapter
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
waiting on dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants